[{"content-security-policy-report-only":" script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https:\/\/reporting-api.gannettinnovation.com;report-to default","count":245},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.gstatic.com https:\/\/www.awin1.com https:\/\/lantern.roeyecdn.com https:\/\/tagmanager.google.com https:\/\/cdn.trustcommander.net https:\/\/www.dwin1.com https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/bat.bing.com https:\/\/*.doubleclick.net https:\/\/www.axa-video.de *.visualwebsiteoptimizer.com app.vwo.com https:\/\/www.google.com https:\/\/platform.commandersact.com https:\/\/connect.facebook.net https:\/\/*.aklamio.com data.axa.de snap.licdn.com blob: https:\/\/ct.pinterest.com https:\/\/s.pinimg.com https:\/\/acdn.adnxs.com https:\/\/ib.adnxs.com ; ;style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com *.visualwebsiteoptimizer.com app.vwo.com s3.amazonaws.com https:\/\/googletagmanager.com https:\/\/www.googletagmanager.com ;frame-src https:\/\/www.awin1.com app.vwo.com *.visualwebsiteoptimizer.com https:\/\/entry.axa-de.intraxa\/ https:\/\/entry.axa.de https:\/\/www.axa-video.de https:\/\/www.axa.de https:\/\/inte.axa.de https:\/\/*.doubleclick.net https:\/\/cdn.trustcommander.net https:\/\/www.dwin1.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/td.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/ct.pinterest.com https:\/\/googletagmanager.com https:\/\/insight.adsrvr.org 'self' https:\/\/www.googletagmanager.com;base-uri 'self';object-src 'none';img-src 'self' data: https:\/\/ad.doubleclick.net https:\/\/*.ads.linkedin.com data.axa.de *.visualwebsiteoptimizer.com chart.googleapis.com wingify-assets.s3.amazonaws.com app.vwo.com https:\/\/track.adform.net https:\/\/ad.doubleclick.net https:\/\/www.facebook.com https:\/\/bat.bing.com https:\/\/www.google.com https:\/\/www.google.de https:\/\/www.google-analytics.com https:\/\/www.google https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/googleads.g.doubleclick.net https:\/\/i.ytimg.com https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/www.financeads.net https:\/\/www.aklamio.com\/ https:\/\/ct.pinterest.com https:\/\/ib.adnxs.com;form-action 'self';default-src 'self' https:\/\/assets.faircado.com https:\/\/static.preply.com https:\/\/fonts.gstatic.com\/ blob: data:;connect-src 'self' data.axa.de https:\/\/api.vid-adblocker.com https:\/\/ad.doubleclick.net\/ https:\/\/*.google.de https:\/\/www.facebook.com\/ https:\/\/*.ads.linkedin.com https:\/\/p.adsymptotic.com https:\/\/*.linkedin.oribi.io https:\/\/sjs.bizographics.com ad.doubleclick.net *.visualwebsiteoptimizer.com app.vwo.com https:\/\/*.googlesyndication.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.google.com https:\/\/www.googleanalytics.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/bat.bing.com https:\/\/privacy.trustcommander.net https:\/\/privacy.commander1.net https:\/\/privacy.commander1.com https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/fonts.googleapis.com https:\/\/*.axa.de https:\/\/cloud.service.aerzteversicherung.de https:\/\/mcdyr4395tgnrcnr8bt5wsrgh-11.pub.sfmc-content.com https:\/\/*.aklamio.com https:\/\/www.googleadservices.com https:\/\/ct.pinterest.com https:\/\/ib.adnxs.com https:\/\/acdn.adnxs.com https:\/\/google.com;;report-uri \/site\/axa-de\/cspReportOnly","count":241},{"content-security-policy-report-only":" ","count":102},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri \/csp-report","count":81},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: *.mpsimg.com *.bdimg.xyz; font-src 'self' data: *.svcasino.art;","count":79},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri \/csp_logger?path=\/","count":78},{"content-security-policy-report-only":" frame-ancestors 'self'","count":55},{"content-security-policy-report-only":" default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https:\/\/www.blogger.com\/cspreport","count":46},{"content-security-policy-report-only":" frame-src 'self' servedbyadbutler.com *.authorize.net *.paypal.com *.google.com www.book2look.com; img-src 'self' images.booksense.com data: https:\/\/www.googletagmanager.com https:\/\/www.paypalobjects.com https:\/\/withfriends.co; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/danjg53usxhfc.cloudfront.net code.jquery.com cdn.mxpnl.com https:\/\/www.paypal.com *.gstatic.com cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/www.book2look.com https:\/\/www.google.com; style-src * 'report-sample' 'unsafe-inline'; base-uri 'self'; report-uri https:\/\/o4507465725640704.ingest.us.sentry.io\/api\/4510783202066432\/security\/?sentry_key=ea4d6ac5ddc8cc5a46f75f8ac24a565d","count":38},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/ajax.googleapis.com\/ajax\/libs\/jquery\/3.6.4\/jquery.min.js https:\/\/translate.google.com\/translate_a\/element.js https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.google.com\/recaptcha\/enterprise.js https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/tools\/feedback\/chat_load.js https:\/\/www.google.com\/tools\/feedback\/help_api.js https:\/\/www.google.com\/tools\/feedback\/load.js https:\/\/www.google.com\/tools\/feedback\/open.js https:\/\/www.google.com\/tools\/feedback\/open_to_help_guide_lazy.js https:\/\/www.gstatic.com\/feedback\/js\/ https:\/\/www.gstatic.com\/feedback\/js\/help\/prod\/service\/lazy.min.js https:\/\/www.gstatic.com\/inproduct_help\/api\/main.min.js https:\/\/www.gstatic.com\/inproduct_help\/chatsupport\/chatsupport_button_v2.js https:\/\/www.gstatic.com\/inproduct_help\/service\/lazy.min.js https:\/\/www.gstatic.com\/uservoice\/feedback\/client\/web\/live\/ https:\/\/www.gstatic.com\/uservoice\/surveys\/resources\/prod\/js\/survey\/ https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.gstatic.com\/_\/mss\/boq-identity\/_\/js\/k=boq-identity.AccountsSignInUi.en_US.alsf3k9Xrdw.es5.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/translate.googleapis.com\/_\/translate_http\/_\/js\/ https:\/\/www.gstatic.com\/recaptcha\/releases\/;report-uri \/v3\/signin\/_\/AccountsSignInUi\/cspreport\/fine-allowlist","count":34},{"content-security-policy-report-only":" report-uri \/report-csp-violation","count":26},{"content-security-policy-report-only":" default-src https: wss: 'unsafe-inline' 'unsafe-eval'; font-src https: data: ; img-src  https: data: blob: ; media-src https: blob: ; worker-src https: blob: ; report-uri https:\/\/www.netflix.com\/log\/www\/csp\/1;","count":22},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/www.google.com\/recaptcha\/enterprise.js https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.gstatic.com\/_\/mss\/boq-recaptcha\/_\/js\/k=boq-recaptcha.RecaptchaChallengePageUi.en_US.Juv2oO6ZrjM.2018.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/www.gstatic.com\/recaptcha\/releases\/;report-uri \/recaptcha\/challengepage\/_\/RecaptchaChallengePageUi\/cspreport\/fine-allowlist","count":21},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri  \/csp-report","count":21},{"content-security-policy-report-only":" block-all-mixed-content; report-uri https:\/\/blog.hatena.ne.jp\/api\/csp_report","count":20},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/skybox.eskypartners.com; report-uri https:\/\/esky.report-uri.com\/r\/t\/csp\/enforce","count":20},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/clients2.google.com\/gr\/gr_full_2.0.6.js https:\/\/clients2.google.com\/gr\/gr_sync.js https:\/\/payments.google.com\/payments\/v4\/js\/integrator.js https:\/\/payments.sandbox.google.com\/payments\/v4\/js\/integrator.js https:\/\/ssl.gstatic.com\/external_hosted\/lottie\/lottie.js https:\/\/translate.google.com\/translate_a\/element.js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/www.google.com\/tools\/feedback\/chat_load.js https:\/\/www.google.com\/tools\/feedback\/help_api.js https:\/\/www.google.com\/tools\/feedback\/load.js https:\/\/www.google.com\/tools\/feedback\/open.js https:\/\/www.google.com\/tools\/feedback\/open_to_help_guide_lazy.js https:\/\/www.gstatic.com\/feedback\/js\/ https:\/\/www.gstatic.com\/feedback\/js\/help\/prod\/service\/lazy.min.js https:\/\/www.gstatic.com\/inproduct_help\/api\/main.min.js https:\/\/www.gstatic.com\/inproduct_help\/chatsupport\/chatsupport_button_v2.js https:\/\/www.gstatic.com\/inproduct_help\/service\/lazy.min.js https:\/\/www.gstatic.com\/uservoice\/feedback\/client\/web\/live\/ https:\/\/www.gstatic.com\/uservoice\/surveys\/resources\/prod\/js\/survey\/ https:\/\/www.google.com\/js\/bg\/ https:\/\/www.gstatic.com\/_\/boq-play\/_\/js\/k=boq-play.PlayStoreUi.en_US.qDX-rz0lPEc.2021.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/translate.googleapis.com\/_\/translate_http\/_\/js\/ https:\/\/www.gstatic.com\/recaptcha\/releases\/ https:\/\/payments.youtube.com\/payments\/v4\/js\/integrator.js https:\/\/payments.cloud.google\/payments\/v4\/js\/integrator.js;report-uri \/_\/PlayStoreUi\/cspreport\/fine-allowlist","count":18},{"content-security-policy-report-only":" default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: ; form-action 'none' ; frame-ancestors 'self' ; script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'; report-uri \/csp_report","count":18},{"content-security-policy-report-only":" object-src *.agriaffaires.pro *.machineryzone.pro *.agriaffaires.com *.machineryzone.fr *.machineryzone.com *.truckscorner.fr *.mbcore.io; frame-ancestors 'self' *.agriaffaires.pro *.machineryzone.pro *.agriaffaires.com *.machineryzone.fr *.machineryzone.com *.truckscorner.fr *.mbcore.io; report-uri https:\/\/api.leboncoin.fr\/api\/csp-report\/v1\/report\/;","count":17},{"content-security-policy-report-only":" default-src 'self' blob: https: data: mediastream: 'unsafe-eval' 'unsafe-inline';report-uri https:\/\/metrics.media-amazon.com\/","count":16},{"content-security-policy-report-only":" default-src 'self'","count":16},{"content-security-policy-report-only":" default-src https:\/\/*.axa.ch blob: data: https:\/\/*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.axa.ch https:\/\/www.googletagmanager.com https:\/\/cdn.cookielaw.org https:\/\/cdn.mouseflow.com https:\/\/maps.google.com https:\/\/maps.googleapis.com https:\/\/connect.facebook.net https:\/\/axa-winterthur.dimelochat.com https:\/\/pay.sandbox.datatrans.com https:\/\/pay.datatrans.com https:\/\/recaptcha.net https:\/\/www.google.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/bat.bing.com https:\/\/snap.licdn.com https:\/\/www.gstatic.com https:\/\/*.teads.tv https:\/\/*.survalyzer.swiss https:\/\/www.awin1.com https:\/\/lantern.roeyecdn.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/*.doubleclick.net https:\/\/*.adobe.com https:\/\/*.adobe.io https:\/\/*.microsoft.com https:\/\/*.fusedeck.com https:\/\/*.onetrust.com https:\/\/*.whatsapp.com https:\/\/*.cookielaw.org https:\/\/slsnlytcs.com; style-src 'self' 'unsafe-inline' https:\/\/*.axa.ch https:\/\/fonts.googleapis.com https:\/\/www.googletagmanager.com https:\/\/*.survalyzer.swiss https:\/\/*.visualwebsiteoptimizer.com https:\/\/app.vwo.com https:\/\/s3.amazonaws.com https:\/\/*.adobe.com https:\/\/*.microsoft.com; img-src 'self' data: blob: https:\/\/chart.googleapis.com https:\/\/*.axa.ch https:\/\/*.google.com https:\/\/*.google.ch https:\/\/maps.gstatic.com https:\/\/cdn.cookielaw.org https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/ad.doubleclick.net https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/i.ytimg.com https:\/\/px.ads.linkedin.com https:\/\/bat.bing.com https:\/\/d5cplpsrt2s33.cloudfront.net https:\/\/bat.bing.net https:\/\/maps.googleapis.com https:\/\/region1.google-analytics.com https:\/\/*.googlesyndication.com https:\/\/connect.facebook.net https:\/\/flagcdn.com https:\/\/px.ads.linkedin.com https:\/\/www.googleadservices.com https:\/\/www.gstatic.com https:\/\/*.teads.tv https:\/\/*.survalyzer.swiss https:\/\/www.google.ch https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com; font-src 'self' data: https:\/\/*.axa.ch https:\/\/fonts.gstatic.com https:\/\/cdn.mouseflow.com https:\/\/assets.merci-app.com; connect-src 'self' https:\/\/*.axa.ch https:\/\/gtm.axa.ch https:\/\/sgtm.axa.ch https:\/\/region1.analytics.google.com https:\/\/www.google.com https:\/\/*.tt.omtrdc.net https:\/\/europe.directline.botframework.com https:\/\/digitalassistantbot-acc.azurewebsites.net https:\/\/cdn.cookielaw.org wss:\/\/europe.directline.botframework.com https:\/\/googleads.g.doubleclick.net https:\/\/maps.googleapis.com https:\/\/stats.g.doubleclick.net https:\/\/region1.google-analytics.com https:\/\/o2.mouseflow.com https:\/\/www.google.ch https:\/\/selfadvisory-acc.azurewebsites.net https:\/\/*.onetrust.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/px.ads.linkedin.com https:\/\/*.service.signalr.net https:\/\/pagead2.googlesyndication.com https:\/\/*.in.applicationinsights.azure.com https:\/\/www.googleadservices.com https:\/\/www.google-analytics.com wss:\/\/*.service.signalr.net https:\/\/*.mouseflow.com https:\/\/api.trongrid.io https:\/\/digitalassistantbot.azurewebsites.net https:\/\/www.facebook.com https:\/\/*.teads.tv https:\/\/snap.licdn.com https:\/\/*.survalyzer.swiss https:\/\/*.googlesyndication.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/fonts.googleapis.com; frame-src https:\/\/*.axa.ch https:\/\/td.doubleclick.net https:\/\/8141516.fls.doubleclick.net https:\/\/www.youtube.com https:\/\/pay.sandbox.datatrans.com https:\/\/pay.datatrans.com https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/ https:\/\/recaptcha.net https:\/\/www.googletagmanager.com https:\/\/*.survalyzer.swiss https:\/\/www.axa.ch https:\/\/trk.axa.ch https:\/\/sgtm.axa.ch https:\/\/*.mouseflow.com https:\/\/exactag.axa.ch https:\/\/*.fusedeck.net https:\/\/*.dimelochat.com https:\/\/*.doubleclick.net https:\/\/www.google.com https:\/\/*.teads.tv https:\/\/*.onetrust.com https:\/\/*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https:\/\/www.acc.axa.ch\/servlets\/external\/csp-reports.csp","count":16},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.cloudflare.com https:\/\/*.usercentrics.eu *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/ss.kaffek.dk\/ https:\/\/ss.kaffek.at\/ https:\/\/ss.kaffek.be\/ https:\/\/ss.kaffek.bg\/ https:\/\/ss.kaffek.ch\/ https:\/\/ss.kaffek.co.uk\/ https:\/\/ss.kaffek.cz\/ https:\/\/ss.kaffek.de\/ https:\/\/ss.kaffek.es\/ https:\/\/ss.kaffek.fi\/ https:\/\/ss.kaffek.fr\/ https:\/\/ss.kaffek.gr\/ https:\/\/ss.kaffek.hu\/ https:\/\/ss.kaffek.ie\/ https:\/\/ss.kaffek.it\/ https:\/\/ss.kaffek.nl\/ https:\/\/ss.kaffek.no\/ https:\/\/ss.kaffek.pl\/ https:\/\/ss.kaffek.pt\/ https:\/\/ss.kaffek.ro\/ https:\/\/ss.kaffek.se\/ https:\/\/ss.kaffek.sk\/ https:\/\/stats.g.doubleclick.net https:\/\/scripts.clarity.ms https:\/\/e.clarity.ms https:\/\/a.clarity.ms\/collect https:\/\/www.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/capig.kaffekapslen.dk https:\/\/o.clarity.ms https:\/\/demo-3.conversionsapigateway.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de https:\/\/www.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src https:\/\/www.youtube.com\/ *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com bid.g.doubleclick.net https:\/\/www.google.com\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.adyen.com pay.google.com www.google.com https:\/\/www.facebook.com https:\/\/googleads.g.doubleclick.net https:\/\/bid.g.doubleclick.net https:\/\/td.doubleclick.net\/ https:\/\/www.google.com.ua\/ https:\/\/www.google.bg\/ https:\/\/ct.pinterest.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/*.usercentrics.eu https:\/\/ss.kaffek.dk\/ https:\/\/ss.kaffek.at\/ https:\/\/ss.kaffek.be\/ https:\/\/ss.kaffek.bg\/ https:\/\/ss.kaffek.ch\/ https:\/\/ss.kaffek.co.uk\/ https:\/\/ss.kaffek.cz\/ https:\/\/ss.kaffek.de\/ https:\/\/ss.kaffek.es\/ https:\/\/ss.kaffek.fi\/ https:\/\/ss.kaffek.fr\/ https:\/\/ss.kaffek.gr\/ https:\/\/ss.kaffek.hu\/ https:\/\/ss.kaffek.ie\/ https:\/\/ss.kaffek.it\/ https:\/\/ss.kaffek.nl\/ https:\/\/ss.kaffek.no\/ https:\/\/ss.kaffek.pl\/ https:\/\/ss.kaffek.pt\/ https:\/\/ss.kaffek.ro\/ https:\/\/ss.kaffek.se\/ https:\/\/ss.kaffek.sk\/ https:\/\/stats.g.doubleclick.net https:\/\/scripts.clarity.ms https:\/\/e.clarity.ms https:\/\/a.clarity.ms\/collect https:\/\/www.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/connect.facebook.net https:\/\/capig.kaffekapslen.dk https:\/\/o.clarity.ms https:\/\/demo-3.conversionsapigateway.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com https:\/\/images.unsplash.com *.googleapis.com https:\/\/www.google.com https:\/\/bat.bing.com\/ https:\/\/www.facebook.com https:\/\/cdn.kaffekapslen.be https:\/\/www.google.com.ua\/ https:\/\/www.google.bg\/ https:\/\/www.google.dk\/ https:\/\/googleads.g.doubleclick.net https:\/\/bid.g.doubleclick.net https:\/\/kaffekapslen.dk\/ https:\/\/kaffekapslen.media https:\/\/www.googletagmanager.com\/ https:\/\/app.usercentrics.eu\/ https:\/\/*.usercentrics.eu https:\/\/connect.facebook.net\/ https:\/\/firebasestorage.googleapis.com https:\/\/ss.kaffek.dk\/ https:\/\/ss.kaffek.at\/ https:\/\/ss.kaffek.be\/ https:\/\/ss.kaffek.bg\/ https:\/\/ss.kaffek.ch\/ https:\/\/ss.kaffek.co.uk\/ https:\/\/ss.kaffek.cz\/ https:\/\/ss.kaffek.de\/ https:\/\/ss.kaffek.es\/ https:\/\/ss.kaffek.fi\/ https:\/\/ss.kaffek.fr\/ https:\/\/ss.kaffek.gr\/ https:\/\/ss.kaffek.hu\/ https:\/\/ss.kaffek.ie\/ https:\/\/ss.kaffek.it\/ https:\/\/ss.kaffek.nl\/ https:\/\/ss.kaffek.no\/ https:\/\/ss.kaffek.pl\/ https:\/\/ss.kaffek.pt\/ https:\/\/ss.kaffek.ro\/ https:\/\/ss.kaffek.se\/ https:\/\/ss.kaffek.sk\/ https:\/\/stats.g.doubleclick.net https:\/\/scripts.clarity.ms https:\/\/e.clarity.ms https:\/\/a.clarity.ms\/collect https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/connect.facebook.net https:\/\/capig.kaffekapslen.dk https:\/\/o.clarity.ms https:\/\/demo-3.conversionsapigateway.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com data: 'self' 'unsafe-inline'; script-src *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com https:\/\/maps.googleapis.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ cdn.jsdelivr.net https:\/\/kaffekapslen.media\/ https:\/\/app.usercentrics.eu\/ https:\/\/connect.facebook.net\/ https:\/\/*.usercentrics.eu https:\/\/bat.bing.com\/ https:\/\/www.clarity.ms\/ *.avada.io *.shopify.com https:\/\/ss.kaffek.dk\/ https:\/\/ss.kaffek.at\/ https:\/\/ss.kaffek.be\/ https:\/\/ss.kaffek.bg\/ https:\/\/ss.kaffek.ch\/ https:\/\/ss.kaffek.co.uk\/ https:\/\/ss.kaffek.cz\/ https:\/\/ss.kaffek.de\/ https:\/\/ss.kaffek.es\/ https:\/\/ss.kaffek.fi\/ https:\/\/ss.kaffek.fr\/ https:\/\/ss.kaffek.gr\/ https:\/\/ss.kaffek.hu\/ https:\/\/ss.kaffek.ie\/ https:\/\/ss.kaffek.it\/ https:\/\/ss.kaffek.nl\/ https:\/\/ss.kaffek.no\/ https:\/\/ss.kaffek.pl\/ https:\/\/ss.kaffek.pt\/ https:\/\/ss.kaffek.ro\/ https:\/\/ss.kaffek.se\/ https:\/\/ss.kaffek.sk\/ https:\/\/stats.g.doubleclick.net https:\/\/scripts.clarity.ms https:\/\/e.clarity.ms https:\/\/a.clarity.ms\/collect https:\/\/www.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/capig.kaffekapslen.dk https:\/\/o.clarity.ms https:\/\/demo-3.conversionsapigateway.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com cdn.jsdelivr.net *.cloudflare.com https:\/\/*.usercentrics.eu *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/ss.kaffek.dk\/ https:\/\/ss.kaffek.at\/ https:\/\/ss.kaffek.be\/ https:\/\/ss.kaffek.bg\/ https:\/\/ss.kaffek.ch\/ https:\/\/ss.kaffek.co.uk\/ https:\/\/ss.kaffek.cz\/ https:\/\/ss.kaffek.de\/ https:\/\/ss.kaffek.es\/ https:\/\/ss.kaffek.fi\/ https:\/\/ss.kaffek.fr\/ https:\/\/ss.kaffek.gr\/ https:\/\/ss.kaffek.hu\/ https:\/\/ss.kaffek.ie\/ https:\/\/ss.kaffek.it\/ https:\/\/ss.kaffek.nl\/ https:\/\/ss.kaffek.no\/ https:\/\/ss.kaffek.pl\/ https:\/\/ss.kaffek.pt\/ https:\/\/ss.kaffek.ro\/ https:\/\/ss.kaffek.se\/ https:\/\/ss.kaffek.sk\/ https:\/\/stats.g.doubleclick.net https:\/\/scripts.clarity.ms https:\/\/e.clarity.ms https:\/\/a.clarity.ms\/collect https:\/\/www.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/capig.kaffekapslen.dk https:\/\/o.clarity.ms https:\/\/demo-3.conversionsapigateway.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.adyen.com https:\/\/www.google.com payments-eu.amazon.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.googleapis.com https:\/\/www.facebook.com eu.playground.klarnaevt.com https:\/\/www.kaffekapslen.dk\/ https:\/\/az-apim-st-kaffekapslen.azure-api.net\/ api.kaffekapslen.com https:\/\/googleads.g.doubleclick.net https:\/\/bat.bing.com\/ https:\/\/kaffekapslen.matomo.cloud\/ https:\/\/api.usercentrics.eu\/ https:\/\/*.usercentrics.eu https:\/\/pagead2.googlesyndication.com\/ https:\/\/graphql.usercentrics.eu\/graphql https:\/\/monitor.kaffekapslen.com\/ https:\/\/google.com\/pay https:\/\/region1.google-analytics.com https:\/\/www.google.bg\/ https:\/\/capig.kaffekapslen.dk\/ https:\/\/kaffekapslen.media https:\/\/get.geojs.io *.avada.io https:\/\/ss.kaffek.dk\/ https:\/\/ss.kaffek.at\/ https:\/\/ss.kaffek.be\/ https:\/\/ss.kaffek.bg\/ https:\/\/ss.kaffek.ch\/ https:\/\/ss.kaffek.co.uk\/ https:\/\/ss.kaffek.cz\/ https:\/\/ss.kaffek.de\/ https:\/\/ss.kaffek.es\/ https:\/\/ss.kaffek.fi\/ https:\/\/ss.kaffek.fr\/ https:\/\/ss.kaffek.gr\/ https:\/\/ss.kaffek.hu\/ https:\/\/ss.kaffek.ie\/ https:\/\/ss.kaffek.it\/ https:\/\/ss.kaffek.nl\/ https:\/\/ss.kaffek.no\/ https:\/\/ss.kaffek.pl\/ https:\/\/ss.kaffek.pt\/ https:\/\/ss.kaffek.ro\/ https:\/\/ss.kaffek.se\/ https:\/\/ss.kaffek.sk\/ https:\/\/stats.g.doubleclick.net https:\/\/scripts.clarity.ms https:\/\/e.clarity.ms https:\/\/a.clarity.ms\/collect https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/connect.facebook.net https:\/\/capig.kaffekapslen.dk https:\/\/o.clarity.ms https:\/\/demo-3.conversionsapigateway.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":16},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' *.alicdn.com *.aliyun.com *.alyasset.com *.alcasset.com *.alipay.com log.mmstat.com ynuf.aliapp.org *.alipayobjects.com local.alipcsec.com:6691 appx appx-t2 oem-img.wanwang.xin; style-src 'unsafe-inline' *.alicdn.com *.aliyun.com *.alipay.com *.alipayobjects.com oem-img.wanwang.xin; font-src data: *.alicdn.com *.aliyun.com *.alipayobjects.com; frame-src *.aliyun.com *.alicdn.com *.aliyuncs.com *.alipay.com *.taobao.com *.alibabacloud.com *.1688.com xstore.insights.1688.com; report-uri \/\/www.aliyun.com\/api\/log\/csp-report","count":15},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/bat.bing.com https:\/\/connect.facebook.net https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/ct.pinterest.com https:\/\/googleads.g.doubleclick.net https:\/\/s.pinimg.com https:\/\/script.hotjar.com https:\/\/snap.licdn.com https:\/\/static.ads-twitter.com https:\/\/static.hotjar.com https:\/\/unpkg.com https:\/\/www.googletagmanager.com https:\/\/js.hsforms.net https:\/\/js-eu1.hs-scripts.com https:\/\/js-na1.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js-eu1.hs-analytics.net https:\/\/js.hubspot.com https:\/\/js-eu1.hubspot.com https:\/\/js.hs-banner.com https:\/\/js-eu1.hs-banner.com https:\/\/js.hsadspixel.net https:\/\/cdn.engage.teamviewer.com https:\/\/apps.mypurecloud.de https:\/\/directsearch.velux.tech https:\/\/exp-api.velux.at https:\/\/exp-api.velux.de https:\/\/exp-api.velux.pl https:\/\/exp-api.velux.hu https:\/\/exp-api.velux.nl https:\/\/exp-api.velux.ro https:\/\/sgtm.velux.at https:\/\/w.usabilla.com https:\/\/apis.google.com https:\/\/static.hsappstatic.net https:\/\/*.velux.com https:\/\/*.velux.co.uk https:\/\/*.velux.de https:\/\/*.velux.fr https:\/\/*.velux.dk https:\/\/*.velux.nl https:\/\/*.velux.be https:\/\/*.velux.no https:\/\/*.velux.se https:\/\/*.velux.pl https:\/\/*.velux.ch https:\/\/*.velux.hu https:\/\/*.velux.cz https:\/\/*.velux.hr https:\/\/*.velux.ro https:\/\/*.velux.it https:\/\/*.velux.es https:\/\/*.velux.pt https:\/\/*.velux.ie https:\/\/*.velux.ca https:\/\/*.velux.com.au https:\/\/*.velux.co.nz https:\/\/*.velux.co.jp https:\/\/*.velux.ba https:\/\/*.velux.bg https:\/\/*.velux.ee https:\/\/*.velux.lt https:\/\/*.velux.lv https:\/\/*.velux.rs https:\/\/*.velux.si https:\/\/*.velux.sk https:\/\/*.velux.com.tr https:\/\/*.velux.ua https:\/\/*.velux.lat https:\/\/*.veluxusa.com https:\/\/scripts.clarity.ms https:\/\/www.clarity.ms https:\/\/embed.typeform.com https:\/\/anfragen.velux.at https:\/\/d1hgczpbubj217.cloudfront.net https:\/\/exp-api.velux.fr https:\/\/sgtm.velux.de https:\/\/sgtm.velux.fr https:\/\/pixels.omnitagjs.com https:\/\/www.youtube.com https:\/\/145747460.fs1.hubspotusercontent-eu1.net https:\/\/lottingem.com https:\/\/www.google.com https:\/\/ads-engagement.presage.io https:\/\/www.gstatic.com https:\/\/secured-pixel.com https:\/\/sgtm.velux.co.uk; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/directsearch.velux.tech https:\/\/cdn.chatvisor.com https:\/\/cdn.honey.io https:\/\/www.gstatic.com; img-src 'self' data: blob: https:\/\/*.google.sk https:\/\/learnupon.s3.eu-west-1.amazonaws.com https:\/\/ad.doubleclick.net https:\/\/adservice.google.com https:\/\/analytics.twitter.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/contenthub.velux.com https:\/\/imgsct.cookiebot.com https:\/\/px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/t.co https:\/\/track.hubspot.com https:\/\/forms-na1.hsforms.com https:\/\/perf-na1.hsforms.com https:\/\/perf-eu1.hsforms.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/thumbnails.shelf-eu.com https:\/\/brxcdn.com https:\/\/i.ytimg.com https:\/\/joko-mobile-app-media.s3.eu-west-1.amazonaws.com https:\/\/track-eu1.hubspot.com https:\/\/www.facebook.com https:\/\/analytics.google.com https:\/\/www.bing.com https:\/\/l.facebook.com https:\/\/www.google.com https:\/\/www.google.hu https:\/\/www.google.fr https:\/\/www.google.de https:\/\/www.google.co.uk https:\/\/www.google.nl https:\/\/www.google.dk https:\/\/www.google.no https:\/\/www.google.se https:\/\/www.google.pl https:\/\/www.google.ch https:\/\/www.google.it https:\/\/www.google.es https:\/\/www.google.pt https:\/\/www.google.ie https:\/\/www.google.ca https:\/\/www.google.com.au https:\/\/www.google.co.nz https:\/\/www.google.co.jp https:\/\/www.google.ba https:\/\/www.google.bg https:\/\/www.google.ee https:\/\/www.google.lt https:\/\/www.google.lv https:\/\/www.google.rs https:\/\/www.google.si https:\/\/www.google.sk https:\/\/www.google.com.tr https:\/\/www.google.com.ua https:\/\/www.google.at https:\/\/www.google.be https:\/\/www.google.cz https:\/\/www.google.ro https:\/\/www.google.hr https:\/\/*.velux.com https:\/\/*.velux.co.uk https:\/\/*.velux.de https:\/\/*.velux.fr https:\/\/*.velux.dk https:\/\/*.velux.nl https:\/\/*.velux.be https:\/\/*.velux.no https:\/\/*.velux.se https:\/\/*.velux.pl https:\/\/*.velux.ch https:\/\/*.velux.hu https:\/\/*.velux.cz https:\/\/*.velux.hr https:\/\/*.velux.ro https:\/\/*.velux.it https:\/\/*.velux.es https:\/\/*.velux.pt https:\/\/*.velux.ie https:\/\/*.velux.ca https:\/\/*.velux.com.au https:\/\/*.velux.co.nz https:\/\/*.velux.co.jp https:\/\/*.velux.ba https:\/\/*.velux.bg https:\/\/*.velux.ee https:\/\/*.velux.lt https:\/\/*.velux.lv https:\/\/*.velux.rs https:\/\/*.velux.si https:\/\/*.velux.sk https:\/\/*.velux.com.tr https:\/\/*.velux.ua https:\/\/*.velux.lat https:\/\/*.veluxusa.com https:\/\/secure.adnxs.com https:\/\/bat.bing.net https:\/\/forms-eu1.hsforms.com https:\/\/consent.cookiebot.com https:\/\/www.google.com.ph https:\/\/www.google.co.za https:\/\/25713015.fs1.hubspotusercontent-eu1.net https:\/\/www.google.fi https:\/\/www.google.com.eg https:\/\/www.google.com.my https:\/\/c.clarity.ms https:\/\/ade.googlesyndication.com https:\/\/www.google.lu https:\/\/www.google.co.in https:\/\/www.google.co.th https:\/\/fonts.gstatic.com https:\/\/www.google.cl https:\/\/www.google.com.vn https:\/\/www.google.com.lb https:\/\/www.google.co.tz https:\/\/www.google.mk https:\/\/weshare.23video.com https:\/\/translate.google.com https:\/\/www.google.ru https:\/\/www.google.com.bd https:\/\/www.google.com.sa https:\/\/www.google.com.mt https:\/\/www.google.gg https:\/\/ads-engagement.presage.io https:\/\/www.google.co.kr https:\/\/www.google.lk https:\/\/www.google.me https:\/\/www.google.is https:\/\/track.adform.net https:\/\/www.google.co.ao https:\/\/www.google.ae https:\/\/www.google.com.kw https:\/\/www.google.com.hk https:\/\/sgtm.velux.at https:\/\/www.google.md https:\/\/connect.facebook.net https:\/\/www.google.co.ma https:\/\/www.google.je https:\/\/cdn.honey.io https:\/\/hawk-tracker.360yield.com https:\/\/p1.outbrain.com https:\/\/www.google.al https:\/\/www.google.by https:\/\/www.google.co.id https:\/\/www.google.co.il https:\/\/www.google.co.uz https:\/\/www.google.com.cy https:\/\/www.google.com.gh https:\/\/www.google.dz https:\/\/www.google.ge https:\/\/www.google.gr https:\/\/www.google.im https:\/\/www.google.tn; connect-src 'self' data: https:\/\/js.monitor.azure.com https:\/\/northeurope-2.in.applicationinsights.azure.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/consentcdn.cookiebot.com https:\/\/ct.pinterest.com https:\/\/px.ads.linkedin.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.facebook.com https:\/\/pagead2.googlesyndication.com https:\/\/api-cdn.mypurecloud.de https:\/\/api.mypurecloud.de https:\/\/webmessaging.mypurecloud.de https:\/\/engage.teamviewer.com wss:\/\/engage.teamviewer.com https:\/\/cdn.engage.teamviewer.com https:\/\/cta-service-cms2.hubspot.com https:\/\/cta-eu1.hubspot.com https:\/\/forms.hsforms.com https:\/\/api.hubapi.com https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/analytics.twitter.com https:\/\/t.co https:\/\/vc.hotjar.io https:\/\/content.hotjar.io https:\/\/metrics.hotjar.io wss:\/\/ws.hotjar.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/analytics.videomyjob.com https:\/\/browser.pipe.aria.microsoft.com https:\/\/d1hgczpbubj217.cloudfront.net https:\/\/translate.googleapis.com https:\/\/translate.google.com https:\/\/apis.google.com https:\/\/sgtm.velux.at https:\/\/sgtm.velux.de https:\/\/sgtm.velux.pl https:\/\/sgtm.velux.co.uk https:\/\/sgtm.velux.fr https:\/\/sgtm.velux.nl https:\/\/sgtm.velux.cz https:\/\/sgtm.velux.it https:\/\/sgtm.velux.es https:\/\/sgtm.velux.dk https:\/\/sgtm.velux.hr https:\/\/sgtm.velux.hu https:\/\/sgtm.velux.ee https:\/\/exp-api.velux.at https:\/\/exp-api.velux.de https:\/\/exp-api.velux.pl https:\/\/exp-api.velux.hu https:\/\/exp-api.velux.nl https:\/\/exp-api.velux.ro https:\/\/directsearch.velux.tech https:\/\/anfragen.velux.at https:\/\/log.pinterest.com https:\/\/*.fls.doubleclick.net https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/*.velux.com https:\/\/*.velux.co.uk https:\/\/*.velux.de https:\/\/*.velux.fr https:\/\/*.velux.dk https:\/\/*.velux.nl https:\/\/*.velux.be https:\/\/*.velux.no https:\/\/*.velux.se https:\/\/*.velux.pl https:\/\/*.velux.ch https:\/\/*.velux.hu https:\/\/*.velux.cz https:\/\/*.velux.hr https:\/\/*.velux.ro https:\/\/*.velux.it https:\/\/*.velux.es https:\/\/*.velux.pt https:\/\/*.velux.ie https:\/\/*.velux.ca https:\/\/*.velux.com.au https:\/\/*.velux.co.nz https:\/\/*.velux.co.jp https:\/\/*.velux.ba https:\/\/*.velux.bg https:\/\/*.velux.ee https:\/\/*.velux.lt https:\/\/*.velux.lv https:\/\/*.velux.rs https:\/\/*.velux.si https:\/\/*.velux.sk https:\/\/*.velux.com.tr https:\/\/*.velux.ua https:\/\/*.velux.lat https:\/\/*.veluxusa.com https:\/\/*.clarity.ms wss:\/\/engage.teamviewer.com https:\/\/form.typeform.com https:\/\/www.google.com https:\/\/connect.facebook.net https:\/\/a.clarity.ms https:\/\/local.adblock360.com https:\/\/fileupload.mypurecloud.de https:\/\/forms-eu1.hsforms.com https:\/\/exp-api.velux.cz https:\/\/perf-na1.hsforms.com https:\/\/ad.doubleclick.net https:\/\/consent.cookiebot.com https:\/\/wdd-velux-designs.azurewebsites.net https:\/\/bded8a3c6ae-1-1053047382554.us-central1.run.app https:\/\/fast.wistia.net https:\/\/md-eecad2978f7a43f5b7838c919258e6de.ecs.us-east-2.on.aws https:\/\/s.pinimg.com; frame-src 'self' blob: https:\/\/consentcdn.cookiebot.com https:\/\/fast.wistia.net https:\/\/leadmanagement.velux.co.uk https:\/\/td.doubleclick.net https:\/\/weshare.23video.com https:\/\/www.googletagmanager.com https:\/\/ct.pinterest.com https:\/\/engage.teamviewer.com https:\/\/apps.mypurecloud.de https:\/\/www.facebook.com https:\/\/meetings.hubspot.com https:\/\/meetings-eu1.hubspot.com https:\/\/forms-eu1.hsforms.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/d1hgczpbubj217.cloudfront.net https:\/\/embed.typeform.com https:\/\/sgtm.velux.at https:\/\/sgtm.velux.de https:\/\/sgtm.velux.pl https:\/\/sgtm.velux.co.uk https:\/\/sgtm.velux.fr https:\/\/sgtm.velux.nl https:\/\/sgtm.velux.cz https:\/\/sgtm.velux.it https:\/\/sgtm.velux.es https:\/\/sgtm.velux.dk https:\/\/sgtm.velux.hr https:\/\/sgtm.velux.hu https:\/\/sgtm.velux.ee https:\/\/*.velux.com https:\/\/*.velux.co.uk https:\/\/*.velux.de https:\/\/*.velux.fr https:\/\/*.velux.dk https:\/\/*.velux.nl https:\/\/*.velux.be https:\/\/*.velux.no https:\/\/*.velux.se https:\/\/*.velux.pl https:\/\/*.velux.ch https:\/\/*.velux.hu https:\/\/*.velux.cz https:\/\/*.velux.hr https:\/\/*.velux.ro https:\/\/*.velux.it https:\/\/*.velux.es https:\/\/*.velux.pt https:\/\/*.velux.ie https:\/\/*.velux.ca https:\/\/*.velux.com.au https:\/\/*.velux.co.nz https:\/\/*.velux.co.jp https:\/\/*.velux.ba https:\/\/*.velux.bg https:\/\/*.velux.ee https:\/\/*.velux.lt https:\/\/*.velux.lv https:\/\/*.velux.rs https:\/\/*.velux.si https:\/\/*.velux.sk https:\/\/*.velux.com.tr https:\/\/*.velux.ua https:\/\/*.velux.lat https:\/\/*.veluxusa.com https:\/\/embed.wistia.com https:\/\/gateway.zscloud.net https:\/\/outlook.office.com https:\/\/9724945.fls.doubleclick.net https:\/\/caclk.com https:\/\/anfragen.velux.at https:\/\/gateway.zscalertwo.net https:\/\/google.com https:\/\/9981267.fls.doubleclick.net https:\/\/bcsgsrv.com https:\/\/www.google.com https:\/\/form.typeform.com https:\/\/forms.hsforms.com https:\/\/velux.typeform.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/directsearch.velux.tech https:\/\/cdn.chatvisor.com https:\/\/velux-transform.pages.dev https:\/\/velcdn.azureedge.net https:\/\/assets.website-files.com https:\/\/oc-cdn-public-eur.azureedge.net https:\/\/*.velux.com https:\/\/frontend-cdn.perplexity.ai https:\/\/cdn.scite.ai https:\/\/brxcdn.com https:\/\/static.shopback.com https:\/\/res-1.cdn.office.net; media-src 'self' blob: data: https:\/\/contenthub.velux.com https:\/\/*.velux.com https:\/\/downloads.delivery.twentythree.com https:\/\/weshare.23video.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; manifest-src 'self'; upgrade-insecure-requests; block-all-mixed-content https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/connect.facebook.net https:\/\/pagead2.googlesyndication.com https:\/\/s.pinimg.com https:\/\/static.hotjar.com; report-uri https:\/\/www.velux.de\/api\/velux\/cspreport\/submit;","count":14},{"content-security-policy-report-only":" default-src 'self';","count":13},{"content-security-policy-report-only":" default-src * 'self'; style-src * 'self' 'unsafe-inline'; img-src * 'self' data: blob:; script-src * 'self' about: 'unsafe-inline' 'unsafe-eval' data:; worker-src * 'self' data: blob: 'unsafe-eval' 'unsafe-inline'; frame-src * 'self'; media-src 'self' blob: *; font-src * 'self' data:; upgrade-insecure-requests; form-action 'self'; frame-ancestors 'self';report-uri \/contentsecuritypolicy\/report","count":12},{"content-security-policy-report-only":" report-to sprd-report-only; frame-ancestors 'none'; report-uri https:\/\/csp.spreadshirts.net\/csp\/reportOnly;","count":12},{"content-security-policy-report-only":" script-src  'unsafe-eval' 'unsafe-inline' 'self' 'report-sample' https:\/\/wb.ru https:\/\/*.wb.ru https:\/\/rwb.ru https:\/\/*.rwb.ru https:\/\/wildberries.ru https:\/\/*.wildberries.ru https:\/\/wb-basket.ru https:\/\/*.wb-basket.ru https:\/\/wbbasket.ru https:\/\/*.wbbasket.ru https:\/\/wbcontent.net https:\/\/*.wbcontent.net https:\/\/api-maps.yandex.ru https:\/\/yastatic.net https:\/\/wibes.ru https:\/\/*.wibes.ru https:\/\/7c6f0c1e-2b5d-4b11-9b4f-4d7d8f1e9a3a.wb.ru; report-uri https:\/\/nel.wb.ru\/csp; report-to csp;","count":11},{"content-security-policy-report-only":" default-src https: data: 'unsafe-inline' 'unsafe-eval'","count":11},{"content-security-policy-report-only":" default-src https: 'self' *.facebook.net *.googletagmanager.com *.bizibly.com *.doubleclick.net https:\/\/*.intercomcdn.com https:\/\/*.datadoghq-browser-agent.com; font-src 'self' https:\/\/*.intercomcdn.com *.fontawesome.com data:; base-uri 'none'; object-src data: 'unsafe-eval'; img-src 'self' data: * ; script-src https: 'self' 'unsafe-eval' 'unsafe-inline' http:\/\/*.google-analytics.com http:\/\/*.gstatic.com http:\/\/*.bing.com http:\/\/*.googleadservices.com http:\/\/*.hs-scripts.com http:\/\/*.bizible.com *.facebook.net *.googletagmanager.com http:\/\/*.fontawesome.com http:\/\/*.outbrain.com blob:; style-src https: 'self' *.fontawesome.com 'unsafe-inline'; report-uri \/rest\/trackers\/csp;","count":11},{"content-security-policy-report-only":" font-src *.typekit.net fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com data: maxcdn.bootstrapcdn.com 'self' data: *.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com *.facebook.net *.clarity.ms get.geojs.io stats.g.doubleclick.net *.zdassets.com *.zendesk.com rum-collector-2.pingdom.net bam.nr-data.net *.klaviyo.com *.xtento.com *.tiktok.com *.google.com *.sportline.com.pa *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.instagram.com www.google.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com *.blob.core.windows.net\/* *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com *.facebook.net *.clarity.ms get.geojs.io stats.g.doubleclick.net *.zdassets.com *.zendesk.com rum-collector-2.pingdom.net bam.nr-data.net *.klaviyo.com *.xtento.com *.tiktok.com *.google.com *.sportline.com.pa *.weltpixel.com *.wesupply.xyz https:\/\/wesupplylabs.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com *.paypal.com * www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.ftcdn.net *.behance.net *.gstatic.com *.googleapis.com *.cdninstagram.com www.gstatic.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com *.facebook.net *.clarity.ms get.geojs.io stats.g.doubleclick.net *.zdassets.com *.zendesk.com rum-collector-2.pingdom.net bam.nr-data.net *.klaviyo.com *.xtento.com *.tiktok.com *.google.com *.google.com.pa *.sportline.com.pa *.sportline.com.co *.magentosite.cloud 'self' data: *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.paypal.com *.apptrian.com https:\/\/www.google.com https:\/\/www.google.com.co maps.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com beacon-qa.magento-datasolutions.com beacon-stage.magento-ds.com beacon.magento-ds.com beacon-audiences.magento-ds.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.googleapis.com *.gstatic.com *.instagram.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com chimpstatic.com downloads.mailchimp.com *.list-manage.com *.compassmerchantsolutions.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.blob.core.windows.net\/* *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com *.facebook.net *.clarity.ms get.geojs.io stats.g.doubleclick.net *.zdassets.com *.zendesk.com rum-collector-2.pingdom.net bam.nr-data.net *.klaviyo.com *.hotjar.com *.xtento.com *.tiktok.com *.sportline.com.pa *.pangle-ads.com *.adobedtm.com *.googletagmanager.com *.google.com *.google-analytics.com *.cloudflare.com maps.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/www.googletagmanager.com tagmanager.google.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com beacon-audiences.magento-ds.com fonts.googleapis.com downloads.mailchimp.com https:\/\/static.klaviyo.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com maxcdn.bootstrapcdn.com *.googletagmanager.com *.google.com *.typekit.net *.googleapis.com *.gstatic.com *.bootstrapcdn.com unsafe-inline assets.braintreegateway.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.snplow.net commerce.adobedc.net p13n-mr.adobe.io beacon-audiences.magento-ds.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobedc.net *.demdex.net *.adobe.io performance.typekit.net *.sentry.io *.googleapis.com *.compassmerchantsolutions.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ telemetrics.klaviyo.com *.sistecredito.com\/* *.blob.core.windows.net\/* *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com *.facebook.net *.clarity.ms get.geojs.io stats.g.doubleclick.net *.zdassets.com *.zendesk.com rum-collector-2.pingdom.net bam.nr-data.net *.klaviyo.com static-tracking.klaviyo.com fast.a.klaviyo.com a.klaviyo.com *.hotjar.com metrics.hotjar.io wss:\/\/ws.hotjar.com content.hotjar.io *.xtento.com *.tiktok.com *.google.com *.sportline.com.pa *.pangle-ads.com assets.adobedtm.com *.adobedtm.com api.mercadopago.com *.google-analytics.com *.paypal.com tm.filter:* maps.googleapis.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com google.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":11},{"content-security-policy-report-only":" report-uri https:\/\/reporting.go-mpulse.net\/report\/FDSGP-LEB9B-T8Y2A-5V5ED-9WX2T","count":10},{"content-security-policy-report-only":" script-src 'self'","count":10},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/*.gstatic.com *.googleapis.com data: *.sodatech.com *.sodatech.net cdn.livechatinc.com mediacdn.espssl.com viewer.byondxr.com use.fontawesome.com 'self' data: https:\/\/fonts.yieldify-production.com\/fonts\/100822\/e6e8821f-e1ad-4601-aaed-5b3386a4580b.otf https:\/\/*.hotjar.io https:\/\/*.yieldify-production.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com api.bazaarvoice.com stg.api.bazaarvoice.com pal-test.adyen.com www.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com http:\/\/www.facebook.com\/tr 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com bid.g.doubleclick.net www.googletagmanager.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.adyen.com *.sharethis.com *.certcapture.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.ehappify.com www.xtento.com *.vimeo.com *.jsctool.com *.pinterest.com *.mmcagentur.at *.doubleclick.net *.facebook.com *.facebook.net *.demdex.net *.authorize.net *.googletagmanager.com *.xtento.com *.app-wallee.com *.waltpixel.com *.equitystory.com offer.slgnt.us vars.hotjar.com *.pepperjamnetwork.com services.listrak.com *.serverdata.net *.livechatinc.com *.lindtusa.com *.russellstover.com *.ghirardelli.com https:\/\/*.ordergroove.com *.weltpixel.com https:\/\/app-wallee.com www.jsctool.com static.ogmystyle.com static2.ogmystyle.com www.mystyleplatform.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.trustpilot.com geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com https:\/\/odr.promo.dev\/ https:\/\/*.yieldify.com https:\/\/ohws.prospective.ch\/ https:\/\/tpc.googlesyndication.com\/ https:\/\/*.hotjar.io https:\/\/www.mainadv.com https:\/\/ad.ad-srv.net 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * https:\/\/*.gstatic.com *.adyen.com *.sharethis.com *.googleapis.com *.certcapture.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.cloudfront.net *.amazonaws.com *.regalify.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.xtento.com cdn.xtento.com blob: lindt.test *.lindt.test maps.googleapis.com *.pinterest.com *.postcodeanywhere.co.uk *.klarna.com *.invibes.com *.b26net.com https:\/\/www.google-analytics.com *.googletagmanager.com *.teads.tv *.videostep.com *.facebook.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.taboola.com *.doubleclick.net *.outbrain.com *.adobedtm.com *.omtrdc.net *.demdex.net *.everesttech.net *.magentocommerce.com *.sodatech.com *.sodatech.net api.official-deals.co.uk api.official-coupons.com *.adsymptotic.com cdn.livechat-files.com cp.official-coupons.com cookie-cdn.cookiepro.com cp.official-deals.co.uk site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us *.blob.core.windows.net s.pinimg.com snap.licdn.com mediacdn.espssl.com *.clarity.ms *.bing.com *.serverdata.net lindtna.test *.lindtna.test *.livechatinc.com mageside.com https:\/\/app-wallee.com d.ratepay.com viewer.byondxr.com s3.us-west-2.amazonaws.com showroom-media.byondxr.com media-optimization-service.byondxr.com *.byondxr.com *.listrakbi.com www.mystyleplatform.com static.mystyleplatform.com static2.mystyleplatform.com static2.ogmystyle.com mystyleplatform.s3.us-west-2.amazonaws.com https:\/\/www.unifaunonline.se https:\/\/*.tile.openstreetmap.org\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/redchamps.com *.hsforms.net *.hsforms.com 'self' data: geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com http:\/\/lindt-hg65tr.your-printq.com https:\/\/*.cookiepro.com https:\/\/assets-v2.yieldify.com\/images\/189494\/2022\/4\/8\/55c67825-1f9d-438d-815a-43a437f03af2.png https:\/\/assets-v2.yieldify.com\/images\/189494\/2022\/4\/21\/54125dc1-8b51-4175-bd53-7d33e427cc41.gif https:\/\/www.lindt-spruengli.com\/ https:\/\/px.ads.linkedin.com\/ https:\/\/*.seznam.cz https:\/\/*.hotjar.io https:\/\/*.yieldify.com https:\/\/i.cdn.nrholding.net https:\/\/*.sendtric.com network-eu-a.bazaarvoice.com assets-v2.yieldify.com *.cookiepro.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/rum.hlx.page *.sharethis.com *.googleapis.com *.attn.tv events.attentivemobile.com *.certcapture.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.xtento.com cdn.xtento.com *.pcapredict.com lindt.slgnt.eu maps.googleapis.com *.pinterest.com *.postcodeanywhere.co.uk *.cloudflare.com *.teads.tv *.r66net.com *.facebook.net *.googleadservices.com *.doubleclick.net *.cookiepro.com *.cloudfront.net *.videostep.com *.mfgroup.ch *.taboola.com *.outbrain.com *.adobedtm.com *.authorize.net *.unpkg.com *.fontawesome.com *.sodatech.net *.sodatech.com www.clarity.ms bat.bing.com *.b2c.com bt.fraud0.com container.pepperjam.com www.googleoptimize.com *.hotjar.com *.pepperjamnetwork.com *.revlifter.io site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us *.blob.core.windows.net s.pinimg.com snap.licdn.com acsbapp.com cdn.noibu.com www.youtube.com *.upsellit.com *.livechatinc.com *.serverdata.net *.tiktok.com *.ordergroove.com https:\/\/app-wallee.com https:\/\/gmtech.mfgroup.ch https:\/\/assets.secure.checkout.visa.com https:\/\/www.googletagmanager.com tagmanager.google.com d.ratepay.com www.jsctool.com byondxr-viewer.byondxr.com web-apps.byondxr.com *.listrakbi.com *.listrak.com mystyleplatform.com www.mystyleplatform.com static.ogmystyle.com static2.ogmystyle.com d203yb14zlmxwn.cloudfront.net cdnjs.cloudflare.com cdn.jsdelivr.net use.fontawesome.com *.mczbf.com https:\/\/api.unifaun.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com *.trustpilot.com geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com https:\/\/static-eu.payments-amazon.com\/checkout.js https:\/\/*.yieldify.com https:\/\/www.googleoptimize.com\/optimize.js https:\/\/custom.yieldify.com\/v1\/100510\/100822\/3d9a49d0c2\/bundle.js https:\/\/snap.licdn.com\/li.lms-analytics\/insight.min.js https:\/\/tpc.googlesyndication.com\/sodar\/1s9mPOHO.js https:\/\/*.adform.net https:\/\/*.seznam.cz https:\/\/analytics.tiktok.com\/ https:\/\/*.hotjar.io https:\/\/*.pinimg.com https:\/\/*.daktela.com https:\/\/www.dwin1.com maps.google.com https:\/\/www.gstatic.com\/recaptcha static.r66net.net https:\/\/unbxd.s3.amazonaws.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.cash.app https:\/\/fonts.googleapis.com\/ *.sharethis.com *.googleapis.com *.certcapture.com display.ugc.bazaarvoice.com *.amazonaws.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com *.fonts.net *.postcodeanywhere.co.uk *.cloudfront.net *.cloudflare.com *.sodatech.com *.sodatech.net *.getfirebug.com cloud.typography.com *.serverdata.net *.myfonts.net *.russellstover.com https:\/\/app-wallee.com tagmanager.google.com d.ratepay.com *.listrakbi.com *.listrak.com use.fontawesome.com www.mystyleplatform.com static.ogmystyle.com static2.ogmystyle.com assets.braintreegateway.com *.gstatic.com *.trustpilot.com geowidget.inpost.pl widget.packeta.com https:\/\/*.hotjar.io 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cloudfront.net *.serverdata.net *.livechatinc.com *.listrakbi.com www.lindt-spruengli.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net vimeo.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net api.magento.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * *.adyen.com *.sharethis.com *.googleapis.com *.attn.tv events.attentivemobile.com *.certcapture.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.postcodeanywhere.co.uk *.ratepay.com *.luckyorange.net *.cookiepro.com *.mfgroup.ch *.doubleclick.net *.visitors.live wss:\/\/in.visitors.live wss:\/\/visitors.live wss:\/\/in.visitors.live\/ wss:\/\/visitors.live\/ visitors.live *.taboola.com *.demdex.net *.omtrdc.net *.magento.com *.adobe.net *.adobedtm.com *.adobedc.net *.typekit.net *.magedevteam.com *.sodatech.com *.sodatech.net *.teads.tv www.sjwoe.com input.noibu.com wss:\/\/input.noibu.com\/pv_part in.hotjar.com www.facebook.com *.b2c.com bt.fraud0.com *.revlifter.com *.pepperjamnetwork.com *.revlifter.io site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us s.pinimg.com snap.licdn.com *.acsbapp.com cdn.noibu.com https:\/\/maps.googleapis.com *.clarity.ms *.facebook.com *.serverdata.net *.livechatinc.com api.addressy.com *.listrakbi.com *.mczbf.com *.tiktok.com *.ordergroove.com https:\/\/app-wallee.com https:\/\/assets.secure.checkout.visa.com https:\/\/www.google-analytics.com d.ratepay.com www.jsctool.com *.byondxr.com api.byondxr.com s3.us-west-2.amazonaws.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com https:\/\/*.criteo.com https:\/\/*.hotjar.io https:\/\/cdn.stickyadstv.com https:\/\/*.ads.linkedin.com https:\/\/snap.licdn.com https:\/\/*.r66net.com https:\/\/*.yieldify.com wss:\/\/*.hotjar.io https:\/\/geolocation.onetrust.com https:\/\/*.googleapis.com https:\/\/*.daktela.com https:\/\/cdn.tailwindcss.com analytics.google.com https:\/\/sgtm.lindt.se sgtm.lindt.se sgtm.lindt.dk www.google-analytics.com sgtm.lindt.cz sgtm.lindt.de sgtm.lindt.es sgtm.lindt.fr sgtm.lindt.it sgtm.lindt.hu sgtm.lindt.co.uk sgtm.lindt.com.nl sgtm.lindt.pl sgtm.lindt.at geolocation.onetrust.com sgtm.lindt.sk sgtm.lindt.fi 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.byondxr.com *.googleapis.com https:\/\/cdn.tailwindcss.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":10},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/*.newrelic.com https:\/\/*.nr-data.net https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/www.googletagmanager.com; font-src 'self' https:\/\/themes.googleusercontent.com fonts.gstatic.com https:\/\/cdn.jsdelivr.net data:; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.vimeo.com; img-src 'self' https:\/\/translate.google.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/cdn.jsdelivr.net https:\/\/i.ytimg.com https:\/\/www.gstatic.com https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com data:; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.newrelic.com https:\/\/*.nr-data.net https:\/\/*.googletagmanager.com cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/cdn.ckeditor.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com maps.googleapis.com unpkg.com; script-src-attr 'self'; script-src-elem 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.newrelic.com https:\/\/*.nr-data.net cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/cdn.ckeditor.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com maps.googleapis.com unpkg.com; style-src 'self' cdn.jsdelivr.net cdnjs.cloudflare.com fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com unpkg.com; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com unpkg.com; block-all-mixed-content","count":9},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline'; script-src 'none' 'report-sample'; connect-src 'none'; form-action 'none'; frame-src 'none'; worker-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https:\/\/csp.threatview.app\/report; report-to threatview","count":9},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.gstatic.com https:\/\/www.awin1.com https:\/\/lantern.roeyecdn.com https:\/\/tagmanager.google.com https:\/\/cdn.trustcommander.net https:\/\/www.dwin1.com https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/bat.bing.com https:\/\/*.doubleclick.net https:\/\/www.axa-video.de https:\/\/*.visualwebsiteoptimizer.com https:\/\/app.vwo.com https:\/\/www.google.com https:\/\/platform.commandersact.com https:\/\/connect.facebook.net https:\/\/*.aklamio.com blob: https:\/\/ct.pinterest.com https:\/\/s.pinimg.com https:\/\/acdn.adnxs.com https:\/\/ib.adnxs.com https:\/\/snap.licdn.com https:\/\/data.dbv.de ;style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/app.vwo.com https:\/\/s3.amazonaws.com https:\/\/googletagmanager.com https:\/\/www.googletagmanager.com ;base-uri 'self'; object-src 'none'; default-src 'self' blob: data: https:\/\/fonts.gstatic.com\/; form-action 'self'; frame-src https:\/\/www.awin1.com https:\/\/app.vwo.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/entry.axa-de.intraxa\/ https:\/\/entry.axa.de https:\/\/www.axa-video.de https:\/\/www.axa.de https:\/\/inte.axa.de https:\/\/*.doubleclick.net https:\/\/cdn.trustcommander.net https:\/\/www.dwin1.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/td.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/ct.pinterest.com https:\/\/googletagmanager.com https:\/\/insight.adsrvr.org 'self' https:\/\/www.googletagmanager.com https:\/\/data.dbv.de https:\/\/www.youtube.com; img-src 'self' data: https:\/\/*.visualwebsiteoptimizer.com https:\/\/chart.googleapis.com https:\/\/wingify-assets.s3.amazonaws.com https:\/\/app.vwo.com https:\/\/track.adform.net https:\/\/ad.doubleclick.net https:\/\/www.facebook.com https:\/\/bat.bing.com https:\/\/*.google.com https:\/\/www.google.de https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/googleads.g.doubleclick.net *.doubleclick.net https:\/\/i.ytimg.com https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/www.financeads.net https:\/\/www.aklamio.com\/ https:\/\/ct.pinterest.com https:\/\/ib.adnxs.com https:\/\/*.ads.linkedin.com https:\/\/data.dbv.de; connect-src 'self' https:\/\/*.visualwebsiteoptimizer.com https:\/\/app.vwo.com https:\/\/*.googlesyndication.com https:\/\/*.google.com https:\/\/*.google.de https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.google-analytics.com https:\/\/*.doubleclick.net https:\/\/bat.bing.com https:\/\/privacy.trustcommander.net https:\/\/privacy.commander1.net https:\/\/privacy.commander1.com https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/fonts.googleapis.com https:\/\/*.dbv.de https:\/\/cloud.service.aerzteversicherung.de https:\/\/mcdyr4395tgnrcnr8bt5wsrgh-11.pub.sfmc-content.com https:\/\/*.aklamio.com https:\/\/www.googleadservices.com https:\/\/ct.pinterest.com https:\/\/ib.adnxs.com https:\/\/acdn.adnxs.com https:\/\/www.facebook.com https:\/\/*.ads.linkedin.com https:\/\/p.adsymptotic.com https:\/\/*.linkedin.oribi.io https:\/\/sjs.bizographics.com;;report-uri \/site\/dbv-de\/cspReportOnly","count":9},{"content-security-policy-report-only":" default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; frame-ancestors 'self'; report-uri https:\/\/stoklasa.report-uri.io\/r\/default\/csp\/reportOnly","count":8},{"content-security-policy-report-only":" upgrade-insecure-requests;","count":8},{"content-security-policy-report-only":" block-all-mixed-content; report-uri https:\/\/dmgm.report-uri.com\/r\/t\/csp\/reportOnly","count":7},{"content-security-policy-report-only":" report-uri \/report-csp-violation; upgrade-insecure-requests","count":7},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.cookiefirst.com *.marketo.com *.marketo.net *.mktoresp.com *.bizible.com *.salesforce.com *.my.site.com *.salesforce-scrt.com tcpsoftware.my.site.com *.clarity.ms *.linkedin.com *.facebook.net *.youtube.com *.company-target.com *.leandata.com *.tcpsoftware.com go.tcpsoftware.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.marketo.com https:; font-src 'self' fonts.gstatic.com data:; img-src 'self' data: blob: https:; connect-src 'self' *.google-analytics.com *.analytics.google.com *.cookiefirst.com consent.cookiefirst.com *.marketo.com *.mktoresp.com *.bizible.com *.salesforce.com *.salesforce-scrt.com tcpsoftware.my.salesforce-scrt.com *.clarity.ms *.company-target.com *.leandata.com wss:\/\/*.salesforce.com wss:\/\/*.salesforce-scrt.com *.tcpsoftware.com go.tcpsoftware.com; frame-src *.youtube.com *.marketo.com *.my.site.com *.company-target.com *.hubspot.com *.hsforms.com *.tcpsoftware.com; base-uri 'self'; form-action 'self' *.marketo.com *.salesforce.com *.hubspot.com *.hsforms.com; worker-src blob: 'self';","count":7},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' https:\/\/dev.visualwebsiteoptimizer.com; font-src 'self' https:\/\/font.circlekeurope.com data:; frame-src 'self' https:\/\/consentcdn.cookiebot.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com; img-src 'self' data: blob: https:\/\/www.google-analytics.com https:\/\/slim-prod.cksites-prod.alpaque.net https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/imgsct.cookiebot.com; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/maps.googleapis.com https:\/\/assets.adobedtm.com https:\/\/websdk.appsflyer.com https:\/\/cdnjs.cloudflare.com https:\/\/www.buyatab.com; script-src-elem 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/maps.googleapis.com https:\/\/assets.adobedtm.com https:\/\/websdk.appsflyer.com https:\/\/cdnjs.cloudflare.com https:\/\/www.buyatab.com; style-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com","count":7},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; style-src 'self' 'unsafe-inline' https: data:; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'self';","count":7},{"content-security-policy-report-only":" font-src cash-f.squarecdn.com data: *.gstatic.com *.photoslurp.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ * *.facebook.com *.mediquo.com *.hotjar.com *.criteo.com *.google.com *.clic2buy.com *.vimeo.com *.photoslurp.com *.sitescout.com *.criteo.net 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io * cdn.doofinder.com *.cloudfront.net *.amazonaws.com *.bing.com *.facebook.com widget-mediator.zopim.com *.swogo.net *.criteo.com *.googleapis.com *.google.com *.google.es *.google.com.br *.gstatic.com *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.photoslurp.com *.googleusercontent.com *.clarity.ms *.smartadserver.com *.bidswitch.net *.adnxs.com *.casalemedia.com *.360yield.com *.media.net *.mediavine.com *.outbrain.com *.pubmatic.com *.rubiconproject.com *.sharethrough.com *.taboola.com *.teads.tv *.3lift.com *.yahoo.com *.adform.net *.omnitagjs.com id5-sync.com *.yieldlab.net *.yieldmo.com *.demdex.net *.krxd.net *.thebrighttag.com *.sitescout.com *.sanity.io cdn.flbx.io data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com cdn.doofinder.com *.naturitas.com naturitas.slgnt.eu static.zdassets.com bat.bing.com connect.facebook.net *.swogo.net *.hotjar.com *.mediquo.com static.criteo.net *.criteo.com *.typeform.com *.clic2buy.com polyfill.io *.googleapis.com *.google.com *.google.es *.google.com.br *.googleoptimize.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.photoslurp.com *.clarity.ms *.pixel.ad *.dwin1.com *.getflowbox.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.cash.app *.doofinder.com *.googleapis.com *.photoslurp.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com * *.doofinder.com wss:\/\/*.doofinder.com *.naturitas.com *.naturitas.es naturitas-atc.zendesk.com ekr.zdassets.com wss:\/\/widget-mediator.zopim.com *.swogo.net *.googlesyndication.com *.hotjar.com *.google.com *.google.es *.google.com.br *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.adyen.com *.photoslurp.com *.clarity.ms *.apicdn.sanity.io *.api.sanity.io *.getflowbox.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":7},{"content-security-policy-report-only":" script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/scaffolding\/ntdsgswbsc:55:0","count":7},{"content-security-policy-report-only":" default-src 'self';     script-src 'self' https: 'unsafe-inline' 'unsafe-eval';     style-src 'self' https: 'unsafe-inline';     img-src 'self' data: https:;     font-src 'self' data: https:;     connect-src 'self' https:;     frame-ancestors 'self';     object-src 'none';     base-uri 'self';     upgrade-insecure-requests;","count":7},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com *.fontawesome.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.zopim.com *.zopim.io *.cookielaw.org *.bs-distribution.com acc-shop.bs-distribution.com *.onetrust.com *.b2b-nfinity.com *.adobe.com *.bunny.net *.bootstrapcdn.com *.googletagmanager.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.twitter.com *.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * https:\/\/www.youtube.com http:\/\/www.sandbox.paypal.com *.twitter.com *.facebook.com *.b2b-nfinity.com *.googleapis.com *.magentocommerce.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: * *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.bing.com *.zopim.com *.zopim.io *.doubleclick.net *.google.com *.google.co.in *.mastercard.com *.cookielaw.org *.bs-distribution.com acc-shop.bs-distribution.com *.onetrust.com *.linkedin.com t.co *.b2b-nfinity.com *.googleapis.com *.magentocommerce.com *.clarity.ms *.googletagmanager.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https:\/\/rum.hlx.page *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.bing.com *.zopim.com *.zdassets.com *.cookielaw.org *.bs-distribution.com acc-shop.bs-distribution.com *.onetrust.com *.b2b-nfinity.com *.googleapis.com *.magentocommerce.com *.facebook.net *.licdn.com *.ads-twitter.com *.ads-x.com *.clarity.ms *.googletagmanager.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.cash.app *.fontawesome.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.bing.com *.cookielaw.org *.bs-distribution.com acc-shop.bs-distribution.com *.onetrust.com *.b2b-nfinity.com *.magentocommerce.com *.google.com *.googletagmanager.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.zopim.com *.zopim.io *.cookielaw.org *.bs-distribution.com acc-shop.bs-distribution.com *.onetrust.com *.b2b-nfinity.com *.googleapis.com *.gstatic.com *.magentocommerce.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * *.cloudflare.com *.twitter.com *.ads-twitter.com *.ads-x.com *.twimg.com *.zdassets.com *.zopim.com *.zopim.io wss:\/\/widget-mediator.zopim.com *.google-analytics.com https:\/\/stats.g.doubleclick.net *.cookielaw.org *.bs-distribution.com acc-shop.bs-distribution.com *.onetrust.com *.b2b-nfinity.com *.googleapis.com *.adobe.com *.gstatic.com *.magentocommerce.com *.linkedin.com *.clarity.ms *.googletagmanager.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":7},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval' wss: ;img-src https: data: blob: ; font-src https: data:; form-action https: http:\/\/www.last.fm; report-uri https:\/\/cbsi.report-uri.io\/r\/default\/csp\/enforce","count":7},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klarnacdn.net *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/plumrocket.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors https:\/\/www.youtube.com\/ 'self' 'unsafe-inline'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com\/ *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/widget.trustpilot.com\/ *.weltpixel.com *.klarna.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/plumrocket.com https:\/\/www.usaskateshop.com\/ *.googletagmanager.com *.doubleclick.net *.typeform.com www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com https:\/\/banners.helloretailcdn.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com maps.gstatic.com maps.googleapis.com https:\/\/usaskateshop-com.b-cdn.net\/ *.facebook.com *.reddit.com *.googletagmanager.com *.doubleclick.net *.google.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/core.helloretail.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com chimpstatic.com downloads.mailchimp.com *.list-manage.com https:\/\/static.hotjar.com https:\/\/static.zdassets.com https:\/\/payments.worldpay.com https:\/\/cdn.clerk.io https:\/\/api.clerk.io https:\/\/ss.euroskateshop.de https:\/\/ss.euroskateshop.nl https:\/\/ss.euroskateshop.ch *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.disqus.com applepay.cdn-apple.com maps.googleapis.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net *.typeform.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com downloads.mailchimp.com *.klarnacdn.net https:\/\/static.klaviyo.com assets.braintreegateway.com *.fontawesome.com applepay.cdn-apple.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/cdn.usaskateshop.dk https:\/\/static.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/core.helloretail.com https:\/\/helloretailcdn.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com maps.googleapis.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":7},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/marketing_platform","count":6},{"content-security-policy-report-only":" default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri \/csp\/report?always;","count":6},{"content-security-policy-report-only":" child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https:\/\/csp.ffx.io\/; report-to csp-endpoint","count":6},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' *.uicdn.com *.gmx.com *.gmx.co.uk *.gmx.fr *.gmx.es *.ui-portal.de *.doubleclick.net *.primis.tech *.sekindo.com *.amazon-adsystem.com www.googletagmanager.com *.googlesyndication.com *.adtrafficquality.google *.googleapis.com *.script.ac *.2mdn.net; style-src 'self' 'unsafe-inline' *.uicdn.com *.primis.tech *.sekindo.com *.googleapis.com *.mail.com *.gmx.com *.gmx.co.uk *.gmx.fr *.gmx.es; font-src 'self' *.uicdn.com *.gstatic.com *.gmx.com *.gmx.co.uk *.gmx.fr *.gmx.es; img-src 'self' data: blob: *.uicdn.com *.mail.com *.gmx.com *.gmx.co.uk *.gmx.fr *.gmx.es *.ui-portal.de *.google.de *.google.com *.doubleclick.net *.primis.tech *.sekindo.com *.intentiq.com *.adtrafficquality.google *.taboola.com *.criteo.com *.criteo.net united-infos.net *.adition.com *.googletagmanager.com *.googlesyndication.com *.quantserve.com *.bidswitch.net *.adsrvr.org *.loopme.me *.casalemedia.com *.3lift.com *.rubiconproject.com *.yahoo.com *.tremorhub.com *.media.net *.lijit.com *.stickyadstv.com *.smartadserver.com *.adform.net *.sharethrough.com *.1rx.io *.kueezrtb.com *.ingage.tech *.a-mo.net *.yieldmo.com *.inmobi.com *.ottadvisors.com *.fwmrm.net *.adnxs.com domself.de *.ads.linkedin.com *.a-mx.com *.pubmatic.com *.unrulymedia.com *.openx.net *.visx.net *.360yield.com *.amazon-adsystem.com *.opera.com *.outbrain.com *.turn.com *.ctnsnet.com *.admanmedia.com *.temu.com; connect-src 'self' data: *.gmx.com *.gmx.co.uk *.gmx.fr *.gmx.es *.ui-portal.de *.gstatic.com *.google-analytics.com *.analytics.google.com *.criteo.com *.criteo.net *.taboola.com *.id5-sync.com id5-sync.com *.eu-1-id5-sync.com *.adsrvr.org *.primis.tech *.sekindo.com *.doubleclick.net *.googlesyndication.com *.amazon-adsystem.com *.adtrafficquality.google *.crwdcntrl.net *.intentiq.com *.uicdn.com *.adition.com *.rlcdn.com united-infos.net *.pubmatic.com *.openx.net *.sharethrough.com *.rubiconproject.com *.primis-tech.org *.dnacdn.net dnacdn.net *.casalemedia.com *.adnxs-simple.com *.smartadserver.com; frame-src 'self' *.gmx.com *.gmx.co.uk *.gmx.fr *.gmx.es *.doubleclick.net www.googletagmanager.com *.googlesyndication.com *.adtrafficquality.google *.google.com *.primis.tech *.sekindo.com *.pubmatic.com *.openx.net *.yellowblue.io *.googleapis.com; media-src 'self' blob: *.primis.tech *.sekindo.com; frame-ancestors *.mail.com; object-src 'none'; block-all-mixed-content","count":6},{"content-security-policy-report-only":" default-src 'self' *; media-src 'self' * data: ; font-src 'self' * data: ; img-src 'self' data: blob: *; script-src * 'unsafe-inline' 'unsafe-eval' data: *; style-src 'self' 'unsafe-inline' *; worker-src 'self' * blob: ; report-uri \/api\/csp-violation","count":6},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval';  font-src 'self' data:;  script-src 'self' 'unsafe-inline' 'unsafe-eval';  frame-src 'self' https:\/\/cdn.cohesionapps.com\/ https:\/\/www.googletagmanager.com\/;  connect-src 'self' https:\/\/cdn.cookielaw.org\/ https:\/\/www.google-analytics.com\/ https:\/\/yg3l958nut-dsn.algolia.net https:\/\/www.google.com\/ https:\/\/geolocation.onetrust.com\/ https:\/\/bam.nr-data.net https:\/\/content.cmn.com https:\/\/api.mobius.highereducation.com https:\/\/www.googletagmanager.com\/ https:\/\/cdn.cohesionapps.com\/ https:\/\/www.edx.org\/;  img-src 'self' https:\/\/res.cloudinary.com https:\/\/navi.cohesionapps.com https:\/\/cms.psychology.org\/ https:\/\/simple-storage-server.highereducation.com\/ https:\/\/content.cmn.com data:;  script-src-elem 'self' 'unsafe-inline' https:\/\/content.cmn.com\/ https:\/\/js-agent.newrelic.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.google-analytics.com\/ https:\/\/sb.scorecardresearch.com https:\/\/www.edx.org\/beam.js","count":6},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:","count":6},{"content-security-policy-report-only":" default-src https: wss: data: blob:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data: blob:; font-src https: data:; worker-src blob:; report-uri \/csp-report","count":6},{"content-security-policy-report-only":" img-src https: blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.fcl.cloud https:\/\/*.flightcentre.com https:\/\/*.flightcentre.com.au https:\/\/*.flightcentre.co.nz https:\/\/*.flightcentre.co.za https:\/\/*.flightcentre.ca https:\/\/*.flightcentre.co.uk https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/www.youtube.com https:\/\/*.fullstory.com https:\/\/vxml4.plavxml.com https:\/\/*.nr-data.net https:\/\/*.usabilla.com http:\/\/*.usabilla.com https:\/\/*.newrelic.com https:\/\/d6tizftlrpuof.cloudfront.net https:\/\/cdnjs.cloudflare.com https:\/\/cdn.optimizely.com https:\/\/*.outbrain.com https:\/\/analytics.tiktok.com https:\/\/bat.bing.com https:\/\/cdn.abrankings.com https:\/\/connect.facebook.net https:\/\/edge.fullstory.com https:\/\/loader.wisepops.com https:\/\/wisepops.net https:\/\/s.pinimg.com https:\/\/snap.licdn.com https:\/\/googleads.g.doubleclick.net https:\/\/accounts.google.com https:\/\/*.pinterest.com https:\/\/*.evergage.com https:\/\/js.adsrvr.org https:\/\/static.criteo.net https:\/\/flightcentre-webchat.gotbot.co.za https:\/\/7226714.collect.igodigital.com https:\/\/cdn.pdst.fm https:\/\/*.hotjar.com https:\/\/tr.snapchat.com https:\/\/*.feefo.com https:\/\/koi-3qn5erhpry.marketingautomation.services https:\/\/cdn.jsdelivr.net https:\/\/*.stackla.com https:\/\/cdn.cookielaw.org https:\/\/sc-static.net https:\/\/developer.livehelpnow.net https:\/\/cdn.evgnet.com https:\/\/maps.googleapis.com https:\/\/sdk.joinsherpa.io https:\/\/cdn.wisepops.com https:\/\/*.quantserve.com https:\/\/*.livechatinc.com https:\/\/flightcentre.r-cubed.co.uk https:\/\/rules.quantcount.com https:\/\/*.criteo.com https:\/\/code.jquery.com https:\/\/*.creativecdn.com https:\/\/*.rokt.com https:\/\/*.mypurecloud.com.au https:\/\/s.yimg.com https:\/\/sp.analytics.yahoo.com *.feroot.com https:\/\/*.taboola.com https:\/\/*.redditstatic.com https:\/\/*.reddit.com; style-src 'unsafe-inline' 'self' https:\/\/fonts.googleapis.com https:\/\/register.feefo.com https:\/\/cdn.cookielaw.org https:\/\/d6tizftlrpuof.cloudfront.net; connect-src https:\/\/*.fcl.cloud wss:\/\/*.fcl.cloud https:\/\/*.flightcentre.com https:\/\/*.flightcentre.com.au https:\/\/*.flightcentre.co.nz https:\/\/*.flightcentre.co.za https:\/\/*.flightcentre.ca https:\/\/*.flightcentre.co.uk https:\/\/*.fclmedia.com https:\/\/fcl-sydney-geo-7.ent.ap-southeast-2.aws.found.io https:\/\/flowise-dev.dse.fctg.global https:\/\/*.launchdarkly.com https:\/\/*.optimizely.com *.nr-data.net https:\/\/*.fullstory.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.google.com.au https:\/\/*.google.ca https:\/\/*.google.co.nz https:\/\/*.google.co.za https:\/\/*.google.co.uk https:\/\/*.evergage.com https:\/\/analytics.tiktok.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/analytics.pangle-ads.com https:\/\/*.pinterest.com https:\/\/*.linkedin.com https:\/\/*.outbrain.com https:\/\/*.g.doubleclick.net https:\/\/wisepops.net https:\/\/*.wisepops.com https:\/\/*.feefo.com https:\/\/cdn.cookielaw.org https:\/\/developer.livehelpnow.net https:\/\/*.snapchat.com https:\/\/www.facebook.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/*.onetrust.com https:\/\/flightcentre.r-cubed.co.uk https:\/\/adservice.google.com https:\/\/www.google.com https:\/\/analytics.google.com https:\/\/www.googleadservices.com https:\/\/*.browser-intake-datadoghq.com https:\/\/*.criteo.com https:\/\/*.usabilla.com https:\/\/*.creativecdn.com https:\/\/*.mypurecloud.com.au wss:\/\/*.mypurecloud.com.au https:\/\/*.salesforce.com https:\/\/d1nojfewl3tku3.cloudfront.net\/assets https:\/\/maps.googleapis.com https:\/\/s.yimg.com *.feroot.com https:\/\/insight.adsrvr.org https:\/\/*.taboola.com https:\/\/*.reddit.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' wss:\/\/*.flightcentre.com.au:*; font-src https: blob: data:; frame-ancestors 'self'; report-uri \/api\/csp_report","count":6},{"content-security-policy-report-only":" default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; connect-src * data: blob: 'unsafe-inline'; frame-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; media-src * data: blob: 'unsafe-inline'; object-src * data: blob: 'unsafe-inline';","count":6},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com data: *.vimeo.com *.afip.gob.ar *.google.com *.doubleclick.net *.cloudfront.net *.getblue.io *.mercadopago.com.ar *.mercadopago.com.uy *.mercadopago.com.co *.mercadopago.com.pe *.mercadopago.cl *.zdassets.com https:\/\/www.google.com.ar https:\/\/analytics.tiktok.com https:\/\/www.google.com https:\/\/track-icommkt.com https:\/\/scripts.icommkt.online https:\/\/bam.nr-data.net https:\/\/event.getblue.io\/ https:\/\/static-content-qas.vnforapps.com\/ https:\/\/static-content.vnforapps.com\/ *.google-analytics.com analytics.google.com https:\/\/www.googletagmanager.com https:\/\/externalassets.icommarketing.com https:\/\/www.prunenews.com https:\/\/www.clarity.ms *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * webpay3g.transbank.cl webpay3gint.transbank.cl *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.google.com *.vimeo.com *.afip.gob.ar *.google.com *.doubleclick.net *.cloudfront.net *.getblue.io *.mercadopago.com.ar *.mercadopago.com.uy *.mercadopago.com.co *.mercadopago.com.pe *.mercadopago.cl *.zdassets.com https:\/\/www.google.com.ar https:\/\/analytics.tiktok.com https:\/\/www.google.com https:\/\/track-icommkt.com https:\/\/scripts.icommkt.online https:\/\/bam.nr-data.net https:\/\/event.getblue.io\/ https:\/\/apitestenv.vnforapps.com\/ https:\/\/apiprod.vnforapps.com\/ https:\/\/static-content-qas.vnforapps.com\/ https:\/\/static-content.vnforapps.com\/ *.google-analytics.com analytics.google.com https:\/\/www.googletagmanager.com https:\/\/externalassets.icommarketing.com https:\/\/www.prunenews.com https:\/\/www.clarity.ms *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * https:\/\/live.decidir.com *.weltpixel.com *.googletagmanager.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.gstatic.com *.googleapis.com *.vimeo.com *.afip.gob.ar *.google.com *.doubleclick.net *.cloudfront.net *.getblue.io *.mercadopago.com.ar *.mercadopago.com.uy *.mercadopago.com.co *.mercadopago.com.pe *.mercadopago.cl *.zdassets.com https:\/\/www.google.com.ar https:\/\/analytics.tiktok.com https:\/\/www.google.com https:\/\/track-icommkt.com https:\/\/scripts.icommkt.online https:\/\/bam.nr-data.net https:\/\/event.getblue.io\/ https:\/\/static-content-qas.vnforapps.com\/ https:\/\/static-content.vnforapps.com\/ *.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/externalassets.icommarketing.com https:\/\/www.prunenews.com https:\/\/www.clarity.ms *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.googletagmanager.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.vimeo.com *.afip.gob.ar *.google.com *.doubleclick.net *.cloudfront.net *.getblue.io *.mercadopago.com.ar *.mercadopago.com.uy *.mercadopago.com.co *.mercadopago.com.pe *.mercadopago.cl *.zdassets.com https:\/\/www.google.com.ar https:\/\/analytics.tiktok.com https:\/\/www.google.com https:\/\/track-icommkt.com https:\/\/scripts.icommkt.online https:\/\/bam.nr-data.net https:\/\/event.getblue.io\/ https:\/\/apitestenv.vnforapps.com\/ https:\/\/apiprod.vnforapps.com\/ https:\/\/static-content-qas.vnforapps.com\/ https:\/\/static-content.vnforapps.com\/ *.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/externalassets.icommarketing.com https:\/\/www.prunenews.com https:\/\/www.clarity.ms *.avada.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/live.decidir.com https:\/\/developers.decidir.com\/ *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.fontawesome.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com unsafe-inline assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io *.googleapis.com *.vimeo.com *.afip.gob.ar *.google.com *.doubleclick.net *.cloudfront.net *.getblue.io *.mercadopago.com.ar *.mercadopago.com.uy *.mercadopago.com.co *.mercadopago.com.pe *.mercadopago.cl *.zdassets.com https:\/\/www.google.com.ar https:\/\/analytics.tiktok.com https:\/\/www.google.com https:\/\/track-icommkt.com https:\/\/scripts.icommkt.online https:\/\/bam.nr-data.net https:\/\/event.getblue.io\/ https:\/\/apitestenv.vnforapps.com\/ https:\/\/apiprod.vnforapps.com\/ https:\/\/static-content-qas.vnforapps.com\/ https:\/\/static-content.vnforapps.com\/ *.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/externalassets.icommarketing.com https:\/\/www.prunenews.com https:\/\/www.clarity.ms https:\/\/get.geojs.io *.avada.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com https:\/\/live.decidir.com https:\/\/developers.decidir.com\/ *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.run.app https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":6},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'report-sample' https:\/\/*.nr-data.net https:\/\/*.intellimizeditor.com https:\/\/intellimizeditor.com https:\/\/cdn.intellimize.co https:\/\/ajax.googleapis.com https:\/\/ajax.cloudflare.com https:\/\/analytics.twitter.com https:\/\/api.intellimize.co https:\/\/app-abk.marketo.com https:\/\/audience.nrich.ai https:\/\/bat.bing.com https:\/\/boards.greenhouse.io https:\/\/cdn.ampproject.org https:\/\/cdn.cookielaw.org https:\/\/cdn.onesignal.com https:\/\/cdnjs.cloudflare.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/js-agent.newrelic.com https:\/\/js.chilipiper.com https:\/\/maps.googleapis.com https:\/\/munchkin.marketo.net https:\/\/onesignal.com https:\/\/player.vimeo.com https:\/\/s.yimg.com https:\/\/sc.lfeeder.com https:\/\/script.crazyegg.com https:\/\/script.hotjar.com https:\/\/secure.esignlive.com https:\/\/secure.onespan.com https:\/\/serve.nrich.ai https:\/\/ssl.google-analytics.com https:\/\/snap.licdn.com https:\/\/static.ads-twitter.com https:\/\/static.cloudflareinsights.com https:\/\/static.hotjar.com https:\/\/tag.demandbase.com https:\/\/tag.nrich.ai https:\/\/tpc.googlesyndication.com https:\/\/translate.google.com https:\/\/tribl.io https:\/\/www.clarity.ms https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/www.youtube.com https:\/\/d41.co https:\/\/*.d41.co https:\/\/embed.ustudio.com https:\/\/asana-user-private-us-east-1.s3.us-east-1.amazonaws.com https:\/\/id.rlcdn.com https:\/\/scout-cdn.salesloft.com https:\/\/tracking.g2crowd.com https:\/\/j.6sc.co https:\/\/view.ceros.com https:\/\/app.leandata.com https:\/\/js.zi-scripts.com https:\/\/ws-assets.zoominfo.com https:\/\/optimize.google.com https:\/\/www.googleoptimize.com\/ https:\/\/extend.vimeocdn.com https:\/\/code.highcharts.com https:\/\/cdn.bizible.com https:\/\/www.vimeo.com https:\/\/vimeo.com https:\/\/cdn.jsdelivr.net blob: https:\/\/www.g2.com https:\/\/challenges.cloudflare.com\/ https:\/\/unpkg.com\/ https:\/\/cdn.ckeditor.com\/ https:\/\/js.qualified.com https:\/\/*.qualified.com; style-src 'self' 'report-sample' https:\/\/app-abk.marketo.com https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com https:\/\/js.chilipiper.com\/ https:\/\/onesignal.com https:\/\/secure.onespan.com https:\/\/tag.demandbase.com https:\/\/translate.googleapis.com https:\/\/tribl.io https:\/\/use.fontawesome.com https:\/\/cdn.jsdelivr.net https:\/\/optimize.google.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/unpkg.com\/ https:\/\/*.qualified.com; form-action 'self'; frame-ancestors 'self'; base-uri 'self'; object-src 'none'; connect-src 'self' https:\/\/*.clarity.ms https:\/\/*.company-target.com https:\/\/*.nr-data.net https:\/\/308-zmt-742.mktoresp.com https:\/\/308-zmt-742.mktoutil.com https:\/\/adservice.google.com https:\/\/analytics.google.com https:\/\/api.chilipiper.com https:\/\/api.intellimize.co https:\/\/audience.nrich.ai https:\/\/bat.bing.com https:\/\/cdn.cookielaw.org https:\/\/in.hotjar.com https:\/\/log.intellimize.co https:\/\/maps.googleapis.com https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/s.yimg.com https:\/\/secure.onespan.com https:\/\/serve.nrich.ai https:\/\/stats.g.doubleclick.net https:\/\/tag.nrich.ai https:\/\/tracking.chilipiper.com https:\/\/translate.googleapis.com https:\/\/vc.hotjar.io https:\/\/*.hotjar.com wss:\/\/*.hotjar.com https:\/\/cdn.linkedin.oribi.io https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/app.leandata.com https:\/\/js.zi-scripts.com https:\/\/ws.zoominfo.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/cs.lf-discover.com https:\/\/*.d41.co https:\/\/d41.co https:\/\/se-services.intellimize.co https:\/\/*.salesloft.com https:\/\/*.6sc.co https:\/\/secure.adnxs.com\/ https:\/\/content.hotjar.io https:\/\/metrics.hotjar.io https:\/\/epsilon.6sense.com https:\/\/px.ads.linkedin.com https:\/\/*.6sense.com https:\/\/tracking.g2crowd.com https:\/\/tracking-api.production.g2.com https:\/\/tracking-api.g2.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/geolocation.onetrust.com https:\/\/app.qualified.com\/ wss:\/\/ws8.qualified.com\/ https:\/\/*.qualified.com wss:\/\/*.qualified.com https:\/\/cdn.jsdelivr.net; font-src 'self' https:\/\/cdnjs.cloudflare.com https:\/\/fonts.gstatic.com https:\/\/use.fontawesome.com https:\/\/js.qualified.com https:\/\/*.qualified.com; child-src https:\/\/*.qualified.com; frame-src https:\/\/*.esignlive.com\/ https:\/\/*.onespan.com https:\/\/api.intellimize.co https:\/\/app.intellimize.co https:\/\/*.intellimizeio.com https:\/\/onespan.chilipiper.com https:\/\/apps.chilipiper.com https:\/\/app-abk.marketo.com https:\/\/bid.g.doubleclick.net https:\/\/boards.greenhouse.io https:\/\/player.vimeo.com https:\/\/sandbox.esignlive.com https:\/\/secure.onespan.com https:\/\/test.api.intellimize.co https:\/\/tpc.googlesyndication.com https:\/\/tribl.io https:\/\/vars.hotjar.com https:\/\/vimeo.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.youtube-nocookie.com https:\/\/*.youtube.com https:\/\/youtube.com https:\/\/*.prod.acquia-sites.com https:\/\/embed.ustudio.com\/ https:\/\/view.ceros.com\/ https:\/\/app.leandata.com https:\/\/optimize.google.com https:\/\/webikeo.fr\/ https:\/\/td.doubleclick.net\/ https:\/\/job-boards.greenhouse.io\/ https:\/\/www.g2.com\/ https:\/\/challenges.cloudflare.com\/ https:\/\/app.qualified.com\/ https:\/\/*.qualified.com; img-src 'self' data: blob: https:\/\/*.qualified.com; manifest-src 'self'; media-src https:\/\/assets.qualified.com https:\/\/*.qualified.com mediastream: https:\/\/*.onespan.com; worker-src 'self' blob:;","count":6},{"content-security-policy-report-only":" default-src 'self' fonts.gstatic.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com ctrack.trafficjunky.net geo-tracker.smadex.com 'self' https:\/\/newassets.hcaptcha.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.googletagmanager.com mc.yandex.ru *.google-analytics.com *.youtube.com mc.yandex.com mc.yandex.ru *.google.com *.gstatic.com *.mightytips.com my.rtmark.net *.hybrid.ai https:\/\/*.g.doubleclick.net ctrack.trafficjunky.net geo-tracker.smadex.com;img-src * data:;font-src 'self' fonts.gstatic.com;connect-src 'self' *.customer.io *.youtube.com mc.yandex.ru *.clariti.ws *.analytics.google.com *.google-analytics.com doubleclick.net *.googletagmanager.com mc.yandex.com mc.yandex.ru mc.yandex.md yandexmetrica.com *.mightytips.com https:\/\/*.g.doubleclick.net ctrack.trafficjunky.net geo-tracker.smadex.com https:\/\/analytics.google.com;frame-src 'self' *.youtube.com *.instagram.com *.twitter.com *.yandex.com *.google.com my.rtmark.net *.hybrid.ai https:\/\/*.g.doubleclick.net ctrack.trafficjunky.net geo-tracker.smadex.com 'self' https:\/\/newassets.hcaptcha.com;script-src-elem 'self' 'unsafe-inline' *.instagram.com *.googletagmanager.com *.yandex.ru *.google-analytics.com *.twitter.com *.youtube.com mc.yandex.com *.google.com *.gstatic.com mc.yandex.ru *.mightytips.com my.rtmark.net *.hybrid.ai https:\/\/*.g.doubleclick.net ctrack.trafficjunky.net geo-tracker.smadex.com track.trackingtraffo.com https:\/\/www.hcaptcha.com\/1\/api.js;frame-ancestors 'self';report-uri \/cspreport.php","count":6},{"content-security-policy-report-only":" script-src 'self'; object-src 'self'; report-to csp-endpoint;","count":6},{"content-security-policy-report-only":" default-src https:; connect-src https: wss:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' *.google.com fonts.googleapis.com static.pazaruvaj.com unpkg.com api.mapbox.com cdn.jsdelivr.net geowidget.easypack24.net maxcdn.bootstrapcdn.com ssl.ceneo.pl s.kk-resources.com elnino.daktela.com www.wiarygodneopinie.pl ts.tradetracker.net cdn.foxentry.cz www.parfemy-elnino.cz geowidget.inpost.pl www.googletagmanager.com smartsuppcdn.com *.demandware.net; object-src 'self'; img-src 'self' https: data:; font-src https: data:; frame-ancestors 'self' *.creativecdn.com *.hotjar.com *.googletagmanager.com; report-uri https:\/\/elnino.report-uri.com\/r\/d\/csp\/enforce","count":6},{"content-security-policy-report-only":" base-uri 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; report-uri \/csp-report; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: ivi.ru *.ivi.ru ivi.tv *.ivi.tv turkdizi.com *.turkdizi.com turk.ivi.tv s3.pub.ivi.ru *.dfs.ivi.ru google.com *.google.com gstatic.com *.gstatic.com googletagmanager.com *.googletagmanager.com *.googleapis.com googlesyndication.com *.googlesyndication.com google-analytics.com *.google-analytics.com doubleclick.net *.doubleclick.net cm.g.doubleclick.net *.googleadservices.com www.googlecommerce.com yandex.ru *.yandex.ru yandex.net *.yandex.net yandex.st *.yandex.st yastat.net *.yastat.net yastatic.net *.yastatic.net yandex.com *.yandex.com yandexcloud.net *.yandexcloud.net yandex.by *.yandex.by yandex.kz *.yandex.kz impression.appmetrica.yandex.com mail.ru *.mail.ru tns-counter.ru *.tns-counter.ru doubleverify.com *.doubleverify.com s0.2mdn.net adriver.ru *.adriver.ru statad.ru *.statad.ru targetads.io *.targetads.io flocktory.com *.flocktory.com getshop.tv *.getshop.tv *.clarity.ms *.hotjar.com adfox.ru *.adfox.ru adsafeprotected.com *.adsafeprotected.com 5visions.com *.5visions.com adjust.com *.adjust.com ozon.ru *.ozon.ru bridgertb.tech *.bridgertb.tech serving-sys.ru *.serving-sys.ru cmediahub.ru *.cmediahub.ru weborama-tech.ru *.weborama-tech.ru digitaltarget.ru *.digitaltarget.ru mhverifier.ru *.mhverifier.ru adlooxtracking.ru *.adlooxtracking.ru adlooxtracking.com *.adlooxtracking.com telecid.ru *.telecid.ru tele2.ru *.tele2.ru telecomid.ru *.telecomid.ru teletarget.ru *.teletarget.ru cdnvideo.ru *.cdnvideo.ru beeline.ru *.beeline.ru moe.video *.moe.video otm-r.com *.otm-r.com punchmedia.ru *.punchmedia.ru skwstat.ru *.skwstat.ru stbid.ru *.stbid.ru videonow.ru *.videonow.ru utraff.com *.utraff.com acint.net *.acint.net betweendigital.com *.betweendigital.com betweendigital.ads.com lentainform.com *.lentainform.com code.moviead55.ru moviead55.ru cs-0.moevideo.biz moevideo.biz buzzoola.com *.buzzoola.com uma.media *.uma.media appsflyer.com *.appsflyer.com instreamvideo.ru *.instreamvideo.ru mobilebanner.ru *.mobilebanner.ru admetrica.ru *.admetrica.ru prodmp.ru *.prodmp.ru sync.adspend.space reichelcormier.bid *.reichelcormier.bid secure.adnxs.com adnxs.com ohmy.bid *.ohmy.bid ssl.hurra.com hurra.com bidvol.com *.bidvol.com adstreamer.ru *.adstreamer.ru adkernel.com *.adkernel.com sync.dmp.otm-r.com republer.com sync.republer.com sync.viadata.store viadata.store sync.viavideo.digital viavideo.digital wi-fi.ru *.wi-fi.ru tms.dmp.wi-fi.ru track.rutarget.ru rutarget.ru impressions.onelink.me onelink.me px170.mediahills.ru mediahills.ru mts.ru *.mts.ru sa.rtb.mts.ru digital-alliance.tech *.digital-alliance.tech admon.pro *.admon.pro adhight.net *.adhight.net getads.ru *.getads.ru vk.com *.vk.com connect.facebook.net facebook.com *.facebook.com *.skcrtxr.com api.mindbox.ru simbad.pro taglitics.com creatives.afp.ai cdn.al-adtech.com cdn.jsdelivr.net *.criteo.com image.sendsay.ru snap.licdn.com dap.digitalgov.gov bat.bing.com www.artfut.com cdn.cookielaw.org static.ads-twitter.com s.pinimg.com cdn-cookieyes.com cdn.taboola.com www.redditstatic.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' blob: data: ivi.ru *.ivi.ru ivi.tv *.ivi.tv turkdizi.com *.turkdizi.com turk.ivi.tv s3.pub.ivi.ru *.dfs.ivi.ru google.com *.google.com gstatic.com *.gstatic.com googletagmanager.com *.googletagmanager.com *.googleapis.com googlesyndication.com *.googlesyndication.com google-analytics.com *.google-analytics.com doubleclick.net *.doubleclick.net cm.g.doubleclick.net *.googleadservices.com www.googlecommerce.com yandex.ru *.yandex.ru yandex.net *.yandex.net yandex.st *.yandex.st yastat.net *.yastat.net yastatic.net *.yastatic.net yandex.com *.yandex.com yandexcloud.net *.yandexcloud.net yandex.by *.yandex.by yandex.kz *.yandex.kz impression.appmetrica.yandex.com mail.ru *.mail.ru tns-counter.ru *.tns-counter.ru doubleverify.com *.doubleverify.com s0.2mdn.net adriver.ru *.adriver.ru statad.ru *.statad.ru targetads.io *.targetads.io flocktory.com *.flocktory.com getshop.tv *.getshop.tv *.clarity.ms *.hotjar.com adfox.ru *.adfox.ru adsafeprotected.com *.adsafeprotected.com 5visions.com *.5visions.com adjust.com *.adjust.com ozon.ru *.ozon.ru bridgertb.tech *.bridgertb.tech serving-sys.ru *.serving-sys.ru cmediahub.ru *.cmediahub.ru weborama-tech.ru *.weborama-tech.ru digitaltarget.ru *.digitaltarget.ru mhverifier.ru *.mhverifier.ru adlooxtracking.ru *.adlooxtracking.ru adlooxtracking.com *.adlooxtracking.com telecid.ru *.telecid.ru tele2.ru *.tele2.ru telecomid.ru *.telecomid.ru teletarget.ru *.teletarget.ru cdnvideo.ru *.cdnvideo.ru beeline.ru *.beeline.ru moe.video *.moe.video otm-r.com *.otm-r.com punchmedia.ru *.punchmedia.ru skwstat.ru *.skwstat.ru stbid.ru *.stbid.ru videonow.ru *.videonow.ru utraff.com *.utraff.com acint.net *.acint.net betweendigital.com *.betweendigital.com betweendigital.ads.com lentainform.com *.lentainform.com code.moviead55.ru moviead55.ru cs-0.moevideo.biz moevideo.biz buzzoola.com *.buzzoola.com uma.media *.uma.media appsflyer.com *.appsflyer.com instreamvideo.ru *.instreamvideo.ru mobilebanner.ru *.mobilebanner.ru admetrica.ru *.admetrica.ru prodmp.ru *.prodmp.ru sync.adspend.space reichelcormier.bid *.reichelcormier.bid secure.adnxs.com adnxs.com ohmy.bid *.ohmy.bid ssl.hurra.com hurra.com bidvol.com *.bidvol.com adstreamer.ru *.adstreamer.ru adkernel.com *.adkernel.com sync.dmp.otm-r.com republer.com sync.republer.com sync.viadata.store viadata.store sync.viavideo.digital viavideo.digital wi-fi.ru *.wi-fi.ru tms.dmp.wi-fi.ru track.rutarget.ru rutarget.ru impressions.onelink.me onelink.me px170.mediahills.ru mediahills.ru mts.ru *.mts.ru sa.rtb.mts.ru digital-alliance.tech *.digital-alliance.tech admon.pro *.admon.pro adhight.net *.adhight.net getads.ru *.getads.ru vk.com *.vk.com connect.facebook.net facebook.com *.facebook.com *.skcrtxr.com api.mindbox.ru simbad.pro taglitics.com creatives.afp.ai cdn.al-adtech.com cdn.jsdelivr.net *.criteo.com image.sendsay.ru snap.licdn.com dap.digitalgov.gov bat.bing.com www.artfut.com cdn.cookielaw.org static.ads-twitter.com s.pinimg.com cdn-cookieyes.com cdn.taboola.com www.redditstatic.com *.ahrefs.com *.alicdn.com *.tiktok.com *.amazonaws.com *.cloudflare.com cdn.amplitude.com cdn.segment.com cdn.branch.io app.usercentrics.eu app.termly.io cdn.walkme.com s.go-mpulse.net cdn.moengage.com cdn.omniconvert.com siteimproveanalytics.com edge.fullstory.com cdn.rutarget.ru sb.scorecardresearch.com secure.quantserve.com c.amazon-adsystem.com cdn.mxpnl.com cdn.userway.org kp.apiget.ru static.pro-bm7.ru rus.glbbars.com api.cpatext.ru widgets.101apis.com images.uc.cn cdn.browsiprod.com unpkg.zhimg.com s.yimg.jp","count":5},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/*.dynatrace.com https:\/\/*.cookielaw.org https:\/\/*.usersnap.com https:\/\/*.calibermind.com https:\/\/*.hotjar.com https:\/\/*.googletagmanager.com https:\/\/*.b0e8.com https:\/\/*.doubleclick.net https:\/\/*.bing.com https:\/\/*.licdn.com https:\/\/*.redditstatic.com https:\/\/*.6sc.co https:\/\/*.influ2.com https:\/\/*.zoominfo.com https:\/\/*.d41.co https:\/\/*.stackadapt.com https:\/\/*.marketo.net; style-src 'self' 'unsafe-inline' https:\/\/*.cookielaw.org https:\/\/cdnjs.cloudflare.com; img-src 'self' data: https:\/\/*.dynatrace.com https:\/\/dt-cdn.net https:\/\/*.cookielaw.org https:\/\/*.reddit.com https:\/\/*.google.com https:\/\/*.google.at https:\/\/*.linkedin.com https:\/\/*.bing.com https:\/\/*.6sc.co; font-src 'self' data:; connect-src 'self' https:\/\/*.dynatrace.com https:\/\/*.bc0a.com https:\/\/*.cookielaw.org https:\/\/*.calibermind.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/unpkg.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.doubleclick.net https:\/\/*.bing.com https:\/\/*.linkedin.com https:\/\/*.reddit.com https:\/\/*.stackadapt.com https:\/\/*.6sc.co https:\/\/*.adnxs.com https:\/\/*.influ2.com https:\/\/*.d41.co https:\/\/*.mktoresp.com https:\/\/*.zoominfo.com; frame-src 'self' https:\/\/*.googletagmanager.com https:\/\/*.youtube.com https:\/\/*.youtube-nocookie.com https:\/\/*.doubleclick.net; frame-ancestors 'self' *.dynatrace.org *.dynatrace.com *.dynatrace.cn; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'","count":5},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/domain-registry","count":5},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.akstat.io p11.techlab-cdn.com trial-eum-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net c.go-mpulse.net s.go-mpulse.net *.algolianet.com us5azow6i2-dsn.algolia.net xfoi9ebbhr-dsn.algolia.net secure.adnxs.com bat.bing.com bat.bing.net d.btttag.com pearson3283191z.btttag.com pearson.blueconic.net pearson.sb.blueconic.net api.company-target.com s.company-target.com tag-logger.demandbase.com tag.demandbase.com googleads.g.doubleclick.net ad.doubleclick.net td.doubleclick.net *.fls.doubleclick.net connect.facebook.net analytics.formassembly.com pearson.tfaforms.net ade.googlesyndication.com fonts.gstatic.com pagead2.googlesyndication.com fonts.googleapis.com region1.google-analytics.com static.hotjar.com utt.impactcdn.com cdn.jsdelivr.net app.launchdarkly.com px.ads.linkedin.com snap.licdn.com i.liadm.com cdn.cookielaw.org bam.nr-data.net js-agent.newrelic.com geolocation.onetrust.com privacyportal-de.onetrust.com *.pearson.com pearson.com cdn.pdst.fm a.quora.com q.quora.com tag.rmp.rakuten.com alb.reddit.com pixel-config.reddit.com www.redditstatic.com pi.pardot.com sc-static.sc-static.net tr.snapchat.com tr6.snapchat.com pixels.spotify.com analytics-ipv6.tiktokw.us analytics.tiktok.com insight.adsrvr.org js.adsrvr.org static.ads-twitter.com analytics.twitter.com t.t.co pearson.esaas.inmoment.eu pearson.mcxplatform.de *.visualwebsiteoptimizer.com img.youtube.com pearson--projects.sandbox.my.site.com; frame-ancestors 'none';","count":5},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/*.yahooinc.com; object-src 'none'; script-src 'none'; report-uri https:\/\/csp.yahoo.com\/beacon\/csp?src=yahooinc;","count":5},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/dock.ui.bosch.tech https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/btm.bosch.com https:\/\/www.youtube.com https:\/\/maps.google.com; style-src 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/search.internet.bosch.com https:\/\/bosch-i3-caas-api.e-spirit.cloud https:\/\/*.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/endpoint.chatbot-suite.bosch.tech https:\/\/maps.googleapis.com https:\/\/btm.bosch.com https:\/\/cx.bosch-so.com https:\/\/dock.ui.bosch.tech; font-src 'self' https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/www.youtube-nocookie.com https:\/\/www.youtube.com https:\/\/crdostaticwebsite337215.z6.web.core.windows.net https:\/\/crdopublicationswebsite.z6.web.core.windows.net; img-src 'self' data: https:\/\/assets.bosch.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/i.ytimg.com https:\/\/maps.google.com https:\/\/maps.gstatic.com; manifest-src 'self'; media-src 'self' https:\/\/assets.bosch.com; style-src-elem 'self' 'unsafe-inline' https:\/\/btm.bosch.com https:\/\/fonts.googleapis.com https:\/\/webchatplugins.blob.core.windows.net; worker-src 'none'; report-uri https:\/\/o4508243129991168.ingest.de.sentry.io\/api\/4508243155288144\/security\/?sentry_key=2f9480313f00b63a26560fd685315765; report-to csp-endpoint","count":5},{"content-security-policy-report-only":" object-src 'none'; script-src * 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src * 'report-sample' 'unsafe-inline'; webrtc 'block'; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":5},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/ajax.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net https:\/\/accounts.google.com https:\/\/maps.googleapis.com https:\/\/connect.facebook.net https:\/\/analytics.tiktok.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/pixel.byspotify.com https:\/\/bat.bing.com https:\/\/*.criteo.com https:\/\/*.criteo.net https:\/\/s.axon.ai https:\/\/res4.applovin.com https:\/\/js.stripe.com https:\/\/www.paypal.com https:\/\/js.braintreegateway.com https:\/\/static-na.payments-amazon.com https:\/\/cdn1.affirm.com https:\/\/sdk.helloextend.com https:\/\/appleid.cdn-apple.com https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com https:\/\/www.roomvo.com https:\/\/*.bazaarvoice.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/p.typekit.net https:\/\/accounts.google.com https:\/\/*.bazaarvoice.com; img-src 'self' data: https:; font-src 'self' data: https:\/\/assets.rugimg.com https:\/\/fonts.gstatic.com https:\/\/p.typekit.net; frame-src https:\/\/player.vimeo.com https:\/\/www.youtube.com https:\/\/showroom.aftermkt.com https:\/\/account.rugs.com https:\/\/www.emjcd.com https:\/\/www.google.com https:\/\/accounts.google.com https:\/\/www.facebook.com https:\/\/ct.pinterest.com https:\/\/*.criteo.com https:\/\/*.criteo.net https:\/\/js.stripe.com https:\/\/www.paypal.com https:\/\/static-na.payments-amazon.com https:\/\/www.roomvo.com; connect-src 'self' https:; media-src 'self' https:\/\/assets.rugimg.com; worker-src 'self' blob:","count":5},{"content-security-policy-report-only":" default-src 'self' *.unrealengine.com *.epicgames.com *.epicgames.net cdn.cookielaw.org *.hcaptcha.com sentry.io *.youtube-nocookie.com epicgames-privacy.my.onetrust.com cloudflare.epicgamescdn.com *.launchdarkly.com player.vimeo.com edc-cdn.net cdn2.unrealengine.com maps.googleapis.com us-west-2-epicgames.graphassets.com d1ap1mz92jnks1.cloudfront.net cdnjs.cloudflare.com d3kjluh73b9h9o.cloudfront.net img.edc-cdn.net cdn1.epicgames.com connect.facebook.net *.realityscan.com kidsafe.com; style-src 'self' 'unsafe-inline' wasm-eval: fonts.googleapis.com *.unrealengine.com *.epicgames.com *.epicgames.net cdn.cookielaw.org *.hcaptcha.com sentry.io *.youtube-nocookie.com epicgames-privacy.my.onetrust.com cloudflare.epicgamescdn.com *.launchdarkly.com player.vimeo.com edc-cdn.net cdn2.unrealengine.com maps.googleapis.com us-west-2-epicgames.graphassets.com d1ap1mz92jnks1.cloudfront.net cdnjs.cloudflare.com d3kjluh73b9h9o.cloudfront.net img.edc-cdn.net cdn1.epicgames.com connect.facebook.net *.realityscan.com kidsafe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.unrealengine.com *.epicgames.com *.epicgames.net cdn.cookielaw.org *.hcaptcha.com sentry.io *.youtube-nocookie.com epicgames-privacy.my.onetrust.com cloudflare.epicgamescdn.com *.launchdarkly.com player.vimeo.com edc-cdn.net cdn2.unrealengine.com maps.googleapis.com us-west-2-epicgames.graphassets.com d1ap1mz92jnks1.cloudfront.net cdnjs.cloudflare.com d3kjluh73b9h9o.cloudfront.net img.edc-cdn.net cdn1.epicgames.com connect.facebook.net *.realityscan.com kidsafe.com; script-src-elem 'self' 'unsafe-inline' blob: *.unrealengine.com *.epicgames.com *.epicgames.net cdn.cookielaw.org *.hcaptcha.com sentry.io *.youtube-nocookie.com epicgames-privacy.my.onetrust.com cloudflare.epicgamescdn.com *.launchdarkly.com player.vimeo.com edc-cdn.net cdn2.unrealengine.com maps.googleapis.com us-west-2-epicgames.graphassets.com d1ap1mz92jnks1.cloudfront.net cdnjs.cloudflare.com d3kjluh73b9h9o.cloudfront.net img.edc-cdn.net cdn1.epicgames.com connect.facebook.net *.realityscan.com kidsafe.com; font-src 'self' data: fonts.gstatic.com *.unrealengine.com *.epicgames.com *.epicgames.net cdn.cookielaw.org *.hcaptcha.com sentry.io *.youtube-nocookie.com epicgames-privacy.my.onetrust.com cloudflare.epicgamescdn.com *.launchdarkly.com player.vimeo.com edc-cdn.net cdn2.unrealengine.com maps.googleapis.com us-west-2-epicgames.graphassets.com d1ap1mz92jnks1.cloudfront.net cdnjs.cloudflare.com d3kjluh73b9h9o.cloudfront.net img.edc-cdn.net cdn1.epicgames.com connect.facebook.net *.realityscan.com kidsafe.com; connect-src 'self' data: maps.googleapis.com cdnml.global-cache.online *.unrealengine.com *.epicgames.com *.epicgames.net cdn.cookielaw.org *.hcaptcha.com sentry.io *.youtube-nocookie.com epicgames-privacy.my.onetrust.com cloudflare.epicgamescdn.com *.launchdarkly.com player.vimeo.com edc-cdn.net cdn2.unrealengine.com maps.googleapis.com us-west-2-epicgames.graphassets.com d1ap1mz92jnks1.cloudfront.net cdnjs.cloudflare.com d3kjluh73b9h9o.cloudfront.net img.edc-cdn.net cdn1.epicgames.com connect.facebook.net *.realityscan.com kidsafe.com; frame-src 'self' data: *.unrealengine.com *.epicgames.com *.epicgames.net cdn.cookielaw.org *.hcaptcha.com sentry.io *.youtube-nocookie.com epicgames-privacy.my.onetrust.com cloudflare.epicgamescdn.com *.launchdarkly.com player.vimeo.com edc-cdn.net cdn2.unrealengine.com maps.googleapis.com us-west-2-epicgames.graphassets.com d1ap1mz92jnks1.cloudfront.net cdnjs.cloudflare.com d3kjluh73b9h9o.cloudfront.net img.edc-cdn.net cdn1.epicgames.com connect.facebook.net *.realityscan.com kidsafe.com; frame-ancestors 'none'; img-src 'self' data: *.ytimg.com img.youtube.com maps.gstatic.com *.unrealengine.com *.epicgames.com *.epicgames.net cdn.cookielaw.org *.hcaptcha.com sentry.io *.youtube-nocookie.com epicgames-privacy.my.onetrust.com cloudflare.epicgamescdn.com *.launchdarkly.com player.vimeo.com edc-cdn.net cdn2.unrealengine.com maps.googleapis.com us-west-2-epicgames.graphassets.com d1ap1mz92jnks1.cloudfront.net cdnjs.cloudflare.com d3kjluh73b9h9o.cloudfront.net img.edc-cdn.net cdn1.epicgames.com connect.facebook.net *.realityscan.com kidsafe.com;","count":5},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; script-src-elem 'self' 'unsafe-inline' *; worker-src 'self' blob: *; style-src 'self' 'unsafe-inline' *; img-src * data: blob:; connect-src *; font-src * data:; frame-src *; object-src 'none'; frame-ancestors 'self';","count":5},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/apretailer.com.br 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.facebook.com *.facebook.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.us1.gigya.com *.openpay.mx *.openpay.co *.facebook.com *.facebook.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.opencontrol.mx *.kaptcha.com *.openpay.pe *.paynet.com.mx *.pagaleve.io *.pagaleve.com.br www.google-analytics.com unpkg.com googleads.g.doubleclick.net commerce.adobedtm.com magento-recs-sdk.adobe.net www.googleadservices.com www.gstatic.com *.google.com.br *.criteo.com *.doubleclick.net *.cloudfront.net *.nr-data.net *.enviou.com.br *.newrelic.com http:\/\/receiver.posclick.dinamize.com *.gigya-api.com *.panini.com.br https:\/\/apretailer.com.br c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net * ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com *.us1.gigya.com 'self' data: 'unsafe-inline' data: *.postimg.cc magefan.com cm.magefan.com *.facebook.com *.facebook.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.openpay.mx *.pagaleve.com.br unpkg.com commerce.adobedtm.com magento-recs-sdk.adobe.net www.gstatic.com *.google.com *.google.com.br *.panini.canto.global https:\/\/panini.canto.global *.cloudfront.net *.doubleclick.net *.g.doubleclick.net *.ivitrack.com *.bidswitch.net *.criteo.com *.nr-data.net *.enviou.com.br *.newrelic.com http:\/\/receiver.posclick.dinamize.com *.gigya-api.com *.panini.com.br https:\/\/www.gravatar.com *.googleusercontent.com https:\/\/apretailer.com.br https:\/\/cdn.aplazo.mx *.adobedtm.com *.clarity.ms https:\/\/smartbmc.com.br https:\/\/ib.adnxs.com https:\/\/r.casalemedia.com https:\/\/ads.stickyadstv.com https:\/\/ad.360yield.com https:\/\/i.liadm.com https:\/\/contextual.media.net https:\/\/exchange.mediavine.com *.bing.com https:\/\/jadserve.postrelease.com https:\/\/sync.outbrain.com https:\/\/simage2.pubmatic.com https:\/\/trends.revcontent.com https:\/\/pixel.rubiconproject.com https:\/\/rtb-csync.smartadserver.com https:\/\/sync-t1.taboola.com https:\/\/criteo-sync.teads.tv https:\/\/criteo-partners.tremorhub.com https:\/\/ade.clmbtech.com https:\/\/eb2.3lift.com https:\/\/sync.1rx.io https:\/\/gum.criteo.com https:\/\/public-prod-dspcookiematching.dmxleo.com https:\/\/www.mercadopago.cl *.agkn.com *.targeting.unrulymedia.com *.dnzdns.com *.adgrx.com *.bidr.io *.yahoo.com *.emkt.dinamize.com *.dinamize.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https:\/\/rum.hlx.page chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com *.us1.gigya.com *.facebook.com *.facebook.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.s3.amazonaws.com *.openpay.co *.openpay.pe *.google-analytics.com *.google.com\/recaptcha\/ *.gstatic.com\/recaptcha\/ *.pagaleve.com.br analytics.tiktok.com *.clarity.ms unpkg.com www.gstatic.com *.google.com.br *.vendavalida.com.br *.zdassets.com *.criteo.com *.enviou.com.br *.cloudfront.net aprtn.com http:\/\/receiver.posclick.dinamize.com *.gigya-api.com *.panini.com.br https:\/\/apretailer.com.br *.metricool.com *.hotjar.com *.bing.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.cash.app downloads.mailchimp.com 'unsafe-inline' data: *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/apretailer.com.br assets.braintreegateway.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * form-assets.mailchimp.com *.intuit.com *.amazonaws.com *.openpay.mx *.openpay.co *.facebook.com *.facebook.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.openpay.pe unpkg.com googleads.g.doubleclick.net commerce.adobedtm.com magento-recs-sdk.adobe.net www.gstatic.com *.google.com.br *.criteo.com *.vendavalida.com.br *.zendesk.com *.doubleclick.net *.us1.gigya.com *.cloudfront.net *.enviou.com.br http:\/\/receiver.posclick.dinamize.com *.gigya-api.com *.panini.com.br https:\/\/apretailer.com.br *.paniniadrenalyn.com pagead2.googlesyndication.com analytics.tiktok.com *.clarity.ms *.bing.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src bam.nr-data.net googleads.g.doubleclick.net csm.us5.us.criteo.net commerce.adobedc.net https:\/\/apretailer.com.br *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":5},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/static.klaviyo.com *.fontawesome.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/fonts.gstatic.com static.payu.com maxcdn.bootstrapcdn.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.facebook.com *.facebook.net https:\/\/www.google.com https:\/\/creativecdn.com *.weltpixel.com secure.payu.com merch-prod.snd.payu.com static.payu.com credit-widget-config.payu.com\/ landofcoder.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.wattswater.com *.backflowdirect.com *.wattswaterquality.com *.shopperapproved.com *.watts.com *.googletagmanager.com *.facebook.com *.facebook.net *.bing.com *.google.com *.clarity.ms http:\/\/www.w3.org https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.pl static.payu.com credit-widget-config.payu.com\/ magefan.com cm.magefan.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.wattswater.com *.backflowdirect.com *.wattswaterquality.com *.sirv.com *.facebook.com *.facebook.net *.klaviyo.com *.mouseflow.com *.bing.com *.adform.net *.doubleclick.net *.clarity.ms *.hotjar.com https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.dwin1.com https:\/\/googleads.g.doubleclick.net secure.payu.com secure.snd.payu.com static.payu.com credit-widget-config.payu.com\/ landofcoder.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/maxcdn.bootstrapcdn.com maxcdn.bootstrapcdn.com assets.braintreegateway.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.wattswater.com *.backflowdirect.com *.wattswaterquality.com *.googleapis.com *.facebook.com *.facebook.net *.klaviyo.com *.bing.com *.doubleclick.net *.clarity.ms *.hotjar.com https:\/\/www.facebook.com secure.payu.com merch-prod.snd.payu.com static.payu.com credit-widget-config.payu.com\/ landofcoder.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/411fcbf3-a854-402b-b3a6-331941eb1f2b.sansec.watch\/; report-to report-endpoint;","count":5},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; img-src 'self' https: data: blob: http:; script-src 'self' https: blob: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; connect-src 'self' https: wss:;","count":5},{"content-security-policy-report-only":" default-src * data: mediastream: blob: filesystem: about: ws: wss: 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline'","count":5},{"content-security-policy-report-only":" font-src www.paypalobjects.com *.relaxdays.com *.gstatic.com *.trustami.com cdn.userway.org *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' data: data: 'self' 'unsafe-inline'; form-action *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.facebook.com *.pinterest.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src *.paypal.com www.paypalobjects.com *.relaxdays.com *.youtube.com *.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.consentmanager.net *.googlesyndication.com *.youtube-nocookie.com *.facebook.com *.pinterest.com *.pinterest.de *.sibforms.com sibautomation.com *.paypalobjects.com *.googletagmanager.com cdn.userway.org *.doubleclick.net conversations-widget.brevo.com *.criteo.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com *.paypal.com *.paypalobjects.com *.relaxdays.com i.ytimg.com *.youtube.com *.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.consentmanager.net www.it-recht-kanzlei.de *.clarity.ms *.google.com *.pinimg.com *.pinterest.com *.doubleclick.net *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.gstatic.com *.googleusercontent.com *.facebook.com *.tiktok.com alb.reddit.com www.datenschutz.net *.trustami.com bat.bing.com bat.bing.net cdn.userway.org www.google.de www.google.ch www.google.at www.google.es www.google.it www.google.nl www.google.pl www.google.be www.google.sk www.google.pt www.google.fr www.google.dk www.google.se www.google.co.uk www.google.bg www.google.cz www.google.ee www.google.gr www.google.hu www.google.lv www.google.lt www.google.lu www.google.ro www.google.si www.google.ie www.google.hr www.google.fi www.google.com.mt www.google.com.cy *.criteo.com 'self' data: data: 'self' 'unsafe-inline'; script-src *.newrelic.com *.nr-data.net *.paypal.com *.paypalobjects.com s.ytimg.com *.googleapis.com *.relaxdays.com *.youtube.com *.gstatic.com *.google.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.consentmanager.net *.clarity.ms *.pinterest.com *.pinimg.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.facebook.net *.doubleclick.net *.googlesyndication.com bat.bing.com bat.bing.net bat.bing-int.com *.tiktok.com sibautomation.com *.sendinblue.com www.redditstatic.com *.trustami.com conversations-widget.brevo.com cdn.userway.org www.google.de www.google.ch www.google.at www.google.es www.google.it www.google.nl www.google.pl www.google.be www.google.sk www.google.pt www.google.fr www.google.dk www.google.se www.google.co.uk www.google.bg www.google.cz www.google.ee www.google.gr www.google.hu www.google.lv www.google.lt www.google.lu www.google.ro www.google.si www.google.ie www.google.hr www.google.fi *.criteo.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.relaxdays.com *.googletagmanager.com *.googleapis.com *.gstatic.com cdn.userway.org *.stripe.network *.stripecdn.com *.amazon.com 'self' 'unsafe-inline'; object-src *.relaxdays.com 'self' 'unsafe-inline'; media-src *.relaxdays.com 'self' 'unsafe-inline'; manifest-src *.relaxdays.com 'self' 'unsafe-inline'; connect-src *.newrelic.com *.nr-data.net *.paypal.com *.paypalobjects.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.relaxdays.com blob: *.consentmanager.net *.google.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.doubleclick.net *.googlesyndication.com google.com www.google.de www.google.ch www.google.at www.google.es www.google.it www.google.nl www.google.pl www.google.be www.google.sk www.google.pt www.google.fr www.google.dk www.google.se www.google.co.uk www.google.bg www.google.cz www.google.ee www.google.gr www.google.hu www.google.lv www.google.lt www.google.lu www.google.ro www.google.si www.google.ie www.google.hr www.google.fi *.facebook.com *.pinterest.com bat.bing.com bat.bing.net bat.bing-int.com *.tiktok.com *.sendinblue.com in-automate.brevo.com analytics.pangle-ads.com analytics-ipv6.tiktokw.us api.userway.org cdn.userway.org cmodul.solutenetwork.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/relaxdays.com\/_csp_report_; report-to report-endpoint;","count":5},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' data: blob:","count":5},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data: blob:; font-src https: data:; report-uri \/csp-report","count":5},{"content-security-policy-report-only":" font-src maxcdn.bootstrapcdn.com fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com *.authorize.net *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.google.com *.certcapture.com connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com *.authorize.net *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.certcapture.com connect.bolt.com connect-sandbox.bolt.com s3-us-west-1.amazonaws.com www.gstatic.com magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com mageside.com *.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.certcapture.com connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.kaptcha.com *.disqus.com *.authorize.net *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net https:\/\/scripts.ltv.ai 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.certcapture.com maxcdn.bootstrapcdn.com *.tagmanager.google.com *.googletagmanager.com fonts.googleapis.com 'self' 'unsafe-inline'; object-src connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com sessions.bugsnag.com *.kaptcha.com *.authorize.net www.googleapis.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":5},{"content-security-policy-report-only":" base-uri 'none'; frame-ancestors 'self'; img-src data: 'self' https:\/\/www.google-analytics.com https:\/\/cdn.rgfstaffing.be https:\/\/i.ytimg.com https:\/\/maps.googleapis.com https:\/\/vumbnail.com https:\/\/maps.gstatic.com https:\/\/img.youtube.com https:\/\/www.google.be https:\/\/cdn.startpeople.be; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/use.fontawesome.coms https:\/\/code.jquery.com https:\/\/cdn.jsdelivr.net https:\/\/consentcdn.cookiebot.com https:\/\/*.google-analytics.com https:\/\/cdn.startpeople.be https:\/\/kit.fontawesome.com https:\/\/maps.googleapis.com https:\/\/js.monitor.azure.com https:\/\/www.googletagmanager.com https:\/\/consent.cookiebot.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net; report-to csp-endpoint; report-uri https:\/\/csp-dxp.rgfstaffing.be\/csp","count":5},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com cash-f.squarecdn.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.pinterest.com *.sendcloud.sc *.jsdelivr.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net * *.trustedshops.com cdn.cookielaw.org res.cloudinary.com www.b2c-nfinity.com t.squeezely.tech cdn-icons-png.flaticon.com docker.creative-serving.com trkr.shoppingminds.net bam.nr-data.net *.googleapis.com *.etrusted.com *.pinterest.com bat.bing.com *.adyen.com *.facebook.com img.youtube.com a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org cdn.doofinder.com *.google.com *.google.co.uk *.google.ca b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com ts.tradetracker.net *.amazonaws.com blob: www.google.ge magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com www.sandbox.paypal.com www.magmodules.eu data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https:\/\/rum.hlx.page *.trustedshops.com squeezely.tech bat.bing.com *.etrusted.com *.kk-resources.com *.googleoptimize.com cdn.cookielaw.org l.getsitecontrol.com script.shoppingminds.com script.shoppingminds.net js-agent.newrelic.com bam.nr-data.net static.hotjar.com script.hotjar.com s2.getsitecontrol.com *.pinterest.com s.pinimg.com analytics.topdrinks.nl analytics.topdrinks.fr analytics.topdrinks.dk analytics.topdrinks.de analytics.topdrinks.at analytics.topdrinks.be unpkg.com cdn.jsdelivr.net commerce.adobe.net *.googletagmanager.com cdn.doofinder.com analytics.tiktok.com *.google.co.uk *.google.ca s7.addthis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com songbirdstag.cardinalcommerce.com tm.tradetracker.net *.trustpilot.com *.sendcloud.sc *.jsdelivr.net https:\/\/connect.facebook.net *.google.fr *.disqus.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.cash.app *.etrusted.com *.pinterest.com *.sendcloud.sc *.jsdelivr.net *.fontawesome.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.youtube.com youtu.be www.youtube-nocookie.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * *.google.lk analytics.topdrinks.nl ws.hotjar.com wss:\/\/ws.hotjar.com content.hotjar.io analytics.topdrinks.fr analytics.topdrinks.dk analytics.topdrinks.de analytics.topdrinks.at analytics.topdrinks.be cdn.cookielaw.org geolocation.onetrust.com *.g.doubleclick.net l.getsitecontrol.com *.shoppingminds.net *.googleapis.com bam.nr-data.net cdn1.api.trustedshops.com pay.google.com privacyportal-de.onetrust.com vc.hotjar.io events.getsitectrl.com *.etrusted.com *.pinterest.com *.adyen.com maps.googleapis.com nominatim.openstreetmap.org *.onyourmap.com *.mapbox.com *.doofinder.com wss:\/\/*.doofinder.com analytics.tiktok.com ekr.zdassets.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.google-analytics.com *.sendcloud.sc *.cdn.jsdelivr.net https:\/\/analytics.tiktok.com *.google.fr *.google.co.uk *.google.ca 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":5},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com platform.twitter.com *.trustpilot.com *.weltpixel.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com imgsct.cookiebot.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com https:\/\/resources.paytrail.com www.facebook.com pinterest.com assets.pinterest.com syndication.twitter.com flagpedia.net maps.googleapis.com maps.gstatic.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/core.helloretail.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com consent.cookiebot.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/scripts.luigisbox.com https:\/\/cdn.luigisbox.com https:\/\/live.luigisbox.com https:\/\/api.luigisbox.com *.avada.io connect.facebook.net twitter.com platform.twitter.com cdn.jsdelivr.net *.gstatic.com maps.googleapis.com applepay.cdn-apple.com *.trustpilot.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com https:\/\/static.klaviyo.com https:\/\/scripts.luigisbox.com https:\/\/cdn.luigisbox.com https:\/\/live.luigisbox.com https:\/\/api.luigisbox.com *.fontawesome.com https:\/\/fonts.bunny.net cdn.jsdelivr.net maxcdn.bootstrapcdn.com *.gstatic.com applepay.cdn-apple.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/core.helloretail.com https:\/\/helloretailcdn.com *.google-analytics.com *.analytics.google.com cbsignal-1.in-endp.profitmetrics.io googleads.g.doubleclick.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/scripts.luigisbox.com https:\/\/cdn.luigisbox.com https:\/\/live.luigisbox.com https:\/\/api.luigisbox.com https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com places.googleapis.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":5},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https:\/\/fonts.gstatic.com *.fontawesome.com *.googleapis.com *.klarnacdn.net https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.hotjar.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com sandbox.przelewy24.pl secure.przelewy24.pl facebook.com 'self' 'unsafe-inline'; frame-ancestors pay.google.com www.facebook.com *.kinderkraft.fr *.kinderkraft.pl kinderkraft.fr kinderkraft.pl *.trustpilot.com *.criteo.gum *.cookiebot.com kinderkraft.co.uk ecommscript-integrationapp.trustpilot.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com consentcdn.cookiebot.com consentcdn.cookiebot.eu pay.google.com apm.przelewy24.pl *.klarna.com secure.payu.com merch-prod.snd.payu.com *.trustpilot.com *.facebook.com *.instagram.com *.hotjar.com *.criteo.com *.criteo.net *.kinderkraft.fr kinderkraft.fr kinderkraft.pl *.pinterest.com td.doubleclick.net hal9000.redintelligence.net kinderkraft.co.uk ecommscript-integrationapp.trustpilot.com widget.trustpilot.com ecommplugins-trustboxpreview.trustpilot.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'unsafe-inline' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com imgsct.cookiebot.com imgsct.cookiebot.eu *.googleapis.com *.ggpht static.przelewy24.pl www.gstatic.com gstatic.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/firebasestorage.googleapis.com static.payu.com *.ytimg.com www.google.pl kinderkraft.com pixel.wp.pl *.instagram.com *.payu.com *.hotjar.com *.criteo.com *.adobedtm.com *.doubleclick.net *.outbrain.com *.rubiconproject.com *.yahoo.com *.3lift.com *.smartadserver.com *.adnxs.com *.tapad.com *.casalemedia.com *.360yield.com *.taboola.com *.pubmatic.com *.media.net *.teads.tv *.adform.net *.bidswitch.net *.sharethrough.com *.smaato.net *.socdm.com *.adscale.de *.advertising.com *.dable.io *.co.kr *.stickyadstv.com *.twiago.com *.omnitagjs.com *.liadm.com *.yieldmo.com *.postrelease.com *.addthis.com *.revcontent.com *.mail.ru *.yieldlab.net *.rambler.ru *.bing.com *.openx.net *.nate.com *.mediawallahscript.com id5-sync.com *.rlcdn.com *.adingo.jp *.tremorhub.com *.yandex.ru *.aralego.com\/ *.ad-stir.com *.adtdp.com *.meba.kr *.1rx.io *.toast.com *.turn.com *.dmxleo.com *.mediavine.com *.ivitrack.com *.smartclip.net *.krxd.net *.emxdgt.com *.pinterest.com *.bluekai.com *.thebrighttag.com kinderkraft.pl *.user.com *.trustpilot.com *.trustpilot.net *.metaffiliation.com region1.analytics.google.com developers.google.com trk.datnova.com *.facebook.net server-side-tagging-vqegoo7bda-uc.a.run.app bcw.kinderkraft.fr widget.trustpilot.com images-static.trustpilot.com adservice.google.com ade.googlesyndication.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com consent.cookiebot.com consent.cookiebot.eu https:\/\/browser.sentry-cdn.com *.googleapis.com *.gstatic.com sandbox.przelewy24.pl secure.przelewy24.pl pay.google.com apm.przelewy24.pl *.snrbox.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.avada.io secure.payu.com secure.snd.payu.com consentcdn.cookiebot.com *.trustpilot.com *.googletagmanager.com kinderkraft-staging.user.com *.user.com *.g.doubleclick.net *.adyen.com *.facebook.net pixel.wp.pl *.hotjar.com *.criteo.com *.criteo.net *.cloudflare.com *.clickcease.com *.pinimg.com *.googleoptimize.com *.kinderkraft.pl *.kinderkraft.fr *.kinderkraft.de *.kinderkraft.it *.kinderkraft.co.uk *.kinderkraft.es *.metaffiliation.com *.bing.com *.clarity.ms *.cux.io *.taboola.com *.luigisbox.tech ct.pinterest.com kng.kinderkraft.at sha.kinderkraft.be tag.facemyads.co bbd-tag.de s.retargeted.co apptracker.stream *.sddan.com trk.datnova.com js.cookieless-data.com bcw.kinderkraft.fr ecommscript-integrationapp.trustpilot.com cdn.cookiehub.eu widget.trustpilot.com invitejs.trustpilot.com ecommplugins-trustboxpreview.trustpilot.com cdn.chatsimple.ai us-assets.i.posthog.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/fonts.googleapis.com *.fontawesome.com *.googleapis.com *.gstatic.com *.snrcdn.net *.klarnacdn.net https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.typekit.net *.trustpilot.com *.instagram.com *.cloudflare.com cdn.luigisbox.tech widget.trustpilot.com ecommplugins-trustboxpreview.trustpilot.com cdn.cookiehub.eu 'self' 'unsafe-inline'; object-src ecommscript-integrationapp.trustpilot.com 'self' 'unsafe-inline'; media-src *.adobe.com *.googlevideo.com cdn.chatsimple.ai 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com consentcdn.cookiebot.com consentcdn.cookiebot.eu https:\/\/*.ingest.sentry.io sandbox.przelewy24.pl secure.przelewy24.pl wss:\/\/sandbox-ws.przelewy24.pl wss:\/\/secure-ws.przelewy24.pl apple-pay-gateway.apple.com apm.przelewy24.pl www.google.com pay.google.com *.snrbox.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/get.geojs.io *.avada.io secure.payu.com merch-prod.snd.payu.com ws: *.instagram.com kinderkraft-staging.user.com wss:\/\/kinderkraft-staging.user.com *.adyen.com yt2html5.com *.user.com googleads.g.doubleclick.net stats.g.doubleclick.net wss:\/\/kinderkraft.user.com *.hotjar.com wss:\/\/ws3.hotjar.com https:\/\/paypal.com paypal.com *.hotjar.io *.criteo.com wss:\/\/ws29.hotjar.com *.pinterest.com wss:\/\/ws11.hotjar.com google.pl *.kinderkraft.fr *.metaffiliation.com sentry.io *.clarity.ms *.cux.io *.facebook.com facebook.com *.google.pl wss:\/\/* *.openfpcdn.io *.google-analytics.com *.taboola.com *.luigisbox.tech *.bing.com server-side-tagging-vqegoo7bda-uc.a.run.app wdg.kinderkraft.pl *.googleapis.com tvw.kinderkraft.co.uk analytics.tiktok.com *.kinderkraft.at *.kinderkraft.be bcw.kinderkraft.fr ecommscript-integrationapp.trustpilot.com widget.trustpilot.com api.trustpilot.com ambcglobal.sc.omtrdc.net region1.analytics.google.com cdn.cookiehub.eu api.expertise.ai pagead2.googlesyndication.com us.i.posthog.com api.ipify.org 'self' 'unsafe-inline'; child-src *.instagram.com http: https: blob: 'self' 'unsafe-inline'; default-src *.adyen.com *.instagram.com *.googleoptimize.com *.bing.com kinderkraft.co.uk kinderkraft.pl ecommscript-integrationapp.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":5},{"content-security-policy-report-only":" default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline' https:\/\/www.googletagmanager.com blob: data:; style-src * 'unsafe-inline'; style-src-elem * 'unsafe-inline'; font-src * data: moz-extension:; img-src * data: blob:; media-src * data: blob:; connect-src * properties: data:; frame-src *; worker-src * blob:; report-uri https:\/\/sentry-new.public.mybestpro.com\/api\/8\/security\/?sentry_key=54be949d75fc07530648e0a189a26f35&sentry_environment=prod","count":5},{"content-security-policy-report-only":" frame-ancestors 'self'; object-src 'none'; report-uri \/api\/csp-reporting","count":4},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' 'unsafe-inline' *.byted-static.com *.bytedapm.com *.bytegoofy.com *.bytescm.com *.feishu-boe.cn *.feishu.cn *.feishucdn.com *.framer.com *.hubspot.com *.ibytedapm.com *.ibytedtos.com *.larksuite-boe.com *.larksuite.com *.larksuitecdn.com *.ocic-static.com *.snssdk.com *.yahoo.co.jp https:\/\/framer.com https:\/\/accounts.google.com https:\/\/app.factors.ai https:\/\/bat.bing.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/framerusercontent.com https:\/\/googleads.g.doubleclick.net https:\/\/googletagmanager.com https:\/\/hm.baidu.com https:\/\/js-na1.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.intercomcdn.com https:\/\/s.yimg.jp https:\/\/scout-cdn.salesloft.com https:\/\/sf16-website-login.neutral.ttwstatic.com https:\/\/snap.licdn.com https:\/\/static.ads-twitter.com https:\/\/widget.intercom.io https:\/\/www.google-analytics.com https:\/\/www.googleoptimize.com https:\/\/www.googletagmanager.com https:\/\/zz.bdstatic.com; worker-src 'self' blob:; report-to csp-endpoint","count":4},{"content-security-policy-report-only":" default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; report-uri \/csp-violation-report-endpoint.php; report-to csp-endpoint","count":4},{"content-security-policy-report-only":" default-src 'self' https: data: blob: gap: https:\/\/*.maersk.com; report-to reporting-endpoint; report-uri https:\/\/sescspreportcollector-prod.westeurope.prod.maersk.io\/collect-data;","count":4},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/unpkg.com https:\/\/acsbapp.com https:\/\/snap.licdn.com https:\/\/sc-static.net https:\/\/tr.snapchat.com https:\/\/maps.googleapis.com https:\/\/static.ads-twitter.com https:\/\/analytics.twitter.com https:\/\/connect.facebook.net https:\/\/cdn.cookielaw.org https:\/\/www.youtube.com https:\/\/static.addtoany.com https:\/\/cdnjs.cloudflare.com https:\/\/www.googletagmanager.com https:\/\/js-agent.newrelic.com https:\/\/geolocation.onetrust.com https:\/\/bam-cell.nr-data.net https:\/\/cdnsecakmi.kaltura.com https:\/\/cdnapisec.kaltura.com http:\/\/cdnapi.kaltura.com https:\/\/cfvod.kaltura.com https:\/\/www.google-analytics.com https:\/\/cdn.jsdelivr.net https:\/\/script.crazyegg.com https:\/\/static.cloudflareinsights.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/bam.nr-data.net https:\/\/hm.baidu.com\/hm.js https:\/\/www.clarity.ms https:\/\/www.googleadservices.com blob: https:\/\/vjs.zencdn.net\/5.0\/video.min.js https:\/\/analytics.tiktok.com; object-src 'self' 'unsafe-inline' 'unsafe-eval' https: data; style-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.cookielaw.org https:\/\/acsbapp.com https:\/\/sc-static.net https:\/\/tr.snapchat.com https:\/\/maps.googleapis.com  https:\/\/fonts.googleapis.com https:\/\/www.youtube.com https:\/\/static.addtoany.com https:\/\/cdnjs.cloudflare.com https:\/\/www.googletagmanager.com https:\/\/js-agent.newrelic.com https:\/\/geolocation.onetrust.com https:\/\/bam-cell.nr-data.net https:\/\/script.crazyegg.com https:\/\/static.cloudflareinsights.com https:\/\/cdnapisec.kaltura.com https:\/\/cfvod.kaltura.com https:\/\/vjs.zencdn.net\/5.0\/video-js.min.css https:\/\/analytics.tiktok.com; frame-ancestors 'self'","count":4},{"content-security-policy-report-only":" object-src 'none'; connect-src 'self' https:\/\/*.canadapost.ca https:\/\/*.canadapost-postescanada.ca https:\/\/*.postescanada-canadapost.ca https:\/\/*.cpggpc.ca https:\/\/www.google-analytics.com https:\/\/siteintercept.qualtrics.com https:\/\/www.facebook.com https:\/\/sslstats.canadapost.ca https:\/\/*.wistia.com https:\/\/dpm.demdex.net https:\/\/csi.gstatic.com https:\/\/adservice.google.com https:\/\/*.googlesyndication.com https:\/\/*.g.doubleclick.net https:\/\/maps.googleapis.com https:\/\/vmss.boldchat.com https:\/\/www.linkedin.com https:\/\/canadapost.tt.omtrdc.net https:\/\/services.postcodeanywhere.co.uk https:\/\/embedwistia-a.akamaihd.net https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/px.ads.linkedin.com https:\/\/google.com https:\/\/www.google.com; font-src 'self' https:\/\/*.canadapost.ca https:\/\/*.canadapost-postescanada.ca https:\/\/*.postescanada-canadapost.ca https:\/\/fonts.gstatic.com https:\/\/*.arcgis.com; form-action 'self' https:\/\/*.canadapost-postescanada.ca https:\/\/*.postescanada-canadapost.ca https:\/\/*.canadapost.ca  https:\/\/*.epost.ca https:\/\/www.facebook.com https:\/\/google.com; frame-ancestors 'self' https:\/\/*.canadapost-postescanada.ca https:\/\/*.postescanada-canadapost.ca https:\/\/*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.canadapost.ca https:\/\/*.canadapost-postescanada.ca https:\/\/*.postescanada-canadapost.ca https:\/\/*.epost.ca https:\/\/*.cpggpc.ca https:\/\/www.adobetag.com https:\/\/assets.adobedtm.com https:\/\/siteintercept.qualtrics.com  https:\/\/zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/z.moatads.com https:\/\/static.ads-twitter.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.googletagservices.com https:\/\/*.google-analytics.com https:\/\/*.googleadservices.com https:\/\/www.gstatic.com https:\/\/*.googlesyndication.com https:\/\/adservice.google.com https:\/\/adservice.google.ca https:\/\/maps.googleapis.com https:\/\/cdn.ampproject.org https:\/\/*.doubleclick.net https:\/\/*.twitter.com https:\/\/cdn.syndication.twimg.com https:\/\/dpm.demdex.net https:\/\/*.wistia.com https:\/\/*.frontlinesvc.com https:\/\/*.arcgis.com https:\/\/www.linkedin.com https:\/\/vmss.boldchat.com https:\/\/sb.scorecardresearch.com https:\/\/www.rnengage.com https:\/\/sjs.bizographics.com https:\/\/www.instagram.com https:\/\/secure.adnxs.com https:\/\/app.five9.com https:\/\/cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https:\/\/*.frontlinesvc.com https:\/\/fonts.googleapis.com https:\/\/translate.googleapis.com https:\/\/*.twitter.com https:\/\/*.canadapost.ca https:\/\/*.canadapost-postescanada.ca https:\/\/*.postescanada-canadapost.ca https:\/\/*.epost.ca https:\/\/*.arcgis.com https:\/\/*.arcgisonline.com https:\/\/app.five9.com;","count":4},{"content-security-policy-report-only":" frame-ancestors 'self';","count":4},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval'  *.interactivebrokers.com  *.interactivebrokers.ca  *.interactivebrokers.com.hk  *.interactivebrokers.hk  *.interactivebrokers.ch  *.interactivebrokers.eu  *.interactivebrokers.ie  *.interactivebrokers.lu  *.interactivebrokers.hu  *.interactivebrokers.com.sg  *.interactivebrokers.co.uk  *.interactivebrokers.com.au  *.interactivebrokers.co.jp  *.interactivebrokers.co.in  *.ibkr.com  *.ibkr.com.cn  *.ibkrcampus.com  *.ibkrguides.com  *.clientam.com  *.interactiveadvisors.com  *.portfolioanalyst.com  *.go-mpulse.net  *.akstat.io  *.tradingview.com  bat.bing.com  cdn.taboola.com  googleads.g.doubleclick.net  trc.taboola.com  www.googletagmanager.com  ; report-to csp-endpoint; report-uri \/response_handlers\/csplogger\/index.php","count":4},{"content-security-policy-report-only":" default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https: wss:; media-src 'self' https: blob: data:; object-src https: blob:; worker-src 'self' https: blob:; frame-src 'self' https: blob:; form-action 'self' https:; block-all-mixed-content; report-uri \/csp-violation-report","count":4},{"content-security-policy-report-only":" img-src https: data: blob:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline';","count":4},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https:\/\/csp-report.envytools.com","count":4},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' data: *.hockeystack.com *.marianatek.com *.cookielaw.org *.chilipiper.com *.googletagmanager.com *.google.com *.gstatic.com *.cloudflare.com *.youtube.com *.youtube-nocookie.com *.vimeo.com *.licdn.com *.facebook.net *.clarity.ms *.google-analytics.com *.hs-scripts.com *.doubleclick.net unpkg.com *.wistia.net;upgrade-insecure-requests;","count":4},{"content-security-policy-report-only":" default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; worker-src 'self' blob:; child-src 'self' blob:; frame-src 'self' https: data: blob:; img-src 'self' https: data: blob:; connect-src 'self' https: data: wss:\/\/*.hotjar.com; report-uri https:\/\/o1089883.ingest.us.sentry.io\/api\/4511026110398464\/security\/?sentry_key=aae109d819521ff1a232f8558352fe71;","count":4},{"content-security-policy-report-only":" font-src data: *.gstatic.com *.tryggehandel.net tryggehandel.net *.googleapis.com googleapis.com *.adsrvr.org data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.collector.se *.cardinalcommerce.com *.jobylon.com *.doubleclick.net *.proffs.se *.walleydev.com *.walleypay.com doubleclick.net *.adsrvr.org *.dotdigital-pages.com *.dotdigital.com *.trustpilot.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com googleadservices.com google-analytics.com *.magentocommerce.com *.s.ytimg.com *.googleadservices.com *.google-analytics.com *.googleapis.com googleapis.com *.gstatic.com *.collector.se *.adnxs.com *.byggmax.se *.byggmax.no *.byggmax.fi *.byggmax.dk *.byggmax.com byggmax.se byggmax.no byggmax.fi byggmax.com byggmax.dk www.byggmax.se www.byggmax.no www.byggmax.fi www.byggmax.dk *.bing.com bing.com *.teads.tv teads.tv *.smartadserver.com smartadserver.com *.rubiconproject.com rubiconproject.com *.3lift.com 3lift.com *.smaato.net *.taboola.com taboola.com *.doubleclick.com *.360yield.com 360yield.com *.yahoo.com *.casalemedia.com casalemedia.com *.openx.net *.sharethrough.com sharethrough.com *.bidswitch.net *.pubmatic.com pubmatic.com *.omnitagjs.com omnitagjs.com *.yieldmo.com yieldmo.com *.ivitrack.com ivitrack.com *.advertising.com *.stickyadstv.com *.media.net media.net *.doubleclick.net *.e-planning.net *.clmbtech.com *.adform.net adform.net *.liadm.com *.postrelease.com postrelease.com *.smartclip.net *.krxd.net *.ad-stir.com *.outbrain.com outbrain.com *.tremorhub.com tremorhub.com *.demdex.net *.pingdom.net *.adscale.de *.twiago.com *.google.com *.google.se *.bluekai.com *.wisepops.com *.tapad.com *.mgid.com *.rambler.ru *.thebrighttag.com *.walleypay.com *.1rx.io 1rx.io id5-sync.com *.id5-sync.com *.mediavine.com mediavine.com *.yieldlab.net yieldlab.net *.emxdgt.com emxdgt.com *.unrulymedia.com unrulymedia.com *.tryggehandel.net tryggehandel.net adnxs.com cm.g.doubleclick.net bidswitch.net www.facebook.com *.quantserve.com quantserve.com *.adsrvr.org *.trackedlink.net https:\/\/cdn.flbx.io data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.google-analytics.com *.collector.se *.assets.adobedtm.com *.authorize.net *.geostag.cardinalcommerce.com *.paypal.com *.vimeo.com *.ccdc02.com google.com *.braintreegateway.com *.ytimg.com *.signifyd.com *.adnxs.com adnxs.com adtr.io *.googletagmanager.com *.trackedlink.net *.jobylon.com *.doubleclick.net doubleclick.net *.googleapis.com googleapis.com *.byggmax.se *.byggmax.no *.byggmax.fi *.byggmax.com *.byggmax.dk byggmax.se byggmax.no byggmax.fi byggmax.com byggmax.dk www.byggmax.se www.byggmax.no www.byggmax.fi www.byggmax.dk *.bing.com *.hotjar.com hotjar.com bing.com *.cloudflare.com *.wisepops.com *.facebook.net facebook.net *.quantserve.com quantserve.com *.quantcount.com *.cloudflareinsights.com *.pingdom.net pingdom.net *.getflowbox.net *.kuvio.io kuvio.io *.walleydev.com *.tryggehandel.net tryggehandel.net *.dynamicyield.com dynamicyield.com *.testfreaks.com testfreaks.com *.walleypay.com *.videoly.co dialogtrail.com *.dialogtrail.com wisepops.net *.wisepops.net *.adsrvr.org *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal *.trustpilot.com https:\/\/cdn.flbx.io https:\/\/connect.getflowbox.com http:\/\/connect.getflowbox.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com googleapis.com *.byggmax.se *.byggmax.no *.byggmax.fi *.byggmax.dk www.byggmax.se www.byggmax.no www.byggmax.fi www.byggmax.dk *.adsrvr.org *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.flbx.io flbx.io *.adsrvr.org 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.wisepops.com *.google-analytics.com google-analytics.com *.collector.se *.pingdom.net pingdom.net *.adnxs.com adnxs.com *.walleydev.com *.walleypay.com *.dynamicyield.com dynamicyield.com www.google.com google.com *.google.com *.doubleclick.net doubleclick.net *.dialogtrail.com dialogtrail.com *.ebbot.app ebbot.app *.adsrvr.org *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com https:\/\/*.amazonaws.com https:\/\/cdn.flbx.io https:\/\/connect.getflowbox.com http:\/\/connect.getflowbox.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":4},{"content-security-policy-report-only":" default-src https: data:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'; form-action 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'self'","count":4},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com fonts.googleapis.com *.fontawesome.com data: https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com https:\/\/*.sovendus.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.adyen.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.adyen.com js.mollie.com https:\/\/vars.hotjar.com https:\/\/www.pinterest.fr https:\/\/www.pinterest.com https:\/\/www.google.com https:\/\/*.sovendus.com https:\/\/www.sovendus-benefits.com https:\/\/www.sovendus-campaign.com https:\/\/www.sovendus-connect.com https:\/\/www.sovendus-network.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.adyen.com *.bird.eu a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org *.openstreetmap.org maps.googleapis.com maps.gstatic.com https:\/\/cdn.flbx.io magefan.com cm.magefan.com https:\/\/www.mollie.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.google.fr *.ggpht.com *.googleapis.com https:\/\/maps.gstatic.com https:\/\/log.pinterest.com *.mondialtissus.fr *.mondialtissus.de *.mondialtissus.es *.mondialtissus.it *.mondialtissus.nl *.mondialtissus.se data: https:\/\/*.sovendus.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com https:\/\/www.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com https:\/\/cdn.flbx.io *.getflowbox.com http:\/\/connect.getflowbox.com js.mollie.com https:\/\/sdk.privacy-center.org https:\/\/www.google-analytics.com https:\/\/www.analytics.google.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/wwww.paypalobjects.com https:\/\/s.ytimg.com https:\/\/maps.googleapis.com https:\/\/www.gstatic.com\/recaptcha https:\/\/js.mollie.com https:\/\/france.mondialtissus.fr https:\/\/cdnjs.cloudflare.com https:\/\/assets.pinterest.com https:\/\/static.zdassets.com https:\/\/ekr.zdassets.com https:\/\/apis.google.com https:\/\/mondialtissus.zendesk.com https:\/\/admin.mondialtissus.fr 'unsafe-inline' https:\/\/*.sovendus.com https:\/\/cdn.jsdelivr.net https:\/\/static-sb.com https:\/\/social-sb.com \thttps:\/\/cdn.jsdelivr.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.googleapis.com 'unsafe-inline' https:\/\/*.sovendus.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.adyen.com *.algolia.net https:\/\/*.algolia.net *.algolianet.com *.insights.algolia.io insights.algolia.io maps.googleapis.com https:\/\/*.amazonaws.com https:\/\/cdn.flbx.io https:\/\/connect.getflowbox.com http:\/\/connect.getflowbox.com https:\/\/www.google-analytics.com *.hotjar.com https:\/\/ekr.zdassets.com https:\/\/maps.googleapis.com https:\/\/mondialtissus.zendesk.com https:\/\/a.getflowbox.com https:\/\/*.sovendus.com https:\/\/www.sovendus-benefits.com https:\/\/www.sovendus-campaign.com https:\/\/www.sovendus-connect.com https:\/\/www.sovendus-network.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri https:\/\/d6tizftlrpuof.cloudfront.net 'self' 'unsafe-inline';","count":4},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/app.contentful.com; default-src 'self'; font-src 'self' data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/www.obelink.at\/metrics https:\/\/googleads.g.doubleclick.net https:\/\/analytics.google.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/www.google.com https:\/\/*.youtube.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/bat.bing.com https:\/\/*.hotjar.com https:\/\/*.stripe.com https:\/\/*.stripecdn.com https:\/\/*.squeezely.tech https:\/\/*.hcaptcha.tech https:\/\/*.trustedshops.com https:\/\/*.aiden.cx https:\/\/*.clarity.ms https:\/\/d5yoctgpv4cpx.cloudfront.net; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/tagmanager.google.com; img-src 'self' data: media.obelink.nl https:\/\/obelink.nl https:\/\/www.obelink.nl https:\/\/media.obelink.de https:\/\/obelink.de https:\/\/www.obelink.de https:\/\/media.obelink.at https:\/\/obelink.at https:\/\/www.obelink.at https:\/\/media.obelink.be https:\/\/obelink.be https:\/\/www.obelink.be https:\/\/media.obelink.pl https:\/\/obelink.pl https:\/\/www.obelink.pl https:\/\/media.obelink.fr https:\/\/obelink.fr https:\/\/www.obelink.fr https:\/\/media.obelink.it https:\/\/obelink.it https:\/\/www.obelink.it https:\/\/media.obelink.es https:\/\/obelink.es https:\/\/www.obelink.es https:\/\/commerce.obelink.eu https:\/\/images.ctfassets.net https:\/\/ https:\/\/*.gstatic.com https:\/\/*.squeezely.tech https:\/\/*.googletagmanager.com https:\/\/widgets.trustedshops.com https:\/\/img.youtube.com https:\/\/i.ytimg.com https:\/\/bat.bing.com; connect-src 'self' https:\/\/*.squeezely.tech https:\/\/*.trustedshops.com https:\/\/*.etrusted.com https:\/\/bat.bing.com https:\/\/cdn.growthbook.io https:\/\/p2iqhncxyh.execute-api.eu-central-1.amazonaws.com; frame-src 'self' blob: https:\/\/*.stripe.com https:\/\/www.google.com https:\/\/www.youtube.com; media-src 'self'; object-src 'self'; base-uri 'self'; form-action 'self';","count":4},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; img-src 'self' https:\/\/www.google-analytics.com https:\/\/engage.supporthost.com data: blob:; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/engage.supporthost.com; style-src 'self' https:\/\/fonts.googleapis.com 'unsafe-inline'; font-src 'self' https:\/\/fonts.gstatic.com data:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/engage.supporthost.com; frame-src 'self' https:\/\/www.google.com https:\/\/www.youtube-nocookie.com https:\/\/engage.supporthost.com; worker-src 'self' blob:; media-src 'self'; upgrade-insecure-requests","count":4},{"content-security-policy-report-only":" default-src 'self' https:; script-src 'self' https: blob: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data:; frame-src https:; frame-ancestors 'self'; font-src 'self' https: data:; report-uri \/report-csp-violation","count":4},{"content-security-policy-report-only":" font-src * data:;img-src * data:;frame-src\t'self'    *.sevenrooms.com    *.doubleclick.net     *.smartrecruiters.com     *.adyen.com     *.pinterest.com    *.googleadservices.com    *.google.com\t*.googletagmanager.com\t*.cardinalcommerce.com\tsevenrooms.com\t*.americanexpress.com\t*.securesuite.co.uk\tsecure7.arcot.com\t*.rsa3dsauth.co.uk\tmycardsecure.com\twww.mycardsecure.com\tdupe.com\t*.opentable.com.au;script-src    'self'\t*.curator.io \t*.google-analytics.com \t*.googletagmanager.com\t*.google.com\t*.licdn.com \t*.clarity.ms\t*.gstatic.com\t*.facebook.net\t*.pinimg.com\t*.smartrecruiters.com\t*.hotjar.com\tcdn-cookieyes.com    'unsafe-eval'    'unsafe-inline'\tdata:;script-src-elem\t'self'\t'unsafe-inline' \t*.facebook.net\t*.licdn.com\t*.google.com\t*.googletagmanager.com\thttps:\/\/www.googletagmanager.com\t*.googleadservices.com\t*.google-analytics.com\t*.gstatic.com\t*.smartrecruiters.com\t*.curator.io\t*.clarity.ms\t*.pinimg.com\t*.hotjar.com\tcdn-cookieyes.com;style-src-elem    'self'\t*.honey.io\t*.google.com    *.curator.io\t*.smartrecruiters.com\t*.facebook.net\t*.clarity.ms    'unsafe-inline';connect-src\t'self'    *.facebook.com\t*.google.com\t*.google-analytics.com\t*.googleapis.com\tmelprdwebsite.azurewebsites.net\tcrownkentico-prd-as-csearch.search.windows.net\t*.pinterest.com\t*.doubleclick.net    *.curator.io\t*.clarity.ms\t*.linkedin.com\t*.datatoolscloud.net.au\t*.hotjar.io\t*.googleadservices.com\t*.googletagmanager.com \t*.adyen.com\t*.cookieyes.com\tcdn-cookieyes.com\tws:\/\/localhost:12387\twss:\/\/ws.hotjar.com\thttps:\/\/www.google.com\/\tdata:;report-uri \/api\/logs\/csp-report;report-to csp-endpoint;","count":4},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/meet.google.com\/_\/scs\/mss-static\/_\/js\/ https:\/\/www.google.com\/recaptcha\/enterprise.js https:\/\/www.gstatic.com\/hangouts_echo_detector\/release\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.gstatic.com\/video_effects\/effects\/ https:\/\/www.gstatic.com\/meetings_p2p\/ https:\/\/www-onepick-opensocial.googleusercontent.com\/gadgets\/js\/rpc.js https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/www.google.com\/tools\/feedback\/chat_load.js https:\/\/www.google.com\/tools\/feedback\/help_api.js https:\/\/www.google.com\/tools\/feedback\/load.js https:\/\/www.google.com\/tools\/feedback\/open.js https:\/\/www.google.com\/tools\/feedback\/open_to_help_guide_lazy.js https:\/\/www.gstatic.com\/feedback\/js\/ https:\/\/www.gstatic.com\/feedback\/js\/help\/prod\/service\/lazy.min.js https:\/\/www.gstatic.com\/inproduct_help\/api\/main.min.js https:\/\/www.gstatic.com\/inproduct_help\/chatsupport\/chatsupport_button_v2.js https:\/\/www.gstatic.com\/inproduct_help\/service\/lazy.min.js https:\/\/www.gstatic.com\/uservoice\/feedback\/client\/web\/live\/ https:\/\/www.gstatic.com\/uservoice\/surveys\/resources\/prod\/js\/survey\/ https:\/\/meet.google.com\/meetsw.js https:\/\/meet.google.com\/devicesw.js https:\/\/meet.google.com\/notrodsw.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/meet.google.com\/_\/scs\/mss-static\/_\/js\/k=boq-rtc.MeetingsUi.en_US.7VQoBvr6-t0.2020.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/www.gstatic.com\/recaptcha\/releases\/;report-uri \/_\/MeetingsUi\/cspreport\/fine-allowlist","count":4},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com cash-f.squarecdn.com 'self' data: *.fontawesome.com *.googleapis.net data: *.acsbapp.com *.bootstrapcdn.com *.cloudfare.com mediacdn.espssl.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * api.bazaarvoice.com stg.api.bazaarvoice.com *.facebook.com *.facebook.net 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com www.xtento.com *.facebook.com *.facebook.net *.pinterest.com *.hotjar.com www.google.com *.adyen.com *.addthisedge.com *.addthis.com *.doubleclick.net *.my.salesforce-sites.com *.secure.force.com *.force.com *.cdn-btsg.com www.commercepartnerhub.com *.adsrvr.org https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net * *.tiktok.com www.apptrian.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com 'self' data: www.xtento.com cdn.xtento.com magefan.com cm.magefan.com *.disqus.com *.facebook.com *.facebook.net https:\/\/img.youtube.com facebook.com *.b0e8.com *.dynamicyield.com *.pinterest.com *.e.aa.online-metrix.net *.acsbapp.com *.cookielaw.org *.bing.com *.yahoo.com *.google.co.in google.co.in *.listrakbi.com all-clad.com *.all-clad.com emjcd.com *.emjcd.com *.dotomi.com *.espssl.com *.clarity.ms *.tagcommander.com *.adsrvr.org *.rubiconproject.com *.g.doubleclick.net *.elfsightcdn.com *.bazaarvoice.com mediacdn.espssl.com *.hotjar.com *.doubleclick.net butterly.com *.butterly-images.com http:\/\/butterly.com *.google.com *.cdn-btsg.com *.lagostina.ca lagostina.ca https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io assets.adobedtm.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/rum.hlx.page *.tiktok.com www.apptrian.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com *.gstatic.com *.iadvize.com www.xtento.com cdn.xtento.com *.disqus.com *.facebook.com *.facebook.net *.ugc.bazaarvoice.com *.listrakbi.com *.b0e8.com *.bc0a.com *.cookielaw.org *.dynamicyield.com *.tagcommander.com *.cloudflare.com *.yimg.com *.pinimg.com *.hotjar.com www.google.com *.mczbf.com analytics.tiktok.com *.acsbapp.com acsbapp.com *.salesforceliveagent.com *.force.com *.curalate.com *.noibu.com *.pinterest.com *.online-metrix.net *.googleapis.com *.bing.com *.bing.net *.vimeo.com *.amazonaws.com *.clarity.ms click2cart.com *.adsrvr.org *.aggregated-data.com *.cloudfront.net *.amazon-adsystem.com *.tkrconnector.com acds-events.adobe.io static.kyc.red shop.pe *.shop.pe addstrap-ui.addshoppers.com returns.parcellab.com cdn.parcellab.com gstatic.com cdn.cookielaw.org cdn.bc0a.com cdn1.b0e8.com service.force.com butterly.com *.moatads.com *.elfsight.com *.addthisedge.com *.addthis.com bam.nr-data.net acsbap.com *.acsbap.com *.salesforce.com *.bazaarvoice.com *.cdn-btsg.com acdn.adnxs.com *.northbeam.io https:\/\/cdn-scripts.signifyd.com https:\/\/cdn-scripts.signifyd.com\/api\/script-tag.js https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com *.magento-datasolutions.com *.magento-ds.com *.cash.app display.ugc.bazaarvoice.com *.googleapis.com *.fontawesome.com *.listrakbi.com *.ugc.bazaarvoice.com *.typekit.net service.force.com *.bootstrapcdn.com *.espssl.com *.cloudfront.net *.cloudfare.com *.addshoppers.com returns.parcellab.com cdn.parcellab.com *.bazaarvoice.com mediacdn.espssl.com *.hotjar.com *.doubleclick.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com www.apptrian.com edge.curalate.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.magento.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com * *.tiktok.com www.apptrian.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com *.facebook.com *.facebook.net *.dynamicyield.com *.cookielaw.org *.g.doubleclick.net *.listrak.com *.listrakbi.com analytics.tiktok.com *.pinterest.com *.hotjar.com *.yimg.com google.co.in *.mczbf.com *.bc0a.com *.googleapis.com facebook.com *.acsbapp.com *.click2cart.com *.clarity.ms *.aggregated-data.com *.curalate.com *.noibu.com wss:\/\/input.noibu.com *.onetrust.com *.bing.com insight.adsrvr.org *.amazon-adsystem.com *.paa-reporting-advertising.amazon *.adsrvr.org shop.pe *.shop.pe cdn.cookielaw.org *.elfsight.com *.addthis.com mediacdn.espssl.com bam.nr-data.net fonts.googleapis.com *.doubleclick.net wss:\/\/*.hotjar.com acsbap.com *.acsbap.com *.elfsightcdn.com *.hotjar.io www.xtento.com butterly.com *.cdn-btsg.com www.google.com *.bazaarvoice.com *.fbcdn.net static.xx.fbcdn.net *.xx.fbcdn.net https:\/\/static.xx.fbcdn.net *.commercepartnerhub.com  wss:\/\/*.facebook.com *.all-clad.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com account.groupeseb.com *.salesforceliveagent.com *.salesforce.com *.force.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":4},{"content-security-policy-report-only":" frame-src 'self' td.doubleclick.net youtube.com *.youtube.com; report-uri \/infra\/monitoring\/csp","count":4},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/static.fixando.com\/ https:\/\/cdn.fixando.com\/ https:\/\/pics.fixando.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.googletagservices.com\/ https:\/\/www.googleadservices.com\/ https:\/\/fcm.googleapis.com\/ https:\/\/tpc.googlesyndication.com\/ https:\/\/pagead2.googlesyndication.com\/ https:\/\/adservice.google.com.pk\/ https:\/\/adservice.google.com.br\/ https:\/\/adservice.google.com.py\/ https:\/\/adservice.google.com.do\/ https:\/\/adservice.google.com\/ https:\/\/adservice.google.pt\/ https:\/\/adservice.google.nl\/ https:\/\/adservice.google.cl\/ https:\/\/adservice.google.it\/ https:\/\/adservice.google.pl\/ https:\/\/adservice.google.no\/ https:\/\/adservice.google.fr\/ https:\/\/adservice.google.bg\/ https:\/\/adservice.google.es\/ https:\/\/adservice.google.se\/ https:\/\/adservice.google.be\/ https:\/\/adservice.google.de\/ https:\/\/adservice.google.ch\/ https:\/\/adservice.google.hu\/ https:\/\/adservice.google.ie\/ https:\/\/adservice.google.lu\/ https:\/\/adservice.google.ru\/ https:\/\/adservice.google.be\/ https:\/\/adservice.google.co.uk\/ https:\/\/adservice.google.co.ao\/ https:\/\/adservice.google.co.in\/ https:\/\/partner.googleadservices.com\/ https:\/\/maps.googleapis.com\/ https:\/\/optimize.google.com\/ https:\/\/www.googleoptimize.com\/ https:\/\/www.gstatic.com\/ https:\/\/googleads.g.doubleclick.net\/ https:\/\/pubads.g.doubleclick.net\/ https:\/\/static.zdassets.com\/ https:\/\/widget-mediator.zopim.com\/ https:\/\/www.facebook.com\/ https:\/\/connect.facebook.net\/ https:\/\/static.hotjar.com\/ https:\/\/script.hotjar.com\/ https:\/\/cdn.jsdelivr.net\/ https:\/\/static.zdassets.com\/ https:\/\/d2wy8f7a9ursnm.cloudfront.net\/ https:\/\/apis.google.com\/ https:\/\/tagmanager.google.com\/ https:\/\/accounts.google.com\/ https:\/\/www.paypal.com\/ https:\/\/cdn.socket.io\/ https:\/\/widget.trustpilot.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/bucket.cdnwebcloud.com https:\/\/bat.bing.com https:\/\/www.clarity.ms https:\/\/www.google.com https:\/\/*.outbrain.com https:\/\/www.sandbox.paypal.com","count":4},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.yotpo.com *.googleapis.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com *.yotpo.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net connect.bolt.com connect-sandbox.bolt.com s3-us-west-1.amazonaws.com *.yotpo.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com https:\/\/rum.hlx.page connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com *.plugins.emarsys.net *.scarabresearch.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.magento.com *.magento-datasolutions.com *.magento-ds.com connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com sessions.bugsnag.com *.scarabresearch.com *.eservice.emarsys.net *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":4},{"content-security-policy-report-only":" default-src 'self' data: wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-api.us-east-1.amazonaws.com\/graphql wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-realtime-api.us-east-1.amazonaws.com\/graphql s3.amazonaws.com\/uploads.knowbe4.com\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-us-east-1.s3.amazonaws.com deepfake-content-read-production-us-east-1.s3.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ ; child-src 'self' blob: ; connect-src 'self' data: blob: wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-api.us-east-1.amazonaws.com\/graphql wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-realtime-api.us-east-1.amazonaws.com\/graphql s3.amazonaws.com\/uploads.knowbe4.com\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-us-east-1.s3.amazonaws.com deepfake-content-read-production-us-east-1.s3.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ ; frame-src 'self' blob: wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-api.us-east-1.amazonaws.com\/graphql wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-realtime-api.us-east-1.amazonaws.com\/graphql s3.amazonaws.com\/uploads.knowbe4.com\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-us-east-1.s3.amazonaws.com deepfake-content-read-production-us-east-1.s3.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ android-webview-video-poster: https:\/\/player.vimeo.com https:\/\/*.ccm.knowbe4.com https:\/\/*.internal.knowbe4.com https:\/\/*.ccm.internal.knowbe4.com ; font-src 'self' data: fonts.gstatic.com helpimg.s3.amazonaws.com use.fontawesome.com use.typekit.net https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/twitter-bootstrap\/ ; img-src * 'self' blob: cid: data: file: android-webview-video-poster: https:\/\/cdn.mxpnl.com\/ https:\/\/v2assets.zopim.io\/ https:\/\/static.zdassets.com\/ app.pendo.io cdn.pendo.io data.pendo.io pendo-static-6167502888239104.storage.googleapis.com ; media-src 'self' about: blob: data: wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-api.us-east-1.amazonaws.com\/graphql wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-realtime-api.us-east-1.amazonaws.com\/graphql s3.amazonaws.com\/uploads.knowbe4.com\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-us-east-1.s3.amazonaws.com deepfake-content-read-production-us-east-1.s3.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ ; object-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-api.us-east-1.amazonaws.com\/graphql wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-realtime-api.us-east-1.amazonaws.com\/graphql s3.amazonaws.com\/uploads.knowbe4.com\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-us-east-1.s3.amazonaws.com deepfake-content-read-production-us-east-1.s3.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ pendo-io-static.storage.googleapis.com pendo-static-6167502888239104.storage.googleapis.com use.typekit.net ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' blob: data: wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-api.us-east-1.amazonaws.com\/graphql wss:\/\/gruefbpuubghniw5iflbf2a6im.appsync-realtime-api.us-east-1.amazonaws.com\/graphql s3.amazonaws.com\/uploads.knowbe4.com\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-us-east-1.s3.amazonaws.com deepfake-content-read-production-us-east-1.s3.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ https:\/\/unpkg.com\/vue@2.6.14 pendo-io-static.storage.googleapis.com pendo-static-6167502888239104.storage.googleapis.com use.typekit.net https:\/\/cdn.pendo.io\/agent\/static\/365392a9-6608-44ef-443b-572eef771b95\/pendo.js ; style-src 'self' 'unsafe-inline' data: app.pendo.io cdn.pendo.io fonts.gstatic.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/twitter-bootstrap\/ pendo-static-6167502888239104.storage.googleapis.com use.typekit.net ; style-src-elem 'self' 'unsafe-inline' data: app.pendo.io cdn.pendo.io fonts.googleapis.com fonts.gstatic.com helpimg.s3.amazonaws.com cdnjs.cloudflare.com\/ajax\/libs\/font-awesome\/ cdnjs.cloudflare.com\/ajax\/libs\/twitter-bootstrap\/ p.typekit.net pendo-static-6167502888239104.storage.googleapis.com s3.amazonaws.com\/helpimg\/ use.fontawesome.com use.typekit.net www.java.com\/ga\/css\/print.css www.java.com\/ga\/css\/screen.css ; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubf27996eb9977f34aa9f3376bd3939adc&dd-evp-origin=content-security-policy&ddsource=csp-report&app=kmsat&env=production-us-east-1 ; worker-src 'self' blob: data: ;","count":4},{"content-security-policy-report-only":" default-src 'self' data: wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-api.eu-west-1.amazonaws.com\/graphql wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-realtime-api.eu-west-1.amazonaws.com\/graphql s3.eu-west-1.amazonaws.com\/uploads.knowbe4.eu\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-eu-west-1.s3.eu-west-1.amazonaws.com deepfake-content-read-production-eu-west-1.s3.eu-west-1.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ ; child-src 'self' blob: ; connect-src 'self' data: blob: wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-api.eu-west-1.amazonaws.com\/graphql wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-realtime-api.eu-west-1.amazonaws.com\/graphql s3.eu-west-1.amazonaws.com\/uploads.knowbe4.eu\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-eu-west-1.s3.eu-west-1.amazonaws.com deepfake-content-read-production-eu-west-1.s3.eu-west-1.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ ; frame-src 'self' blob: wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-api.eu-west-1.amazonaws.com\/graphql wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-realtime-api.eu-west-1.amazonaws.com\/graphql s3.eu-west-1.amazonaws.com\/uploads.knowbe4.eu\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-eu-west-1.s3.eu-west-1.amazonaws.com deepfake-content-read-production-eu-west-1.s3.eu-west-1.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ android-webview-video-poster: https:\/\/player.vimeo.com https:\/\/*.ccm.knowbe4.com https:\/\/*.internal.knowbe4.com https:\/\/*.ccm.internal.knowbe4.com ; font-src 'self' data: fonts.gstatic.com helpimg.s3.amazonaws.com use.fontawesome.com use.typekit.net https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/twitter-bootstrap\/ ; img-src * 'self' blob: cid: data: file: android-webview-video-poster: https:\/\/cdn.mxpnl.com\/ https:\/\/v2assets.zopim.io\/ https:\/\/static.zdassets.com\/ app.pendo.io cdn.pendo.io data.pendo.io pendo-static-6167502888239104.storage.googleapis.com ; media-src 'self' about: blob: data: wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-api.eu-west-1.amazonaws.com\/graphql wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-realtime-api.eu-west-1.amazonaws.com\/graphql s3.eu-west-1.amazonaws.com\/uploads.knowbe4.eu\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-eu-west-1.s3.eu-west-1.amazonaws.com deepfake-content-read-production-eu-west-1.s3.eu-west-1.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ ; object-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-api.eu-west-1.amazonaws.com\/graphql wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-realtime-api.eu-west-1.amazonaws.com\/graphql s3.eu-west-1.amazonaws.com\/uploads.knowbe4.eu\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-eu-west-1.s3.eu-west-1.amazonaws.com deepfake-content-read-production-eu-west-1.s3.eu-west-1.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ pendo-io-static.storage.googleapis.com pendo-static-6167502888239104.storage.googleapis.com use.typekit.net ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' blob: data: wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-api.eu-west-1.amazonaws.com\/graphql wss:\/\/enu3cdg6tvghrjuahpbe6c6w5i.appsync-realtime-api.eu-west-1.amazonaws.com\/graphql s3.eu-west-1.amazonaws.com\/uploads.knowbe4.eu\/ api-js.mixpanel.com app.pendo.io btb-glossary-bucket-production-us-east-1.s3.amazonaws.com https:\/\/browser-intake-datadoghq.com\/ cdn.pendo.io data.pendo.io deepfake-content-write-production-eu-west-1.s3.eu-west-1.amazonaws.com deepfake-content-read-production-eu-west-1.s3.eu-west-1.amazonaws.com fonts.googleapis.com metrics.articulate.com modstore.knowbe4.com modstore-production-us-east-1.s3.amazonaws.com https:\/\/*.knowbe4.com https:\/\/*.kb4od.run https:\/\/*.ckeditor.com\/ https:\/\/*.launchdarkly.com\/ https:\/\/*.zopim.com\/ https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/code.highcharts.com\/ https:\/\/data.pendo.io\/ https:\/\/ekr.zdassets.com\/ https:\/\/ekr.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/ https:\/\/knowbe4.zendesk.com\/embeddable\/config https:\/\/knowbe4.zendesk.com\/embeddable_blip https:\/\/knowbe4.zendesk.com\/frontendevents\/dl https:\/\/knowbe4.zendesk.com\/frontendevents\/pv https:\/\/s3.amazonaws.com\/development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/kmsat-development.uploads.knowbe4.com\/ https:\/\/s3.amazonaws.com\/helpimg\/ https:\/\/s3.amazonaws.com\/helpimg-kmsat-development-us-east-1\/ https:\/\/helpimg.s3.amazonaws.com\/ https:\/\/static.zdassets.com\/ https:\/\/zendesk-eu.my.sentry.io\/ pendo-static-6167502888239104.storage.googleapis.com wss:\/\/*.zopim.com\/ wss:\/\/knowbe4.zendesk.com\/ https:\/\/unpkg.com\/vue@2.6.14 pendo-io-static.storage.googleapis.com pendo-static-6167502888239104.storage.googleapis.com use.typekit.net https:\/\/cdn.pendo.io\/agent\/static\/365392a9-6608-44ef-443b-572eef771b95\/pendo.js ; style-src 'self' 'unsafe-inline' data: app.pendo.io cdn.pendo.io fonts.gstatic.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/twitter-bootstrap\/ pendo-static-6167502888239104.storage.googleapis.com use.typekit.net ; style-src-elem 'self' 'unsafe-inline' data: app.pendo.io cdn.pendo.io fonts.googleapis.com fonts.gstatic.com helpimg.s3.amazonaws.com cdnjs.cloudflare.com\/ajax\/libs\/font-awesome\/ cdnjs.cloudflare.com\/ajax\/libs\/twitter-bootstrap\/ p.typekit.net pendo-static-6167502888239104.storage.googleapis.com s3.amazonaws.com\/helpimg\/ use.fontawesome.com use.typekit.net www.java.com\/ga\/css\/print.css www.java.com\/ga\/css\/screen.css ; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubf27996eb9977f34aa9f3376bd3939adc&dd-evp-origin=content-security-policy&ddsource=csp-report&app=kmsat&env=production-eu-west-1 ; worker-src 'self' blob: data: ;","count":4},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.hotjar.com https:\/\/static.dhlecommerce.nl https:\/\/fonts.gstatic.com https:\/\/widgets.trustedshops.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.googletagmanager.com contact.robinhq.com https:\/\/*.dpdconnect.nl *.multisafepay.com https:\/\/pay.google.com www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com blackhole.lan:9000 bat.bing.com bat.bing.net https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com magefan.com cm.magefan.com *.disqus.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/firebasestorage.googleapis.com *.sooqr.com *.spotlersearch.com *.multisafepay.com www.xtento.com cdn.xtento.com maps.googleapis.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.bg *.googletagmanager.com\/ *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com https:\/\/cdn.jsdelivr.net *.tiktok.com selfservice.robinhq.com robincontentdesktop.blob.core.windows.net az416426.vo.msecnd.net *.googleads.g.doubleclick.net *.googleadservices.com *.cloudfront.net spotlersearchanalytics.com *.hotjar.com bat.bing.com https:\/\/*.dpdconnect.nl https:\/\/static.dhlecommerce.nl https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.disqus.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.shopify.com *.sooqr.com *.spotlersearch.com *.multisafepay.com https:\/\/pay.google.com www.xtento.com cdn.xtento.com maps.googleapis.com maps.google.apis.com cdn-4.convertexperiments.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com https:\/\/static.dhlecommerce.nl https:\/\/maps.googleapis.com https:\/\/fonts.googleapis.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com https:\/\/static.klaviyo.com https:\/\/cdn.jsdelivr.net *.fontawesome.com https:\/\/fonts.bunny.net *.sooqr.com *.spotlersearch.com *.multisafepay.com maps.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com dc.services.visualstudio.com *.visualwebsiteoptimizer.com p2iqhncxyh.execute-api.eu-central-1.amazonaws.com bat.bing.com bat.bing.net *.hotjar.com https:\/\/api-gw.dhlparcel.nl https:\/\/static.dhlecommerce.nl *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io *.sooqr.com *.spotlersearch.com *.multisafepay.com maps.googleapis.com maps.google.apis.com cdn-4.convertexperiments.com *.pay.nl 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":4},{"content-security-policy-report-only":" font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.cloudflare.com *.twitter.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com v2.zopim.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googlesyndication.com *.twitter.com https:\/\/www.facebook.com www.googletagmanager.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com *.google.com *.doubleclick.net *.googlesyndication.com *.twitter.com axi.maxiaxi.com *.pinterest.com *.addthis.com https:\/\/consentcdn.cookiebot.com *.fast.amc.demdex.net https:\/\/tr.snapchat.com https:\/\/www.facebook.com *.cookiebot.eu *.googletagmanager.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.google.com *.google.bg *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com https:\/\/static.buckaroo.nl validate.fishpig.co.uk magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com https:\/\/redchamps.com ts.tradetracker.net www.magmodules.eu *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.paypal.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cloudfront.net *.maxiaxi.com bat.bing.com www.google.nl www.google.de www.google.fr www.google.es *.squeezely.tech squeezely.tech tm-tradetracker.net *.pinterest.com *.googleapis.com *.googleoptimize.com *.linkedin.com *.cookiebot.com *.etrusted.com *.adobedtm.com *.zendesk.com *.zdassets.com *.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.com *.google.bg *.googletagmanager.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com https:\/\/static.buckaroo.nl https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/buckaroo.nl *.avada.io tm.tradetracker.net *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.googleapis.com app.aiden.cx js-agent.newrelic.com bam.nr-data.net rum-static.pingdom.net *.trustpilot.com *.zopim.com static.sooqr.com *.zdassets.com bat.bing.com static.buckaroo.nl *.squeezely.tech squeezely.tech tm-tradetracker.net *.maxiaxi.com *.clarity.ms *.googleoptimize.com *.zendesk.com bam.eu01.nr-data.net *.pinimg.com *.addthis.com *.addthisedge.com *.moatads.com *.hotjar.com *.hotjar.io *.licdn.com *.beslist.nl *.tiktok.com *.stripe.com *.cookiebot.com *.etrusted.com *.smooch.io *.pinterest.com *.convertexperiments.com d5yoctgpv4cpx.cloudfront.net *.cookiebot.eu tr.kickbite.io 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.cloudflare.com *.twitter.com *.twimg.com *.typekit.net *.trustedshops.com *.usercentrics.eu static.sooqr.com *.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zendesk.com *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.google-analytics.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com https:\/\/static.buckaroo.nl wss:\/\/websockets.buckaroo.io\/ https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/applepay.buckaroo.io https:\/\/get.geojs.io *.avada.io *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com bam.nr-data.net *.zdassets.com widget-mediator.zopim.com stats.g.doubleclick.net squeezely.tech cognito-identity.eu-central-1.amazonaws.com rum-collector-2.pingdom.net wss:\/\/widget-mediator.zopim.com *.maxiaxi.com *.clarity.ms *.googleapis.com *.googleoptimize.com *.googletagmanager.com *.pinterest.com measurement-api.criteo.com *.zendesk.com bam.eu01.nr-data.net *.addthis.com *.hotjar.com *.beslist.nl *.tiktok.com *.tiktokw.us app.aiden.cx *.hotjar.io wss:\/\/ws.hotjar.com analytics.pangle-ads.com googleads.g.doubleclick.net *.ads.linkedin.com *.cookiebot.com *.etrusted.com *.smooch.io *.convertexperiments.com p2iqhncxyh.execute-api.eu-central-1.amazonaws.com *.bing.com tr.kickbite.io wss:\/\/*.zendesk.com *.trustedshops.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":4},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/cdn.riverty.design\/ *.googleapis.com https:\/\/www.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com https:\/\/fonts.gstatic.com data: *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.oct8ne.com https:\/\/*.ekomiapps.de data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com uc8.tv *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googlesyndication.com https:\/\/www.facebook.com https:\/\/payflowlink.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com uc8.tv https:\/\/documents.riverty.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.instagram.com www.google.com https:\/\/*.google.com *.doubleclick.net *.googlesyndication.com https:\/\/*.dpdconnect.nl account.fetchify.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.oct8ne.com *.weltpixel.com https:\/\/web.facebook.com https:\/\/bid.g.doubleclick.net https:\/\/payflowlink.paypal.com https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/cdn.myafterpay.com\/ uc8.tv https:\/\/cdn.riverty.design\/ https:\/\/images.unsplash.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com https:\/\/*.gstatic.com *.cdninstagram.com https:\/\/*.google.com *.google.bg *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com cdn.doofinder.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com *.fbcdn.net https:\/\/firebasestorage.googleapis.com www.facebook.com flagpedia.net *.oct8ne.com ts.tradetracker.net www.magmodules.eu https:\/\/static-na.payments-amazon.com https:\/\/www.paypalobjects.com https:\/\/m.media-amazon.com https:\/\/bat.bing.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/google.com https:\/\/www.google.co.in https:\/\/googleads.g.doubleclick.net *.ekomiapps.de *.visualwebsiteoptimizer.com api.taggrs.io *.floraconcepts.nl https:\/\/sst.maxifleur-kunstplanten.nl https:\/\/oct8neuploadcdneu.azureedge.net https:\/\/*.oct8ne.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com https:\/\/*.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com uc8.tv https:\/\/cdn.myafterpay.com\/ https:\/\/cdn.bnpl.riverty.io\/ https:\/\/maps.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js *.googleapis.com *.gstatic.com *.instagram.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/www.google.com *.google.bg https:\/\/www.googletagmanager.com\/ *.facebook.net *.doubleclick.net *.google-analytics.com *.googlesyndication.com cdn.doofinder.com https:\/\/*.dpdconnect.nl https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.avada.io *.shopify.com maps.googleapis.com *.oct8ne.com tm.tradetracker.net https:\/\/www.googletagmanager.com tagmanager.google.com https:\/\/www.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/*.hotjar.com https:\/\/www.paypal.com cdn.cookie-script.com *.visualwebsiteoptimizer.com sst.maxifleur-kunstplanten.nl *.ekomiapps.de maxifleur.floraconcepts.io *.crazyegg.com *.pinimg.com static-eu.oct8ne.com *.jquery.com *.pinterest.com *.bing.com https:\/\/cdn.leadinfo.net\/ping.js https:\/\/*.ldnfrpl.com https:\/\/d5yoctgpv4cpx.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.doofinder.com cc-cdn.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com tagmanager.google.com https:\/\/*.ekomiapps.de 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com uc8.tv https:\/\/cdn.myafterpay.com\/ https:\/\/documents.myafterpay.com\/ https:\/\/documents.riverty.com\/ https:\/\/www.afterpay.nl\/ https:\/\/cdn.bnpl.riverty.io\/ https:\/\/trace-api.newrelic.com\/ https:\/\/distributions.crowdin.net\/ https:\/\/api.crowdin.com\/ https:\/\/maps.googleapis.com https:\/\/player.vimeo.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.google-analytics.com *.facebook.net https:\/\/*.google.com *.doubleclick.net *.googlesyndication.com *.doofinder.com wss:\/\/*.doofinder.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk https:\/\/ipinfo.io https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com *.oct8ne.com https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com *.ekomiapps.de ct.pinterest.com *.crazyegg.com *.floraconcepts.io *.floraconcepts.nl https:\/\/*.leadinfo.net https:\/\/*.leadinfo.com https:\/\/sst.maxifleur-kunstplanten.nl https:\/\/*.ldnfrpl.com https:\/\/li-replay.s3-accelerate.amazonaws.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/p2iqhncxyh.execute-api.eu-central-1.amazonaws.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":4},{"content-security-policy-report-only":" font-src x.klarnacdn.net static.lipscore.com maxcdn.bootstrapcdn.com *.gstatic.com 'self' data: https:\/\/widgets.trustedshops.com *.cloudflare.com *.googleapis.com *.klarnacdn.net *.office.net *.typekit.net data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; form-action *.facebook.com *.perfectview.nl *.sovendus.com *.visualwebsiteoptimizer.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; frame-ancestors *.mediacliphub.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ advisor.bluebarry.ai osm.klarnaservices.com e.topdoek.nl sst.topdoek.nl sst.goedkooptuindoek.nl *.prismic.io sst.kitchenyeah.de sst.kitchenyeah.nl sst.kitchenyeah.fr sst.fotocadeau.nl ct.pinterest.com googletagmanager.com td.doubleclick.net *.multisafepay.com https:\/\/pay.google.com *.ad4m.at *.awin1.com deliverimages.com *.facebook.com *.formcrafts.com *.fotocadeau.nl *.google.com *.googlesyndication.com *.googletagmanager.com *.klarna.com *.mediacliphub.com *.noboringsuitcases.com *.opendns.com *.pinterest.com *.sleak.chat *.sovendus-connect.com *.visualwebsiteoptimizer.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com data: widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com bat.bing.com *.cdn.prismic.io www.facebook.com www.google.nl *.appspot.com images.prismic.io storage.googleapis.com raw.githubusercontent.com *.taggrs.io *.prism.app-us1.com *.prismic.io static.lipscore.com blob: img.youtube.com *.multisafepay.com *.hsforms.net *.hsforms.com 'self' data: https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com *.awin1.com *.bing.com *.bing.net bucket-ip-website.s3.eu-central-1.amazonaws.com *.clarity.ms deliverimages.com *.doubleclick.net *.facebook.com *.facebook.net *.fotocadeau.nl *.googleadservices.com *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.bi www.google.bj www.google.bs www.google.by www.google.ca www.google.cd www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ma www.google.com.af www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bo www.google.com.br www.google.com.co www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.gh www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.cv www.google.cz www.google.de www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ga www.google.ge www.google.gg www.google.gm www.google.gr www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.mn www.google.mu www.google.mv www.google.mw www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.si www.google.sk www.google.sm www.google.sn www.google.sr www.google.tg www.google.tn www.google.tt *.google.com google.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hscollectedforms.net *.hubspot.com *.klarnacdn.net *.klarnaevt.com *.linkedin.com *.lipscore.com *.mediacliphub.com noboringsuitcases.com *.noboringsuitcases.com *.perfectview.nl *.pinterest.com prismic-io.s3.amazonaws.com *.roeye.com *.sleak.chat *.tiktok.com *.tiktokw.us *.trustedshops.com *.visualwebsiteoptimizer.com *.webflow.com *.wepowerconnections.com data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ advisor.bluebarry.ai cdn.bluebarry.ai js.klarna.com js.klarnaservices.com bat.bing.com ct.pinterest.com d5yoctgpv4cpx.cloudfront.net connect.facebook.net magento.fcdev metrics.fotoopaluminium.nl metrics.self s.pinimg.com *.appspot.com stapecdn.com static.cdn.prismic.io static.hotjar.com static.mediacliphub.com widgets.trustedshops.com www.clarity.ms *.taggrs.io *.prism.app-us1.com *.prismic.io https:\/\/widget-acc.paazl.com https:\/\/api-acc.paazl.com\/ static.lipscore.com *.multisafepay.com https:\/\/pay.google.com *.hsforms.net *.hsforms.com *.google.com *.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com https:\/\/browser.sentry-cdn.com *.awin1.com *.bing.com bluebarrycdn.blob.core.windows.net *.clarity.ms *.deployteq-cdp.net *.doubleclick.net *.dwin1.com *.facebook.com *.facebook.net *.formcrafts.com *.googleapis.com translate.google.com.hk *.googlesyndication.com *.googletagmanager.com *.hotjar.com *.hsadspixel.net *.hs-analytics.net *.hs-banner.com *.hscollectedforms.net *.hs-scripts.com *.hubspot.com *.jsdelivr.net *.klarna.com *.leadinfo.net *.licdn.com *.lipscore.com *.mediacliphub.com *.pinimg.com *.pinterest.com prismic.io *.roeyecdn.com *.sleak.chat *.sovendus.com *.tiktok.com *.trustedshops.com *.visualwebsiteoptimizer.com *.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src *.adobe.com x.klarnacdn.net integrations.etrusted.com https:\/\/widget-acc.paazl.com https:\/\/api-acc.paazl.com\/ static.lipscore.com maxcdn.bootstrapcdn.com *.multisafepay.com *.googleapis.com *.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.cloudflare.com *.googletagmanager.com *.klarnacdn.net *.lipscore.com *.sleak.chat *.typekit.net 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; object-src deliverimages.com *.fotocadeau.nl *.googleapis.com *.mediacliphub.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; media-src *.adobe.com deliverimages.com *.fotocadeau.nl *.googleapis.com *.gstatic.com noboringsuitcases.com *.noboringsuitcases.com *.prismic.io 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net data.bluebarry.ai advisor.bluebarry.ai js.klarnaservices.com js.klarna.com na.klarnaevt.com sst.goedkooptuindoek.nl *.clarity.ms *.appspot.com ct.pinterest.com dc.services.visualstudio.com js.monitor.azure.com region1.analytics.google.com *.sentry.io *.prism.app-us1.com *.prismic.io https:\/\/widget-acc.paazl.com https:\/\/api-acc.paazl.com\/ wapi.lipscore.com users.lipscore.com *.multisafepay.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site o307176.ingest.us.sentry.io *.algolia.io *.algolia.net *.algolianet.com *.azure.com *.bing.com *.bing.net deliverimages.com *.deployteq-cdp.net *.doubleclick.net *.facebook.com *.facebook.net *.fotoophout.nl *.googleadservices.com *.googleapis.com www.google.be www.google.de www.google.fr www.google.nl google.com *.google.com *.googlesyndication.com *.gstatic.com *.hotjar.com *.hotjar.io *.hscollectedforms.net *.hubapi.com *.klarna.com *.klarnaevt.com *.leadinfo.com *.leadinfo.net *.linkedin.com *.lipscore.com *.make.com *.mediacliphub.com *.noboringsuitcases.com p2iqhncxyh.execute-api.eu-central-1.amazonaws.com *.pinterest.com polyfilljs.org *.sleak.chat *.sovendus.com *.taggrs.io *.tiktok.com *.tiktokw.us *.visualwebsiteoptimizer.com *.wepowerconnections.com *.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.mediacliphub.com *.appspot.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.leadinfo.com *.lipscore.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; report-uri https:\/\/0857a1ae-eb26-4f26-b573-76e7e6a78da5.sansec.watch\/; report-to report-endpoint;","count":4},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com cash-f.squarecdn.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com static.payu.com https:\/\/geowidget.easypack24.net 'self' data: https:\/\/widgets.trustedshops.com *.livechatinc.com https:\/\/td.doubleclick.net data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.braintreegateway.com *.paypal.com google.com *.google.com * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.packeta.com secure.payu.com merch-prod.snd.payu.com static.payu.com credit-widget-config.payu.com\/ https:\/\/geowidget-app.inpost.pl\/ https:\/\/sandbox-easy-geowidget.easypack24.net\/ *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.livechatinc.com https:\/\/consentcdn.cookiebot.com\/ api.ratingcaptain.com *.cookiebot.eu 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.files-text.com *.livechatinc.com *.livechat-files.com *.livechat-static.com magefan.com cm.magefan.com *.disqus.com https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com static.payu.com credit-widget-config.payu.com\/ https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org *.hsforms.net *.hsforms.com 'self' data: https:\/\/maps.googleapis.com\/ https:\/\/maps.gstatic.com\/ https:\/\/developers.google.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com https:\/\/www.google.pl *.seznam.cz *.pricemania.sk https:\/\/imgsct.cookiebot.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.livechatinc.com *.livechat-static.com https:\/\/scripts.luigisbox.tech https:\/\/cdn.luigisbox.tech https:\/\/live.luigisbox.tech https:\/\/api.luigisbox.tech *.disqus.com *.avada.io *.shopify.com *.packeta.com secure.payu.com secure.snd.payu.com static.payu.com credit-widget-config.payu.com\/ https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org *.hsforms.net *.hsforms.com *.gstatic.com https:\/\/maps.googleapis.com\/ https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net https:\/\/www.googletagmanager.com *.seznam.cz https:\/\/pixel.biano.cz https:\/\/consent.cookiebot.com *.biano.sk *.biano.cz *.biano.ro https:\/\/consentcdn.cookiebot.com https:\/\/api.ratingcaptain.com *.absulo.ro *.sgtm.absulo.ro *.cookiebot.eu cdn.ablyft.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.cash.app *.livechatinc.com https:\/\/scripts.luigisbox.tech https:\/\/cdn.luigisbox.tech https:\/\/live.luigisbox.tech https:\/\/api.luigisbox.tech *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.googleapis.com https:\/\/geowidget.easypack24.net https:\/\/geowidget.inpost.pl *.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.tagmanager.google.com *.googletagmanager.com *.pricemania.sk 'self' 'unsafe-inline'; object-src *.livechatinc.com 'self' 'unsafe-inline'; media-src www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.livechatinc.com *.livechat-static.com https:\/\/geowidget.easypack24.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.livechatinc.com *.text.com https:\/\/scripts.luigisbox.tech https:\/\/cdn.luigisbox.tech https:\/\/live.luigisbox.tech https:\/\/api.luigisbox.tech https:\/\/get.geojs.io *.avada.io *.packeta.com secure.payu.com merch-prod.snd.payu.com static.payu.com credit-widget-config.payu.com\/ *.easypack24.net *.inpost.pl *.openstreetmap.org t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com https:\/\/maps.googleapis.com\/ *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app http:\/\/www.google-analytics.com *.googlesyndication.com *.biano.cz *.biano.sk *.biano.ro https:\/\/consentcdn.cookiebot.com googleads.g.doubleclick.net api.ratingcaptain.com *.cookiebot.eu 'self' 'unsafe-inline'; child-src *.livechatinc.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":4},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/android","count":3},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/ https:\/\/payments.google.com\/payments\/v4\/js\/integrator.js https:\/\/payments.sandbox.google.com\/payments\/v4\/js\/integrator.js https:\/\/translate.google.com\/translate_a\/element.js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.google-analytics.com\/gtm\/js https:\/\/www.googleadservices.com\/pagead\/conversion\/ https:\/\/www.youtube.com\/iframe_api https:\/\/youtube.googleapis.com\/s\/player\/ https:\/\/youtube.googleapis.com\/iframe_api https:\/\/ssl.gstatic.com\/support\/realtime\/operator\/ https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/maps.googleapis.com\/maps\/api\/js https:\/\/www.google.com\/tools\/feedback\/chat_load.js https:\/\/www.google.com\/tools\/feedback\/help_api.js https:\/\/www.google.com\/tools\/feedback\/load.js https:\/\/www.google.com\/tools\/feedback\/open.js https:\/\/www.google.com\/tools\/feedback\/open_to_help_guide_lazy.js https:\/\/www.gstatic.com\/feedback\/js\/ https:\/\/www.gstatic.com\/feedback\/js\/help\/prod\/service\/lazy.min.js https:\/\/www.gstatic.com\/inproduct_help\/api\/main.min.js https:\/\/www.gstatic.com\/inproduct_help\/chatsupport\/chatsupport_button_v2.js https:\/\/www.gstatic.com\/inproduct_help\/service\/lazy.min.js https:\/\/www.gstatic.com\/uservoice\/feedback\/client\/web\/live\/ https:\/\/www.gstatic.com\/uservoice\/surveys\/resources\/prod\/js\/survey\/ https:\/\/www.google.com\/js\/bg\/ https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.gstatic.com\/_\/mss\/boq-gstore\/_\/js\/k=boq-gstore.Gstore.en_US.rYH5Z5o72Nc.2021.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/maps.googleapis.com\/maps-api-v3\/api\/js\/ https:\/\/maps.googleapis.com\/maps\/vt https:\/\/maps.googleapis.com\/maps\/api\/js\/ https:\/\/maps.googleapis.com\/maps\/api\/place\/js\/ https:\/\/www.youtube.com\/s\/player\/ https:\/\/translate.googleapis.com\/_\/translate_http\/_\/js\/ https:\/\/payments.youtube.com\/payments\/v4\/js\/integrator.js https:\/\/payments.cloud.google\/payments\/v4\/js\/integrator.js;report-uri \/_\/Gstore\/cspreport\/fine-allowlist","count":3},{"content-security-policy-report-only":" default-src 'self'; report-uri https:\/\/csp.loopia.se; connect-src 'self' https:\/\/*.analytics.google.com https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se https:\/\/accesswidget-log-receiver.acsbapp.com https:\/\/adservice.google.com https:\/\/analytics.google.com https:\/\/api-eu1.hubapi.com https:\/\/api.exponea.com https:\/\/api.infinario.com https:\/\/bat.bing.com https:\/\/cdn.iubenda.com https:\/\/consentcdn.cookiebot.com https:\/\/content.hotjar.io https:\/\/cta-eu1.hubspot.com https:\/\/eu-cdn.acsbapp.com https:\/\/eu.acsbapp.com https:\/\/idb.iubenda.com https:\/\/in.hotjar.com https:\/\/pagead2.googlesyndication.com https:\/\/px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/srv.motu-teamblue.services https:\/\/stats.g.doubleclick.net https:\/\/vc.hotjar.io https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.google.se; font-src 'self' https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se https:\/\/fonts.gstatic.com; form-action 'self' https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se https:\/\/bib.eway2pay.com https:\/\/payment.architrade.com https:\/\/ticket.siriusit.net https:\/\/www.facebook.com; frame-src 'self' https:\/\/*.facebook.com https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se https:\/\/5.ec1.vbus.apps.ladesk.com https:\/\/active24.ladesk.com https:\/\/cdn.hub-prod.team.blue https:\/\/consentcdn.cookiebot.com https:\/\/vars.hotjar.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/*.freshchat.com; img-src 'self' data: https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se https:\/\/bat.bing.com https:\/\/googleads.g.doubleclick.net https:\/\/imgsct.cookiebot.com https:\/\/perf-eu1.hsforms.com https:\/\/px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/region1.analytics.google.com https:\/\/region1.google-analytics.com https:\/\/srv.motu-teamblue.services https:\/\/stats.g.doubleclick.net https:\/\/tbs.tradedoubler.com https:\/\/track-eu1.hubspot.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.se https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com; media-src 'self' https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se https:\/\/api.exponea.com https:\/\/api.infinario.com https:\/\/g.microsoft.com https:\/\/script.hotjar.com https:\/\/snap.licdn.com https:\/\/static.hotjar.com https:\/\/www.google.com https:\/\/www.google.se https:\/\/www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' https:\/\/*.freshchat.com https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se https:\/\/active24.ladesk.com https:\/\/api.exponea.com https:\/\/bat.bing.com https:\/\/cdn.hub-prod.team.blue https:\/\/cdn.iubenda.com https:\/\/connect.facebook.net https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/cs.iubenda.com https:\/\/eu.acsbapp.com https:\/\/eu.fw-cdn.com https:\/\/googleads.g.doubleclick.net https:\/\/js-eu1.hs-analytics.net https:\/\/js-eu1.hs-banner.com https:\/\/js-eu1.hs-scripts.com https:\/\/js-eu1.hsadspixel.net https:\/\/js-eu1.hubspot.com https:\/\/pagead2.googlesyndication.com https:\/\/script.hotjar.com https:\/\/snap.licdn.com https:\/\/srv.isy-teamblue.services https:\/\/srv.motu-teamblue.services https:\/\/static.hotjar.com https:\/\/widget.trustpilot.com https:\/\/www.google.com https:\/\/www.google.se https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com; style-src 'self' 'unsafe-inline' https:\/\/*.loopia.com https:\/\/*.loopia.no https:\/\/*.loopia.rs https:\/\/*.loopia.se https:\/\/cdn.iubenda.com https:\/\/fonts.googleapis.com https:\/\/*.freshchat.com","count":3},{"content-security-policy-report-only":" default-src 'self' https:\/\/pref.docusign.com https:\/\/apps.docusign.com https:\/\/events.docusign.com https:\/\/momentum.docusign.com https:\/\/dsucustomers.docusign.com https:\/\/account.docusign.com https:\/\/account-d.docusign.com https:\/\/ecom.docusign.com https:\/\/support.docusign.com https:\/\/developers.docusign.com https:\/\/community.docusign.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/p.mdb.tools https:\/\/identity.mdb.tools https:\/\/sierra.chat:443 https:\/\/sierra.chat https:\/\/*.cloudfront.net https:\/\/cdn.jsdelivr.net https:\/\/cdn.prod.website-files.com https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/cdn4.mxpnl.com https:\/\/s.yimg.com https:\/\/tags.srv.stackadapt.com:443 https:\/\/cdn.yellowmessenger.com https:\/\/docusign-api.arkoselabs.com https:\/\/trk.techtarget.com https:\/\/cdn.optimizely.com https:\/\/www.googletagmanager.com https:\/\/players.brightcove.net https:\/\/cdn3.optimizely.com https:\/\/cdn.cookielaw.org https:\/\/vjs.zencdn.net https:\/\/cdn.sift.com https:\/\/tags.srv.stackadapt.com https:\/\/js.driftt.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/bat.bing.com https:\/\/tag.demandbase.com https:\/\/www.knotch-cdn.com https:\/\/js.adsrvr.org https:\/\/rs.fullstory.com https:\/\/edge.fullstory.com https:\/\/googleads.g.doubleclick.net https:\/\/protect.docusign.net https:\/\/protect-d.docusign.net https:\/\/app.gatedcontent.com https:\/\/img.en25.com https:\/\/track.docusign.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/browser.sentry-cdn.com https:\/\/app.guideflow.com https:\/\/zn0oqzbba3l7g5ph4-docusign.siteintercept.qualtrics.com https:\/\/siteintercept.qualtrics.com https:\/\/80e3c780877f.cdn4.forter.com https:\/\/sadmin.brightcove.com https:\/\/platform.twitter.com https:\/\/bam.nr-data.net https:\/\/static.ads-twitter.com https:\/\/www.redditstatic.com https:\/\/chat.docusign.net https:\/\/sdk.inbenta.io https:\/\/apps.usw2.pure.cloud https:\/\/api-cdn.usw2.pure.cloud https:\/\/cdn.taboola.com https:\/\/trc.taboola.com https:\/\/www.influ2.com https:\/\/t.influ2.com\/ https:\/\/hermes.docusign.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/sierra.chat:443 https:\/\/sierra.chat https:\/\/*.cloudfront.net https:\/\/cdn.jsdelivr.net https:\/\/cdn.prod.website-files.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn4.mxpnl.com https:\/\/s.yimg.com https:\/\/tags.srv.stackadapt.com:443 https:\/\/cdn.yellowmessenger.com https:\/\/docusign-api.arkoselabs.com https:\/\/trk.techtarget.com https:\/\/cdn.optimizely.com https:\/\/www.googletagmanager.com https:\/\/players.brightcove.net https:\/\/cdn3.optimizely.com https:\/\/cdn.cookielaw.org https:\/\/vjs.zencdn.net https:\/\/cdn.sift.com https:\/\/tags.srv.stackadapt.com https:\/\/tags.srv.stackadapt.com:443\/events.js https:\/\/tags.srv.stackadapt.com\/events.js https:\/\/js.driftt.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/bat.bing.com https:\/\/tag.demandbase.com https:\/\/www.knotch-cdn.com https:\/\/js.adsrvr.org https:\/\/rs.fullstory.com https:\/\/edge.fullstory.com https:\/\/googleads.g.doubleclick.net https:\/\/protect.docusign.net https:\/\/protect-d.docusign.net https:\/\/app.gatedcontent.com https:\/\/img.en25.com https:\/\/track.docusign.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/browser.sentry-cdn.com https:\/\/app.guideflow.com https:\/\/zn0oqzbba3l7g5ph4-docusign.siteintercept.qualtrics.com https:\/\/siteintercept.qualtrics.com https:\/\/80e3c780877f.cdn4.forter.com https:\/\/sadmin.brightcove.com https:\/\/platform.twitter.com https:\/\/bam.nr-data.net https:\/\/static.ads-twitter.com https:\/\/www.redditstatic.com https:\/\/chat.docusign.net https:\/\/sdk.inbenta.io https:\/\/apps.usw2.pure.cloud https:\/\/api-cdn.usw2.pure.cloud https:\/\/cdn.taboola.com https:\/\/trc.taboola.com https:\/\/www.influ2.com https:\/\/t.influ2.com\/ https:\/\/hermes.docusign.com https:\/\/identity.mdb.tools https:\/\/p.mdb.tools https:\/\/connect.facebook.net\/en_US\/fbevents.js https:\/\/cdn.yellowmessenger.com\/plugin\/widget-v2\/latest\/dist\/main.min.js https:\/\/cdn.taboola.com\/libtrc\/unip\/1790969\/tfa.js https:\/\/cdn.sift.com\/s.js https:\/\/bat.bing.com\/bat.js https:\/\/www.influ2.com\/tracker; style-src 'self' 'unsafe-inline' https:\/\/sierra.chat:443 https:\/\/sierra.chat https:\/\/cdn.prod.website-files.com https:\/\/cdn.yellowmessenger.com https:\/\/tags.srv.stackadapt.com https:\/\/app.gatedcontent.com https:\/\/www.gstatic.com https:\/\/app.guideflow.com https:\/\/sdk.inbenta.io; img-src 'self' data: blob: https:\/\/assets-global.website-files.com https:\/\/*.cloudfront.net https:\/\/sp.analytics.yahoo.com https:\/\/ecom.docusign.com https:\/\/cdn.prod.website-files.com https:\/\/connect.facebook.net https:\/\/r4-ym-uploads.s3-us-west-2.amazonaws.com https:\/\/r4.app.yellow.ai https:\/\/cdn.yellowmessenger.com https:\/\/www.google.com.ar https:\/\/www.google.co.kr https:\/\/www.google.co.nz https:\/\/www.google.com.hk https:\/\/www.google.com.pe https:\/\/translate.google.com https:\/\/www.google.co.id https:\/\/www.google.co.cr https:\/\/www.google.com.my https:\/\/www.google.cl https:\/\/www.googleadservices.com https:\/\/www.google.de https:\/\/www.google.it https:\/\/www.google.co.jp https:\/\/www.google.co.za https:\/\/www.google.es https:\/\/www.google.com.sg https:\/\/www.google.com.co https:\/\/www.google.co.uk https:\/\/www.google.co.in https:\/\/www.google.nl https:\/\/www.google.com.ph https:\/\/www.google.com.au https:\/\/www.google.ca https:\/\/www.google.com.br https:\/\/www.google.com https:\/\/www.google.com.mx https:\/\/www.google.fr https:\/\/secure.adnxs.com https:\/\/attr.ml-api.io https:\/\/attr-td.ml-api.io https:\/\/images.ctfassets.net https:\/\/cdn.bfldr.com https:\/\/metrics.brightcove.com https:\/\/cf-images.us-east-1.prod.boltdns.net https:\/\/hexagon-analytics.com https:\/\/s.ml-attr.com https:\/\/cdn.cookielaw.org https:\/\/id.rlcdn.com https:\/\/px.ads.linkedin.com https:\/\/frontdoor.knotch.it https:\/\/dsum-sec.casalemedia.com https:\/\/partners.tremorhub.com https:\/\/pixel.rubiconproject.com https:\/\/www.facebook.com https:\/\/segments.company-target.com https:\/\/www.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/bat.bing.com https:\/\/track.docusign.com https:\/\/www.gstatic.com https:\/\/storage.googleapis.com https:\/\/imagedelivery.net https:\/\/app.gatedcontent.com https:\/\/images.esign.docusign.com https:\/\/www.googletagmanager.com https:\/\/t.co https:\/\/analytics.twitter.com https:\/\/analytics.google.com https:\/\/alb.reddit.com https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/img-taboola.com https:\/\/trc.taboola.com https:\/\/t.influ2.com https:\/\/i.liadm.com https:\/\/match.adsrvr.org https:\/\/r4.app.yellow.ai; font-src 'self' data: https:\/\/sierra.chat:443 https:\/\/sierra.chat https:\/\/cdn.prod.website-files.com https:\/\/images.simplycodes.com https:\/\/stylesheets.pixiebrix.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.yellowmessenger.com https:\/\/fonts.gstatic.com https:\/\/docucdn-a.akamaihd.net https:\/\/cdn.inbenta.io https:\/\/use.typekit.net https:\/\/api-cdn.usw2.pure.cloud https:\/\/api-cdn.usw2.pure.cloud; connect-src 'self' https:\/\/api.iterable.com https:\/\/api.sitelytics.tech https:\/\/p.mdb.tools https:\/\/sierra.chat:443 https:\/\/sierra.chat https:\/\/api-js.mixpanel.com https:\/\/api.mixpanel.com https:\/\/cdn.prod.website-files.com https:\/\/s.yimg.com https:\/\/cdn4.forter.com https:\/\/a9b3895076a445bdaf9a9aada0ab7287-80e3c780877f.cdn.forter.com https:\/\/31ff10b411e04c66a144663da6b34da5-80e3c780877f.cdn.forter.com https:\/\/3dcb810e88774d429c6dba71bbee8c34-80e3c780877f.cdn.forter.com https:\/\/tag.demandbase.com https:\/\/cdn.yellowmessenger.com https:\/\/autocomplete.demandbase.com https:\/\/segments.company-target.com https:\/\/ibc-flow.techtarget.com https:\/\/ingesteer.services-prod.nsvcs.net https:\/\/www.googletagmanager.com https:\/\/www.google.com.co https:\/\/www.google.com.mx https:\/\/www.google.co.uk https:\/\/www.google.es https:\/\/www.google.com.br https:\/\/www.google.com.sg https:\/\/www.google.com.in https:\/\/www.google.com.ph https:\/\/www.google.ca https:\/\/www.google.com.au https:\/\/rum.optimizely.com wss:\/\/r4.cloud.yellow.ai https:\/\/cdn8.forter.com https:\/\/12e748c623734740a09ab181abb7a3a1-80e3c780877f.cdn.forter.com https:\/\/cdn3.forter.com https:\/\/r4.cloud.yellow.ai https:\/\/siteperformancetest.net https:\/\/wtp.siteperformancetest.net https:\/\/privacyportal.onetrust.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/telemetry-s.docusign.net https:\/\/telemetry.dev.docusign.net https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/manifest.prod.boltdns.net https:\/\/frontdoor.knotch.it https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/ingest.insights.ninetailed.co https:\/\/cdn.jsdelivr.net https:\/\/unpkg.com https:\/\/assets.ctfassets.net https:\/\/edge.api.brightcove.com https:\/\/house-fastly-signed-us-east-1-prod.brightcovecdn.com https:\/\/cdn.cookielaw.org https:\/\/telemetry.docusign.net https:\/\/geolocation.onetrust.com https:\/\/www.google.com https:\/\/experience.ninetailed.co https:\/\/edge.fullstory.com https:\/\/tags.srv.stackadapt.com https:\/\/api.company-target.com https:\/\/configs.knotch.com https:\/\/px.ads.linkedin.com https:\/\/rs.fullstory.com https:\/\/tag-logger.demandbase.com https:\/\/carddealer.knotch.com https:\/\/analytics.google.com https:\/\/insight.adsrvr.org https:\/\/logx.optimizely.com https:\/\/app.gatedcontent.com https:\/\/guideflow-api-eu-5cv4uu2lra-ew.a.run.app https:\/\/protect.docusign.net https:\/\/protect-d.docusign.net https:\/\/s566810826.t.eloqua.com https:\/\/insights.gatedcontent.com https:\/\/siteintercept.qualtrics.com https:\/\/cdn0.forter.com https:\/\/a.docusign.com https:\/\/datacollector.docusign.com https:\/\/datacollector-demo.docusign.com https:\/\/docusign-api.arkoselabs.com https:\/\/account.docusign.com https:\/\/account-d.docusign.com https:\/\/geo.docusign.com https:\/\/syndication.twitter.com https:\/\/pixel-config.reddit.com https:\/\/www.redditstatic.com https:\/\/www.googleadservices.com https:\/\/api.inbenta.io https:\/\/api-gcu1.inbenta.io https:\/\/apps.usw2.pure.cloud https:\/\/api-cdn.usw2.pure.cloud https:\/\/psb.taboola.com https:\/\/pips.taboola.com https:\/\/cds.taboola.com https:\/\/trc-events.taboola.com https:\/\/t.influ2.com https:\/\/www.influ2.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/players.brightcove.net https:\/\/js.driftt.com https:\/\/www.googletagmanager.com https:\/\/s.company-target.com https:\/\/insight.adsrvr.org https:\/\/match.adsrvr.org https:\/\/pixel.rubiconproject.com https:\/\/cm.g.doubleclick.net https:\/\/ib.adnxs.com https:\/\/td.doubleclick.net https:\/\/www.google.com https:\/\/app.guideflow.com https:\/\/platform.twitter.com https:\/\/chat.docusign.net https:\/\/a275532918.cdn.optimizely.com https:\/\/app.netlify.com https:\/\/apps.usw2.pure.cloud https:\/\/api-cdn.usw2.pure.cloud https:\/\/hermes.docusign.com https:\/\/tsdtocl.com https:\/\/docusign-api.arkoselabs.com; media-src 'self' blob: https:\/\/manifest.prod.boltdns.net https:\/\/house-fastly-signed-us-east-1-prod.brightcovecdn.com https:\/\/videos.ctfassets.net https:\/\/house-fastly-signed-us-east-1-prod.brightcovecdn.com https:\/\/house-fastly-signed-us-east-1-prod.brightcovecdn.com:443 https:\/\/manifest.prod.boltdns.net; worker-src 'self' blob:; base-uri 'self'; form-action 'self' https:\/\/trial.docusign.com https:\/\/ecomservices.docusign.com https:\/\/na.account.docusign.com https:\/\/app.gatedcontent.com https:\/\/datacollector.docusign.com https:\/\/datacollector-demo.docusign.com https:\/\/docusign-api.arkoselabs.com https:\/\/account.docusign.com https:\/\/account-d.docusign.com https:\/\/protect.docusign.net https:\/\/protect-d.docusign.net https:\/\/track.docusign.com; object-src 'self' https:\/\/players.brightcove.net; report-to csp-endpoint","count":3},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/wwd.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":3},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/about_google","count":3},{"content-security-policy-report-only":" default-src 'self';   script-src 'self' 'unsafe-eval';   media-src 'self' https:;   style-src 'self' https: 'unsafe-inline';   img-src 'self' data: https:;   font-src 'self' https: data:;   worker-src 'self' blob:;    script-src-elem     'self'     https:\/\/*.ericsson.com     https:\/\/*.consentmanager.net     https:\/\/munchkin.marketo.net     https:\/\/app-lon07.marketo.com     https:\/\/js.monitor.azure.com     https:\/\/www.youtube.com     https:\/\/static.cloudflareinsights.com     https:\/\/a.usbrowserspeed.com     https:\/\/www.googletagmanager.com     https:\/\/www.gstatic.com     https:\/\/bat.bing.com     https:\/\/scripts.demandbase.com     https:\/\/connect.facebook.net     https:\/\/analytics.twitter.com     https:\/\/static.ads-twitter.com     https:\/\/snap.licdn.com     https:\/\/cdn.optimizely.com     https:\/\/tracking.intentsify.io     https:\/\/t.contentsquare.net     https:\/\/*.kaltura.com     https:\/\/d34r8q7sht0t9k.cloudfront.net     https:\/\/challenges.cloudflare.com     https:\/\/urldefense.com     https:\/\/sfc.leadspace.com     https:\/\/html.investis.com     https:\/\/cdn.curator.io     https:\/\/cdn.reachforce.com     https:\/\/apis.google.com     https:\/\/code.jquery.com;    frame-src      'self'     https:\/\/*.cdn.optimizely.com     https:\/\/lb.serversidetagging.ericsson.com     https:\/\/cdn.consentmanager.net     https:\/\/s.company-target.com     https:\/\/challenges.cloudflare.com     https:\/\/foryou.ericsson.net     https:\/\/foryou.ericsson.com     https:\/\/jobs.ericsson.com     https:\/\/netigate.se     https:\/\/login.microsoftonline.com     https:\/\/irs.tools.investis.com     https:\/\/airtools-ericsson.prod-mid-euw3.investis.com     https:\/\/www.googletagmanager.com     https:\/\/www.youtube-nocookie.com     https:\/\/www.facebook.com     https:\/\/www.google.com;    connect-src     'self'     https:\/\/*.ericsson.com     https:\/\/*.contentsquare.net     https:\/\/*.kaltura.com     https:\/\/*.mktoresp.com     https:\/\/*.mktoutil.com     https:\/\/*.optimizely.com     https:\/\/*.company-target.com     https:\/\/ericsson-public-api.com     https:\/\/static.cloudflareinsights.com     https:\/\/dc.services.visualstudio.com     https:\/\/www.google-analytics.com     https:\/\/www.googletagmanager.com     https:\/\/analytics.twitter.com     https:\/\/bat.bing.com     https:\/\/px.ads.linkedin.com     https:\/\/tag-logger.demandbase.com     https:\/\/ipv4.podscribe.com     https:\/\/verifi.podscribe.com     https:\/\/www.google.com     https:\/\/www.facebook.com     https:\/\/translate-pa.googleapis.com     https:\/\/t.co     https:\/\/api.curator.io     https:\/\/sfgw.leadspace.com     https:\/\/login.microsoftonline.com     https:\/\/lsmiddleware.azurewebsites.net     https:\/\/get.geojs.io;     base-uri 'self';   frame-ancestors 'self';   script-src-attr 'none';   object-src 'none';     report-to csp-endpoint;   report-uri \/report-csp-violation;","count":3},{"content-security-policy-report-only":" require-trusted-types-for 'script';report-uri \/_\/Gstore\/cspreport","count":3},{"content-security-policy-report-only":" default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri \/nmms\/csp-reporting-lo","count":3},{"content-security-policy-report-only":" default-src 'self' *.insight.com *.drift.com *.driftcdn.com *.launchdarkly.com www.googletagmanager.com play.vidyard.com *.aimtell.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.insight.com *.adroll.com *.atgsvcs.com *.custhelp.com *.webcollage.net *.driftt.com *.google.com *.marketo.com *.doubleclick.com *.doubleclick.net *.qualtrics.com assets.adobedtm.com cdn.lr-in-prod.com cdn.pricespider.com munchkin.marketo.net play.vidyard.com s.go-mpulse.net up.pixel.ad use.typekit.net ws.cs.1worldsync.com www.clarity.ms www.google-analytics.com www.googletagmanager.com www.youtube.com apps.bazaarvoice.com static.ads-twitter.com cdn-ukwest.onetrust.com cdn01.basis.net cdns.eu1.gigya.com code.jquery.com content.syndigo.com js.adsrvr.org *.cnetcontentsolutions.com mpsnare.iesnare.com unpkg.com www.googleadservices.com bat.bing.com cdn.cs.1worldsync.com cdn.tt.omtrdc.net connect.facebook.net i.simpli.fi lex.33across.com px.ads.linkedin.com s3.amazonaws.com snap.licdn.com *.hotjar.com t.sellpoints.com tracking.intentsify.io view.ceros.com w.usabilla.com ws.zoominfo.com xiecomm.paymetric.com blob:; style-src 'self' 'unsafe-inline' *.insight.com *.drift.com *.marketo.com code.jquery.com cdn.cs.1worldsync.com fonts.googleapis.com cdn.tt.omtrdc.net; img-src * data:; font-src 'self' data: *.insight.com fonts.gstatic.com use.typekit.net cdn.cs.1worldsync.com insightenterprises.qualtrics.com s.nsit.com svcs.tql.com at.alicdn.com; connect-src 'self' *.akamaihd.net *.clarity.ms *.gigya.com *.google.com *.google-analytics.com *.googlesyndication.com *.insight.com *.launchdarkly.com *.mktoresp.com *.akstat.io *.go-mpulse.net *.onetrust.com insightenterprises.tt.omtrdc.net stats.g.doubleclick.net www.google-analytics.com 366-uky-221.mktoutil.com adservice.google.com bat.bing.com cdn.aimtell.io cdn.linkedin.oribi.io cert-xiecomm.paymetric.com content.syndigo.com dpm.demdex.net et-qalogin.insight.com integration.richrelevance.com r.lr-in-prod.com rules.atgsvcs.com signals.aimtell.com sjrtp2.marketo.com smetrics.insight.com *.bazaarvoice.com ws.zoominfo.com *.adroll.com play.vidyard.com *.richrelevance.com www.facebook.com siteintercept.qualtrics.com *.googletagmanager.com; media-src player.vimeo.com www.youtube.com; object-src *.insight.com; frame-src 'self' *.adsrvr.org pixel.sitescout.com insight.demdex.net js.driftt.com app-abm.marketo.com centinelapistag.cardinalcommerce.com cert-xiecomm.paymetric.com html5-player.libsyn.com insightent.wufoo.com *.insight.com play.vidyard.com view.ceros.com www.youtube.com *.marketo.com *.doubleclick.net *.everestjs.net cbsi.demdex.net www.facebook.com beacon.aimtell.com; report-uri https:\/\/insight.report-uri.com\/r\/t\/csp\/wizard","count":3},{"content-security-policy-report-only":" default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com snap.licdn.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com use.typekit.net munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https:\/\/*.roche.com:8080 https:\/\/cdnjs.org https:\/\/service.force.com\/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.googleapis.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https:\/\/cdn.walkme.com\/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/phrase.com https:\/\/*.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.youtube.com https:\/\/oxaewmwfp6.kameleoon.io https:\/\/cookie-cdn.cookiepro.com https:\/\/*.clarity.ms https:\/\/bat.bing.com https:\/\/js.hubspot.com https:\/\/js.hs-banner.com https:\/\/js.hs-analytics.net https:\/\/js.hs-scripts.com https:\/\/js.hsforms.net https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/pixel.byspotify.com https:\/\/tracking.g2crowd.com https:\/\/assets.apollo.io https:\/\/js.chilipiper.com https:\/\/boards.eu.greenhouse.io; style-src 'self' 'unsafe-inline' https:\/\/phrase.com https:\/\/fonts.googleapis.com; img-src 'self' data: https:\/\/phrase.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/*.google.com https:\/\/*.google.ad https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.al https:\/\/*.google.am https:\/\/*.google.co.ao https:\/\/*.google.com.ar https:\/\/*.google.as https:\/\/*.google.at https:\/\/*.google.com.au https:\/\/*.google.az https:\/\/*.google.ba https:\/\/*.google.com.bd https:\/\/*.google.be https:\/\/*.google.bf https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.bi https:\/\/*.google.bj https:\/\/*.google.com.bn https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.bs https:\/\/*.google.bt https:\/\/*.google.co.bw https:\/\/*.google.by https:\/\/*.google.com.bz https:\/\/*.google.ca https:\/\/*.google.cd https:\/\/*.google.cf https:\/\/*.google.cg https:\/\/*.google.ch https:\/\/*.google.ci https:\/\/*.google.co.ck https:\/\/*.google.cl https:\/\/*.google.cm https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.cr https:\/\/*.google.com.cu https:\/\/*.google.cv https:\/\/*.google.com.cy https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.dj https:\/\/*.google.dk https:\/\/*.google.dm https:\/\/*.google.com.do https:\/\/*.google.dz https:\/\/*.google.com.ec https:\/\/*.google.ee https:\/\/*.google.com.eg https:\/\/*.google.es https:\/\/*.google.com.et https:\/\/*.google.fi https:\/\/*.google.com.fj https:\/\/*.google.fm https:\/\/*.google.fr https:\/\/*.google.ga https:\/\/*.google.ge https:\/\/*.google.gg https:\/\/*.google.com.gh https:\/\/*.google.com.gi https:\/\/*.google.gl https:\/\/*.google.gm https:\/\/*.google.gr https:\/\/*.google.com.gt https:\/\/*.google.gy https:\/\/*.google.com.hk https:\/\/*.google.hn https:\/\/*.google.hr https:\/\/*.google.ht https:\/\/*.google.hu https:\/\/*.google.co.id https:\/\/*.google.ie https:\/\/*.google.co.il https:\/\/*.google.im https:\/\/*.google.co.in https:\/\/*.google.iq https:\/\/*.google.is https:\/\/*.google.it https:\/\/*.google.je https:\/\/*.google.com.jm https:\/\/*.google.jo https:\/\/*.google.co.jp https:\/\/*.google.co.ke https:\/\/*.google.com.kh https:\/\/*.google.ki https:\/\/*.google.kg https:\/\/*.google.co.kr https:\/\/*.google.com.kw https:\/\/*.google.kz https:\/\/*.google.la https:\/\/*.google.com.lb https:\/\/*.google.li https:\/\/*.google.lk https:\/\/*.google.co.ls https:\/\/*.google.lt https:\/\/*.google.lu https:\/\/*.google.lv https:\/\/*.google.com.ly https:\/\/*.google.co.ma https:\/\/*.google.md https:\/\/*.google.me https:\/\/*.google.mg https:\/\/*.google.mk https:\/\/*.google.ml https:\/\/*.google.com.mm https:\/\/*.google.mn https:\/\/*.google.com.mt https:\/\/*.google.mu https:\/\/*.google.mv https:\/\/*.google.mw https:\/\/*.google.com.mx https:\/\/*.google.com.my https:\/\/*.google.co.mz https:\/\/*.google.com.na https:\/\/*.google.com.ng https:\/\/*.google.com.ni https:\/\/*.google.ne https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.com.np https:\/\/*.google.nr https:\/\/*.google.nu https:\/\/*.google.co.nz https:\/\/*.google.com.om https:\/\/*.google.com.pa https:\/\/*.google.com.pe https:\/\/*.google.com.pg https:\/\/*.google.com.ph https:\/\/*.google.com.pk https:\/\/*.google.pl https:\/\/*.google.pn https:\/\/*.google.com.pr https:\/\/*.google.ps https:\/\/*.google.pt https:\/\/*.google.com.py https:\/\/*.google.com.qa https:\/\/*.google.ro https:\/\/*.google.ru https:\/\/*.google.rw https:\/\/*.google.com.sa https:\/\/*.google.com.sb https:\/\/*.google.sc https:\/\/*.google.se https:\/\/*.google.com.sg https:\/\/*.google.sh https:\/\/*.google.si https:\/\/*.google.sk https:\/\/*.google.com.sl https:\/\/*.google.sn https:\/\/*.google.so https:\/\/*.google.sm https:\/\/*.google.sr https:\/\/*.google.st https:\/\/*.google.com.sv https:\/\/*.google.td https:\/\/*.google.tg https:\/\/*.google.co.th https:\/\/*.google.com.tj https:\/\/*.google.tl https:\/\/*.google.tm https:\/\/*.google.tn https:\/\/*.google.to https:\/\/*.google.com.tr https:\/\/*.google.tt https:\/\/*.google.com.tw https:\/\/*.google.co.tz https:\/\/*.google.com.ua https:\/\/*.google.co.ug https:\/\/*.google.co.uk https:\/\/*.google.com.uy https:\/\/*.google.co.uz https:\/\/*.google.com.vc https:\/\/*.google.co.ve https:\/\/*.google.co.vi https:\/\/*.google.com.vn https:\/\/*.google.vu https:\/\/*.google.ws https:\/\/*.google.rs https:\/\/*.google.co.za https:\/\/*.google.co.zm https:\/\/*.google.co.zw https:\/\/*.google.cat https:\/\/cookie-cdn.cookiepro.com https:\/\/www.facebook.com https:\/\/forms-na1.hsforms.com https:\/\/perf-na1.hsforms.com https:\/\/track.hubspot.com https:\/\/px.ads.linkedin.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/ct.capterra.com https:\/\/*.clarity.ms https:\/\/i.ytimg.com; font-src 'self' data: https:\/\/phrase.com https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/phrase.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/job-boards.eu.greenhouse.io https:\/\/forms.hsforms.com https:\/\/www.facebook.com https:\/\/player.bilibili.com; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/*.google.com https:\/\/*.google.ad https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.al https:\/\/*.google.am https:\/\/*.google.co.ao https:\/\/*.google.com.ar https:\/\/*.google.as https:\/\/*.google.at https:\/\/*.google.com.au https:\/\/*.google.az https:\/\/*.google.ba https:\/\/*.google.com.bd https:\/\/*.google.be https:\/\/*.google.bf https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.bi https:\/\/*.google.bj https:\/\/*.google.com.bn https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.bs https:\/\/*.google.bt https:\/\/*.google.co.bw https:\/\/*.google.by https:\/\/*.google.com.bz https:\/\/*.google.ca https:\/\/*.google.cd https:\/\/*.google.cf https:\/\/*.google.cg https:\/\/*.google.ch https:\/\/*.google.ci https:\/\/*.google.co.ck https:\/\/*.google.cl https:\/\/*.google.cm https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.cr https:\/\/*.google.com.cu https:\/\/*.google.cv https:\/\/*.google.com.cy https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.dj https:\/\/*.google.dk https:\/\/*.google.dm https:\/\/*.google.com.do https:\/\/*.google.dz https:\/\/*.google.com.ec https:\/\/*.google.ee https:\/\/*.google.com.eg https:\/\/*.google.es https:\/\/*.google.com.et https:\/\/*.google.fi https:\/\/*.google.com.fj https:\/\/*.google.fm https:\/\/*.google.fr https:\/\/*.google.ga https:\/\/*.google.ge https:\/\/*.google.gg https:\/\/*.google.com.gh https:\/\/*.google.com.gi https:\/\/*.google.gl https:\/\/*.google.gm https:\/\/*.google.gr https:\/\/*.google.com.gt https:\/\/*.google.gy https:\/\/*.google.com.hk https:\/\/*.google.hn https:\/\/*.google.hr https:\/\/*.google.ht https:\/\/*.google.hu https:\/\/*.google.co.id https:\/\/*.google.ie https:\/\/*.google.co.il https:\/\/*.google.im https:\/\/*.google.co.in https:\/\/*.google.iq https:\/\/*.google.is https:\/\/*.google.it https:\/\/*.google.je https:\/\/*.google.com.jm https:\/\/*.google.jo https:\/\/*.google.co.jp https:\/\/*.google.co.ke https:\/\/*.google.com.kh https:\/\/*.google.ki https:\/\/*.google.kg https:\/\/*.google.co.kr https:\/\/*.google.com.kw https:\/\/*.google.kz https:\/\/*.google.la https:\/\/*.google.com.lb https:\/\/*.google.li https:\/\/*.google.lk https:\/\/*.google.co.ls https:\/\/*.google.lt https:\/\/*.google.lu https:\/\/*.google.lv https:\/\/*.google.com.ly https:\/\/*.google.co.ma https:\/\/*.google.md https:\/\/*.google.me https:\/\/*.google.mg https:\/\/*.google.mk https:\/\/*.google.ml https:\/\/*.google.com.mm https:\/\/*.google.mn https:\/\/*.google.com.mt https:\/\/*.google.mu https:\/\/*.google.mv https:\/\/*.google.mw https:\/\/*.google.com.mx https:\/\/*.google.com.my https:\/\/*.google.co.mz https:\/\/*.google.com.na https:\/\/*.google.com.ng https:\/\/*.google.com.ni https:\/\/*.google.ne https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.com.np https:\/\/*.google.nr https:\/\/*.google.nu https:\/\/*.google.co.nz https:\/\/*.google.com.om https:\/\/*.google.com.pa https:\/\/*.google.com.pe https:\/\/*.google.com.pg https:\/\/*.google.com.ph https:\/\/*.google.com.pk https:\/\/*.google.pl https:\/\/*.google.pn https:\/\/*.google.com.pr https:\/\/*.google.ps https:\/\/*.google.pt https:\/\/*.google.com.py https:\/\/*.google.com.qa https:\/\/*.google.ro https:\/\/*.google.ru https:\/\/*.google.rw https:\/\/*.google.com.sa https:\/\/*.google.com.sb https:\/\/*.google.sc https:\/\/*.google.se https:\/\/*.google.com.sg https:\/\/*.google.sh https:\/\/*.google.si https:\/\/*.google.sk https:\/\/*.google.com.sl https:\/\/*.google.sn https:\/\/*.google.so https:\/\/*.google.sm https:\/\/*.google.sr https:\/\/*.google.st https:\/\/*.google.com.sv https:\/\/*.google.td https:\/\/*.google.tg https:\/\/*.google.co.th https:\/\/*.google.com.tj https:\/\/*.google.tl https:\/\/*.google.tm https:\/\/*.google.tn https:\/\/*.google.to https:\/\/*.google.com.tr https:\/\/*.google.tt https:\/\/*.google.com.tw https:\/\/*.google.co.tz https:\/\/*.google.com.ua https:\/\/*.google.co.ug https:\/\/*.google.co.uk https:\/\/*.google.com.uy https:\/\/*.google.co.uz https:\/\/*.google.com.vc https:\/\/*.google.co.ve https:\/\/*.google.co.vi https:\/\/*.google.com.vn https:\/\/*.google.vu https:\/\/*.google.ws https:\/\/*.google.rs https:\/\/*.google.co.za https:\/\/*.google.co.zm https:\/\/*.google.co.zw https:\/\/*.google.cat https:\/\/cookie-cdn.cookiepro.com https:\/\/geolocation.onetrust.com https:\/\/privacyportal.cookiepro.com https:\/\/eu-data.kameleoon.io https:\/\/*.clarity.ms https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/cta-service-cms2.hubspot.com https:\/\/forms.hsforms.com https:\/\/perf-na1.hsforms.com https:\/\/px.ads.linkedin.com https:\/\/www.facebook.com https:\/\/pixels.spotify.com https:\/\/tracking-api.g2.com https:\/\/aplo-evnt.com https:\/\/noembed.com; media-src 'self' https:\/\/phrase.com; object-src 'none'; base-uri 'self'; report-uri https:\/\/o319746.ingest.us.sentry.io\/api\/4511309638795264\/security\/?sentry_key=e21151de46e1f976858c58e3ca5cbef6; report-to csp-endpoint","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src-elem 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/tag.flvcdn.net https:\/\/saf-sc-protect.com https:\/\/hubspotonwebflow.com https:\/\/www.rentracks.jp https:\/\/b98.yahoo.co.jp https:\/\/ichisan.jp https:\/\/sc.lfeeder.com https:\/\/trc.taboola.com https:\/\/b99.yahoo.co.jp https:\/\/static.ads-twitter.com https:\/\/bat.bing.com https:\/\/s.yimg.jp https:\/\/platform.twitter.com https:\/\/d.line-scdn.net https:\/\/cdn.taboola.com https:\/\/m.vpadn.com https:\/\/funnel-assets.startappservice.com https:\/\/tools.refokus.com https:\/\/*.intercomcdn.com https:\/\/*.intercom.io https:\/\/*.jsdelivr.net https:\/\/js.hsforms.net https:\/\/*.visualwebsiteoptimizer.com https:\/\/snap.licdn.com https:\/\/connect.facebook.net https:\/\/tracking.g2crowd.com https:\/\/*.spideraf.com https:\/\/*.hscollectedforms.net https:\/\/*.hs-analytics.net https:\/\/*.hsadspixel.net https:\/\/*.hs-banner.com https:\/\/*.hubspot.com https:\/\/*.clarity.ms https:\/\/googleads.g.doubleclick.net https:\/\/*.hs-scripts.com https:\/\/*.webflow.com https:\/\/*.jetboost.io https:\/\/*.website-files.com https:\/\/www.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.jquery.com https:\/\/*.cloudfront.net https:\/\/cdn-cookieyes.com https:\/\/sp-trk.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.webflow.com https:\/\/www.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.jquery.com https:\/\/*.cloudfront.net https:\/\/cdn-cookieyes.com https:\/\/*.intercom.io https:\/\/sp-trk.com https:\/\/*.jetboost.io https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.cloudflare.com; style-src 'self' 'unsafe-inline' https:\/\/*; font-src 'self' data: https:\/\/*; img-src 'self' data: blob: https:\/\/*; connect-src 'self' https:\/\/*; frame-src 'self' https:\/\/*; worker-src 'self' blob:; object-src 'none'; report-uri https:\/\/saf-sitescan.com\/api\/csp-report\/4rjsitdq;","count":3},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.ebizautos.com; img-src *; script-src 'self' 'unsafe-inline' *; font-src *; media-src *; frame-src *; manifest-src 'self'; style-src 'self' 'unsafe-inline' *; connect-src https:\/\/*; object-src 'none'; worker-src 'none'; base-uri 'self';","count":3},{"content-security-policy-report-only":" default-src 'none'; base-uri 'self'; frame-ancestors 'self'; object-src 'none'; form-action 'self' https:\/\/accounts-*.cyberriskalliance.com https:\/\/188-UNZ-660.mktorest.com; script-src 'self' https:\/\/lytics.cyberriskalliance.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.clarity.ms https:\/\/s.dpmsrv.com https:\/\/cdn.feathr.co https:\/\/*.g.doubleclick.net https:\/\/www.googletagservices.com https:\/\/www.googleadservices.com https:\/\/munchkin.marketo.net https:\/\/pages.cyberriskalliance.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/player.vimeo.com https:\/\/platform.twitter.com https:\/\/cra.hum.works https:\/\/*.ml314.com https:\/\/ml314.com https:\/\/ib.adnxs.com https:\/\/js.zi-scripts.com https:\/\/a.usbrowserspeed.com https:\/\/renderer.visuel.ly; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https:\/\/files.cyberriskalliance.com https:\/\/image-optimizer*.cyberriskalliance.com https:\/\/www.cyberriskalliance.com https:\/\/securepubads.g.doubleclick.net; font-src 'self' data: https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/api*.cyberriskalliance.com https:\/\/cms*.cyberriskalliance.com https:\/\/image-optimizer*.cyberriskalliance.com https:\/\/userapi*.cyberriskalliance.com https:\/\/*.hum.works https:\/\/7acfab725e3b6315db795ca16eb9966e.clients.hosted-elasticpress.io https:\/\/accounts-*.cyberriskalliance.com https:\/\/lytics.cyberriskalliance.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/snap.licdn.com https:\/\/www.google-analytics.com https:\/\/cdn.feathr.co https:\/\/s.dpmsrv.com https:\/\/munchkin.marketo.net https:\/\/pages.cyberriskalliance.com https:\/\/securepubads.g.doubleclick.net; frame-src 'self' https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/www.google.com https:\/\/html5-player.libsyn.com https:\/\/securepubads.g.doubleclick.net https:\/\/*.googlesyndication.com; media-src 'self' https:\/\/html5-player.libsyn.com; manifest-src 'self'; worker-src 'self'; report-uri \/_csp; report-to default;","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/bot.hostaan.fi https:\/\/cdnjs.cloudflare.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/www.google.fi https:\/\/connect.facebook.net https:\/\/support.hostaan.com https:\/\/widget.trustmary.com https:\/\/embed.trustmary.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/cdnjs.cloudflare.com https:\/\/support.hostaan.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/support.hostaan.com data:; connect-src 'self' https:\/\/bot.hostaan.fi https:\/\/region1.google-analytics.com https:\/\/embed.trustmary.io https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/*.facebook.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/region1.analytics.google.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/www.google.fi https:\/\/support.hostaan.com; media-src 'self' https:\/\/support.hostaan.com; img-src 'self' https:\/\/bot.hostaan.fi blob: data: https:\/\/www.googletagmanager.com https:\/\/fonts.gstatic.com https:\/\/translate.google.com https:\/\/widget.trustmary.com\/ https:\/\/d2nce6johdc51d.cloudfront.net https:\/\/lh3.googleusercontent.com https:\/\/www.google.se https:\/\/www.google.fi https:\/\/www.google.com https:\/\/stats.g.doubleclick.net https:\/\/www.google.fi https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/www.facebook.com https:\/\/support.hostaan.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/support.hostaan.com https:\/\/td.doubleclick.net; worker-src 'self' blob:; object-src 'none'; frame-ancestors 'self' https:\/\/www.hostaan.fi; report-uri https:\/\/n8n.ppweb.fi\/webhook\/da8630cf-3a65-402b-b95f-6fa58e667ed6;","count":3},{"content-security-policy-report-only":" frame-src 'self' https:\/\/widget.mercuryo.io https:\/\/*.sumsub.com https:\/\/gwa.pgalta.com https:\/\/*.meshconnect.com; report-uri 'https:\/\/sentry.walletbot.me\/api\/38\/security\/?sentry_key=544a92e441a24f17aa6b08e34e728ed2&sentry_environment=production'; report-to csp-endpoint;","count":3},{"content-security-policy-report-only":" default-src 'self' https:\/\/nexo.com *.nexo.com *.nexo.io cdn.segment.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/nexoio.my.salesforce-scrt.com https:\/\/widget.trustpilot.com https:\/\/appleid.cdn-apple.com https:\/\/www.apple.com https:\/\/browser-intake-datadoghq.eu https:\/\/region1.analytics.google.com https:\/\/region1.google-analytics.com https:\/\/events.eu1.segmentapis.com https:\/\/www.googletagmanager.com https:\/\/accounts.google.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com *.geetest.com wss:\/\/platform.nexo.com https:\/\/nexoio.my.site.com; frame-ancestors https:\/\/platform.nexo.io https:\/\/platform.nexo.com https:\/\/support.nexo.io https:\/\/support.nexo.com https:\/\/nexosurvey.force.com https:\/\/nexoio.lightning.force.com https:\/\/nexoio--c.visualforce.com; report-uri https:\/\/security-logging.nexo.com;","count":3},{"content-security-policy-report-only":" default-src 'self'; img-src 'self' https:\/\/listafirme.ro https:\/\/secure.payu.ro\/images\/ https:\/\/*.ytimg.com https:\/\/flagcdn.com https:\/\/mdbootstrap.com https:\/\/img.youtube.com https:\/\/*.googleusercontent.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google.com https:\/\/cdn.jsdelivr.net https:\/\/www.googletagmanager.com https:\/\/www.google.ro\/ https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com data:; frame-src https:\/\/listafirme.ro https:\/\/platform.listafirme.ro\/ https:\/\/www.youtube-nocookie.com https:\/\/www.youtube.com https:\/\/static.addtoany.com https:\/\/www.google.com https:\/\/accounts.google.com https:\/\/*.firebaseapp.com; script-src 'self' https:\/\/listafirme.ro https:\/\/secure.payu.ro\/ https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/listafirme.eu https:\/\/static.addtoany.com https:\/\/platform.listafirme.ro https:\/\/cdn.jsdelivr.net https:\/\/*.cloudflare.com 'unsafe-inline' https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/static.cloudflareinsights.com https:\/\/*.cookie-script.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com; style-src 'self' 'unsafe-inline' https:\/\/listafirme.ro https:\/\/*.cloudflare.com https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/www.googletagmanager.com; font-src 'self' https:\/\/listafirme.ro https:\/\/*.cloudflare.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com; connect-src 'self' https:\/\/listafirme.ro  https:\/\/platform.listafirme.ro https:\/\/*.googlevideo.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/static.addtoany.com https:\/\/*.googleapis.com https:\/\/cloudflareinsights.com https:\/\/www.googletagmanager.com https:\/\/*.cookie-script.com https:\/\/www.googleadservices.com https:\/\/*.cloudflareinsights.com; object-src 'none'; base-uri 'self'; form-action 'self';","count":3},{"content-security-policy-report-only":" default-src https:;frame-ancestors about: 'self';frame-src https:\/\/optimize.google.com *;style-src https:\/\/optimize.google.com https:\/\/fonts.googleapis.com https: data: 'unsafe-inline' *;script-src https:\/\/www.googleanalytics.com https:\/\/www.google-analytics.com https:\/\/optimize.google.com * 'unsafe-inline' 'unsafe-eval';img-src https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/optimize.google.com https: data: *;font-src https:\/\/fonts.gstatic.com data: *;object-src 'none';connect-src * ws: wss:; report-uri https:\/\/res.destinia.com\/web\/csp-violation-report-endpoint; report-to default;","count":3},{"content-security-policy-report-only":" default-src 'self';form-action 'self'; object-src 'self'; frame-ancestors 'self'; connect-src 'self' ely-keskus.fi *.youtube.com *.tyomarkkinatori.fi *.ahtp.fi keha-matomo-sdg-qa-qa.azurewebsites.net *.cookiebot.com wss:\/\/*.tyomarkkinatori.fi *.elisa.fi wss:\/\/*.elisa.fi tetyomarkkinatori.boost.ai lukija.aimater.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' *.elisa.fi fonts.googleapis.com *.youtube.com gstatic.com blob:; img-src * data: blob:; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' *.tyomarkkinatori.fi *.ahtp.fi *.elisa.fi lukija.aimater.com tetyomarkkinatori.boost.ai *.cookiebot.com keha-matomo-sdg-qa-qa.azurewebsites.net youtube.com blob:; frame-src 'self' data: feed.mikle.com *.elisadesk.com *.cookiebot.com *.youtube.com; media-src 'self' data: blob:; font-src 'self' data: fonts.gstatic.com; report-uri https:\/\/csp-report-fa-prod.azurewebsites.net\/api\/csp-report;","count":3},{"content-security-policy-report-only":" default-src 'self' fonts.gstatic.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com ctrack.trafficjunky.net geo-tracker.smadex.com 'self' https:\/\/newassets.hcaptcha.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;script-src 'self' 'unsafe-inline' *.trustpilot.com *.googletagmanager.com mc.yandex.ru *.google-analytics.com *.youtube.com mc.yandex.com mc.yandex.ru *.google.com *.gstatic.com *.mightytips.com my.rtmark.net *.hybrid.ai https:\/\/*.g.doubleclick.net ctrack.trafficjunky.net geo-tracker.smadex.com;img-src * data:;font-src 'self' fonts.gstatic.com;connect-src 'self' *.customer.io *.gist.build *.youtube.com mc.yandex.ru *.clariti.ws *.analytics.google.com *.google-analytics.com doubleclick.net *.googletagmanager.com mc.yandex.com mc.yandex.ru mc.yandex.md yandexmetrica.com *.mightytips.com https:\/\/*.g.doubleclick.net ctrack.trafficjunky.net geo-tracker.smadex.com https:\/\/analytics.google.com;frame-src 'self' *.trustpilot.com *.youtube.com *.instagram.com *.twitter.com *.yandex.com *.google.com my.rtmark.net *.hybrid.ai https:\/\/*.g.doubleclick.net ctrack.trafficjunky.net geo-tracker.smadex.com 'self' https:\/\/newassets.hcaptcha.com;script-src-elem 'self' 'unsafe-inline' *.trustpilot.com *.customer.io *.gist.build *.instagram.com *.googletagmanager.com *.yandex.ru *.google-analytics.com *.twitter.com *.youtube.com mc.yandex.com *.google.com *.gstatic.com mc.yandex.ru *.mightytips.com my.rtmark.net *.hybrid.ai https:\/\/*.g.doubleclick.net ctrack.trafficjunky.net geo-tracker.smadex.com track.trackingtraffo.com https:\/\/www.hcaptcha.com\/1\/api.js;frame-ancestors 'self';report-uri \/cspreport.php","count":3},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cdn.jsdelivr.net cdn.almapay.com *.bglobale.com *.global-e.com *.fontawesome.com fonts.googleapis.com https:\/\/cdnjs.cloudflare.com 'self' data: *.abtasty.com *.bocage.fr *.cdnfonts.com globale-prod.s3-eu-west-1.amazonaws.com *.googleusercontent.com *.iadvize.com *.isge49.com *.kameleoon.com ncspublicasset.s3.eu-west-3.amazonaws.com *.onestock-retail.io *.perplexity.ai s3-eu-west-1.amazonaws.com *.sensefuel.live data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com accounts.google.com www.facebook.com api.twitter.com www.linkedin.com api.instagram.com *.amazon.com *.twitch.tv login.microsoftonline.com https:\/\/pinterest.com https:\/\/www.pinterest.com appleid.apple.com *.facebook.com *.google.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.getalma.eu *.almapay.com\/ *.stripe.com\/ *.checkout.com\/ *.adyen.com\/ *.bglobale.com *.global-e.com *.google.com\/ *.onestock-retail.com\/ payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com *.abtasty.com *.bing.com *.bocage.eu *.cloudflare.com *.cookiebot.com *.criteo.com *.criteo.net *.doubleclick.net *.effiliation.com *.facebook.com *.goodays.co *.googlesyndication.com *.googletagmanager.com *.iadvize.com *.pinterest.com *.snapchat.com *.vimeo.com vimeo.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.bglobale.com *.global-e.com *.googleapis.com https:\/\/www.magezon.com *.openstreetmap.org maps.googleapis.com maps.gstatic.com https:\/\/www.google.fr https:\/\/api.mapbox.com *.tile.openstreetmap.org https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com *.hsforms.net *.hsforms.com 'self' data: *.abtasty.com *.adform.net *.adnxs.com *.advalo.com *.affilae.com *.batch.com *.bing.com *.bing.net *.bocage.eu *.bocage.fr bucket-ip-website.s3.eu-central-1.amazonaws.com *.contentsquare.net *.cookiebot.com *.criteo.com *.criteo.net d1oco4z2z1fhwp.cloudfront.net d3e54v103j8qbb.cloudfront.net *.doubleclick.net *.ebuyclub.com *.eram.eu *.eram.fr *.facebook.com *.facebook.net *.ggpht.com *.googleadservices.com www.google.ad www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.by www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.com.af www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.za www.google.co.zm www.google.co.zw www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.pl www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tm www.google.tn www.google.tt www.google.vu www.google.ws *.google.com google.com *.googlesyndication.com *.googletagmanager.com *.googleusercontent.com *.iadvize.com *.isge49.com joko-mobile-app-media.s3.eu-west-1.amazonaws.com *.kameleoon.com *.kameleoon.eu *.lgw.io mellowyellow.com *.mellowyellow.com *.mellowyellow.eu *.mmtro.com mmtro.com *.onestock-retail.io *.openx.net *.outbrain.com *.pinterest.com s3-eu-west-1.amazonaws.com *.sensefuel.live *.smartadserver.com *.snapchat.com *.taboola.com *.teads.tv *.tiktok.com *.twiago.com us-central1-shopmyinfluens.cloudfunctions.net *.vimeo.com *.xiti.com data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page cdn.jsdelivr.net *.bglobale.com *.global-e.com *.googleapis.com *.gstatic.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com *.hsforms.net *.hsforms.com *.addthis.com payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com *.abtasty.com *.adform.net *.affilae.com *.aticdn.net *.batch.com *.bing.com *.bocage.fr *.cloudflare.com *.contentsquare.com *.contentsquare.net *.cookiebot.com *.criteo.com *.criteo.net critizr.com d3e54v103j8qbb.cloudfront.net *.doubleclick.net dqfw2hlp4tfww.cloudfront.net *.eram.fr *.facebook.net *.goodays.co *.googleadservices.com translate.google.com.hk *.googlesyndication.com *.googletagmanager.com *.hotjar.com *.iadvize.com *.jquery.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.lgw.io *.mmtro.com mmtro.com *.onestock-retail.io *.pinimg.com *.pinterest.com sc-static.net *.sensefuel.com *.sensefuel.live *.snapchat.com *.taboola.com *.tiktok.com *.vimeo.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src *.adobe.com fonts.googleapis.com cdn.jsdelivr.net *.bglobale.com *.global-e.com *.gstatic.com *.googleapis.com *.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.abtasty.com *.bocage.fr *.critizr.com *.goodays.co *.googletagmanager.com *.iadvize.com *.kameleoon.com *.onestock-retail.io semji.github.io *.sensefuel.com *.sensefuel.live *.typekit.net 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.bing.com *.fbcdn.net *.gstatic.com *.mellowyellow.com *.vimeocdn.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.getalma.eu *.almapay.com maps.googleapis.com https:\/\/nominatim.openstreetmap.org https:\/\/maps.googleapis.com t.elasticsuite.io *.hsforms.net *.hsforms.com payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com *.abtasty.com *.adnxs.com *.advalo.com *.affilae.com *.aticdn.net *.batch.com *.bing.com *.bing.net *.bocage.fr *.cloudflare.com *.contentsquare.com *.contentsquare.net *.cookiebot.com *.criteo.com *.criteo.net *.deebr.co *.doubleclick.net *.eram.fr *.facebook.com *.facebook.net *.goodays.co *.googleadservices.com *.googleapis.com www.google.be www.google.ca www.google.ch www.google.cn www.google.co.id www.google.es www.google.fr www.google.ge www.google.it www.google.mu www.google.ru *.googlesyndication.com *.gstatic.com *.hotjar.com *.hotjar.io *.iadvize.com *.instagram.com *.jquery.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.merchant-center-analytics.goog *.onestock-retail.io *.openx.net *.pinimg.com *.pinterest.com *.sensefuel.biz *.sensefuel.live *.snapchat.com *.taboola.com *.teads.tv *.tiktok.com *.typekit.net 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/ab48b69d-84be-485e-b94f-4ed50b3a5780.sansec.watch\/; report-to report-endpoint;","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com cdnjs.cloudflare.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com api.bazaarvoice.com stg.api.bazaarvoice.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.certcapture.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com js.mollie.com www.xtento.com *.zuora.com *.worldpay.com theteachingcompanysalesllc.demdex.net *.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com theteachingcompany.d1.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.certcapture.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com https:\/\/images.unsplash.com https:\/\/www.mollie.com www.xtento.com cdn.xtento.com *.teach12.com *.thegreatcoursesplus.com prd.jwpltx.com *.pinterest.com bat.bing.com *.amazon-adsystem.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.certcapture.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com https:\/\/maps.googleapis.com *.avada.io js.mollie.com www.xtento.com cdn.xtento.com cdnjs.cloudflare.com *.fontawesome.com acsbap.com acsbapp.com *.acsbap.com *.acsbapp.com *.teach12.com *.tiqcdn.com cltgtstor001.blob.core.windows.net *.gstatic.com *.zuora.com *.worldpay.com *.jwpcdn.com analytics.tiktok.com *.bitmovin.com *.visioncritical.com bat.bing.com www.dwin1.com *.amazon-adsystem.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com display.ugc.bazaarvoice.com *.fontawesome.com cdnjs.cloudflare.com *.typekit.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.teach12.com *.bitmovin.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.certcapture.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/get.geojs.io *.avada.io theteachingcompany.d1.sc.omtrdc.net *.fontawesome.com *.acsbap.com *.acsbapp.com *.bitmovin.com *.slgnt.us *.tgcmag.com *.thegreatcourses.com *.theplatform.com teachco-mp4.akamaized.net *.cloudfunctions.net *.pinterest.com analytics.tiktok.com *.tealiumiq.com *.amazon-adsystem.com 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https:\/\/www.google-analytics.com; frame-src 'self' https:\/\/www.googletagmanager.com;","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com *.yotpo.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com webpay3g.transbank.cl webpay3gint.transbank.cl *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.google.com.ar *.google.com.uy *.hotjar.com *.doubleclick.net www.mercadolibre.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.xtento.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/sparta.cl\/ https:\/\/newbalance.cl\/ https:\/\/head.cl\/ https:\/\/spyder.cl\/ https:\/\/trekbikeschile.com\/ https:\/\/www.dynamicyield.org\/ku\/ *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com gen.sendtric.com *.yotpo.com *.google.com *.google.com.ar *.google.com.uy *.facebook.com *.doubleclick.net sparta.cl newbalance.cl head.cl speedo.cl spyder.cl trekbikes.cl *.sparta.cl *.newbalance.cl *.head.cl *.speedo.cl *.spyder.cl *.trekbikes.cl www.mercadolibre.com www.mercadopago.cl 'self' data: *.googleapis.com *.yandex.ru *.retailrocket.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com widget.freshworks.com mcdn.retailrocket.net *.google.com.ar *.google.com.uy *.googleoptimize.com *.gstatic.com *.googletagmanager.com *.googleapis.com *.fanplayr.com *.facebook.net *.yotpo.com *.doubleclick.net *.magentosite.cloud *.freshworks.com *.hotjar.com *.retailrocket.net *.yandex.ru *.api.useinsider.com www.mercadopago.com www.mercadopago.cl sdk.mercadopago.com www.dynamicyield.org js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com analytics.tiktok.com www.tiktok.com business.tiktok.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/crypto-js\/4.2.0\/crypto-js.min.js 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com widget.freshworks.com *.googleapis.com sparta.cl newbalance.cl head.cl speedo.cl spyder.cl trekbikes.cl *.sparta.cl *.newbalance.cl *.head.cl *.speedo.cl *.spyder.cl *.trekbikes.cl *.yotpo.com *.fonts.net *.magentosite.cloud *.freshworks.com *.retailrocket.net assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com widget.freshworks.com mcdn.retailrocket.net *.google-analytics.com *.yotpo.com *.freshworks.com *.googleapis.com stats.g.doubleclick.net *.yandex.ru api.mercadopago.com events.mercadopago.com www.mercadolibre.com *.retailrocket.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com analytics.tiktok.com www.tiktok.com business.tiktok.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/spartacl.report-uri.com\/r\/d\/csp\/reportOnly; report-to report-endpoint;","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' https:\/\/www.google-analytics.com https:\/\/brandcenter.flex.com; upgrade-insecure-requests;","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self';","count":3},{"content-security-policy-report-only":" default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; media-src 'self' https:;","count":3},{"content-security-policy-report-only":" font-src www.paypalobjects.com cash-f.squarecdn.com fonts.gstatic.com all4running.nl *.all4running.nl all4running.be *.all4running.be 21run.com *.21run.com *.dhlparcel.nl https:\/\/widgets.trustedshops.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * all4running.nl *.all4running.nl all4running.be *.all4running.be 21run.com *.21run.com *.facebook.com *.facebook.net 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ * all4running.nl *.all4running.nl all4running.be *.all4running.be 21run.com *.21run.com *.doubleclick.net *.facebook.com *.facebook.net 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com * https:\/\/images.unsplash.com *.googletagmanager.com ssl.gstatic.com www.gstatic.com *.imgix.net all4running.nl *.all4running.nl all4running.be *.all4running.be 21run.com *.21run.com maps.gstatic.com *.googleapis.com *.bing.com *.google.nl *.facebook.com *.facebook.net *.hsforms.net *.hsforms.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.bazaarvoice.com widgets.trustedshops.com 'self' data: data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.hotjar.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/maps.googleapis.com *.googletagmanager.com tagmanager.google.com all4running.nl *.all4running.nl all4running.be *.all4running.be 21run.com *.21run.com *.dhlparcel.nl *.googleapis.com *.bing.com *.facebook.com *.facebook.net https:\/\/player.vimeo.com\/api\/player.js cdn.belco.io *.hsforms.net *.hsforms.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.bazaarvoice.com widgets.trustedshops.com *.google.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.cash.app tagmanager.google.com fonts.google.com all4running.nl *.all4running.nl all4running.be *.all4running.be 21run.com *.21run.com *.dhlparcel.nl https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com * https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.googletagmanager.com all4running.nl *.all4running.nl all4running.be *.all4running.be 21run.com *.21run.com *.dhlparcel.nl *.googleapis.com *.google.com *.doubleclick.net *.googlesyndication.com cdn.belco.io wss:\/\/chat.belco.io t.elasticsuite.io *.hsforms.net *.hsforms.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.bazaarvoice.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/stats.afternorth.com https:\/\/maps.googleapis.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; object-src 'none'; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; connect-src 'self' https:\/\/stats.afternorth.com https:\/\/maps.googleapis.com https:\/\/www.google-analytics.com; img-src 'self' data: https:\/\/i.realestatecreate.com https:\/\/maps1.dnr.state.mn.us https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; font-src 'self' https:\/\/fonts.gstatic.com;","count":3},{"content-security-policy-report-only":" default-src 'self' *.smartschool.be widgets.wp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' maps.googleapis.com *.wp.com https:\/\/ssl.p.jwpcdn.com *.wp.com use.typekit.net p.jwpcdn.com; script-src-attr 'none'; style-src 'self' *.smartschool.be 'unsafe-inline' *.wp.com; font-src 'self' *.smartschool.be *.typekit.net wordpress.com c0.wp.com s0.wp.com data:; img-src 'self' http:\/\/www.smartschool.be pixel.wp.com *.typekit.net data:; connect-src maps.googleapis.com 'self' performance.typekit.net stats.g.doubleclick.net *.google-analytics.com; frame-src player.vimeo.com 'self'; report-uri \/csp-violation.php","count":3},{"content-security-policy-report-only":" frame-ancestors 'self' ; object-src 'none' ; report-uri https:\/\/cspreports.realpage.com\/api\/reports\/save\/report-only;","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' https:\/\/prototype.local.next.helmholtz-munich.de 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' https:\/\/*.dzd-ev.de https:\/\/images.admiralcloud.com https:\/\/prototype.local.next.helmholtz-munich.de; base-uri 'self'; frame-src 'self' https:\/\/player.vimeo.com https:\/\/www.youtube-nocookie.com https:\/\/spenden.twingle.de; connect-src 'self' https:\/\/*.dzd-ev.de wss:\/\/*.dzd-ev.de\/ https:\/\/sentry2.in2code.de\/api\/62\/security\/ wss:\/\/prototype.local.next.helmholtz-munich.de\/ https:\/\/hmwa.helmholtz-munich.de https:\/\/spenden.twingle.de; style-src 'self' 'unsafe-inline' 'report-sample'; style-src-elem 'self' 'unsafe-inline' https:\/\/prototype.local.next.helmholtz-munich.de 'report-sample'; script-src-elem 'self' https:\/\/*.dzd-ev.de https:\/\/prototype.local.next.helmholtz-munich.de https:\/\/hmwa.helmholtz-munich.de https:\/\/spenden.twingle.de 'report-sample'; font-src 'self' https:\/\/*.dzd-ev.de https:\/\/prototype.local.next.helmholtz-munich.de; report-uri https:\/\/sentry2.in2code.de\/api\/62\/security\/?sentry_key=c8671bb1cf909cd134a5b859fc8d36e1","count":3},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/challenges.cloudflare.com https:\/\/cdnjs.cloudflare.com https:\/\/*.optimizely.com https:\/\/static.addtoany.com https:\/\/cdn.jsdelivr.net https:\/\/*.trustpilot.com https:\/\/unpkg.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.clarity.ms https:\/\/*.doubleclick.net https:\/\/*.googleadservices.com https:\/\/*.googleapis.com https:\/\/*.google.com https:\/\/elfsightcdn.com https:\/\/*.elfsightcdn.com https:\/\/*.elfsight.com https:\/\/*.tawk.to https:\/\/*.bing.com https:\/\/*.facebook.net https:\/\/c.webtrends-optimize.com https:\/\/pixel.byspotify.com https:\/\/*.tiktok.com https:\/\/sc-static.net https:\/\/*.wistia.net https:\/\/*.wistia.com https:\/\/*.snapchat.com https:\/\/*.sentry-cdn.com https:\/\/*.flywire.com; frame-src 'self' https:\/\/challenges.cloudflare.com https:\/\/*.cdn.optimizely.com https:\/\/static.addtoany.com https:\/\/widget.trustpilot.com https:\/\/*.youtube.com https:\/\/*.youtube-nocookie.com https:\/\/tr.snapchat.com https:\/\/*.wistia.net https:\/\/*.wistia.com https:\/\/*.facebook.com https:\/\/*.flywire.com https:\/\/*.kaplantestofenglish.com; frame-ancestors 'self'; base-uri 'self'; report-uri \/report-csp-violation; upgrade-insecure-requests","count":3},{"content-security-policy-report-only":" base-uri 'none' ; connect-src 'self' https:\/\/mc.yandex.ru https:\/\/mc.yandex.md https:\/\/mc.yandex.uz https:\/\/mc.yandex.com https:\/\/privacy-cs.mail.ru https:\/\/top-fwz1.mail.ru ; default-src 'self' ; font-src 'self' data: ; frame-ancestors 'none' ; img-src 'self' data: https:\/\/top-fwz1.mail.ru https:\/\/mc.yandex.ru https:\/\/mc.yandex.com ; object-src 'none' ; report-to vkpay-csp-endpoint ; report-uri https:\/\/cspreport.mail.ru\/vkpay?disposition=report ; script-src 'self' 'unsafe-inline' https:\/\/top-fwz1.mail.ru https:\/\/mc.yandex.ru https:\/\/privacy-cs.mail.ru ; style-src 'self' 'unsafe-inline'","count":3},{"content-security-policy-report-only":" upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';","count":3},{"content-security-policy-report-only":" default-src https:","count":3},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com *.fontawesome.com data: static.nacongaming.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * api.bazaarvoice.com stg.api.bazaarvoice.com www.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com www.google.com www.youtube.com amc.demdex.net vars.hotjar.com www.facebook.com static.nacongaming.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com network-eu-stg.bazaarvoice.com network-eu.bazaarvoice.com network-eu-a.bazaarvoice.com media.nacongaming.com scaleflex.ultrafast.io axeptio.imgix.net www.google.fr www.facebook.com static.nacongaming.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com network-eu.bazaarvoice.com network-eu-stg.bazaarvoice.com www.google.com www.gstatic.com script.hotjar.com static.hotjar.com connect.facebook.net anltc-v2.bigben.fr analytics.tiktok.com www.googleoptimize.com static.nacongaming.com static.axept.io anltc.bigben.fr 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app display.ugc.bazaarvoice.com *.fontawesome.com use.typekit.net p.typekit.net static.nacongaming.com 'self' 'unsafe-inline'; object-src static.nacongaming.com 'self' 'unsafe-inline'; media-src *.adobe.com static.nacongaming.com media.nacongaming.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com www.facebook.com in.hotjar.com www.google-analytics.com stats.g.doubleclick.net anltc-v2.bigben.fr axeptio.imgix.net static.nacongaming.com client.axept.io api.axept.io anltc.bigben.fr 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" report-uri             https:\/\/gfcorporate.report-uri.com\/r\/d\/csp\/reportOnly ;         default-src             'self'             www.gfms.com             gfms.com             www.gfps.com             gfcorporate.report-uri.com             *.google.at *.google.be *.google.cz *.google.dk *.google.fi *.google.fr *.google.de *.google.it *.google.nl *.google.no *.google.pl *.google.ro *.google.ru *.google.es *.google.se *.google.ch *.google.com.tr *.google.co.uk *.google.com.ar *.google.ca *.google.com *.google.com.br *.google.com.mx *.google.com.au *.google.cn *.google.co.in *.google.co.id *.google.co.jp *.google.com.my *.google.co.nz *.google.com.sg *.google.co.kr *.google.com.tw *.google.com.vn *.google.bg *.google.hr *.google.ee *.google.gr *.google.hu *.google.lv *.google.lu *.google.mk *.google.pt *.google.rs *.google.si *.google.com.ph *.google.co.th *.google.com.eg *.google.co.il *.google.co.za *.google.ae ;         connect-src             'self'             *.google-analytics.com             apikeys.civiccomputing.com             *.googleapis.com             center.lon5.atomz.com             clapi.civiccomputing.com             sp1004e61f.guided.lon5.atomz.com             sp1004e61a.guided.lon5.atomz.com             sp1004e5dd.guided.lon5.atomz.com             stats.g.doubleclick.net             www.facebook.com             uberall.com             locator.uberall.com             api.moin.ai             www.gfps.com             www.gfpstools.com             neoflow.gfpstools.com             cdn.linkedin.oribi.io             assets.georgfischer.com             google.com             analytics.google.com             *.analytics.google.com             *.googletagmanager.com             *.g.doubleclick.net             *.google.com             *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat             cdn.cookielaw.org             *.onetrust.com             *.svc.dynamics.com             *.clarity.ms             ad.doubleclick.net             adservice.google.com             assets-eur.mkt.dynamics.com             public-eur.mkt.dynamics.com             assets.adobedtm.com             c-cdn.contentfry.com             catalog.contentfry.com             platform.contentfry.com             code.jquery.com             fbo-b.flippingbook.com             online.flippingbook.com             live.solique.ch             polyfilljs.org             s7e5a.scene7.com             s7mbrstream-g1.scene7.com             www.googleadservices.com ;         font-src             'self'             fonts.gstatic.com             www.gfms.com             widget.moin.ai             static-prod.uberall.com             static.prod.uberall.com ;         script-src             'self'             'unsafe-inline'             'unsafe-eval'             www.google.com             *.google-analytics.com             *.googletagmanager.com             assets.adobedtm.com             ajax.googleapis.com             assets.georgfischer.com             cc.cdn.civiccomputing.com             connect.facebook.net             cdnjs.cloudflare.com             gstatic.com             maps.googleapis.com             siteimproveanalytics.com             snap.licdn.com             static-prod.uberall.com             uberall.com             locator.uberall.com             www.youtube.com             www.pagespeed-mod.com             www.googleoptimize.com             mktdplp102cdn.azureedge.net             www.pagespeed-mod.com             widget.moin.ai             platform.contentfry.com             cdn.cookielaw.org             cookie-cdn.cookiepro.com             privacyportal.onetrust.com             geolocation.onetrust.com             r1.dotdigital-pages.com             r1-t.trackedlink.net             r1.ddlnk.net             www.googleadservices.com ;         script-src-elem             uberall.com             www.googletagmanager.com             'self'             assets.georgfischer.com             blob:             code.jquery.com             locator.uberall.com             maps.googleapis.com             s7e5a.scene7.com             www.clarity.ms             www.google.com             www.googleadservices.com             www.youtube.com ;         style-src             'self'             'unsafe-inline'             'unsafe-eval'             fonts.googleapis.com             assets.georgfischer.com             errors.adobeaemcloud.com             widget.moin.ai ;         style-src-elem             www.googletagmanager.com         \t'self'         \tassets.georgfischer.com         \tblob: s7e5a.scene7.com             www.gstatic.com ;         img-src             'self'             'unsafe-inline'             'unsafe-eval'             data:             *.georgfischer.com             www.linkedin.com             *.global.siteimproveanalytics.io             nswow-imageresizer.azurewebsites.net             px.ads.linkedin.com             www.facebook.com             connect.facebook.net             *.google.com             gfms.com             www.gfms.com             static-prod.uberall.com             static.prod.uberall.com             www.linkedin.com             s7e5a.scene7.com             *.g.doubleclick.net             *.svc.dynamics.com             i.ytimg.com             maps.gstatic.com             fonts.gstatic.com             www.gfps.com             www.gfpstools.com             locator.uberall.com             *.amazonaws.com             *.googletagmanager.com             *.googleapis.com             *.google-analytics.com             *.analytics.google.com             *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat             cdn.cookielaw.org             c.clarity.ms             m.youtube.com             *.onetrust.com ;         child-src             'self'             blob:             analytics-eu.clickdimensions.com             live.solique.ch             www.youtube.com ;         form-action             www.facebook.com             www.georgfischer.com             'self' ;         frame-ancestors             'self'             https:\/\/*.georgfischer.com;         frame-src             'self'             'unsafe-inline'             'unsafe-eval'             data:             analytics-eu.clickdimensions.com             google.com             ir.tools.investis.com             irs.tools.investis.com             live.solique.ch             recruitingapp-5505.de.umantis.com             registration.gesevent.com             six-swiss-exchange.com             tools.google.com             uberall.com             widget.moin.ai             *.svc.dynamics.com             *.ep-mimecast.dynamics.com             www.gfps.com             bim.gfps.com             ir2.flife.de             www.youtube.com             m.youtube.com             *.ep-mimecast.youtube-nocookie.com             www.youtube-nocookie.com.x.af435fba09eaa04ff30886e05784e20ddae5.d045227c.id.opendns.com             r1.dotdigital-pages.com             display.contentfry.com             googletagmanager.com             cad.georgfischer.com             forms.office.com             foundation-gf-dev.georgfischer.com             online.flippingbook.com             players.brightcove.net             youtube.com ;         manifest-src             'self' ;         media-src             'self'         \t  assets.georgfischer.com         \t  gfms.com         \t  s7e5a.scene7.com         \t  s7mbrstream-g1.scene7.com         \t  www.gfps.com ;","count":3},{"content-security-policy-report-only":" frame-ancestors 'self' elama.global *.elama.global elama.ru *.elama.ru mc.yandex.ru mc.webvisor.com mc.webvisor.org yastatic.net webvisor.com yandex.com yandex.ru *.yandex.com *.yandex.net *.yandex.ru;","count":3},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cse.google.com https:\/\/js.hsforms.net https:\/\/platform-api.sharethis.com https:\/\/rebilly.github.io https:\/\/unpkg.com https:\/\/use.fontawesome.com https:\/\/ws.sharethis.com https:\/\/www.google.com platform.instagram.com platform.twitter.com; script-src-attr 'self'; style-src 'self' https:\/\/cdn.jsdelivr.net https:\/\/cloud.typography.com https:\/\/use.fontawesome.com; style-src-attr 'self'; frame-ancestors 'self'","count":3},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/www.googletagmanager.com *.googleapis.com *.bootstrapcdn.com *.cloudflare.com 'self' data: *.hotjar.com *.hotjar.io data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * www.facebook.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com 'self' connect.facebook.net graph.facebook.com business.facebook.com test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.doubleclick.net *.googlesyndication.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com 'self' data: *.googleapis.com *.openstreetmap.org *.googlesyndication.com *.google.com *.google.rs *.google.hr *.google.ba *.google.si *.google.bg *.google.me *.google.mk *.google.nl *.google.de *.google.be *.google.fr *.googleadservices.com www.facebook.com trengo.s3.eu-central-1.amazonaws.com ecom-stage.iutecredit.mk ecom.iutecredit.mk ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com magefan.com cm.magefan.com *.disqus.com connect.facebook.net graph.facebook.com business.facebook.com *.cmi.co.ma *.iprom.net iprom.net yandex.com yandex.md *.yandex.md *.yandex.com yandex.ru *.yandex.ru *.yads.tech yads.tech *.yango.com *.doubleclick.net t.adx.opera.com *.pandorashop.si *.pandorashop.hr *.pandorashop.ba *.pandorashop.rs *.pandorashop.mk *.pandorashop.me *.pandorashop-sa.com *.pandorashop.ma *.pandorashop.mt *.pandorashop-ks.com *.pandorashop.md test.saferpay.com www.saferpay.com saferpay.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com tagmanager.google.com https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com https:\/\/widget-cdn.boxnow.hr *.googlesyndication.com *.googleadservices.com *.google.com *.google.rs *.google.hr *.google.ba *.google.si *.google.bg *.google.me *.google.mk www.facebook.com *.widget.trengo.eu map.gls-croatia.com map.gls-czech.com map.gls-hungary.com map.gls-romania.com map.gls-slovenia.com map.gls-slovakia.com map.gls-serbia.com *.openstreetmap.org ecom-stage.iutecredit.mk ecom.iutecredit.mk chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com *.jquery.com *.oppwa.com oppwa.com *.mastercard.com *.visa.com *.iesnare.com *.requirejs.org *.disqus.com connect.facebook.net graph.facebook.com business.facebook.com *.hotjar.com *.hotjar.io onesignal.com *.onesignal.com *.criteo.com *.adsmurai.com gateway.bankart.si yandex.com yandex.md *.yandex.md *.yandex.com yandex.ru *.yandex.ru *.yads.tech yads.tech *.yango.com *.doubleclick.net t.adx.opera.com *.iprom.net iprom.net static.cloudflareinsights.com test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com *.bootstrapcdn.com ecom-stage.iutecredit.mk ecom.iutecredit.mk downloads.mailchimp.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com onesignal.com *.onesignal.com *.iprom.net iprom.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.widget.trengo.eu *.pandorashop.si *.pandorashop.hr *.pandorashop.ba *.pandorashop.rs *.pandorashop.mk *.pandorashop.me *.pandorashop-sa.com *.pandorashop.ma *.pandorashop.mt *.pandorashop-ks.com *.pandorashop.md 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com *.googleapis.com https:\/\/widget-cdn.boxnow.hr *.openstreetmap.org *.google.com *.google.rs *.google.hr *.google.ba *.google.si *.google.bg *.google.me *.google.mk *.google.nl *.google.de *.google.be *.google.fr *.googlesyndication.com *.doubleclick.net www.facebook.com *.trengo.eu map.gls-croatia.com map.gls-czech.com map.gls-hungary.com map.gls-romania.com map.gls-slovenia.com map.gls-slovakia.com map.gls-serbia.com ecom-stage.iutecredit.mk ecom.iutecredit.mk form-assets.mailchimp.com *.intuit.com *.amazonaws.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com connect.facebook.net graph.facebook.com business.facebook.com wss:\/\/ws.hotjar.com *.hotjar.io yandex.com *.yandex.md *.yandex.com yandex.ru *.yandex.ru *.yads.tech *.yango.com cm.g.doubleclick.net t.adx.opera.com *.pandorashop.si *.pandorashop.hr *.pandorashop.ba *.pandorashop.rs *.pandorashop.mk *.pandorashop.me *.pandorashop-sa.com *.pandorashop.ma *.pandorashop.mt *.pandorashop-ks.com *.pandorashop.md test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src yandex.com yandex.md *.yandex.md *.yandex.com yandex.ru *.yandex.ru *.yads.tech yads.tech *.yango.com *.doubleclick.net t.adx.opera.com test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/js.stripe.com https:\/\/*.js.stripe.com https:\/\/checkout.stripe.com https:\/\/connect-js.stripe.com https:\/\/*.googleapis.com https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.website-files.com https:\/\/d3e54v103j8qbb.cloudfront.net https:\/\/*.onetrust.com https:\/\/*.cookielaw.org https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.iwoca.com https:\/\/widget.trustpilot.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/snap.licdn.com https:\/\/bat.bing.com https:\/\/cdn.amplitude.com https:\/\/www.redditstatic.com https:\/\/*.fullstory.com https:\/\/connect.facebook.net https:\/\/*.hs-scripts.com https:\/\/*.tiktok.com https:\/\/*.intercom.io https:\/\/*.hsadspixel.net https:\/\/*.hs-analytics.net https:\/\/*.hs-banner.com https:\/\/*.hubspot.com https:\/\/*.doubleclick.net https:\/\/*.intercomcdn.com https:\/\/*.online-metrix.net https:\/\/cdn.datatables.net https:\/\/www.datadoghq-browser-agent.com https:\/\/*.dwin1.com https:\/\/cdn.checkout.com https:\/\/tools.refokus.com https:\/\/sdk.onfido.com https:\/\/*.awin1.com https:\/\/snippet.maze.co; style-src 'self' 'unsafe-inline' https:\/\/*.googleapis.com https:\/\/*.website-files.com https:\/\/*.iwoca.com https:\/\/cdn.jsdelivr.net https:\/\/*.gstatic.com https:\/\/verify.iwoca.co.uk https:\/\/verify.iwoca.de https:\/\/sdk.onfido.com https:\/\/cdnjs.cloudflare.com; img-src 'self' data: blob: https:\/\/*.stripe.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.website-files.com https:\/\/uploads-ssl.webflow.com https:\/\/d3e54v103j8qbb.cloudfront.net https:\/\/*.onetrust.com https:\/\/*.cookielaw.org https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.reddit.com https:\/\/bat.bing.com https:\/\/www.facebook.com https:\/\/*.hubspot.com https:\/\/www.google.com https:\/\/www.google.fr https:\/\/*.hsforms.com https:\/\/*.ads.linkedin.com https:\/\/*.iwoca.com https:\/\/www.google.co.uk https:\/\/www.google.de https:\/\/*.online-metrix.net https:\/\/emailsignature.trustpilot.com https:\/\/providers-assets.truelayer.com; font-src 'self' data: https:\/\/*.gstatic.com https:\/\/*.website-files.com https:\/\/*.iwoca.com https:\/\/fonts.intercomcdn.com https:\/\/verify.iwoca.co.uk https:\/\/verify.iwoca.de https:\/\/cdnjs.cloudflare.com; connect-src 'self' https:\/\/api.stripe.com https:\/\/hooks.stripe.com https:\/\/checkout.stripe.com https:\/\/*.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.doubleclick.net https:\/\/www.google.com wss:\/\/*.iwoca.co.uk wss:\/\/*.iwoca.de https:\/\/*.onetrust.com https:\/\/*.cookielaw.org https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.amplitude.com https:\/\/*.fullstory.com https:\/\/*.reddit.com https:\/\/www.facebook.com https:\/\/bat.bing.com https:\/\/*.hubspot.com https:\/\/*.hubapi.com https:\/\/*.intercom.io wss:\/\/*.intercom.io https:\/\/*.ads.linkedin.com https:\/\/*.tiktok.com https:\/\/*.tiktokw.us https:\/\/*.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/*.iwoca.com  https:\/\/api.onfido.com https:\/\/*.online-metrix.net https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/www.google.co.uk; frame-src 'self' https:\/\/js.stripe.com https:\/\/hooks.stripe.com https:\/\/checkout.stripe.com https:\/\/connect-js.stripe.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/widget.trustpilot.com https:\/\/www.googletagmanager.com https:\/\/*.online-metrix.net https:\/\/sdk.onfido.com https:\/\/*.awin1.com https:\/\/*.iwoca.com https:\/\/cdn.embedly.com https:\/\/jobs.ashbyhq.com https:\/\/e.infogram.com https:\/\/meetings.hubspot.com https:\/\/intercom-sheets.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/checkout.stripe.com; worker-src 'self' blob:; manifest-src 'self' https:\/\/*.iwoca.com; media-src 'self' https:\/\/*.intercomcdn.com https:\/\/*.website-files.com; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub5026669e7744a3ed13bf57586a630b91&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service:gateway;","count":3},{"content-security-policy-report-only":" default-src 'self'; img-src 'self' https: data:; script-src 'self' https: 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; font-src 'self' https: data:; connect-src 'self' https:; media-src 'self' https: data:; object-src 'self'; base-uri 'self'; report-to go1-csp;","count":3},{"content-security-policy-report-only":" font-src *.cloudflare.com *.bootstrapcdn.com data: maxcdn.bootstrapcdn.com fonts.gstatic.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es test.saferpay.com www.saferpay.com saferpay.com yotpo.com www.yotpo.com p.yotpo.com staticw2.yotpo.com w2.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com test.saferpay.com www.saferpay.com saferpay.com tradingview-widget.com www.googletagmanager.com *.tradingview-widget.com www.google.com www.facebook.com platform.twitter.com yotpo.com www.yotpo.com p.yotpo.com staticw2.yotpo.com w2.yotpo.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net data: www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es test.saferpay.com www.saferpay.com saferpay.com img.youtube.com *.cloudflare.com www.goldvorsorge.at www.facebook.com pinterest.com assets.pinterest.com syndication.twitter.com amcglobal.sc.omtrdc.net yotpo.com www.yotpo.com p.yotpo.com staticw2.yotpo.com w2.yotpo.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.youtube.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co api.comapi.com webchat.dotdigital.com s7.addthis.com test.saferpay.com www.saferpay.com saferpay.com *.cloudflare.com *.twitter.com *.fontawesome.com www.googletagmanager.com www.google.com googleads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com s3.tradingview.com *.avada.io connect.facebook.net twitter.com platform.twitter.com yotpo.com www.yotpo.com p.yotpo.com staticw2.yotpo.com w2.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com cdn.dnky.co webchat.dotdigital.com *.cloudflare.com *.fontawesome.com *.bootstrapcdn.com maxcdn.bootstrapcdn.com yotpo.com www.yotpo.com p.yotpo.com staticw2.yotpo.com w2.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es https:\/\/www.sandbox.paypal.com https:\/\/www.paypal.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.comapi.com webchat.dotdigital.com ekr.zdassets.com\/ test.saferpay.com www.saferpay.com saferpay.com *.cloudflare.com www.google.com www.googletagmanager.com region1.google-analytics.com www.google-analytics.com yotpo.com www.yotpo.com p.yotpo.com staticw2.yotpo.com w2.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.fontawesome.com https:\/\/fonts.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com 'self' https:\/\/webpay3gint.transbank.cl https:\/\/webpay3g.transbank.cl https:\/\/www.facebook.com\/* pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com bytedance: sslocal: www.google.com https:\/\/player.vimeo.com https:\/\/www.youtube.com https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/www.youtube-nocookie.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com bat.bing.com *.bat.bing.com *.msn.com *.bing.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com blob: https:\/\/updates.themepunch.tools http:\/\/updates.themepunch.tools https:\/\/updates.themepunch-ext-a.tools http:\/\/updates.themepunch-ext-a.tools https:\/\/updates.themepunch-ext-b.tools http:\/\/updates.themepunch-ext-b.tools https:\/\/dev.sliderrevolution.com https:\/\/revolution.themepunch.com http:\/\/revolution5.themepunch.com http:\/\/pbs.twimg.com https:\/\/pbs.twimg.com http:\/\/scontent.cdninstagram.com https:\/\/img.youtube.com http:\/\/live.staticflickr.com https:\/\/live.staticflickr.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net *.commerce-payment-services.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com *.typekit.net google.com *.google.com *.cdn-apple.com *.googleapis.com *.gstatic.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com www.google.com www.gstatic.com *.avada.io https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/546002994.collect.igodigital.com https:\/\/assets.adobedtm.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/player.vimeo.com https:\/\/www.youtube.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/fonts.googleapis.com http:\/\/fonts.googleapis.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com static.zdassets.com blob: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.snplow.net commerce.adobedc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io commerce.adobe.net *.sentry.io *.paypal.com google.com *.google.com qa-api.magedevteam.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com https:\/\/dpm.demdex.net https:\/\/amcglobal.sc.omtrdc.net https:\/\/geostag.cardinalcommerce.com https:\/\/geo.cardinalcommerce.com https:\/\/1eafstag.cardinalcommerce.com https:\/\/1eaf.cardinalcommerce.com https:\/\/centinelapistag.cardinalcommerce.com https:\/\/centinelapi.cardinalcommerce.com https:\/\/commerce.adobedc.net https:\/\/analytics.google.com https:\/\/vimeo.com https:\/\/api.magento.com https:\/\/performance.typekit.net https:\/\/pilot-payflowlink.paypal.com https:\/\/commerce.adobe.io https:\/\/commerce.adobe.net https:\/\/google.com https:\/\/qa-api.magedevteam.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline' https:\/\/mercadopago.com.br https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/api.weatherbit.io https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.olark.com mediacdn.espssl.com *.imi.chat *.frontiercoop.com *.facebook.com *.yotpo.com *.klevu.com *.ksearchnet.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.zopim.com *.zopim.io *.widen.net *.widencdn.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.authorize.net *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.twitter.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.certcapture.com *.authorize.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * destinilocators.com *.duosecurity.com *.olark.com *.frontiercoop.com *.yotpo.com www.google.com *.facebook.com *.googletagmanager.com *.weltpixel.com https:\/\/www.youtube.com http:\/\/www.sandbox.paypal.com *.twitter.com *.zendesk.com *.widen.net *.widencdn.net *.doubleclick.net *.typeform.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com *.certcapture.com store.paradoxlabs.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com frontiercoop.widen.net *.olark.com lux.speedcurve.com mediacdn.espssl.com brxcdn.com *.frontiercoop.com cdn-cookieyes.com *.yotpo.com *.google.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com www.facebook.com *.facebook.com *.yotpoapi.com *.snapchat.com *.klevu.com *.ksearchnet.com *.cloudflare.com *.klarna.com *.twitter.com *.twimg.com *.ytimg.com *.bing.com *.zopim.com *.zopim.io *.doubleclick.net *.google.co.in *.mastercard.com *.widen.net *.widencdn.net *.reddit.com *.ads-twitter.com t.co *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com *.magento-datasolutions.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.certcapture.com *.authorize.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com js-agent.newrelic.com bam.nr-data.net destinilocators.com *.olark.com cdn.speedcurve.com acsbapp.com s.pinimg.com bat.bing.com ct.pinterest.com *.exponea.com *.imi.chat *.frontiercoop.com cdn-cookieyes.com *.yotpo.com connect.facebook.net www.google.com *.byspotify.com js.klevu.com *.ksearchnet.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.bing.com *.zopim.com *.zdassets.com *.zendesk.com *.widen.net *.widencdn.net *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com assets.braintreegateway.com *.olark.com mediacdn.espssl.com *.imi.chat *.frontiercoop.com *.yotpo.com *.klevu.com *.ksearchnet.com 'unsafe-inline' *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.fontawesome.com *.bing.com *.widen.net *.widencdn.net *.tagmanager.google.com *.googletagmanager.com *.typeform.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.olark.com *.frontiercoop.com *.zopim.com *.zopim.io *.widen.net *.widencdn.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.magento-datasolutions.com *.magento-ds.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.certcapture.com *.authorize.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com bam.nr-data.net lux.speedcurve.com cdn.speedcurve.com *.speedcurve.com *.acsbapp.com acsbapp.com ct.pinterest.com bat.bing.com *.exponea.com facebook.com *.facebook.com *.imi.chat *.frontiercoop.com log.cookieyes.com *.yotpo.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.facebook.net *.cookieyes.com *.cdn-cookieyes.com *.spotify.com cdn-cookieyes.com px.ads.linkedin.com *.olark.com *.klevu.com *.ksearchnet.com *.cloudflare.com *.twitter.com *.twimg.com *.zdassets.com *.zopim.com *.zopim.io wss:\/\/widget-mediator.zopim.com *.google-analytics.com https:\/\/stats.g.doubleclick.net *.zendesk.com *.widen.net *.widencdn.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.olark.com *.frontiercoop.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" default-src 'self' data: 'unsafe-eval' 'unsafe-inline' *.shopmetrics.com *.gigspot.com *.research-cloud.com https:\/\/*.jsdelivr.net https:\/\/unpkg.com https:\/\/*.unpkg.com https:\/\/*.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.gstatic.com https:\/\/*.search.windows.net https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com *.facebook.net *.facebook.com *.doubleclick.net *.googletagmanager.com *.bootstrapcdn.com *.typekit.net https:\/\/rmvelocityfrontend.blob.core.windows.net https:\/\/rec.i-say.com https:\/\/vcdn.blob.core.windows.net\/* https:\/\/cdn.vcdn.vc\/*; script-src 'self' data: 'unsafe-eval' 'unsafe-inline' *.shopmetrics.com *.gigspot.com *.research-cloud.com https:\/\/*.jsdelivr.net https:\/\/unpkg.com https:\/\/*.unpkg.com https:\/\/*.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.gstatic.com https:\/\/*.search.windows.net https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com *.facebook.net *.facebook.com *.doubleclick.net *.googletagmanager.com *.bootstrapcdn.com *.typekit.net https:\/\/rmvelocityfrontend.blob.core.windows.net; frame-src 'self' blob: *.shopmetrics.com *.gigspot.com *.research-cloud.com *.velocity.online https:\/\/www.googletagmanager.com *.youtube.com *.youtu.be; base-uri 'self'; form-action 'self' *.shopmetrics.com *.gigspot.com *.velocity.online; img-src * data: about: blob: filesystem: ma-file:; object-src 'none'; font-src 'self' data: *.shopmetrics.com *.bootstrapcdn.com *.typekit.net *.gstatic.com *.jsdelivr.net *.pstatic.net *.github.com;","count":3},{"content-security-policy-report-only":" script-src 'self' https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/maps.googleapis.com; report-uri \/csp-report;","count":3},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' *.google-analytics.com *.googleapis.com *.googletagmanager.com *.facebook.com *.acsbapp.com *.google.com *.s3-eu-west-1.amazonaws.com *.amazone.de *.userlike.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube-nocookie.com *.amazone.de; script-src-elem 'self' 'unsafe-inline' amazone.concludis.de player.podigee-cdn.net *.googleapis.com *.youtube.com *.amazone.de userlike-cdn-umm.b-cdn.net *.consentmanager.net *.googletagmanager.com *.google-analytics.com connect.facebook.net *.acsbapp.com *.s3-eu-west-1.amazonaws.com *.doubleclick.net; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' *.googleapis.com amazone.concludis.de cdn.consentmanager.net *.amazone.de; img-src 'self' googleads.g.doubleclick.net *.googleapis.com  *.gstatic.com *.amazonaws.com *.cleverreach.com *.consentmanager.net *.facebook.com *.amazone.de amazone.de *.googletagmanager.com data:; font-src 'self' *.amazone.de data:; frame-src facebook.com player.podigee-cdn.net *.consentmanager.net *.google.com amazone.de amazone.net *.amazone.de *.amazone.net *.googletagmanager.com *.youtube-nocookie.com;","count":3},{"content-security-policy-report-only":" default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; script-src * blob: data: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data: blob:; media-src * data: blob:; font-src * data: blob:; connect-src *; frame-src *; object-src *","count":3},{"content-security-policy-report-only":" block-all-mixed-content;default-src https:;script-src * 'self' https: 'unsafe-eval' 'unsafe-inline';style-src * 'self' https: 'unsafe-inline';connect-src * https: https:\/\/*.paynearme.com;manifest-src 'self';font-src * 'self' https:;form-action 'self' https:\/\/www.facebook.com https:\/\/accounts.google.com https:\/\/twitter.com https:\/\/login.microsoftonline.com;img-src * 'self' https: data:;media-src *;object-src 'none';frame-ancestors *;frame-src * https:\/\/*.paynearme.com;worker-src 'self';base-uri 'self';report-uri \/csp-report","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cdn.jsdelivr.net cdn.almapay.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.gstatic.com *.almapay.com *.cloudflare.com *.trustpilot.com *.avis-verifies.com *.bing.com *.sc.omtrdc.net 'self' data: https:\/\/cdnjs.cloudflare.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.nootidev.com admin.nootica.fr *.nootica.fr *.nootica.com *.nootica.es *.nootica.de *.nootica.it *.bandeja-shop.com 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.getalma.eu *.almapay.com\/ *.stripe.com\/ *.checkout.com\/ *.adyen.com\/ www.google.com *.hipay-tpp.com *.hipay.com *.googleapis.com *.klarna.com *.demdex.net *.hub-side.com *.nootidev.com admin.nootica.fr *.nootica.fr *.nootica.com *.nootica.es *.nootica.de *.nootica.it *.bandeja-shop.com *.sc.omtrdc.net 'self' data: *.addthis.com *.trustpilot.com sibautomation.com *.doubleclick.net *.weltpixel.com *.googletagmanager.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.hipay.com *.googleapis.com *.klarna.com *.klarnaevt.com *.klarnacdn.net *.google.com maps.googleapis.com *.google.fr *.doubleclick.net *.googletagmanager.com *.cloudflare.com https:\/\/cdn.klarna.com https:\/\/s.ytimg.com *.usercentrics.eu *.avis-verifies.com *.bing.com *.omtrdc.net *.demdex.net *.everesttech.net flagcdn.com *.nootidev.com *.nootica.fr *.nootica.com *.nootica.es *.nootica.de *.nootica.it *.bandeja-shop.com *.facebook.com *.reddit.com *.google-analytics.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com *.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com cdn.jsdelivr.net www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.hipay-tpp.com mpsnare.iesnare.com *.paypal.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com http:\/\/127.0.0.1:35729 *.cloudflare.com *.google-analytics.com *.doubleclick.net *.google.fr *.googleapis.com *.googletagmanager.com *.googleoptimize.com *.trustpilot.com *.avis-verifies.com *.usercentrics.eu *.bing.com *.iesnare.com *.hipay.com 'self' data: *.addthis.com *.addthisedge.com *.moatads.com *.freshworks.com sibautomation.com *.skeepers.io umami.nootica.fr https:\/\/cdnjs.cloudflare.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com cdn.jsdelivr.net *.hipay.com *.googleapis.com *.klarnacdn.net https:\/\/use.fontawesome.com https:\/\/fonts.googleapis.com *.cloudflare.com *.typekit.net *.trustpilot.com *.avis-verifies.com *.usercentrics.eu *.bing.com *.sc.omtrdc.net 'self' data: https:\/\/cdnjs.cloudflare.com *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src data: mpsnare.iesnare.com *.googleapis.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.getalma.eu *.almapay.com *.hipay-tpp.com wss:\/\/mpsnare.iesnare.com *.googleapis.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/olegnax.com *.google-analytics.com *.googlesyndication.com *.analytics.google.com *.doubleclick.net *.cloudflare.com *.bing.com *.demdex.net *.sc.omtrdc.net *.hipay.com 'self' data: ws: *.addthis.com *.brevo.com *.skeepers.io *.nootidev.com search.nootica.com search.bandeja-shop.com umami.nootica.fr *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.run.app 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/7052064.fs1.hubspotusercontent-na1.net https:\/\/*.hubspot.com https:\/\/*.hs-scripts.com https:\/\/*.hs-analytics.net https:\/\/*.hsforms.com https:\/\/*.hsadspixel.net https:\/\/js.hs-banner.com https:\/\/js.usemessages.com https:\/\/js.hscollectedforms.net https:\/\/js.hsforms.net https:\/\/forms.hsforms.com https:\/\/static.hsappstatic.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/cdn.popt.in https:\/\/s7.addthis.com https:\/\/*.addthis.com https:\/\/consent.cookiebot.com https:\/\/*.cookiebot.com https:\/\/assets.revenuehero.io https:\/\/js.qualified.com https:\/\/*.qualified.com https:\/\/script.getbreakout.ai https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/cdn.vector.co https:\/\/snap.licdn.com https:\/\/bat.bing.com https:\/\/connect.facebook.net https:\/\/www.redditstatic.com https:\/\/player.vimeo.com https:\/\/app.revenuehero.io https:\/\/challenges.cloudflare.com https:\/\/apis.google.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/*.hubspotusercontent-na1.net https:\/\/script.getbreakout.ai https:\/\/p.typekit.net https:\/\/use.typekit.net; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/cdnjs.cloudflare.com https:\/\/script.getbreakout.ai https:\/\/use.typekit.net; img-src 'self' data: https:; media-src 'self' data: blob: https:\/\/script.getbreakout.ai; connect-src 'self' https: wss:\/\/chat.prod.meaku.ai; frame-src 'self' https:\/\/www.google.com https:\/\/*.hubspot.com https:\/\/*.hs-sites.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/*.qualified.com https:\/\/api.vector.co https:\/\/www.facebook.com https:\/\/player.vimeo.com https:\/\/challenges.cloudflare.com https:\/\/forms.hsforms.com; worker-src 'self' blob:; report-uri https:\/\/prod-29.northcentralus.logic.azure.com:443\/workflows\/bb137c81d5234cb5a8d9ebba87e2c338\/triggers\/When_an_HTTP_request_is_received\/paths\/invoke?api-version=2016-10-01&sp=%2Ftriggers%2FWhen_an_HTTP_request_is_received%2Frun&sv=1.0&sig=nTvEJqJ4viggUDTc8DYpodlmudQmP3Aehl9U3ezHzXw","count":3},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.bunny.net www.searchanise.com *.searchserverapi.com *.gstatic.com 'self' data: fonts.gstatic.com *.yotpo.com *.googleapis.com *.cloudflare.com fonts.googleapis.com 'unsafe-inline' data: *.abakhan.co.uk *.woolbox.co.uk *.fabriczone.co.uk data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * www.searchanise.com *.searchserverapi.com *.twitter.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.meetanshi.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com www.google.com *.awin1.com *.zenaps.com *.fls.doubleclick.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.meetanshi.com js.mollie.com www.searchanise.com *.searchserverapi.com *.twitter.com www.xtento.com *.googletagmanager.com *.yotpo.com widget.trustpilot.com lpcdn.lpsnmedia.net www.paypalobjects.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com *.awin1.com *.zenaps.com *.wepowerconnections.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com https:\/\/meetanshi.com\/media\/logo.png *.meetanshi.com https:\/\/www.mollie.com *.twitter.com *.twimg.com www.google.ru www.searchanise.com *.searchserverapi.com s3.amazonaws.com *.hsforms.net *.hsforms.com 'self' data: www.xtento.com cdn.xtento.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com *.yotpo.com *.cloudflare.com *.mdoq.io *.ibottles.co.uk *.google.com *.google.co.uk *.abakhan.co.uk *.woolbox.co.uk *.fabriczone.co.uk data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com widget.freshworks.com m2epro.freshdesk.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.shopify.com *.meetanshi.com js.mollie.com searchanise-ef84.kxcdn.com s3.amazonaws.com ajax.aspnetcdn.com www.searchanise.com *.searchserverapi.com *.searchanise.com api.amplitude.com *.twitter.com *.twimg.com *.hsforms.net *.hsforms.com *.google.com *.gstatic.com www.xtento.com cdn.xtento.com *.googletagmanager.com tagmanager.google.com *.yotpo.com *.cloudflare.com *.fontawesome.com *.liveperson.net *.trustpilot.com static.zdassets.com *.abakhan.co.uk *.woolbox.co.uk *.fabriczone.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com widget.freshworks.com m2epro.freshdesk.com unsafe-inline assets.braintreegateway.com https:\/\/static.klaviyo.com *.fontawesome.com https:\/\/fonts.bunny.net www.searchanise.com *.searchserverapi.com searchanise-ef84.kxcdn.com s3.amazonaws.com *.twitter.com ton.twimg.com *.googleapis.com *.gstatic.com tagmanager.google.com fonts.google.com *.yotpo.com *.cloudflare.com *.bootstrapcdn.com fonts.googleapis.com *.abakhan.co.uk *.woolbox.co.uk *.fabriczone.co.uk 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com widget.freshworks.com m2epro.freshdesk.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.ideal-postcodes.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io *.meetanshi.com api.amplitude.com stats.g.doubleclick.net t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.yotpo.com *.cloudflare.com *.abakhan.co.uk *.woolbox.co.uk *.fabriczone.co.uk *.zendesk.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' blob: https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/www.google-analytics.com https:\/\/*.analytics.google.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/*.eloqua.com https:\/\/tracking.dfinsolutions.com https:\/\/*.onetrust.com https:\/\/geolocation.onetrust.com https:\/\/px.ads.linkedin.com https:\/\/*.linkedin.com https:\/\/*.clarity.ms https:\/\/bat.bing.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/*.callrail.com https:\/\/*.crazyegg.com https:\/\/*.adsrvr.org https:\/\/*.zoominfo.com https:\/\/js.zi-scripts.com https:\/\/*.acuityplatform.com https:\/\/s.yimg.com https:\/\/*.yimg.com https:\/\/connect.facebook.net https:\/\/*.facebook.com https:\/\/*.fullstory.com https:\/\/rs.fullstory.com https:\/\/*.drift.com https:\/\/*.driftt.com https:\/\/*.reddit.com https:\/\/*.illumin.com https:\/\/*.bidr.io https:\/\/*.capterra.com https:\/\/*.baidu.com https:\/\/hm.baidu.com https:\/\/leads-api.gonorth.io; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/*.onetrust.com; frame-src 'self' https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/play.vidyard.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/www.google.com https:\/\/td.doubleclick.net https:\/\/bid.g.doubleclick.net https:\/\/*.doubleclick.net https:\/\/www.facebook.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/*.onetrust.com https:\/\/*.drift.com https:\/\/*.driftt.com https:\/\/insight.adsrvr.org; img-src 'self' data: blob: https:; media-src 'self' https:\/\/play.vidyard.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' blob: https:\/\/js.hsforms.net https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.hsforms.net https:\/\/*.hs-scripts.com https:\/\/*.hs-analytics.net https:\/\/*.hs-banner.com https:\/\/*.hsadspixel.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/play.vidyard.com https:\/\/*.onetrust.com https:\/\/cdn.cookielaw.org https:\/\/bat.bing.com https:\/\/*.clarity.ms https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/*.linkedin.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/*.en25.com https:\/\/img.en25.com https:\/\/*.eloqua.com https:\/\/tracking.dfinsolutions.com https:\/\/s.yimg.com https:\/\/*.yimg.com https:\/\/js.adsrvr.org https:\/\/*.adsrvr.org https:\/\/*.acuityplatform.com https:\/\/script.crazyegg.com https:\/\/*.crazyegg.com https:\/\/*.callrail.com https:\/\/js.zi-scripts.com https:\/\/*.zoominfo.com https:\/\/ws-assets.zoominfo.com https:\/\/*.fullstory.com https:\/\/edge.fullstory.com https:\/\/*.drift.com https:\/\/*.driftt.com https:\/\/js.driftt.com https:\/\/*.reddit.com https:\/\/*.redditstatic.com https:\/\/*.illumin.com https:\/\/*.bidr.io https:\/\/*.capterra.com https:\/\/*.baidu.com https:\/\/hm.baidu.com https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/*.rackcdn.com js.hsforms.net; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' blob: https:\/\/js.hsforms.net https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.hsforms.net https:\/\/*.hs-scripts.com https:\/\/*.hs-analytics.net https:\/\/*.hs-banner.com https:\/\/*.hsadspixel.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/play.vidyard.com https:\/\/*.onetrust.com https:\/\/cdn.cookielaw.org https:\/\/bat.bing.com https:\/\/*.clarity.ms https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/*.linkedin.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/*.en25.com https:\/\/img.en25.com https:\/\/*.eloqua.com https:\/\/tracking.dfinsolutions.com https:\/\/s.yimg.com https:\/\/*.yimg.com https:\/\/js.adsrvr.org https:\/\/*.adsrvr.org https:\/\/*.acuityplatform.com https:\/\/script.crazyegg.com https:\/\/*.crazyegg.com https:\/\/*.callrail.com https:\/\/js.zi-scripts.com https:\/\/*.zoominfo.com https:\/\/ws-assets.zoominfo.com https:\/\/*.fullstory.com https:\/\/edge.fullstory.com https:\/\/*.drift.com https:\/\/*.driftt.com https:\/\/js.driftt.com https:\/\/*.reddit.com https:\/\/*.redditstatic.com https:\/\/*.illumin.com https:\/\/*.bidr.io https:\/\/*.capterra.com https:\/\/*.baidu.com https:\/\/hm.baidu.com https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/*.rackcdn.com js.hsforms.net; style-src 'self' 'unsafe-inline' 'report-sample' https:\/\/fonts.googleapis.com https:\/\/*.onetrust.com https:\/\/cdn.cookielaw.org https:\/\/cdnjs.cloudflare.com; worker-src 'self' blob:; base-uri 'self'; form-action 'self' https:\/\/*.hubspot.com https:\/\/*.hsforms.com; frame-ancestors 'self'","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * secure.pay1.de payments.amazon.de jsctool.com www.jsctool.com js.playground.klarna.com challenges.cloudflare.com *.sendcloud.sc *.jsdelivr.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/connect.ekomi.de\/ magefan.com cm.magefan.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.doubleclick.net *.googletagmanager.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com cdn.pay1.de x.klarnacdn.net *.cloudfront.net m.media-amazon.com static-eu.payments-amazon.com *.amazonaws.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/connect.ekomi.de\/ *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.gstatic.com *.googletagmanager.com *.doubleclick.net js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com secure.pay1.de d.ratepay.com static-eu.payments-amazon.com x.klarnacdn.net cdn.klarna.com jsctool.com d.payla.io challenges.cloudflare.com *.sendcloud.sc *.jsdelivr.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.googletagmanager.com assets.braintreegateway.com d.ratepay.com d.payla.io dr.payla.io *.sendcloud.sc *.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.google-analytics.com *.doubleclick.net *.googlesyndication.com https:\/\/www.merchant-center-analytics.goog api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com payments.amazon.de payments-eu.amazon.com d.ratepay.com jsctool.com eu.playground.klarnaevt.com *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes';","count":3},{"content-security-policy-report-only":" default-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data: blob: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: data: 'unsafe-inline'; font-src 'self' https: data: https:; connect-src 'self' https: wss:; frame-src 'self' https: data: blob:; media-src 'self' https: data: blob:; object-src 'self' https: data: blob:; base-uri 'self' https:; form-action 'self' https:; frame-ancestors 'self' https:; worker-src 'self' https: data: blob:; report-uri \/csp-report","count":3},{"content-security-policy-report-only":" font-src *.googleapis.com *.twitter.com *.gstatic.com *.cloudflare.com https:\/\/css.zohocdn.com https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.twitter.com *.vimeo.com *.gstatic.com https:\/\/salesiq.zohopublic.eu https:\/\/translate.googleapis.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com cdn.doofinder.com *.cloudflare.com *.klarna.com *.ytimg.com *.doubleclick.net *.gstatic.com https:\/\/salesiq.zohopublic.eu https:\/\/salesiq.zoho.eu *.mastercard.com https:\/\/static.hotjar.com https:\/\/*.zohopublic.eu https:\/\/*.zohocdn.com https:\/\/www.google.co.uk https:\/\/eu1-doofinderuser.s3.amazonaws.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/firebasestorage.googleapis.com www.xtento.com cdn.xtento.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ cdn.doofinder.com *.fontawesome.com *.cloudflare.com *.google-analytics.com *.gstatic.com *.twitter.com https:\/\/salesiq.zohopublic.eu https:\/\/salesiq.zoho.eu https:\/\/js.zohocdn.com https:\/\/postcodeanywhere.co.uk https:\/\/static.zohocdn.com https:\/\/static.hotjar.com crm.zoho.com https:\/\/eu1-config.doofinder.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.avada.io www.xtento.com cdn.xtento.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.doofinder.com *.fontawesome.com https:\/\/css.zohocdn.com *.gstatic.com https:\/\/fonts.googleapis.com https:\/\/www.googletagmanager.com unsafe-inline assets.braintreegateway.com https:\/\/fonts.bunny.net tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zopim.com *.gstatic.com *.zopim.io 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.doofinder.com wss:\/\/*.doofinder.com *.google-analytics.com https:\/\/salesiq.zohopublic.eu https:\/\/salesiq.zoho.eu https:\/\/translate.google.com https:\/\/translate.googleapis.com wss:\/\/vts.zohopublic.eu https:\/\/*.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/*.google.com https:\/\/*.google.co.uk api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/get.geojs.io *.avada.io *.analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: https:\/\/www.googletagmanager.com *.klevu.com *.ksearchnet.com *.fontawesome.com fonts.gstatic.com *.yotpo.com use.fontawesome.com maxcdn.bootstrapcdn.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com yotpo.com https:\/\/*.qliro.com https:\/\/*.vipps.no https:\/\/*.trustly.com https:\/\/*.ideal.nl https:\/\/*.apple.com https:\/\/*.unzer.com https:\/\/*.heidelpay.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/www.googletagmanager.com\/ *.google.com\/ https:\/\/cdn.lightwidget.com\/ yotpo.com https:\/\/*.qliro.com *.cookiebot.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com *.trackedlink.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ magefan.com cm.magefan.com https:\/\/www.magezon.com yotpo.com *.cookiebot.com *.yotpo.com swellrewards.com *.swellrewards.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com *.gstatic.com tagmanager.google.com https:\/\/www.googletagmanager.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.google.com\/ yotpo.com https:\/\/*.qliro.com *.cookiebot.com *.yotpo.com swellrewards.com *.swellrewards.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.yotpo.com yotpo.com swellrewards.com *.swellrewards.com maxcdn.bootstrapcdn.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ yotpo.com *.cookiebot.com *.google-analytics.com *.googlesyndication.com *.yotpo.com swellrewards.com *.swellrewards.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.couriermail.com.au\/csp-reports","count":3},{"content-security-policy-report-only":" font-src www.paypalobjects.com https:\/\/js.klevu.com *.googleapis.com *.hotjar.com dhv2ziothpgrr.cloudfront.net *.klevu.com *.ksearchnet.com use.fontawesome.com maxcdn.bootstrapcdn.com fonts.gstatic.com *.yotpo.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/plumrocket.com *.ometria.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com account.fetchify.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * https:\/\/plumrocket.com *.hotjar.com https:\/\/9957200.fls.doubleclick.net https:\/\/danv01ao0kdr2.cloudfront.net https:\/\/dj3zaulksz6yg.cloudfront.net *.brandlock.io *.braintreegateway.com *.klarna.com https:\/\/accounts.google.com *.mention-me.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/www.incontinencechoice.co.uk https:\/\/prod.choiceadmin.co.uk https:\/\/staging.choiceadmin.co.uk https:\/\/admin.vivactive.com https:\/\/trk.ometria.com *.brandlock.io https:\/\/www.google.com https:\/\/bat.bing.com https:\/\/pixel.quantserve.com https:\/\/www.facebook.com *.googleapis.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/s3-eu-west-1.amazonaws.com dhv2ziothpgrr.cloudfront.net *.klevu.com *.ksearchnet.com *.yotpo.com swellrewards.com *.swellrewards.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/rum.hlx.page cc-cdn.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/cdn.ometria.com cdnjs.cloudflare.com https:\/\/js.klevu.com\/ https:\/\/bat.bing.com https:\/\/secure.quantserve.com https:\/\/www.gstatic.com https:\/\/connect.facebook.net https:\/\/dj3zaulksz6yg.cloudfront.net *.brandlock.io https:\/\/cdn-ukwest.onetrust.com https:\/\/geolocation.onetrust.com https:\/\/songbirdstag.cardinalcommerce.com https:\/\/www.googleoptimize.com https:\/\/cdn.oribi.io https:\/\/app.factors.ai https:\/\/rules.quantcount.com https:\/\/googleads.g.doubleclick.net https:\/\/www.clarity.ms https:\/\/www.clarity.ms\/tag\/ *.googleapis.com https:\/\/www.googletagmanager.com\/gtag\/js *.klarna.com *.klarnacdn.net x.klarnacdn.net https:\/\/accounts.google.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net https:\/\/tag.rmp.rakuten.com *.klevu.com *.ksearchnet.com *.mention-me.com *.yotpo.com swellrewards.com *.swellrewards.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com cc-cdn.com assets.braintreegateway.com *.googleapis.com *.hotjar.com https:\/\/accounts.google.com https:\/\/www.gstatic.com dhv2ziothpgrr.cloudfront.net *.klevu.com *.ksearchnet.com *.yotpo.com swellrewards.com *.swellrewards.com fonts.googleapis.com maxcdn.bootstrapcdn.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk cc-cdn.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/payments.sandbox.braintree-api.com https:\/\/api.sandbox.braintreegateway.com https:\/\/origin-analytics-sand.sandbox.braintree-api.com\/ https:\/\/danv01ao0kdr2.cloudfront.net *.brandlock.io https:\/\/cdn-ukwest.onetrust.com https:\/\/privacyportal-uk.onetrust.com https:\/\/stats.g.doubleclick.net https:\/\/www.paypal.com https:\/\/geolocation.onetrust.com *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com https:\/\/api.factors.ai https:\/\/b.clarity.ms https:\/\/y.clarity.ms\/collect *.googleapis.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net https:\/\/accounts.google.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com *.klevu.com *.ksearchnet.com *.mention-me.com *.ometria.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/f720cf68-df7d-4a7b-a5e9-4e537ae99361.sansec.watch\/; report-to report-endpoint;","count":3},{"content-security-policy-report-only":" object-src 'none'; frame-ancestors 'self'; form-action 'self' https:\/\/www.facebook.com https:\/\/translate.googleapis.com; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub0f04d11e18a35974032f2067338a5e7d&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Acspreport-webauto%2Cenv%3Aprod;","count":3},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.hscollectedforms.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/*.hsadspixel.net https:\/\/*.hubapi.com https:\/\/js.hscta.net https:\/\/js-eu1.hscta.net https:\/\/static.hsappstatic.net https:\/\/*.usemessages.com https:\/\/*.hsleadflows.net https:\/\/*.hsforms.net https:\/\/*.hubspotfeedback.com https:\/\/feedback.hubapi.com https:\/\/feedback-eu1.hubapi.com; style-src 'self' 'unsafe-inline' https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/fonts.googleapis.com https:\/\/*.hubspotusercontent00.net https:\/\/*.hubspotusercontent-na1.net https:\/\/*.hubspotusercontent-eu1.net https:\/\/cdn2.hubspot.net; img-src 'self' data: https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.hscollectedforms.net https:\/\/*.hubspotusercontent00.net https:\/\/*.hubspotusercontent-na1.net https:\/\/*.hubspotusercontent-eu1.net https:\/\/no-cache.hubspot.com https:\/\/js.hscta.net https:\/\/js-eu1.hscta.net https:\/\/cdn2.hubspot.net https:\/\/*.hubspot.net; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/*.hubspot.com; connect-src 'self' https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/api.hubapi.com https:\/\/*.hubapi.com https:\/\/*.hs-banner.com https:\/\/js.hscta.net https:\/\/js-eu1.hscta.net https:\/\/*.hscollectedforms.net; frame-src 'self' https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.hs-sites.com https:\/\/*.hs-sites-eu1.com https:\/\/*.hubspot.net https:\/\/play.hubspotvideo.com https:\/\/play-eu1.hubspotvideo.com https:\/\/*.hsforms.net; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/*.hubspot.com https:\/\/*.hsforms.com;","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com *.fuelyourbody.nl *.fuelyourbody.de *.fuelyourbody.be *.fuelyourbody.fr data: 'self' 'unsafe-inline'; form-action www.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src https:\/\/www.google.com\/recaptcha\/ *.multisafepay.com https:\/\/pay.google.com js.mollie.com *.fuelyourbody.nl *.fuelyourbody.de *.fuelyourbody.be *.fuelyourbody.fr consentcdn.cookiebot.eu www.googletagmanager.com www.youtube-nocookie.com www.facebook.com app.aiden.cx 'self' 'unsafe-inline'; img-src data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com https:\/\/www.mollie.com *.fuelyourbody.nl *.fuelyourbody.de *.fuelyourbody.be *.fuelyourbody.fr d3k81ch9hvuctc.cloudfront.net lh4.googleusercontent.com region1.analytics.google.com www.google.nl www.google.be www.google.de bat.bing.com stats.g.doubleclick.net www.facebook.com *.clarity.ms integrations.etrusted.com connect.facebook.net i.ytimg.com jf79.net data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.multisafepay.com https:\/\/pay.google.com js.mollie.com 'unsafe-eval' 'unsafe-inline' *.fuelyourbody.nl *.fuelyourbody.de *.fuelyourbody.be *.fuelyourbody.fr app.aiden.cx bat.bing.com consent.cookiebot.eu consentcdn.cookiebot.eu d5yoctgpv4cpx.cloudfront.net l.getsitecontrol.com popup.projects.webpages.one s2.getsitecontrol.com script.hotjar.com static.hotjar.com www.clarity.ms scripts.clarity.ms www.feedbackcompany.com analytics.tiktok.com pagead2.googlesyndication.com static.klaviyo.com static-tracking.klaviyo.com connect.facebook.net integrations.etrusted.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.multisafepay.com static.klaviyo.com static-tracking.klaviyo.com integrations.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com *.fuelyourbody.nl *.fuelyourbody.de *.fuelyourbody.be *.fuelyourbody.fr app.aiden.cx bat.bing.com consentcdn.cookiebot.eu l.getsitecontrol.com events.getsitectrl.com p2iqhncxyh.execute-api.eu-central-1.amazonaws.com www.feedbackcompany.com www.google.com region1.analytics.google.com analytics.tiktok.com analytics-ipv6.tiktokw.us a.klaviyo.com fast.a.klaviyo.com static-forms.klaviyo.com www.facebook.com *.clarity.ms integrations.etrusted.com vc.hotjar.io api-js.datadome.co 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/monitor.bigbridgedev.nl\/csp; report-to report-endpoint;","count":3},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: logger.scot.nhs.uk *.fontawesome.com use.typekit.net *.google.com *.google.co.uk *.googleapis.com themes.googleusercontent.com *.gstatic.com code.jquery.com yui.yahooapis.com *.bootstrapcdn.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.twitter.com *.twimg.com *.youtube.com youtu.be *.ytimg.com www.youtube-nocookie.com player.vimeo.com i.vimeocdn.com cdn.jwplayer.com content.jwplatform.com prd.jwpltx.com *.jwpcdn.com *.jwpsrv.com *.civiccomputing.com cc.cdn.civiccomputing.com secure.gravatar.com public.tableau.com www.openstreetmap.org browser-update.org s.w.org www.geoplugin.net *.wp.com hcaptcha.com *.hcaptcha.com www.careopinion.org.uk www.patientopinion.org.uk assets.nhs.uk www.travelinescotland.com; worker-src 'self' www.google.com; frame-ancestors 'self'; base-uri 'self'; report-to csp-endpoint; report-uri https:\/\/web-reports.scot.nhs.uk\/api\/v1\/csp-report","count":3},{"content-security-policy-report-only":" default-src 'self'; img-src *","count":3},{"content-security-policy-report-only":" font-src cash-f.squarecdn.com https:\/\/*.gstatic.com *.googleapis.com *.gstatic.com data: *.bootstrapcdn.com *.cloudflare.com *.klarnacdn.net *.trustedshops.com *.twimg.com *.twitter.com *.typekit.net 'self' *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * *.adyen.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com *.facebook.com *.twitter.com 'self' 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ * *.adyen.com www.google.com *.awin1.com *.zenaps.com *.fls.doubleclick.net *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com account.fetchify.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com *.facebook.com *.pinterest.com *.trustpilot.com *.twitter.com *.snapwidget.com 'self' www.googletagmanager.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' 'unsafe-inline'; img-src *.adobedtm.com *.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io * https:\/\/*.gstatic.com *.adyen.com *.gstatic.com *.googleapis.com *.awin1.com *.zenaps.com *.wepowerconnections.com maps.gstatic.com *.calcurates.com *.trackedlink.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.bing.com *.clarity.ms *.cloudflare.com craftyclicks.co.uk *.demdex.net *.facebook.com fetchify.com *.goldboutique.com *.google-analytics.com *.google.co.uk *.google.com *.googleadservices.com *.googletagmanager.com *.klarna.com *.lightemporium.com *.magentocommerce.com *.pinterest.com *.elfsightcdn.com *.qpj.de *.qpj.fr *.qpjewellers.com *.rubyandoscar.com *.scarletocean.com *.twimg.com *.twitter.com *.usercentrics.eu *.wisepops.com *.ytimg.com *.roeye.com *.roeyecdn.com *.bailandstone.com *.roxoa.com 'self' https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeocdn.com www.vimeo.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com player.vimeo.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.bing.com *.clickcease.com *.cloudflare.com cc-cdn.com *.facebook.net *.fontawesome.com *.getdrip.com *.google-analytics.com *.pcapredict.com *.pinimg.com *.pinterest.com *.plerdy.com *.taboola.com *.termly.io *.tiktok.com *.trustedshops.com *.trustpilot.com *.twimg.com *.twitter.com *.usercentrics.eu *.wisepops.net *.wisepops.com https:\/\/wisepops.net https:\/\/wisepops.com *.zdassets.com *.klarnaservices.com *.klarna.com *.clarity.ms https:\/\/snapwidget.com *.elfsight.com *.elfsightcdn.com *.roeyecdn.com *.qpjewellers.com\/connector\/ajax\/emailcapture *.rubyandoscar.com\/connector\/ajax\/emailcapture *.goldboutique.com\/connector\/ajax\/emailcapture *.bailandstone.com\/connector\/ajax\/emailcapture https:\/\/*.googletagmanager.com *.dotdigital.com 'self' *.googletagmanager.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cash.app https:\/\/fonts.googleapis.com\/ fonts.googleapis.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com cc-cdn.com assets.braintreegateway.com *.bootstrapcdn.com *.cloudflare.com *.fontawesome.com *.googleapis.com *.gstatic.com *.klarnacdn.net *.trustedshops.com *.twimg.com *.twitter.com *.typekit.net *.usercentrics.eu  *.zdassets.com 'self' *.stripe.network *.stripecdn.com *.amazon.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zdassets.com 'self' 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com * *.adyen.com *.googleapis.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk *.slack.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.analytics.google.com *.bootstrapcdn.com *.bing.com *.clarity.ms *.cloudflare.com *.doubleclick.net *.facebook.com *.google-analytics.com https:\/\/google.com\/pay *.googleadservices.com *.klarna.com *.klarnaservices.com *.klarnaevt.com *.paypalobjects.com *.pcapredict.com *.pinterest.com *.plerdy.com *.sandbox.paypal.com *.termly.io *.tiktok.com *.trustpilot.com https:\/\/invitejs.trustpilot.com *.twimg.com *.twitter.com *.vimeocdn.com *.wisepops.net *.wisepops.com https:\/\/wisepops.net https:\/\/wisepops.com  *.zdassets.com *.zendesk.com *.zopim.com wss:\/\/widget-mediator.zopim.com *.sentry.io *.elfsight.com 'self' https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com *.googletagmanager.com *.stripe.com klarna.com *.klarnacdn.net *.link.com *.amazon.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/csp.threatview.app\/report; report-to report-endpoint;","count":3},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src bid.g.doubleclick.net player.vimeo.com *.youtube.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.youtube-nocookie.com www.google.com https:\/\/*.dpdconnect.nl youtube.com *.doubleclick.net *.multisafepay.com https:\/\/pay.google.com *.weltpixel.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com https:\/\/firebasestorage.googleapis.com flagpedia.net www.jmpbonderdelen.nl www.jmpbonderdelen.be www.jmpbparts.com www.jmpbteile.de www.jmpbteile.at www.jmpbdele.dk 'self' data: *.google.nl *.multisafepay.com *.gstatic.com data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/*.dpdconnect.nl https:\/\/cdn.polyfill.io https:\/\/browser.sentry-cdn.com *.avada.io player.vimeo.com *.gstatic.com maps.googleapis.com *.multisafepay.com https:\/\/pay.google.com https:\/\/www.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com *.googleapis.com *.multisafepay.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com vimeo.com https:\/\/*.ingest.sentry.io https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com *.google-analytics.com *.doubleclick.net *.google.com google.com *.googlesyndication.com *.googleadservices.com *.google.nl *.multisafepay.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src https:\/\/cdn.checkout.com *.fontawesome.com maxcdn.bootstrapcdn.com fonts.gstatic.com https:\/\/fonts.gstatic.com *.typekit.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * sandbox.przelewy24.pl secure.przelewy24.pl 'self' 'unsafe-inline'; frame-ancestors 'self' *.maksekeskus.ee *.test.maksekeskus.ee localhost *.local *.scandipwa.cloud *.readymage.com sportland.com *.sportland.com sportland.lv *.sportland.lv sportland.ee *.sportland.ee sportland.lt *.sportland.lt sportland.fi *.sportland.fi sportland.pl *.sportland.pl sportland.de *.sportland.de 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com https:\/\/js.checkout.com *.klarna.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' *.maksekeskus.ee *.test.maksekeskus.ee c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.google.com https:\/\/optimize.google.com https:\/\/play.google.com localhost *.local *.scandipwa.cloud *.readymage.com sportland.com *.sportland.com sportland.lv *.sportland.lv sportland.ee *.sportland.ee sportland.lt *.sportland.lt sportland.fi *.sportland.fi sportland.pl *.sportland.pl sportland.de *.sportland.de js.driftt.com *.freshchat.com *.snapchat.com *.askly.me www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.openstreetmap.org https:\/\/map.plugins.itella.com magefan.com cm.magefan.com *.maksekeskus.ee *.test.maksekeskus.ee https:\/\/maps.omnivasiunta.lt www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com static.przelewy24.pl www.gstatic.com gstatic.com https:\/\/www.google-analytics.com https:\/\/optimize.google.com *.googleapis.com *.gstatic.com www.google.lv localhost *.local *.scandipwa.cloud *.readymage.com sportland.com *.sportland.com sportland.lv *.sportland.lv sportland.ee *.sportland.ee sportland.lt *.sportland.lt sportland.fi *.sportland.fi sportland.pl *.sportland.pl sportland.de *.sportland.de *.cloudfront.net *.snapchat.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/cdn.checkout.com *.klarnacdn.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/unpkg.com s7.addthis.com 'self' *.maksekeskus.ee *.test.maksekeskus.ee data: js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com sandbox.przelewy24.pl secure.przelewy24.pl *.google.com www.googleoptimize.com *.google-analytics.com *.googleapis.com js.driftt.com *.freshchat.com inte.searchnode.io *.sitescdn.net *.fibbl.com *.hotjar.com sc-static.net *.snapchat.com *.googlesyndication.com *.translatewise.com *.bloomreach.com *.exponea.com *.sizebay.technology www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/cdn.checkout.com https:\/\/unpkg.com *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com fonts.googleapis.com *.google.com https:\/\/www.google-analytics.com https:\/\/fonts.googleapis.com *.typekit.net *.freshchat.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/js.checkout.com *.klarnaevt.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/geocode.arcgis.com ekr.zdassets.com\/ 'self' *.maksekeskus.ee *.test.maksekeskus.ee api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com sandbox.przelewy24.pl secure.przelewy24.pl wss:\/\/sandbox-ws.przelewy24.pl wss:\/\/secure-ws.przelewy24.pl apple-pay-gateway.apple.com *.fibblar.com *.fibbl.com www.gstatic.com *.google-analytics.com *.googleapis.com *.g.doubleclick.net *.scandipwa.cloud *.readymage.com *.sportland.com *.sportland.lv *.sportland.ee *.sportland.lt *.sportland.fi *.sportland.pl *.sportland.de blob: *.hotjar.com *.googlesyndication.com *.translatewise.com https:\/\/play.google.com *.bloomreach.com *.exponea.com *.sizebay.technology 'self' 'unsafe-inline'; child-src 'self' *.maksekeskus.ee *.test.maksekeskus.ee assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" default-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'","count":3},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline'; script-src 'none' 'report-sample'; connect-src 'none'; form-action 'none'; frame-src 'none'; worker-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https:\/\/csp.threatview.app\/report;","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/connect.facebook.net https:\/\/*.hotjar.com https:\/\/*.clarity.ms https:\/\/snap.licdn.com https:\/\/widget.tabnav.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/analytics.synaxon.com https:\/\/stackpath.bootstrapcdn.com https:\/\/*.gstatic.com https:\/\/*.adform.net https:\/\/*.google.com https:\/\/www.youtube.com https:\/\/*.googlesyndication.com https:\/\/*.twitter.com https:\/\/widget.tabnav.com; style-src 'self' 'unsafe-inline' https:\/\/*.gstatic.com https:\/\/stackpath.bootstrapcdn.com; img-src 'self' data: 'self' data: https: https:\/\/*.gstatic.com https:\/\/px.ads.linkedin.com https:\/\/widgets.kununu.com https:\/\/www.facebook.com https:\/\/*.google.com https:\/\/www.googletagmanager.com; font-src 'self' data: https:\/\/*.gstatic.com https:\/\/static2.sharepointonline.com https:\/\/*.wp.com; connect-src 'self' https:\/\/px.ads.linkedin.com https:\/\/region1.google-analytics.com https:\/\/*.google.com https:\/\/www.googletagmanager.com https:\/\/www.youtube-nocookie.com https:\/\/*.clarity.ms https:\/\/analytics.synaxon.com https:\/\/web-api.synaxon.de https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/*.adform.net https:\/\/stats.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/analytics.google.com https:\/\/*.googlesyndication.com https:\/\/widget-config.tabnav.com; media-src 'self'; frame-src https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/*.google.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; report-uri \/csp-report-endpoint;","count":3},{"content-security-policy-report-only":" worker-src https:\/\/helmonline-hyva.dev.localhost helmonline.nl; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https:\/\/www.googletagmanager.com *.googleapis.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com consentcdn.cookiebot.com td.doubleclick.net www.googletagmanager.com *.criteo.com\/ www.xtento.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com js.mollie.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com https:\/\/images.unsplash.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.pon.bike images.pondigital.solutions *.google.nl *.google.com *.google.fr *.mailplus.nl imgsct.cookiebot.com *.bing.net *.bing.com pagead2.googlesyndication.com www.xtento.com cdn.xtento.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com https:\/\/www.mollie.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com connect.facebook.net graph.facebook.com business.facebook.com tagmanager.google.com https:\/\/www.googletagmanager.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.facebook.com chimpstatic.com rum-static.pingdom.net rum-collector-2.pingdom.net consentcdn.cookiebot.com consent.cookiebot.com widget.thuiswinkel.org widget.thuiswinkel-cdn.org *.clarity.ms restapi.mailplus.nl www.googleoptimize.com googletagmanager.com *.googletagmanager.com *.bing.com *.criteo.com static.criteo.net *.mouseflow.com *.tiktok.com *.hotjar.com *.beslist.nl static.cloudflareinsights.com cdn.debugbear.com pagead2.googlesyndication.com static.widget.trengo.eu www.xtento.com cdn.xtento.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.disqus.com js.mollie.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com *.typekit.net downloads.mailchimp.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.widget.trengo.eu 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com devdocs.magento.com rum-collector-2.pingdom.net widgetcontent.thuiswinkel-cdn.org www.google.com *.clarity.ms consent.cookiebot.com consentcdn.cookiebot.com doubleclick.net *.bing.com *.criteo.com *.tiktok.com *.hotjar.com *.hotjar.io *.beslist.nl data.debugbear.com pagead2.googlesyndication.com api.widget.trengo.eu form-assets.mailchimp.com *.intuit.com *.amazonaws.com https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net https:\/\/static.iadvize.com\/ https:\/\/media.flixfacts.com *.fontawesome.com applepay.cdn-apple.com https:\/\/fonts.gstatic.com *.alothemes.com *.magepow.com googlepay.cdn-google.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com eu-gateway.mastercard.com ap-gateway.mastercard.com na-gateway.mastercard.com *.gateway.mastercard.com https:\/\/www.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ eu-gateway.mastercard.com ap-gateway.mastercard.com na-gateway.mastercard.com *.gateway.mastercard.com https:\/\/static.addtoany.com https:\/\/www.google.com\/ https:\/\/service.loadbee.com\/ https:\/\/vars.hotjar.com\/ https:\/\/static.rolex.com\/ https:\/\/retailers.rolex.com\/ https:\/\/media.flixfacts.com *.webengage.co https:\/\/corners.rolex.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.ftcdn.net *.behance.net https:\/\/static.iadvize.com\/ https:\/\/fstatic.iadvize.com\/ https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.co.in https:\/\/googleads.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/media.flixfacts.com https:\/\/m.media-amazon.com https:\/\/www.darwishholding.com\/ https:\/\/theqa.qa metrics.rolex.com maps.googleapis.com smetrics.rolex.com *.disqus.com *.alothemes.com *.magepow.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.gstatic.com *.facebook.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net https:\/\/rum.hlx.page eu-gateway.mastercard.com ap-gateway.mastercard.com na-gateway.mastercard.com *.gateway.mastercard.com https:\/\/cobrowsing-ha.iadvize.com\/ https:\/\/fstatic.iadvize.com\/ https:\/\/static.iadvize.com\/ https:\/\/halc.iadvize.com https:\/\/api.iadvize.com\/ https:\/\/static.addtoany.com https:\/\/www.google.com https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net https:\/\/graph.facebook.com https:\/\/widgets.pinterest.com https:\/\/cdn.loadbee.com\/js\/loadbee_integration.js https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/static.rolex.com https:\/\/retailers.rolex.com http:\/\/media.flixfacts.com https:\/\/test-gateway.mastercard.com https:\/\/ap-gateway.mastercard.com\/ https:\/\/starpay-easy.starboss.biz\/ https:\/\/www.qpay.gov.qa\/ https:\/\/m.media-amazon.com https:\/\/connect.facebook.net https:\/\/analytics.tiktok.com\/ *.webengage.com applepay.cdn-apple.com https:\/\/corners.rolex.com maps.googleapis.com *.disqus.com *.alothemes.com *.magepow.com googlepay.cdn-google.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com cdn.ampproject.org www.gstatic.com *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/halc.iadvize.com\/ https:\/\/static.iadvize.com\/ https:\/\/media.flixfacts.com https:\/\/test-gateway.mastercard.com https:\/\/ap-gateway.mastercard.com\/ https:\/\/starpay-easy.starboss.biz\/ https:\/\/www.qpay.gov.qa\/ *.fontawesome.com *.googleapis.com *.addtoany.com *.alothemes.com *.magepow.com assets.braintreegateway.com www.gstatic.com maxcdn.bootstrapcdn.com *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/m.media-amazon.com https:\/\/media.flixfacts.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io https:\/\/cobrowsing-ha.iadvize.com\/ https:\/\/halc.iadvize.com https:\/\/api.iadvize.com\/ https:\/\/static.iadvize.com\/ https:\/\/stats.g.doubleclick.net https:\/\/bam.nr-data.net https:\/\/availability.loadbee.com https:\/\/analytics.google.com https:\/\/in.hotjar.com https:\/\/vc.hotjar.io https:\/\/static.rolex.com https:\/\/retailers.rolex.com https:\/\/static.addtoany.com https:\/\/media.flixfacts.com https:\/\/stats.addtoany.com https:\/\/m.media-amazon.com c.webengage.com assets.adobedtm.com maps.googleapis.com http:\/\/dpm.demdex.net *.alothemes.com *.magepow.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com cdn.ampproject.org *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" frame-ancestors 'self' *.volusion.com;default-src 'none'","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com *.50-ml.media *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com https:\/\/fonts.gstatic.com https:\/\/static.klaviyo.com *.fontawesome.com maxcdn.bootstrapcdn.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.awin1.com *.zenaps.com *.fls.doubleclick.net www.mainadv.com *.doubleclick.net *.2trk.info www.instagram.com calendly.com *.50-ml.it *.50-ml.eu *.50-ml.fr *.50-ml.de *.50-ml.es *.50-ml.com *.50-ml.co.uk *.lcmark.net *.weltpixel.com *.trustpilot.com *.iubenda.com *.sendcloud.sc *.jsdelivr.net *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/images.unsplash.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.awin1.com *.zenaps.com *.wepowerconnections.com *.roeye.com *.50-ml.com *.50-ml.media *.google.com *.google.fr *.google.it *.google.es *.google.de *.google.eu *.google.co.uk *.googletagmanager.com bat.bing.com maps.gstatic.com maps.googleapis.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.iubenda.com *.amazonaws.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.google-analytics.com *.doubleclick.net data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com www.googletagmanager.com https:\/\/rum.hlx.page https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com *.preciso.net *.50-ml.eu *.50-ml.it *.50-ml.fr *.50-ml.de *.50-ml.es *.50-ml.com *.50-ml.co.uk www.clarity.ms bat.bing.com www.instagram.com *.googleapis.com maps.gstatic.com assets.calendly.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.trustpilot.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.gstatic.com *.iubenda.com *.50-ml.media *.sendcloud.sc *.jsdelivr.net https:\/\/servicepoints.sendcloud.sc https:\/\/embed.sendcloud.sc *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com assets.calendly.com *.50-ml.media *.iubenda.com https:\/\/static.klaviyo.com *.trustpilot.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com https:\/\/fonts.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com *.sendcloud.sc *.jsdelivr.net *.stripe.network *.stripecdn.com *.amazon.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.50-ml.media 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com capig.stape.tech *.50-ml.com *.clarity.ms maps.googleapis.com maps.gstatic.com pay.google.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com *.iubenda.com *.50-ml.media *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com 50-ml.zendesk.com ekr.zdassets.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/widgets.trustedshops.com *.moca-bike.com *.urage.com *.eoto-objects.com *.stepbystep-schulranzen.com *.coocazoo.com *.hama.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com *.stape.io 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com * *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com *.moca-bike.com *.urage.com *.eoto-objects.com *.stepbystep-schulranzen.com *.coocazoo.com *.hama.com app.usercentrics.eu https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.stape.io 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net * magefan.com cm.magefan.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.doubleclick.net *.googletagmanager.com cdn.scarabresearch.com *.disqus.com orbitvu.co *.orbitvu.co https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com *.moca-bike.com *.urage.com *.eoto-objects.com *.stepbystep-schulranzen.com *.coocazoo.com *.hama.com media.brand-distribution.com widgets.trustedshops.com app.usercentrics.eu privacy-proxy-server.usercentrics.eu uct.service.usercentrics.eu https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com *.stape.io www.facebook.com connect.facebook.com www.google.de piwik.hama.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.gstatic.com *.googletagmanager.com *.doubleclick.net https:\/\/userlike-cdn-widgets.s3-eu-west-1.amazonaws.com https:\/\/userlike-cdn-umm.b-cdn.net\/ cdn.scarabresearch.com *.disqus.com orbitvu.co *.orbitvu.co https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.moca-bike.com *.urage.com *.eoto-objects.com *.stepbystep-schulranzen.com *.coocazoo.com *.hama.com widgets.trustedshops.com aggregator.service.usercentrics.eu app.usercentrics.eu api.usercentrics.eu graphql.usercentrics.eu privacy-proxy.usercentrics.eu consent-api.service.consent.usercentrics.eu https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.stape.io connect.facebook.com connect.facebook.net www.google.com www.google.de piwik.hama.com *.kameleoon.com *.kameleoon.io *.kameleoon.eu *.kameleoon.net *.hsforms.net *.hsforms.com https:\/\/app.usercentrics.eu https:\/\/privacy-proxy.usercentrics.eu 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app *.googleapis.com *.googletagmanager.com *.orbitvu.co https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.moca-bike.com *.urage.com *.eoto-objects.com *.stepbystep-schulranzen.com *.coocazoo.com *.hama.com fast.fonts.net hello.myfonts.net https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.stape.io *.kameleoon.com *.kameleoon.io *.kameleoon.eu *.kameleoon.net *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.stepbystep-schulranzen.com *.coocazoo.com *.hama.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.doubleclick.net *.googlesyndication.com https:\/\/www.merchant-center-analytics.goog https:\/\/userlike-cdn-widgets.s3-eu-west-1.amazonaws.com https:\/\/api.userlike.com *.orbitvu.cloud *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.moca-bike.com *.urage.com *.eoto-objects.com *.stepbystep-schulranzen.com *.coocazoo.com *.hama.com aggregator.service.usercentrics.eu app.usercentrics.eu api.usercentrics.eu graphql.usercentrics.eu privacy-proxy.usercentrics.eu consent-api.service.consent.usercentrics.eu https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.stape.io connect.facebook.com connect.facebook.net www.google.com www.google.de piwik.hama.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.moca-bike.com *.urage.com *.eoto-objects.com *.stepbystep-schulranzen.com *.coocazoo.com *.hama.com *.kameleoon.com *.kameleoon.io *.kameleoon.eu *.kameleoon.net *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com fonts.googleapis.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/seo.mageplaza.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.googletagmanager.com\/ *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.bing.com *.google-analytics.com *.googleadservices.com *.google.co.uk *.googletagmanager.com *.expressentry.melissadata.net *.paypalobjects.com *.ometria.services *.feefo.com *.adobedtm.com *.facebook.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.ometria.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.bing.com *.google-analytics.com *.googletagmanager.com googleadservices.com *.googleapis.com expressentry.melissadata.net *.paypalobjects.com *.ometria.services *.noibu.com https:\/\/www.noibu.com https:\/\/cdn.noibu.com *.facebook.net https:\/\/cdn.jsdelivr.net http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.dixa.io x.klarnacdn.net *.klarnaservices.com *.avada.io *.shopify.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com https:\/\/api.ometria.com *.ometria.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.googleapis.com fonts.googleapis.com *.stripe.network *.stripecdn.com *.amazon.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bing.com *.bing.net *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com maps.googleapis.com *.expressentry.melissadata.net *.paypalobjects.com *.ometria.services *.advancedcommerce.services *.algolia.net https:\/\/cdn.noibu.com wss:\/\/input.noibu.com https:\/\/input.noibu.com *.noibu.com https:\/\/cdn.jsdelivr.net http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.dixa.io x.klarnacdn.net *.klarnaservices.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/api.ometria.com *.ometria.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.cloudflare.com *.googleapis.com *.zopim.com *.tawk.to *.jsdelivr.net media.flixfacts.com 'unsafe-inline' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com *.facebook.com webchat.jdg.co.za *.jdg.co.za 'self' 'unsafe-inline'; frame-ancestors *.hana.ondemand.com 'self'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com *.nosto.com *.issuu.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.criteo.net *.criteo.com *.addthis.com *.facebook.com webchat.jdg.co.za *.jdg.co.za map.pargo.co.za 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com 'unsafe-inline' data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/widgets.payflex.co.za oppwa.com *.oppwa.com *.peachpayments.com *.eu-west-1.amazonaws.com *.cloudflare.com *.google.com *.google.lv *.google.co.za *.google.com.na *.google.na *.zopim.com *.nosto.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.zopim.io *.sfdr.co sfdr.co *.tawk.to tawk.link *.tawk.link *.addthis.com *.jsdelivr.net *.facebook.com *.azurewebsites.net maps.googleapis.com app.mobicredwidget.co.za amcglobal.sc.omtrdc.net media.flixcar.com rt.flix360.com assets.secure.checkout.visa.com data: 'self' 'unsafe-inline'; script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/browser.sentry-cdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/widgets.payflex.co.za https:\/\/partpayassets.blob.core.windows.net *.oppwa.com oppwa.com *.peachpayments.com worldtimeapi.org *.zopim.com *.videoly.co sfdr.co *.cnetcontent.com *.cloudfront.net *.newrelic.com *.google.lv *.google.co.za *.google.com.na *.google.na *.cloudflare.com *.cloudflareinsights.com *.nosto.com *.hotjar.com *.googletagmanager.com *.criteo.net *.criteo.com *.sfdr.co *.tawk.to *.tawk.link *.jsdelivr.net *.addthis.com *.addthisedge.com *.moatads.com *.mouseflow.com *.nr-data.net *.facebook.com *.what3words.com maps.googleapis.com commerce.adobedtm.com magento-recs-sdk.adobe.net static.zdassets.com app.mobicredwidget.co.za www.gstatic.com bam.nr-data.net js.testfreaks.com media.flixfacts.com media.flixcar.com security-hub.vaimo.network https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com oppwa.com *.oppwa.com *.peachpayments.com *.cloudflare.com *.googleapis.com *.jsdelivr.net www.gstatic.com media.flixcar.com 'unsafe-inline' data: https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; connect-src http:\/\/www.rookieusa.co.za\/ geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/*.ingest.sentry.io https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com oppwa.com *.oppwa.com *.peachpayments.com *.testfreaks.com *.nosto.com *.hotjar.io *.hotjar.com *.doubleclick.net *.zendesk.com *.tawk.to wss:\/\/*.tawk.to *.tawk.link *.addthis.com *.addthisedge.com *.nr-data.net *.what3words.com *.googleapis.com vsb111.tawk.to ekr.zdassets.com api.magento.com commerce.adobedc.net app.mobicredwidget.co.za wss:\/\/widget-mediator.zopim.com bam.nr-data.net *.googletagmanager.com security-hub.vaimo.network 'unsafe-eval' data: 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com https:\/\/fonts.gstatic.com *.klarnacdn.net *.fontawesome.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors https:\/\/api.clerk.io https:\/\/cdn.clerk.io 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.klarna.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com https:\/\/cdn.clerk.io *.klarna.com *.klarnaevt.com *.klarnacdn.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io https:\/\/custom.clerk.io *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io https:\/\/fonts.googleapis.com *.klarnacdn.net *.fontawesome.com maxcdn.bootstrapcdn.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https:\/\/cdnjs.cloudflare.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com magefan.com cm.magefan.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.doubleclick.net *.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/www.google.fr https:\/\/api.mapbox.com *.tile.openstreetmap.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.gstatic.com *.googletagmanager.com *.doubleclick.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com static.client.cardinaltrusted.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com *.googleapis.com *.googletagmanager.com *.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.doubleclick.net *.googlesyndication.com https:\/\/www.merchant-center-analytics.goog https:\/\/maps.googleapis.com https:\/\/nominatim.openstreetmap.org *.cardinaltrusted.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":3},{"content-security-policy-report-only":" font-src ctiapi.com s3.amazonaws.com *.fontawesome.com fonts.gstatic.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com ctiapi.com *.hestage.com *.ecklers.com *.ecklerscorvette.com *.macsautoparts.com *.rickscamaros.com *.classicchevy.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.googletagmanager.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.sharethis.com *.doubleclick.net *.clarity.ms *.vantivprelive.com *.google.com *.listrak.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com validator.swagger.io *.sharethis.com ctiapi.com s3.amazonaws.com youtube.com *.ecklers.com *.gfycat.com *.imgeng.in *.cloudfront.net *.userid.io *.bing.com *.google.com *.clarity.ms *.listrakbi.com *.riskified.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.googletagmanager.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.sharethis.com us-autocomplete-pro.api.smartystreets.com ctiapi.com *.cloudfront.net *.cloudflare.com *.bc0a.com *.online-metrix.net *.vantivprelive.com *.listrak.com *.listrakbi.com *.listrakbi.net *.userid.io *.bing.com *.datasteam.io *.doubleclick.net *.upsellit.com *.clarity.ms *.murdoog.com *.dwin1.com *.needle.com *.cardinalcommerce.com *.ccdc02.com *.braintreegateway.com *.ytimg.com *.gstatic.com *.ctiapi.com *.riskified.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com *.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.sharethis.com ctiapi.com *.fontawesome.com *.cloudfront.net *.listrakbi.net *.listrakbi.com *.googleapis.com unsafe-inline *.gstatic.com 'self' 'unsafe-inline'; object-src ctiapi.com s3.amazonaws.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net *.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.sharethis.com us-autocomplete-pro.api.smartystreets.com ctiapi.com *.bc0a.com *.brontops.com *.ecklers.com *.doubleclick.net *.cloudfront.net *.listrak.com *.clarity.ms *.ecklerscorvette.com *.macsautoparts.com *.rickscamaros.com *.classicchevy.com *.demdex.net *.cardinalcommerce.com *.google.com *.google-analytics.com *.paypalobjects.com *.ctiapi.com *.riskified.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com t.elasticsuite.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/humanelement.report-uri.com\/r\/d\/csp\/enforce; report-to report-endpoint;","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src 'self' 'unsafe-inline' https: http:; font-src 'self' https: http: data:; img-src 'self' data: https: http: blob:; media-src 'self' https: http: blob:; connect-src 'self' https: http: ws: wss:; frame-src 'self' https: http:; object-src 'none'; base-uri 'self'; form-action 'self'","count":3},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.gstatic.com https:\/\/www.google.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com; img-src 'self' data: https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/secure.gravatar.com; font-src 'self' data: https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net; frame-src 'self' https:\/\/www.google.com https:\/\/maps.google.com https:\/\/www.youtube.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; report-uri https:\/\/www.tisda.nl\/csp-report.php;","count":3},{"content-security-policy-report-only":" script-src 'self' http:\/\/java.sun.com\/jsp\/jstl\/core http:\/\/java.sun.com\/jsp\/jstl\/fmt http:\/\/tiles.apache.org\/tags-tiles 'unsafe-inline' 'wasm-unsafe-eval'; frame-src 'self'","count":3},{"content-security-policy-report-only":" require-trusted-types-for 'script';report-uri \/us\/_\/BgcMiscSites\/cspreport","count":2},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.hollywoodreporter.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" default-src 'unsafe-inline' 'unsafe-eval' * data: blob:","count":2},{"content-security-policy-report-only":" script-src 'self' cdn.robinhood.com cdn.pdst.fm\/ping.min.js www.google-analytics.com www.googletagmanager.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ tagmanager.google.com ssl.google-analytics.com connect.facebook.net sc-static.net d.impactradius-event.com www.redditstatic.com analytics.tiktok.com boards.greenhouse.io bat.bing.com www.googleadservices.com static.ads-twitter.com s.yimg.com *.usercentrics.eu snap.licdn.com collector-47804.us.tvsquared.com\/tv2track.js public.flourish.studio\/resources\/embed.js csi.gstatic.com cdn.parsely.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com platform.twitter.com\/ platform.instagram.com\/ www.instagram.com\/embed.js www.threads.net\/embed.js www.tiktok.com\/embed.js lf16-tiktok-web.tiktokcdn-us.com\/ www.facebook.com\/ www.youtube.com\/ ak.sail-horizon.com *.celtra.com *.heapanalytics.com heapanalytics.com cdn.us.heap-api.com *.doubleverify.com *.infogram.com cdn.concert.io *.adtrafficquality.google hymnal-prod.vox-cdn.com www.documentcloud.org\/notes\/loader.js truthsocial.com\/embed.js embed.reddit.com\/widgets.js embed.bsky.app\/static\/embed.js *.permutive.app 'unsafe-eval'; report-uri https:\/\/o62437.ingest.us.sentry.io\/api\/4509232895361024\/security\/?sentry_key=98a8908d38fbd5ecdf8e976a1cb6b404","count":2},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/*.webflow.com https:\/\/webflow.com https:\/\/app.intellimize.com; connect-src 'self' https:\/\/webflow.com https:\/\/*.webflow.com https:\/\/d1otoma47x30pg.cloudfront.net https:\/\/d3e54v103j8qbb.cloudfront.net https:\/\/daks2k3a4ib2z.cloudfront.net https:\/\/dhygzobemt712.cloudfront.net https:\/\/cdn.prod.website-files.com https:\/\/code-components.website-files.com https:\/\/webflow-assets.s3.us-east-1.amazonaws.com https:\/\/browser-intake-datadoghq.com https:\/\/statsigapi.net https:\/\/beyondwickedmapping.org https:\/\/cloudflare-dns.com https:\/\/featureassets.org https:\/\/prodregistryv2.org https:\/\/api.segment.io https:\/\/www.google-analytics.com https:\/\/*.clarity.ms https:\/\/050-lkc-745.mktoresp.com https:\/\/050-lkc-745.mktoutil.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/cdn.dreamdata.cloud https:\/\/grsm.io https:\/\/partnerlinks.io https:\/\/pixel-config.reddit.com https:\/\/*.ads.linkedin.com https:\/\/q.quora.com https:\/\/tracking.goentri.com https:\/\/api.claydar.com https:\/\/api.goentri.com https:\/\/assetsconfigcdn.org https:\/\/api.intellimize.co https:\/\/api.knock.app https:\/\/api.sprig.com https:\/\/app.clearbit.com https:\/\/log.intellimize.co wss:\/\/api.knock.app https:\/\/*.doubleclick.net https:\/\/www.facebook.com https:\/\/*.google.com https:\/\/www.googleadservices.com https:\/\/www.googleservices.com https:\/\/cdn.birdie.so https:\/\/cf.birdie.so https:\/\/sock.birdie.so https:\/\/sockr.birdie.so wss:\/\/sock.birdie.so wss:\/\/sockr.birdie.so https:\/\/*.px-cdn.net https:\/\/*.px-client.net https:\/\/*.px-cloud.net https:\/\/*.pxchk.net https:\/\/c.6sc.co https:\/\/ipv6.6sc.co https:\/\/telemetry.us.transcend.io https:\/\/transcend-cdn.com https:\/\/tzm.px-cloud.net https:\/\/distillery.wistia.com https:\/\/embed-cloudfront.wistia.com https:\/\/fast.wistia.com https:\/\/pipedream.wistia.com https:\/\/app.qualified.com wss:\/\/ws7.qualified.com https:\/\/webflow-prod-assets.s3.amazonaws.com https:\/\/webflow-tmp-csv-import-production.s3.amazonaws.com https:\/\/*.google-analytics.com https:\/\/*.googlesyndication.com https:\/\/www.googletagmanager.com https:\/\/www.google.ad https:\/\/www.google.ae https:\/\/www.google.al https:\/\/www.google.at https:\/\/www.google.az https:\/\/www.google.ba https:\/\/www.google.be https:\/\/www.google.bg https:\/\/www.google.bj https:\/\/www.google.by https:\/\/www.google.ca https:\/\/www.google.ch https:\/\/www.google.cl https:\/\/www.google.co.cr https:\/\/www.google.co.id https:\/\/www.google.co.il https:\/\/www.google.co.in https:\/\/www.google.co.jp https:\/\/www.google.co.ke https:\/\/www.google.co.kr https:\/\/www.google.co.ma https:\/\/www.google.co.nz https:\/\/www.google.co.th https:\/\/www.google.co.ug https:\/\/www.google.co.uk https:\/\/www.google.co.uz https:\/\/www.google.co.za https:\/\/www.google.co.zm https:\/\/www.google.com.ar https:\/\/www.google.com.au https:\/\/www.google.com.bd https:\/\/www.google.com.br https:\/\/www.google.com.co https:\/\/www.google.com.cy https:\/\/www.google.com.ec https:\/\/www.google.com.eg https:\/\/www.google.com.gh https:\/\/www.google.com.hk https:\/\/www.google.com.kw https:\/\/www.google.com.mx https:\/\/www.google.com.ng https:\/\/www.google.com.np https:\/\/www.google.com.ph https:\/\/www.google.com.pk https:\/\/www.google.com.pr https:\/\/www.google.com.qa https:\/\/www.google.com.sa https:\/\/www.google.com.sg https:\/\/www.google.com.sv https:\/\/www.google.com.tj https:\/\/www.google.com.tr https:\/\/www.google.com.tw https:\/\/www.google.com.ua https:\/\/www.google.com.uy https:\/\/www.google.com.vn https:\/\/www.google.cz https:\/\/www.google.de https:\/\/www.google.dk https:\/\/www.google.ee https:\/\/www.google.es https:\/\/www.google.fi https:\/\/www.google.fr https:\/\/www.google.ga https:\/\/www.google.ge https:\/\/www.google.gl https:\/\/www.google.gr https:\/\/www.google.hr https:\/\/www.google.hu https:\/\/www.google.ie https:\/\/www.google.it https:\/\/www.google.kg https:\/\/www.google.kz https:\/\/www.google.lk https:\/\/www.google.lt https:\/\/www.google.lu https:\/\/www.google.lv https:\/\/www.google.md https:\/\/www.google.mg https:\/\/www.google.mk https:\/\/www.google.mu https:\/\/www.google.mw https:\/\/www.google.my https:\/\/www.google.nl https:\/\/www.google.no https:\/\/www.google.pe https:\/\/www.google.pl https:\/\/www.google.pt https:\/\/www.google.ro https:\/\/www.google.rs https:\/\/www.google.ru https:\/\/www.google.se https:\/\/www.google.si https:\/\/www.google.sk https:\/\/www.google.tn; style-src 'self' 'unsafe-inline' https:\/\/webflow.com https:\/\/*.webflow.com https:\/\/d1otoma47x30pg.cloudfront.net https:\/\/d3e54v103j8qbb.cloudfront.net https:\/\/daks2k3a4ib2z.cloudfront.net https:\/\/dhygzobemt712.cloudfront.net https:\/\/accounts.google.com https:\/\/fonts.googleapis.com https:\/\/go.webflow.com https:\/\/cdn.birdie.so https:\/\/cdn.jsdelivr.net https:\/\/cdn.prod.website-files.com https:\/\/code-components.website-files.com https:\/\/transcend-cdn.com https:\/\/www.gstatic.com; img-src 'self' data: https:\/\/webflow.com https:\/\/*.webflow.com https:\/\/d1otoma47x30pg.cloudfront.net https:\/\/d3e54v103j8qbb.cloudfront.net https:\/\/daks2k3a4ib2z.cloudfront.net https:\/\/dhygzobemt712.cloudfront.net https:\/\/cdn.prod.website-files.com https:\/\/code-components.website-files.com https:\/\/connect.facebook.com https:\/\/*.ads.linkedin.com https:\/\/*.doubleclick.net https:\/\/www.facebook.com https:\/\/*.google.com https:\/\/webflow-assets.s3.us-east-1.amazonaws.com https:\/\/www.googleadservices.com https:\/\/www.google.ad https:\/\/www.google.ae https:\/\/www.google.al https:\/\/www.google.at https:\/\/www.google.az https:\/\/www.google.ba https:\/\/www.google.be https:\/\/www.google.bg https:\/\/www.google.bj https:\/\/www.google.by https:\/\/www.google.ca https:\/\/www.google.ch https:\/\/www.google.cl https:\/\/www.google.co.cr https:\/\/www.google.co.id https:\/\/www.google.co.il https:\/\/www.google.co.in https:\/\/www.google.co.jp https:\/\/www.google.co.ke https:\/\/www.google.co.kr https:\/\/www.google.co.ma https:\/\/www.google.co.nz https:\/\/www.google.co.th https:\/\/www.google.co.ug https:\/\/www.google.co.uk https:\/\/www.google.co.uz https:\/\/www.google.co.za https:\/\/www.google.co.zm https:\/\/www.google.com.ar https:\/\/www.google.com.au https:\/\/www.google.com.bd https:\/\/www.google.com.br https:\/\/www.google.com.co https:\/\/www.google.com.cy https:\/\/www.google.com.ec https:\/\/www.google.com.eg https:\/\/www.google.com.gh https:\/\/www.google.com.hk https:\/\/www.google.com.kw https:\/\/www.google.com.mx https:\/\/www.google.com.ng https:\/\/www.google.com.np https:\/\/www.google.com.ph https:\/\/www.google.com.pk https:\/\/www.google.com.pr https:\/\/www.google.com.qa https:\/\/www.google.com.sa https:\/\/www.google.com.sg https:\/\/www.google.com.sv https:\/\/www.google.com.tj https:\/\/www.google.com.tr https:\/\/www.google.com.tw https:\/\/www.google.com.ua https:\/\/www.google.com.uy https:\/\/www.google.com.vn https:\/\/www.google.cz https:\/\/www.google.de https:\/\/www.google.dk https:\/\/www.google.ee https:\/\/www.google.es https:\/\/www.google.fi https:\/\/www.google.fr https:\/\/www.google.ga https:\/\/www.google.ge https:\/\/www.google.gl https:\/\/www.google.gr https:\/\/www.google.hr https:\/\/www.google.hu https:\/\/www.google.ie https:\/\/www.google.it https:\/\/www.google.kg https:\/\/www.google.kz https:\/\/www.google.lk https:\/\/www.google.lt https:\/\/www.google.lu https:\/\/www.google.lv https:\/\/www.google.md https:\/\/www.google.mg https:\/\/www.google.mk https:\/\/www.google.mu https:\/\/www.google.mw https:\/\/www.google.my https:\/\/www.google.nl https:\/\/www.google.no https:\/\/www.google.pe https:\/\/www.google.pl https:\/\/www.google.pt https:\/\/www.google.ro https:\/\/www.google.rs https:\/\/www.google.ru https:\/\/www.google.se https:\/\/www.google.si https:\/\/www.google.sk https:\/\/www.google.tn https:\/\/*.webflow.com https:\/\/account-assets.knock.app https:\/\/alb.reddit.com https:\/\/analytics.twitter.com https:\/\/b.6sc.co https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/embed-ssl.wistia.com https:\/\/fast.wistia.com https:\/\/fonts.gstatic.com https:\/\/i.ytimg.com https:\/\/q.quora.com https:\/\/quickchart.io https:\/\/webflow.itsoffbrand.io https:\/\/www.googletagmanager.com; report-uri https:\/\/webflow.report-uri.com\/r\/t\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" default-src 'self' data: blob: https:\/\/067-umd-991.mktoresp.com https:\/\/accounts.google.com https:\/\/analytics.google.com https:\/\/api.amplitude.com https:\/\/bi-beta.pst.tech https:\/\/bi.pst.tech https:\/\/bifrost-https-v4.gw.postman.com https:\/\/blog.postman.com https:\/\/dl.pstmn.io https:\/\/eo2kpuahxhuvgexlueall7gqzq0fihon.lambda-url.us-east-1.on.aws https:\/\/events.gw.postman.com https:\/\/events.rm-api.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/identity.getpostman-beta.com https:\/\/identity.getpostman.com https:\/\/lp.postman.com https:\/\/munchkin.marketo.net https:\/\/pages.getpostman.com https:\/\/public.slidesharecdn.com https:\/\/px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/manifest.webmanifest https:\/\/ms1frkqnsp7r.statuspage.io https:\/\/run.pstmn.io https:\/\/skills-assets.pstmn.io https:\/\/st-ar.cdn.postman.com https:\/\/static.cloudflareinsights.com https:\/\/stats.g.doubleclick.net https:\/\/td.doubleclick.net https:\/\/voyager.postman.com https:\/\/web.postman.com https:\/\/www.googletagmanager.com https:\/\/www.slideshare.net https:\/\/snap.licdn.com https:\/\/www.google.com https:\/\/youtube.com https:\/\/*.youtube.com https:\/\/*.ytimg.com https:\/\/www.linkedin.com\/px\/ https:\/\/www.postman.com https:\/\/snap.licdn.com\/ https:\/\/worldtimeapi.org https:\/\/maps.google.com https:\/\/*.mountain.com https:\/\/dx.mountain.com https:\/\/px.mountain.com https:\/\/gs.mountain.com https:\/\/44.238.122.172 https:\/\/100.20.58.101 https:\/\/35.85.84.151 https:\/\/44.228.85.26 https:\/\/34.215.155.61 https:\/\/35.160.46.251 https:\/\/52.71.121.170 https:\/\/18.210.229.244 https:\/\/44.212.189.233 https:\/\/3.212.39.155 https:\/\/52.22.50.55 https:\/\/54.156.2.105 https:\/\/bam.nr-data.net https:\/\/js-agent.newrelic.com https:\/\/res.cloudinary.com https:\/\/mkt.cdn.postman.com https:\/\/api.mapbox.com https:\/\/events.mapbox.com https:\/\/api.fpjs.io https:\/\/cdn.amplitude.com https:\/\/api2.amplitude.com https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/bat.bing.com https:\/\/js.qualified.com wss:\/\/ws.qualified.com wss:\/\/ws2.qualified.com https:\/\/app.qualified.com https:\/\/api.company-target.com https:\/\/segments.company-target.com https:\/\/tag.demandbase.com https:\/\/tag-logger.demandbase.com https:\/\/s.company-target.com https:\/\/alb.reddit.com https:\/\/www.redditstatic.com https:\/\/pixel-config.reddit.com https:\/\/*.hotjar.io https:\/\/*.hotjar.com wss:\/\/ws.hotjar.com https:\/\/cdn.segment.com https:\/\/api.cdp.postman.com https:\/\/api.segment.io https:\/\/evs.cdp.postman.com https:\/\/www.influ2.com https:\/\/t.influ2.com https:\/\/*.usbrowserspeed.com https:\/\/pxl.growth-channel.net https:\/\/tags.srv.stackadapt.com https:\/\/job-boards.greenhouse.io https:\/\/transcend-cdn.com https:\/\/telemetry.us.transcend.io https:\/\/unpkg.com\/launchdarkly-js-client-sdk@3.8.1 https:\/\/app.launchdarkly.com\/ https:\/\/events.launchdarkly.com https:\/\/tally.so\/ https:\/\/postman.outgrow.us\/ https:\/\/api-n.outgrow.co https:\/\/t.co\/ https:\/\/analytics.twitter.com https:\/\/static.ads-twitter.com\/uwt.js https:\/\/id.rlcdn.com https:\/\/cdn.cr-relay.com https:\/\/api.cr-relay.com https:\/\/cdn.vector.co https:\/\/api.vector.co https:\/\/*.liadm.com\/ https:\/\/*.ip-api.com https:\/\/accretivemedia.go2cloud.org https:\/\/fast.wistia.net https:\/\/fast.wistia.com https:\/\/embed-ssl.wistia.com https:\/\/distillery.wistia.com https:\/\/pipedream.wistia.com https:\/\/embed-cloudfront.wistia.com https:\/\/postman.cdn.prismic.io https:\/\/static.cdn.prismic.io https:\/\/postman.prismic.io https:\/\/browser.sentry-cdn.com https:\/\/o1224273.ingest.us.sentry.io 'unsafe-inline' 'unsafe-eval'; form-action 'self'; base-uri 'self';","count":2},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/deadline.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" \tdefault-src 'self' *.wp.com;\timg-src data: https:;\tscript-src 'unsafe-inline' 'unsafe-eval' blob: https:;\tstyle-src 'unsafe-inline' https:;\tfont-src data: https:;\tmedia-src blob: https:;\tframe-src https:;\tobject-src 'none';\tconnect-src https:;","count":2},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri \/csp_report","count":2},{"content-security-policy-report-only":" frame-ancestors 'self'; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src 'self' cdnweb.sbermobile.ru; frame-src https:\/\/cdn.rutarget.ru\/ https:\/\/api.flocktory.com https:\/\/mc.yandex.ru https:\/\/tag.rutarget.ru\/ ; style-src 'unsafe-inline' 'self' fonts.googleapis.com cdnweb.sbermobile.ru; font-src 'self' cdnweb.sbermobile.ru data: fonts.gstatic.com ; connect-src 'self' https:\/\/yandexmetrica.com:*\/ *.sbermarketing.ru uaas.yandex.ru ad.adriver.ru api.flocktory.com kraken.rambler.ru https:\/\/*.mc.yandex.ru\/ https:\/\/stats.g.doubleclick.net\/ https:\/\/suggestions.dadata.ru\/ https:\/\/suggest-maps.yandex.ru\/ https:\/\/ymetrica1.com\/ https:\/\/www.google-analytics.com\/ https:\/\/unpkg.com\/ https:\/\/stats.g.doubleclick.net\/ https:\/\/mc.yandex.ru\/ https:\/\/*.sberbank.ru\/ https:\/\/sa.online.sberbank.ru:8098\/; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnweb.sbermobile.ru *.yandex.net *.trbcdn.net  top-fwz1.mail.ru api.flocktory.com *.top100.ru *.adriver.ru px.adhigh.net cdn.rutarget.ru yastatic.net *.maps.yandex.net suggest-maps.yandex.ru api-maps.yandex.ru *.otm-r.com www.google-analytics.com ajax.googleapis.com fonts.googleapis.com *.mc.yandex.ru mc.yandex.ru nlb-clickstream.sberbank.ru sp.otm-r.com stats.g.doubleclick.net www.google-analytics.com www.google.ru www.googletagmanager.com ; img-src 'self' data: www.gstatic.com cdnweb.sbermobile.ru adservings.ru api.flocktory.com top-fwz1.mail.ru kraken.rambler.ru api-maps.yandex.ru *.maps.yandex.net *.mc.yandex.com *.mc.yandex.ru mc.yandex.ru *.googleusercontent.com www.googletagmanager.com www.google.ru www.google.com www.google-analytics.com *.otm-r.com yandex.ru; base-uri 'self' cdnweb.sbermobile.ru; form-action 'self'; frame-ancestors 'none'","count":2},{"content-security-policy-report-only":" frame-src 'self' syndicatedsearch.goog *.google.com *.youtube.com vimeo.com *.vimeo.com *.podbean.com static.addtoany.com *.blackbaudhosting.com js.createsend1.com *.createsend.com *.payments.blackbaud.com payments.blackbaud.com\/Checkout\/bbCheckout.2.0.js; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-eval' *.googleadservices.com app.purechat.com app-script.monsido.com connect.facebook.net cdnjs.cloudflare.com static.addtoany.com polyfill.io *.googletagmanager.com *.google-analytics.com *.google.com www.gstatic.com cdn.jsdelivr.net *.hotjar.com *.gtranslate.net *.blackbaudhosting.com js.createsend1.com www.createsend.com *.googleapis.com *.payments.blackbaud.com payments.blackbaud.com\/Checkout\/bbCheckout.2.0.js https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/www.google.com; script-src-elem 'self' 'unsafe-inline' *.googleadservices.com app.purechat.com app-script.monsido.com connect.facebook.net cdnjs.cloudflare.com static.addtoany.com polyfill.io *.googletagmanager.com *.google-analytics.com *.google.com www.gstatic.com cdn.jsdelivr.net *.hotjar.com *.gtranslate.net *.blackbaudhosting.com js.createsend1.com *.createsend.com www.createsend.com *.googleapis.com *.payments.blackbaud.com payments.blackbaud.com\/Checkout\/bbCheckout.2.0.js *.simpli.fi https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/www.google.com; style-src 'self' 'report-sample' 'unsafe-inline' *.googleapis.com *.gstatic.com *.createsend1.com *.createsend.com *.blackbaudhosting.com *.payments.blackbaud.com payments.blackbaud.com\/Checkout\/bbCheckout.2.0.js cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; worker-src 'self'; base-uri 'self'; form-action 'self' www.createsend.com js.createsend1.com *.blackbaudhosting.com *.nla.gov.au *.payments.blackbaud.com payments.blackbaud.com\/Checkout\/bbCheckout.2.0.js; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" default-src 'self' *.pinduoduo.com *.pddpic.com *.yangkeduo.com *.pddugc.com *.pinduoduo.net *.v.smtcdns.net *.ourdvsss.com wss:\/\/*.pinduoduo.com wss:\/\/*.yangkeduo.com mapstyle.qpic.cn blob: data: 'unsafe-eval' 'unsafe-inline'; report-uri https:\/\/tc.pinduoduo.com\/x.gif","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' *.capgemini.com https:\/\/s0.wp.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.facebook.com https:\/\/www.youtube.com https:\/\/w.soundcloud.com https:\/\/api.momindum.com https:\/\/5504333.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/px.ads.linkedin.com https:\/\/consent.trustarc.com https:\/\/consent.truste.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' *.capgemini.com https:\/\/s0.wp.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.facebook.com https:\/\/www.youtube.com https:\/\/w.soundcloud.com https:\/\/api.momindum.com https:\/\/5504333.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/px.ads.linkedin.com https:\/\/consent.trustarc.com https:\/\/consent.truste.com https:\/\/pi.pardot.com; style-src  'self' 'unsafe-inline' 'report-sample' *.capgemini.com https:\/\/s0.wp.com https:\/\/fonts.googleapis.com; style-src-elem  'self' 'unsafe-inline' 'report-sample' *.capgemini.com https:\/\/s0.wp.com https:\/\/fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' *.capgemini.com sentry.io https:\/\/w.soundcloud.com https:\/\/cg-job-search-microservices-develop.azurewebsites.net https:\/\/cg-job-search-microservices.azurewebsites.net https:\/\/ad.doubleclick.net https:\/\/google.com https:\/\/adservice.google.com https:\/\/www.facebook.com https:\/\/api.sociabble.com https:\/\/cg-job-search-microservices-develop.azurewebsites.net https:\/\/analytics.inzynk.io https:\/\/analytics.vendemore.com https:\/\/api.factors.ai https:\/\/ipv6.6sc.co https:\/\/ksfpwfr.pa-cd.com https:\/\/px.ads.linkedin.com https:\/\/www.google-analytics.com https:\/\/www.google.com c.6sc.co https:\/\/consent.trustarc.com; font-src 'self' data: *.capgemini.com https:\/\/consent.trustarc.com https:\/\/s0.wp.com https:\/\/fonts.gstatic.com; frame-src 'self' *.capgemini.com https:\/\/wordpress.com https:\/\/share.transistor.fm\/ https:\/\/api.momindum.com https:\/\/www.youtube.com https:\/\/www.facebook.com *.phenompro.com https:\/\/w.soundcloud.com https:\/\/widgets.wp.com https:\/\/5504333.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com; frame-ancestors 'self' *.capgemini.com; img-src 'self' data: *.capgemini.com ad.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/adservice.google.com https:\/\/www.linkedin.com https:\/\/secure.gravatar.com https:\/\/www.facebook.com https:\/\/secure.gravatar.com https:\/\/wec-assets.terminus.services https:\/\/match.adsrvr.org https:\/\/www.googletagmanager.com https:\/\/aptivio.azure-api.net https:\/\/www.google.co.in https:\/\/www.google.com https:\/\/pd.sharethis.com https:\/\/b.6sc.co https:\/\/consent.trustarc.com https:\/\/px.ads.linkedin.com https:\/\/www.capgemini.com; manifest-src 'self'; media-src  'self' *.capgemini.com; worker-src blob:; report-to macs-csp; report-uri https:\/\/www.capgemini.com\/wp-json\/macs\/v1\/csp-report;","count":2},{"content-security-policy-report-only":" connect-src https:; child-src https:; default-src https:; font-src data: https:; form-action https:; frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.afr.com *.cdn.ampproject.org *.platform.ink; frame-src https:; img-src https: data:; media-src blob: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; script-src-attr https: 'unsafe-eval' 'unsafe-inline'; script-src-elem https: 'unsafe-eval' 'unsafe-inline'; style-src https:; style-src-attr 'unsafe-inline'; style-src-elem https: 'unsafe-inline'; worker-src blob:; report-uri https:\/\/csp.ffx.io\/; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; worker-src 'self' blob:; script-src 'unsafe-inline' 'unsafe-eval' 'self' static.prdg.io\/  ucontent.prdg.io *.mogl.com swagbucks.7eer.net\/js\/799\/1700\/irv2.js *.abtasty.com *.adsafeprotected.com *.amplitude.com appleid.cdn-apple.com js.appboycdn.com cdn.auryc.com js.authorize.net completr-v2.appspot.com sugg.search.yahoo.net\/sg\/ bat.bing.com www.clarity.ms tags.clickagy.com t.contentsquare.net app.contentsquare.com cdn.cookielaw.org swagbucks.disqus.com\/embed.js swagbucks-qa.disqus.com\/embed.js googleads.g.doubleclick.net *.doubleverify.com www.dwin1.com pf.entertainow.com load.exelator.com connect.facebook.net gwiqcdn.globalwebindex.net accounts.google.com\/gsi\/client apis.google.com\/js\/ translate.google.com www.google.com\/jsapi www.google.com\/pagead\/ www.google.com\/recaptcha\/ *.google-analytics.com www.googleadservices.com maps.googleapis.com storage.googleapis.com\/pollfish_production\/ tpc.googlesyndication.com www.googletagmanager.com www.googletagservices.com www.gstatic.com\/recaptcha\/ *.equalweb.com cdn.us.heap-api.com cdn.heapanalytics.com heapanalytics.com cdn.hellosign.com hideout.tv script.hotjar.com static.hotjar.com mpsnare.iesnare.com d.impactradius-event.com cso2.imperium.com secure-gl.imrworldwide.com secure.insightexpressai.com surveys.insightexpressai.com media-cdn.ipredictive.com app.lifesight.io\/personica.js global.localizecdn.com api.maruusurv-serving.com img.macromill.com privacyportal-cdn.onetrust.com on-device.com www.paypalobjects.com aalert.peanutlabs.com pix.pub api.prsrvy.com rules.quantcount.com secure.quantserve.com idsync.reson8.com publishers.revenueuniverse.com wsdk.rokt.com cn.rtclx.com *.scorecardresearch.com classic.slingo.com js.stripe.com jsd.supersonicads.com js.swagbucks.com cdn.taboola.com analytics.tiktok.com transcend-cdn.com widget.trustpilot.com platform.twitter.com web-sdk.urbanairship.com *.voicefive.com *.visualwebsiteoptimizer.com app.vwo.com cdn.pushcrew.com useruploads.vwo.io cdn.wootric.com static.zdassets.com assets.zendesk.com www.p.zjptg.com\/tag\/ cdnjs.cloudflare.com\/ajax\/libs\/crypto-js\/ cdnjs.cloudflare.com\/ajax\/libs\/intl-tel-input\/ cdnjs.cloudflare.com\/ajax\/libs\/inputmask\/4.0.8\/inputmask\/inputmask.min.js cdnjs.cloudflare.com\/polyfill\/ d33wwcok8lortz.cloudfront.net\/js\/799\/ d3op16id4dloxg.cloudfront.net\/CSOWrapperAjax3.js d3op16id4dloxg.cloudfront.net\/RelevantID4.js *.verisoul.ai *.zendesk.com; script-src-elem 'unsafe-inline' 'unsafe-eval' 'self' static.prdg.io\/  ucontent.prdg.io *.mogl.com swagbucks.7eer.net\/js\/799\/1700\/irv2.js *.abtasty.com *.adsafeprotected.com *.amplitude.com appleid.cdn-apple.com js.appboycdn.com cdn.auryc.com js.authorize.net completr-v2.appspot.com sugg.search.yahoo.net\/sg\/ bat.bing.com www.clarity.ms tags.clickagy.com t.contentsquare.net app.contentsquare.com cdn.cookielaw.org swagbucks.disqus.com\/embed.js swagbucks-qa.disqus.com\/embed.js googleads.g.doubleclick.net *.doubleverify.com www.dwin1.com pf.entertainow.com load.exelator.com connect.facebook.net gwiqcdn.globalwebindex.net accounts.google.com\/gsi\/client apis.google.com\/js\/ translate.google.com www.google.com\/jsapi www.google.com\/pagead\/ www.google.com\/recaptcha\/ *.google-analytics.com www.googleadservices.com maps.googleapis.com storage.googleapis.com\/pollfish_production\/ tpc.googlesyndication.com www.googletagmanager.com www.googletagservices.com www.gstatic.com\/recaptcha\/ *.equalweb.com cdn.us.heap-api.com cdn.heapanalytics.com heapanalytics.com cdn.hellosign.com hideout.tv script.hotjar.com static.hotjar.com mpsnare.iesnare.com d.impactradius-event.com cso2.imperium.com secure-gl.imrworldwide.com secure.insightexpressai.com surveys.insightexpressai.com media-cdn.ipredictive.com app.lifesight.io\/personica.js global.localizecdn.com api.maruusurv-serving.com img.macromill.com privacyportal-cdn.onetrust.com on-device.com www.paypalobjects.com aalert.peanutlabs.com pix.pub api.prsrvy.com rules.quantcount.com secure.quantserve.com idsync.reson8.com publishers.revenueuniverse.com wsdk.rokt.com cn.rtclx.com *.scorecardresearch.com classic.slingo.com js.stripe.com jsd.supersonicads.com js.swagbucks.com cdn.taboola.com analytics.tiktok.com transcend-cdn.com widget.trustpilot.com platform.twitter.com web-sdk.urbanairship.com *.voicefive.com *.visualwebsiteoptimizer.com app.vwo.com cdn.pushcrew.com useruploads.vwo.io cdn.wootric.com static.zdassets.com assets.zendesk.com www.p.zjptg.com\/tag\/ cdnjs.cloudflare.com\/ajax\/libs\/crypto-js\/ cdnjs.cloudflare.com\/ajax\/libs\/intl-tel-input\/ cdnjs.cloudflare.com\/ajax\/libs\/inputmask\/4.0.8\/inputmask\/inputmask.min.js cdnjs.cloudflare.com\/polyfill\/ d33wwcok8lortz.cloudfront.net\/js\/799\/ d3op16id4dloxg.cloudfront.net\/CSOWrapperAjax3.js d3op16id4dloxg.cloudfront.net\/RelevantID4.js *.verisoul.ai *.zendesk.com; report-uri https:\/\/csp.prodege.workers.dev\/report","count":2},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src 'self' https: data: image\/*; frame-ancestors 'self' *.sunrise.ch; frame-src https: mailto:; connect-src https: wss: data:; font-src https: data:; media-src 'self' https:; worker-src blob:; report-uri https:\/\/www.sunrise.ch\/csp-collector","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/vercel.live https:\/\/challenges.cloudflare.com https:\/\/cdnjs.cloudflare.com https:\/\/*.posthog.com https:\/\/www.googletagmanager.com https:\/\/static.cloudflareinsights.com https:\/\/clerk.arena.ai https:\/\/www.google.com https:\/\/www.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https:\/\/vercel.live https:\/\/challenges.cloudflare.com https:\/\/cdnjs.cloudflare.com https:\/\/*.posthog.com https:\/\/www.googletagmanager.com https:\/\/arena.ai https:\/\/static.cloudflareinsights.com\/ https:\/\/clerk.arena.ai https:\/\/www.google.com https:\/\/www.gstatic.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https:\/\/challenges.cloudflare.com https:\/\/vercel.live https:\/\/us.posthog.com; img-src 'self' data: blob: https:\/\/challenges.cloudflare.com https:\/\/*.posthog.com https:\/\/vercel.live https:\/\/vercel.com https:\/\/*.27c852f3500f38c1e7786e2c9ff9e48f.r2.cloudflarestorage.com https:\/\/lh3.googleusercontent.com https:\/\/*.googletagmanager.com; connect-src 'self' https:\/\/arena.ai https:\/\/vercel.live wss:\/\/ws-us3.pusher.com https:\/\/*.posthog.com https:\/\/posthog.com https:\/\/challenges.cloudflare.com https:\/\/unpkg.com\/@rive-app\/ https:\/\/clerk.arena.ai https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/www.google.com https:\/\/*.27c852f3500f38c1e7786e2c9ff9e48f.r2.cloudflarestorage.com https:\/\/browser-intake-us3-datadoghq.com https:\/\/api.trigger.dev; frame-src 'self' https:\/\/vercel.live https:\/\/challenges.cloudflare.com https:\/\/www.google.com https:\/\/*.arena.site https:\/\/*.staging.arena.site; font-src 'self' data: https:\/\/vercel.live https:\/\/assets.vercel.com https:\/\/*.gstatic.com; worker-src 'self' blob:","count":2},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.dm.de https:\/\/mpsnare.iesnare.com https:\/\/omt.dm.de https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.dm.de https:\/\/www.google.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com https:\/\/www.gstatic.com\/recaptcha\/; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.dm.de https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.dm.de https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.dm.de https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/dmcsm-proxy.prod.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.dm.de https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.dm.de; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.dm.de https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.dm.de https:\/\/app.datadoghq.eu https:\/\/checkout.dm.de https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.dm.de https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.dm.de https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.dm.de https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.dm.de https:\/\/player.podigee-cdn.net https:\/\/recaptcha.google.com\/recaptcha\/ https:\/\/sandbox.om.dm.de https:\/\/signin.dm.de https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.dm.de; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":2},{"content-security-policy-report-only":" script-src 'self' https:\/\/s3.amazonaws.com\/media.nngroup.com\/ https:\/\/media.nngroup.com; style-src 'self' https:\/\/s3.amazonaws.com\/media.nngroup.com\/ https:\/\/media.nngroup.com; img-src 'self' https:\/\/s3.amazonaws.com\/media.nngroup.com\/ https:\/\/media.nngroup.com; font-src 'self' https:\/\/s3.amazonaws.com\/media.nngroup.com\/ https:\/\/media.nngroup.com; default-src 'self'; connect-src 'self'","count":2},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.theaustralian.com.au\/csp-reports","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/n8n.io data: 'unsafe-inline'; script-src 'self' 'sha256-4pl9dZH8ght2nZ3AX1mV23mwuukxsklzULVnAeIEKbg=' https:\/\/cdn.jsdelivr.net\/npm\/@webcomponents\/webcomponentsjs@2.0.0\/webcomponents-loader.js https:\/\/www.unpkg.com\/lit@2.0.0-rc.2\/polyfill-support.js https:\/\/cdn.jsdelivr.net\/npm\/@n8n_io\/n8n-demo-component@latest\/n8n-demo.bundled.js https:\/\/*.googletagmanager.com https:\/\/www.gstatic.cn https:\/\/www.gstatic.com https:\/\/www.recaptcha.net https:\/\/static.cloudflareinsights.com\/beacon.min.js\/ static.cloudflareinsights.com https:\/\/checkout.paddle.com\/api\/2.0\/prices\/; img-src 'self' data: https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/n8niostorageaccount.blob.core.windows.net https:\/\/www.gstatic.cn https:\/\/www.gstatic.com https:\/\/www.recaptcha.net https:\/\/gravatar.com\/avatar\/; media-src https:\/\/n8niostorageaccount.blob.core.windows.net; connect-src 'self' https:\/\/api.n8n.io\/ https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/www.gstatic.cn https:\/\/www.gstatic.com https:\/\/www.recaptcha.net; frame-src https:\/\/jobs.ashbyhq.com https:\/\/n8n-preview-service.internal.n8n.cloud https:\/\/www.recaptcha.net https:\/\/challenges.cloudflare.com https:\/\/www.linkedin.com https:\/\/buy.paddle.com https:\/\/security-hub.pages.dev; frame-ancestors 'none'; object-src 'none'","count":2},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: http:; script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: 'self' https: blob: android-webview-video-poster:; font-src 'self' https: data:; connect-src 'self' data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https:\/\/prod.bhaskarapi.com\/api\/1.0\/web-backend\/csp-report;","count":2},{"content-security-policy-report-only":" default-src https: ; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; report-uri \/csp\/","count":2},{"content-security-policy-report-only":" frame-ancestors gofundme.com *.gofundme.com *.hopin.com pillar.io *.pillar.io takethemameal.com *.takethemameal.com kudoboard.com *.kudoboard.com werememberdev.com *.werememberdev.com weremember.com *.weremember.com forevermissed.com *.forevermissed.com fm-stage.com *.fm-stage.com fm-qa.com *.fm-qa.com giftwhale.com *.giftwhale.com giftwhale.test *.chirp.me chirp.me *.giveinkind.com giveinkind.com *.inkind.dev *.mrdev.com *.mrqa1.com *.mrtesting.com *.myregistrystaging.com *.myregistry.com test.caringbridge.cc feedback.caringbridge.org caringbridge.org *.caringbridge.org *.linktr.ee;","count":2},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' https:\/\/ipv4-pixelconnector.pixeltracker.co https:\/\/ipv6-pixelconnector.pixeltracker.co https:\/\/dual-pixelconnector.pixeltracker.co https:\/\/s.amazon-adsystem.com https:\/\/c.amazon-adsystem.com https:\/\/ad.doubleclick.net https:\/\/www.collegevine.com https:\/\/app.heyhalda.com https:\/\/events.mapbox.com https:\/\/api.mapbox.com https:\/\/*.clarity.ms https:\/\/www.google.com https:\/\/analytics.google.com https:\/\/pixelconnector.pixeltracker.co https:\/\/www.google-analytics.com https:\/\/insight.adsrvr.org https:\/\/tr.snapchat.com https:\/\/app.heyhalda.com https:\/\/analytics.heyhalda.com https:\/\/tr6.snapchat.com https:\/\/o.clarity.ms https:\/\/analytics.tiktok.com https:\/\/ip.veritonicmetrics.com https:\/\/mgln.ai https:\/\/atr.veritonicmetrics.com https:\/\/pixels.spotify.com https:\/\/px.ads.linkedin.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.dev.shift4.com https:\/\/scgold-uat-pub1.irt.drexel.edu https:\/\/c.amazon-adsystem.com https:\/\/widget.thegivingblock.com https:\/\/www.collegevine.com https:\/\/scgold-uat.irt.drexel.edu https:\/\/api.mapbox.com https:\/\/use.typekit.net https:\/\/www.googletagmanager.com https:\/\/platform.twitter.com https:\/\/www.youtube.com https:\/\/tracker.pixeltracker.co https:\/\/sc-static.net https:\/\/js.adsrvr.org https:\/\/googleads.g.doubleclick.net https:\/\/siteimproveanalytics.com https:\/\/connect.facebook.net https:\/\/app.heyhalda.com https:\/\/snap.licdn.com https:\/\/analytics.tiktok.com https:\/\/js.ipredictive.com https:\/\/cdn.veritonic.com https:\/\/pixel.byspotify.com https:\/\/cdn.mgln.ai https:\/\/www.clarity.ms https:\/\/tr.snapchat.com; script-src-elem 'self' 'unsafe-inline' https:\/\/drexel.libanswers.com https:\/\/scripts.clarity.ms https:\/\/c.amazon-adsystem.com https:\/\/js.dev.shift4.com https:\/\/www.clickcease.com https:\/\/widget.thegivingblock.com https:\/\/api.mapbox.com https:\/\/slate-technolutions-net.cdn.technolutions.net https:\/\/fw.cdn.technolutions.net https:\/\/admissions-drexel-edu.cdn.technolutions.net https:\/\/admissions.drexel.edu https:\/\/www.collegevine.com https:\/\/www.google-analytics.com https:\/\/app.heyhalda.com https:\/\/www.googletagmanager.com https:\/\/use.typekit.net https:\/\/platform.twitter.com https:\/\/www.youtube.com https:\/\/sc-static.net https:\/\/connect.facebook.net https:\/\/js.adsrvr.org https:\/\/snap.licdn.com https:\/\/tracker.pixeltracker.co https:\/\/analytics.tiktok.com https:\/\/js.ipredictive.com https:\/\/cdn.veritonic.com https:\/\/pixel.byspotify.com https:\/\/cdn.mgln.ai https:\/\/googleads.g.doubleclick.net https:\/\/clarity.ms https:\/\/siteimproveanalytics.com https:\/\/tr.snapchat.com https:\/\/www.clarity.ms; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/api.mapbox.com https:\/\/slate-technolutions-net.cdn.technolutions.net https:\/\/fw.cdn.technolutions.net https:\/\/use.typekit.net; style-src-elem 'self' 'unsafe-inline'; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com https:\/\/use.typekit.net; img-src 'self' data: https:\/\/ad.doubleclick.net https:\/\/s.gravatar.com https:\/\/*.wp.com\/cdn.auth0.com\/avatars https:\/\/events.drexel.edu https:\/\/*.cdninstagram.com https:\/\/graph.instagram.com https:\/\/www.linkedin.com https:\/\/c.clarity.ms https:\/\/s.gravatar.com https:\/\/*.wp.com https:\/\/cdn.auth0.com https:\/\/p.typekit.net https:\/\/tvspix.com https:\/\/www.google.com https:\/\/tr.snapchat.com https:\/\/66356254.global.siteimproveanalytics.io https:\/\/www.facebook.com https:\/\/px.ads.linkedin.com https:\/\/www.googletagmanager.com https:\/\/mgln.ai https:\/\/pixel.tapad.com https:\/\/us.mgln.ai; frame-src 'self' 'unsafe-inline' https:\/\/5810200.fls.doubleclick.net https:\/\/s.amazon-adsystem.com https:\/\/c.amazon-adsystem.com https:\/\/widget.thegivingblock.com https:\/\/app.heyhalda.com https:\/\/www.collegevine.com https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/platform.twitter.com https:\/\/insight.adsrvr.org https:\/\/ad.ipredictive.com; media-src 'self' https:\/\/*.cdninstagram.com https:\/\/graph.instagram.com; object-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; worker-src 'self' blob:; upgrade-insecure-requests;","count":2},{"content-security-policy-report-only":" object-src 'none'; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" default-src 'self'; object-src 'none'; script-src 'self' *.hubspot.com *.hubspotusercontent-na1.net cdn.jsdelivr.net adsplay.com.br www.chatbase.co platform.twitter.com static.addtoany.com cdn.socket.io cdn.datatables.net *.cloudfront.net *.airtable.com www.googleadservices.com bat.bing.com *.albacross.com www.youtube.com snap.licdn.com static.hotjar.com cdn.privacytools.com.br plugin.handtalk.me unpkg.com *.hubspot.net cdnjs.cloudflare.com www.gstatic.com script.hotjar.com www.google.com *.storylane.io try.abtasty.com code.jquery.com googleads.g.doubleclick.net www.google-analytics.com www.clarity.ms ajax.googleapis.com cdn.cookielaw.org *.facebook.net js.hs-analytics.net js.hs-banner.com js.hsadspixel.net js.hscollectedforms.net js.hsforms.net js.hsleadflows.net js.hubspot.com app.hubspot.com js.usemessages.com *.linkedin.com static.hsappstatic.net www.googletagmanager.com www.gupy.io sibforms.com; style-src 'self' 'unsafe-inline' *.gupy.io *.hubspot.com *.hsappstatic.net *.hubspot.net cdn-uicons.flaticon.com kit.fontawesome.com cdn.jsdelivr.net cdnjs.cloudflare.com cdn.datatable.net cdn.datatables.net stackpath.bootstrapcdn.com cdn.cookielaw.org *.hubspotusercontent-na1.net *.hubspotusercontent40.net fonts.googleapis.com cdn.privacytools.com.br www.gupy.io sibforms.com; img-src 'self' blob: 3299491.fs1.hubspotusercontent-na1.net perf-na1.hsforms.com track.hubspot.com www.gupy.io data: *; font-src 'self' fonts.gstatic.com fonts.googleapis.com *.hubspotusercontent-na1.net *.hubspotusercontent40.net www.gupy.io assets.sendinblue.com; connect-src 'self' blob: fs1.hubspotusercontent-na1.net cdn.cookielaw.org *.gupy.io data: gap: *; media-src 'self' *.hubspot.com *.hubspotusercontent-na1.net www.gupy.io; frame-src gupy.com.br *.gupy.com.br gupy.com.br\/ gupy.io *.hs-sites.com *.hubspot.com js.hsforms.net www.googletagmanager.com www.chatbase.co lottie.host platform.twitter.com www.figma.com marine-bebop-445118-a6.uc.r.appspot.com w.soundcloud.com *.sibforms.com static.addtoany.com www.youtube.com app.hubspot.com *.hubspotvideo.com td.doubleclick.net *.facebook.com forms.hsforms.com *.storylane.io airtable.com *.spotify.com gupy.chat.blip.ai gupy673.outgrow.us *.google.com anchor.fm; frame-ancestors 'self' gupy.com.br gupy.io;","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.pie.org\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/accounts.google.com\/ https:\/\/www.gstatic.com\/ https:\/\/adblockforyoutube.com\/ https:\/\/www.adblockforyoutube.com\/; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data: *; object-src 'none'; font-src 'self' https:\/\/fonts.gstatic.com; media-src 'self' https:\/\/cdn.pie.org; connect-src 'self' https:\/\/*.pie.org https:\/\/cdn.segment.com https:\/\/cdn.lottielab.com https:\/\/browser-intake-us5-datadoghq.com https:\/\/www.google.com\/recaptcha\/ https:\/\/adblockforyoutube.com https:\/\/www.adblockforyoutube.com; frame-src 'self' https:\/\/accounts.google.com\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/ https:\/\/recaptcha.google.com\/ https:\/\/adblockforyoutube.com\/ https:\/\/www.adblockforyoutube.com\/ https:\/\/demo.zeroclick.ai\/; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/cdn-ukwest.onetrust.com\/scripttemplates\/ https:\/\/websdk.appsflyer.com\/ https:\/\/www.google.com\/recaptcha\/enterprise.js https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/cdn.segment.com https:\/\/static.moonpay.com https:\/\/www.googletagmanager.com; style-src 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/www.moonpay.com https:\/\/api.moonpay.com https:\/\/api.coingecko.com https:\/\/cdn-ukwest.onetrust.com https:\/\/*.launchdarkly.com https:\/\/geolocation.onetrust.com https:\/\/vitals.vercel-insights.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/logs.browser-intake-datadoghq.com https:\/\/cdn.segment.com https:\/\/otel-collector.moonpay.com https:\/\/otel-collector.moonpaycloud.com https:\/\/otel-collector.moonpay-staging.com; font-src 'self' https:\/\/static.moonpay.com; frame-src 'self' https:\/\/buy.moonpay.com https:\/\/sell.moonpay.com https:\/\/www.google.com https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/; img-src 'self' https:\/\/cdn-ukwest.onetrust.com https:\/\/images.ctfassets.net https:\/\/payload-marketing.moonpay.com https:\/\/staging.moonpay-marketing-c337344.payloadcms.app https:\/\/static.moonpay.com; manifest-src 'self'; media-src 'self' https:\/\/payload-marketing.moonpay.com https:\/\/staging.moonpay-marketing-c337344.payloadcms.app; worker-src 'self'; frame-ancestors 'none'; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub4f9819648cf6c369f00daa5b3a3a0ea7&dd-evp-origin=content-security-policy&ddsource=csp-report","count":2},{"content-security-policy-report-only":" default-src https: data: blob: wss: android-webview-video-poster: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-to default; report-uri https:\/\/sentry.io\/api\/256178\/csp-report\/?sentry_key=c2fb05422b2242faaec1d6d8a2a000fc&sentry_environment=&sentry_release=1.2.78","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'report-sample' 'self'   https:\/\/7052064.fs1.hubspotusercontent-na1.net   https:\/\/a.omappapi.com   https:\/\/app.hubspot.com   https:\/\/assets.apollo.io   https:\/\/cdn.demio.com   https:\/\/cdn.propensity.com   https:\/\/cdnjs.cloudflare.com   https:\/\/code.jquery.com   https:\/\/googleads.g.doubleclick.net   https:\/\/import-cdn.default.com   https:\/\/js.hscollectedforms.net   https:\/\/js.navattic.com   https:\/\/platform.linkedin.com   https:\/\/s3-us-west-2.amazonaws.com   https:\/\/snap.licdn.com   https:\/\/static.hsappstatic.net   https:\/\/www.googleadservices.com   https:\/\/www.googletagmanager.com   https:\/\/www.redditstatic.com   https:\/\/js.hs-analytics.net   https:\/\/js.hs-scripts.com; style-src 'report-sample' 'self'   https:\/\/7052064.fs1.hubspotusercontent-na1.net   https:\/\/ajax.googleapis.com   https:\/\/cdn.demio.com   https:\/\/cdnjs.cloudflare.com   https:\/\/fonts.googleapis.com   https:\/\/kit-free.fontawesome.com   https:\/\/static.hsappstatic.net; object-src 'none'; base-uri 'self'; connect-src 'self'   https:\/\/a.omappapi.com   https:\/\/analytics.google.com   https:\/\/aplo-evnt.com   https:\/\/app.hubspot.com   https:\/\/cp.hubspot.com   https:\/\/forms.default.com   https:\/\/forms.hsforms.com   https:\/\/geo.demio.com   https:\/\/js.hs-banner.com   https:\/\/nucleus.default.com   https:\/\/pixel-config.reddit.com   https:\/\/px.ads.linkedin.com   https:\/\/www.cloudflare.com   https:\/\/www.google.com   https:\/\/www.redditstatic.com   https:\/\/z.omappapi.com   https:\/\/api.hsforms.com   https:\/\/api.hubapi.com; font-src 'self' https:\/\/fonts.gstatic.com; frame-src 'self'   https:\/\/forms.hsforms.com   https:\/\/play.hubspotvideo.com   https:\/\/scheduler.default.com   https:\/\/td.doubleclick.net   https:\/\/www.googletagmanager.com; img-src 'self'   https:\/\/a.omappapi.com   https:\/\/alb.reddit.com   https:\/\/forms-na1.hsforms.com   https:\/\/forms.hsforms.com   https:\/\/forms.hubspot.com   https:\/\/googleads.g.doubleclick.net   https:\/\/px.ads.linkedin.com   https:\/\/static.hsappstatic.net   https:\/\/track.hubspot.com   https:\/\/www.google.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; report-uri https:\/\/6823595ee2a3634bf77e7bfe.endpoint.csper.io?builder=true&v=2;","count":2},{"content-security-policy-report-only":" connect-src https: wss:; font-src data: https:; frame-src https:; img-src blob: data: https:; media-src blob: data: https:; object-src 'self' https:\/\/*.app-eu.wrike.com https:\/\/*.app-eu.wrike-cn.com https:\/\/*.wrike.com https:\/\/*.wrike-cn.com https:\/\/*.www.wrike.com https:\/\/*.www.wrike-cn.com https:\/\/youtube.com https:\/\/d3tvpxjako9ywy.cloudfront.net https:\/\/d1c5qktmphn2d.cloudfront.net; manifest-src 'self' https:\/\/cdn.wrike.com https:\/\/cdn.wrike-cn.com; script-src 'unsafe-eval' 'unsafe-inline' data: https:\/\/*.wrike.com https:\/\/*.wrike-cn.com https:\/\/*.www.wrike.com https:\/\/*.www.wrike-cn.com https:\/\/*.app-eu.wrike.com https:\/\/*.app-eu.wrike-cn.com https:\/\/*.google-analytics.com https:\/\/*.usercentrics.eu https:\/\/*.marketo.com https:\/\/*.marketo.net https:\/\/apis.google.com https:\/\/bat.bing.com https:\/\/cdn.ravenjs.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/1056104813\/ https:\/\/snap.licdn.com https:\/\/static.ads-twitter.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/962492627\/ https:\/\/pagead2.googlesyndication.com\/pagead\/conversion\/962492627\/ https:\/\/s.yimg.jp\/images\/listing\/tool\/cv\/ytag.js https:\/\/tag.demandbase.com\/63365c817f510bbb.min.js https:\/\/api.tomi.ai\/029\/loader.js https:\/\/tags.srv.stackadapt.com\/events.js https:\/\/s.yimg.jp\/images\/listing\/tool\/cv\/conversion.js https:\/\/cdn.metadata.io https:\/\/js.partnerstack.com\/v1\/ https:\/\/www.clarity.ms\/ https:\/\/tracking.intentsify.io\/ https:\/\/b97.yahoo.co.jp\/pagead\/conversion_async.js https:\/\/ad.doubleclick.net\/ddm\/adj\/N1344363.197812NSO.CODESRV\/ https:\/\/*.d41.co https:\/\/d3tvpxjako9ywy.cloudfront.net https:\/\/d1c5qktmphn2d.cloudfront.net https:\/\/static.cloudflareinsights.com https:\/\/*.goldcast.io https:\/\/fast.wistia.com https:\/\/js.qualified.com https:\/\/static.axept.io; style-src 'unsafe-inline' data: https:; default-src 'self'; report-uri https:\/\/csp-global.wrike.com\/csp-report?website;","count":2},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.dailytelegraph.com.au\/csp-reports","count":2},{"content-security-policy-report-only":" default-src 'self' *.sleeknote.com https:\/\/*.kindlycdn.com *.boozt.com *.klarna.com *.booztx.com wss:\/\/ws-eu.pusher.com:443 https:\/\/*.pusher.com checkout-cdn.avarda.com wss:\/\/sage.kindly.ai static.criteo.net wss:\/\/ws-eu.pusher.com https:\/\/*.kindly.ai *.booztcdn.com; script-src 'self' data: blob: *.rewardspay.com static.cloudflareinsights.com dp64mxip2za0c.cloudfront.net www.barilliance.net cdn.avo.app *.booztcdn.com www.googleoptimize.com www.googletagmanager.com analytics.tiktok.com *.clarity.ms utt.impactcdn.com cookie-cdn.cookiepro.com atemda.com  script.koral.nu hst.tradedoubler.com cdn.loadbee.com cdn.avo.app the.sciencebehindecommerce.com bat.bing.com *.zenaps.com s2.adform.net tagmanager.google.com vc.hotjar.io cdn.noibu.com *.sleeknote.com widget.eu.criteo.com tr.snapchat.com yastatic.net *.adyen.com googleads.g.doubleclick.net tracking.s24.com *.contentsquare.net cm.g.doubleclick.net *.issuu.com euob.isstarsbuilding.com cdn.cookielaw.org *.flixcar.com web-assets.stylitics.com s.pinimg.com scripts.dialogintelligens.dk pagead2.googlesyndication.com cdn.siftscience.com www.gstatic.com bam-cell.nr-data.net *.kronor.io www.googleadservices.com www.snapengage.com avdonl0p0checkout0fe.blob.core.windows.net 7276578.collect.igodigital.com www.awin1.com *.booztx.com connect.facebook.net bugcrowd.com track.adform.net www.datadoghq-browser-agent.com cdn.depict.ai ct.pinterest.com *.freshchat.com  obseu.isstarsbuilding.com utt.impactcdn.com *.criteo.com www.dwin1.com d38knilzwtuys1.cloudfront.net *.klarnacdn.net *.klarna.com sc-static.net sslwidget.criteo.com assets.bugcrowdusercontent.com *.google.com dev.visualwebsiteoptimizer.com cdn.evgnet.com *.google-analytics.com *.booztcdn.com *.boozt.com privacyportal.onetrust.com s3.amazonaws.com  maps.googleapis.com static.criteo.net *.tradedoubler.com swrap.tradedoubler.com chat.kindlycdn.com *.trustpilot.com www.google.com *.boozt.com tag.smartly.io bam.nr-data.net *.hotjar.com sdk.privacy-center.org geolocation.onetrust.com optimize.google.com lcx-embed.bambuser.com *.liveshopper.net widget.criteo.com 'unsafe-eval' 'unsafe-inline'; font-src 'self' cdn.honey.io *.booztx.com *.boozt.com fonts.gstatic.com cdnjs.cloudflare.com fonts.googleapis.com chat.kindlycdn.com avdonl0p0checkout0fe.blob.core.windows.net *.avarda.com data: *.booztcdn.com  data: ; img-src optimize.google.com data: https: data: blob: 'unsafe-inline'; connect-src 'self' data: chat.kindlycdn.com *.google.com.pr www.bing.com www.googletagmanager.com *.google.com.kh bam.nr-data.net *.google.fr *.google.co.jp checkout-cdn.avarda.com wss:\/\/input.noibu.com *.google.com.eg *.google.by boozt.com *.google.com.ni *.criteo.net *.googleapis.com *.googleapis.com dev.visualwebsiteoptimizer.com *.loadbee.com *.google.mn *.google.com.lb *.google.be *.google.co.nz *.google.ps scripts.dialogintelligens.dk *.googleoptimize.com *.google-analytics.com *.google.com.tw *.google.com.cu analytics.tiktok.com *.google.com.np *.stylitics.com *.google.mk *.google.co.ke d.impct.site *.adzerk.net *.google.sk *.google.com.mt obseu.isstarsbuilding.com *.google.com.uy *.kronor.io *.google.ro api.dialogintelligens.dk *.analytics.google.com tr.snapchat.com *.google.lv *.google.com.au *.adform.net *.google.com.et wss:\/\/proxy.depict.ai:7315 *.google.com.ec *.google.md *.google.com.co *.google.ae analytics.sleeknote.com bot.kindly.ai *.google.co.zw translate.googleapis.com *.google.com.sa *.clarity.ms *.hotjar.com partner.revieve.com  spk.boozt.com cdn.cookielaw.org *.snapchat.com *.onetrust.com *.google.ie vc.hotjar.io *.google.ch *.google.tn *.google.co.id *.google.cl *.google.mw *.datadoghq-browser-agent.com *.google.ba www.snapengage.com *.google.gl *.google.com.bo *.google.es *.google.co.th input.noibu.com *.avarda.com *.google.ci *.google.gr *.google.com.hk unpkg.com *.privacy-center.org *.criteo.net *.google.co.il *.google.am *.browser-intake-datadoghq.eu *.google.com.bh *.google.com *.evergage.com *.google.com.ar *.criteo.com *.google.com.ly adservice.google.com *.google.so *.booztx.com *.boozt.com *.google.co.tz *.google.com *.google.me *.google.mv *.clarity.ms google.com *.google.co.za api.depict.ai *.klarnacdn.net *.google.com.vn kronor.io bam-cell.nr-data.net www.getpica.com *.google.com.qa *.booztcdn.com *.logs.datadoghq.eu  *.hotjar.io browser-intake-datadoghq.eu *.google.ru *.google.pt *.google.co.cr app.vwo.com *.google.com.tr *.google.lu *.contentsquare.net *.hotjar.com dawa.aws.dk *.google.lt sp.boozt.com *.doubleclick.net *.google.co.bw *.google.com.gh *.google.no *.sleeknote.com *.google.com.bd *.google.com.kw *.visualwebsiteoptimizer.com booztfashionab.pxf.io *.google.ge *.google.com.pe *.google.com.sg *.google.it pagead2.googlesyndication.com www.facebook.com wss:\/\/kronor.io *.google.al *.google.com.br *.google.com.ua *.google.co.vi *.google.co.ck www.googleadservices.com *.google.mu *.google.az stats.g.doubleclick.net *.google.bi *.google.lt *.google.com.na *.klarna.com *.google.ee *.google.cz *.google.com.pk *.google.gm *.google.fi *.hotjar.io media.flixfacts.com api.avo.app *.google.com.do *.google.sc *.google.rs *.google.hu *.google.si *.google.co.uz ct.pinterest.com *.google.sr *.google.iq *.google.co.zm *.google.hr *.google.tg *.google.co.uk *.google.lk *.google.com.jm *.google.kg *.google.com.af bat.bing.net *.google.pl *.google.com.ph *.google.nl *.google.cn *.google.cv wss:\/\/ws-eu.pusher.com *.contentsquare.com *.google.com.my *.google.bg fpt.boozt.com bat.bing.com *.google.is *.google.at *.google.com.mx *.google-analytics.com *.google.bt dev.visualwebsiteoptimizer.com *.klarnaevt.com code.jquery.com *.google.ca *.google.com.cy *.google.jo *.hotjar.com *.google.co.ma *.google.de *.adyen.com *.google.ga *.google.kz *.avarda.org; child-src 'self' td.doubleclick.net js.klarna.com tr.snapchat.com track.adform.net ct.pinterest.com www.googletagmanager.com *.freshchat.com *.trustpilot.com static.criteo.net fpt.boozt.com *.google-analytics.com *.criteo.com *.hotjar.com blob: ; frame-src 'self' www.instagram.com *.secure2gw.ro *.otpbanka.hr *.sbanken.no *.fuib.com *.klarnacdn.net *.ing.ro td.doubleclick.net www.securesuite.co.uk static.criteo.net *.criteo.com static.criteo.net *.adyen.com widget.eu.criteo.com *.op.fi dialogintelligens.dk *.issuu.com www.facebook.com booztfashionab.pxf.io chatbot.dialogintelligens.dk payment-gateway.kronor.io *.trustpilot.com *.edb.com *.rewardspay.com *.sibs.pt sc-static.net bid.g.doubleclick.net *.cardinalcommerce.com *.komplettbank.se www.rsa3dsauth.co.uk vc.hotjar.io *.snapchat.com *.skandia.se web.facebook.com *.nordea.com *.rpc-raiffeisen.com *.redsys.es trustly.com *.trustly.com *.freshchat.com *.booztcdn.com bugcrowd.com td.doubleclick.net *.saastopankki.fi *.lcl.fr the.sciencebehindecommerce.com *.komplettbank.com *.hcaptcha.co *.arcot.com gum.criteo.com xn--nskeskyen-k8a.dk *.klarna.com *.estcard.ee *.netcetera-payment.ch *.vinea.es optimize.google.com *.bpcbt.com lcx-player.bambuser.com *.hotjar.com *.alandsbanken.fi *.kronor.io *.wirecard.com *.signicat.com *.targobank.de *.swedbank.lt *.rabobank.nl player.vimeo.com *.sparebank1.no cdn.depict.ai *.boozt.com *.sia.eu *.sparkassen-kreditkarten.de *.modirum.com www.awin1.com *.danskebank.com *.btrl.ro gum.criteo.com *.zenaps.com widget.koral.nu assets.pinterest.com www.facebook.com *.fio.cz *.nexi.it td.doubleclick.net *.3dsecure.no *.wlp-acs.com staticxx.facebook.com *.loadbee.com dev.visualwebsiteoptimizer.com *.nbg.gr ct.pinterest.com *.swedbank.se *.flixcar.com *.eewosecure.com acs-safekey.americanexpress.com track.adform.net dis.eu.criteo.com www.googletagmanager.com *.citadele.lv *.booztx.com  www.getpica.com *.touch.tech *.luottokunta.fi *.creditmutuel.fr *.cmbchina.com; style-src 'self' *.freshchat.com *.adyen.com cdn.cookielaw.org privacyportal.onetrust.com *.booztx.com *.booztcdn.com optimize.google.com *.boozt.com fonts.googleapis.com d38knilzwtuys1.cloudfront.net tagmanager.google.co geolocation.onetrust.com *.stylitics.com *.kronor.io chat.kindlycdn.com *.flixcar.com cdn.honey.io cookie-cdn.cookiepro.com translate.googleapis.com blob: data: blob: 'unsafe-inline'; manifest-src 'self' *.booztx.com *.boozt.com *.booztcdn.com; media-src 'self' data: *.booztcdn.com storage.googleapis.com *.booztx.com www.snapengage.com; frame-ancestors 'self' ; report-uri \/csp-report\/; report-to csp-reports","count":2},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/b3ceba9babf02086c0dca962bbbd1cda.report-uri.io\/r\/default\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" default-src 'self'; media-src 'self'; connect-src 'self' https:\/\/vpncdn.protonweb.com https:\/\/account.proton.me https:\/\/account.protonvpn.com https:\/\/telemetry.protonvpn.com *.metrics.convertexperiments.com logs.convertexperiments.com *.convertexperiments.com; script-src 'self' blob: 'unsafe-eval' 'unsafe-inline' https:\/\/vpncdn.protonweb.com; style-src 'self' 'unsafe-inline' https:\/\/vpncdn.protonweb.com; font-src 'self' https:\/\/vpncdn.protonweb.com; img-src 'self' data: blob: https:; frame-src 'self' data: blob: https:\/\/www.youtube-nocookie.com https:\/\/www.openstreetmap.org; object-src 'self' data: blob:; child-src 'self' data: blob:; report-uri https:\/\/reports.proton.me\/reports\/csp; frame-ancestors 'self';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/widget.trustpilot.com https:\/\/prod.spline.design https:\/\/cdn-cookieyes.com https:\/\/js.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js.hsforms.net https:\/\/js.hscollectedforms.net https:\/\/js.hs-banner.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; img-src 'self' data: blob: https:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/*.supabase.co https:\/\/*.upstash.io https:\/\/prod.spline.design https:\/\/cdn-cookieyes.com https:\/\/log.cookieyes.com https:\/\/api.hubapi.com https:\/\/forms.hubspot.com https:\/\/js.hs-analytics.net; frame-src 'self' https:\/\/widget.trustpilot.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; media-src 'self'; object-src 'none'; base-uri 'self'","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft; frame-ancestors 'self' https:\/\/teams.microsoft.com https:\/\/retailservices.teams.microsoft.com https:\/\/retailservices-ppe.teams.microsoft.com https:\/\/tasks.teams.microsoft.com https:\/\/local.teams.office.com https:\/\/devspaces.skype.com https:\/\/ssauth.skype.com https:\/\/teams.microsoft.com.mcas.ms https:\/\/teams.microsoft.com.us3.cas.ms https:\/\/local.teams.office.com:8080 https:\/\/teams.live.com https:\/\/outlook-sdf.office.com https:\/\/outlook.office.com\/ https:\/\/assignments.onenote.com https:\/\/assignments.edu.cloud.microsoft https:\/\/browser-sandbox.meshxp.net\/ https:\/\/spoolclientsdk.skype.com https:\/\/acsinternal-cte-beta.azurewebsites.net https:\/\/acssample-beta.azurewebsites.net https:\/\/acssample-stable.azurewebsites.net https:\/\/loop.microsoft.com https:\/\/*.loop.microsoft.com https:\/\/loop.cloud.microsoft https:\/\/loop.cloud-dev.microsoft https:\/\/app.int.whiteboard.microsoft.com https:\/\/whiteboard.cloud-dev.microsoft https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft https:\/\/*.whiteboard.microsoft.com https:\/\/whiteboard.microsoft.com https:\/\/whiteboard.office.com https:\/\/teams.cloud.microsoft https:\/\/outlook.cloud.microsoft https:\/\/m365.cloud.microsoft https:\/\/res-sdf.cdn.office.net https:\/\/res.cdn.office.net https:\/\/mesh.public.onecdn.static.microsoft https:\/\/mesh.df.onecdn.static.microsoft https:\/\/m365.cloud.microsoft https:\/\/sbrprodprv.www.office.com https:\/\/scuprodprv.www.office.com https:\/\/fa000000174.resources.office.net https:\/\/outlook.office.com https:\/\/planner.cloud.microsoft; base-uri 'none'; manifest-src 'self' https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft; script-src 'self' 'wasm-unsafe-eval' 'report-sample' https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft http:\/\/amcdn.msftauth.net https:\/\/amcdn.msftauth.net https:\/\/*.office365.com https:\/\/shell.cdn.office.net https:\/\/cdn.fluidpreview.office.net https:\/\/js.monitor.azure.com https:\/\/res-1.cdn.office.net https:\/\/res.cdn.office.net https:\/\/ch5.fluidpreview.office.net https:\/\/cdn.dev.fluidpreview.office.net https:\/\/dev.loop.microsoft.com https:\/\/res-sdf.cdn.office.net 'sha256-VCkGe6AeV2B4vV7flXt9Dkkp04wMc8zq7faHdRwhOx0=' 'sha256-Wmg7miLkEVn5v393z4Ch7lbKnpNnLZhnVOk\/iJN1miE='; style-src 'self' 'unsafe-inline' 'report-sample' https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft https:\/\/*.office.net https:\/\/res.cdn.office.net https:\/\/cdn.fluidpreview.office.net https:\/\/ch5.fluidpreview.office.net https:\/\/cdn.dev.fluidpreview.office.net https:\/\/dev.loop.microsoft.com https:\/\/res-sdf.cdn.office.net; font-src 'self' https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft data: https:\/\/*.office.net https:\/\/spoprod-a.akamaihd.net https:\/\/static2.sharepointonline.com fs.microsoft.com; img-src 'self' https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft blob: data: https:\/\/*.office.com https:\/\/*.office365.com https:\/\/outlook.live.com https:\/\/*.teams.microsoft.com https:\/\/*.officeapps.live.com https:\/\/web.vortex.data.microsoft.com https:\/\/shell.cdn.office.net https:\/\/urlp.asm.skype.com https:\/\/urlp.sfbassets.com https:\/\/login.live.com https:\/\/storage.live.com; connect-src 'self' blob: https:\/\/* wss:\/\/whiteboard.microsoft.com\/sync wss:\/\/whiteboard.svc.cloud.microsoft\/sync wss:\/\/whiteboard.svc.cloud.dev.microsoft\/sync wss:\/\/*.whiteboard.microsoft.com wss:\/\/whiteboard.microsoft.com wss:\/\/*.svc.ms wss:\/\/dogfood.augloop.svc.cloud.microsoft wss:\/\/*.dogfood.augloop.svc.cloud.microsoft wss:\/\/*.augloop-dogfood.officeppe.com wss:\/\/augloop-dogfood.officeppe.com wss:\/\/augloop.svc.cloud.microsoft wss:\/\/*.augloop.svc.cloud.microsoft wss:\/\/*.augloop.office.com wss:\/\/augloop.office.com wss:\/\/augloop-gcc.office.com wss:\/\/*.augloop-gcc.office.com; worker-src 'self' https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft; frame-src 'self' https:\/\/* https:\/\/webshell.suite.office.com; media-src 'self' https:\/\/whiteboard.cloud.dev.microsoft https:\/\/whiteboard.cloud.microsoft; object-src 'none'; form-action 'self' https:\/\/*; report-uri https:\/\/csp.microsoft.com\/report\/WhiteboardWebClient-WhiteboardApp-PROD; report-to csp-endpoint;","count":2},{"content-security-policy-report-only":" default-src * data: ; script-src * 'unsafe-inline' 'unsafe-eval'  ; style-src * 'unsafe-inline' data: ; frame-ancestors 'none'; report-uri \/csp-violation-report-endpoint\/","count":2},{"content-security-policy-report-only":" object-src https:\/\/players.brightcove.net https:\/\/www.realpage.com https:\/\/s.realpage.com https:\/\/vjs.zencdn.net;img-src * blob: data:; font-src https:\/\/acsbapp.com https:\/\/www.realpage.com https:\/\/s.realpage.com https:\/\/use.typekit.net https:\/\/fonts.gstatic.com https:\/\/vjs.zencdn.net https:\/\/www.slant.co data:; style-src *.typekit.net https:\/\/www.realpage.com https:\/\/s.realpage.com https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/cdn.jsdelivr.net 'unsafe-inline'; frame-ancestors 'self' *.realpage.com *.seismic.com www.realpagelearning.com *.yieldstar.com *.mpfyieldstar.com; report-to csp-report-only; report-uri https:\/\/cspreports.realpage.com\/api\/reports\/save\/report-only;","count":2},{"content-security-policy-report-only":" form-action *.facebook.com; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.fls.doubleclick.net *.doubleclick.net *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com *.omtrdc.net *.twitter.com covers.odilo.io *.ads-twitter.com *.facebook.com *.facebook.net cdn.cookielaw.org *.googletagmanager.com *.googleadservices.com online.bancosantander.es a.omappapi.com *.googleapis.com extend.vimeocdn.com t.co adservice.google.com *.linkedin.com *.google-analytics.com *.santanderopenacademy.com *.universia.net fonts.gstatic.com in-automate.sendinblue.com z.omappapi.com api.omappapi.com snap.licdn.com images.findawayworld.com *.tiktok.com privacyportal-de.onetrust.com sibautomation.com use.typekit.net pro-becas-images-s3.s3.eu-west-1.amazonaws.com santander-privacy.my.onetrust.com; frame-ancestors 'self' *.santanderopenacademy.com *.googletagmanager.com; connect-src 'self' cdn.equalweb.com *.universia.net pro-becas-images-s3.s3.eu-west-1.amazonaws.com www.linkedin.com script.hotjar.com img.youtube.com px4.ads.linkedin.com t.co surveystats.hotjar.io analytics.twitter.com www.google.es mboxedge37.tt.omtrdc.net santanderuniversidad.tt.omtrdc.net www.googletagservices.com www.google.ie www.facebook.com cdn.cookielaw.org googleads.g.doubleclick.net stats.g.doubleclick.net www.google.com pagead2.googlesyndication.com *.analytics.google.com vc.hotjar.io metrics.hotjar.io wss:\/\/ws.hotjar.com ws.hotjar.com content.hotjar.io *.google-analytics.com px.ads.linkedin.com analytics.tiktok.com *.pangle-ads.com *.omappapi.com *.vimeo.com *.santanderopenacademy.com *.googlesyndication.com *.onetrust.com *.tiktokw.us sc-static.net *.sc-static.net snapchat.com *.snapchat.com onetrust.com *.onetrust.com omtrdc.net *.omtrdc.net analytics.google.com *.google.com *.adoberesources.net adoberesources.net *.adobedc.net adobedc.net *.demdex.net demdex.net; font-src 'self' script.hotjar.com fonts.gstatic.com data:; frame-src 'self' www.youtube.com www.google.com *.doubleclick.net track.adform.net www.facebook.com *.universia.net universia.net *.santanderopenacademy.com *.vimeo.com doubleclick.net *.doubleclick.net; img-src 'self' data: *.santanderopenacademy.com *.santanderx.com dss.hybrid.ai su-commons-documents.s3.eu-west-1.amazonaws.com pro-becas-images-s3.s3.eu-west-1.amazonaws.com i.ytimg.com non-productive-alfred-s3.s3.eu-west-1.amazonaws.com *.universia.net img.youtube.com cdn.cookielaw.org www.facebook.com fonts.gstatic.com www.google.ie www.google.com www.google.es *.googletagmanager.com *.google-analytics.com px.ads.linkedin.com px4.ads.linkedin.com t.co analytics.twitter.com covers.odilo.io images.findawayworld.com *.doubleclick.net *.odilotk.es *.googlesyndication.com snapchat.com *.snapchat.com; manifest-src 'self'; media-src 'self' data: *.santanderopenacademy.com *.santanderx.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' emd.hybrid.ai *.hybrid.ai pixel.wp.pl www.google.com 'sha256-YSegCmpoY\/9vy6z9Jp\/wY5F+2CZOSO85IpkqRDamw6o=' 'sha256-8UQUF8T5SdG0xN7U0SziZK\/tE7Mx20WlIEvrhPZS+5c=' 'sha256-ZC4Ihfl+1sv3E25DQh090ITQKwffxiocyA9C1vaePKU=' 'sha256-y+EdpRp7NGzuxDREjdSGXuM2ZRxY\/zPRIps6hzHQOcU=' 'sha256-ZC4Ihfl+1sv3E25DQh090ITQKwffxiocyA9C1vaePKU=' 'sha256-HbtNuErO4Ji0X7sd59L8NfJYuQk3WllCWK3gVuRMpfM=' 'sha256-BBirXJiJdwXRuf4PKdCNfYQLT8mhwGu68gkk2lfCqN8=' 'sha256-9gh4m8bsTLdMvKZ358mYZY2d+f5k+bk+APY\/b3jwy1o=' 'sha256-xeKH9HwGHVm84iWqrxisQix9T08PGSCZTxFIO4+ewWk=' 'sha256-DwzQ63XCPWPBU9VhenPaZeU1L0tiiqJkkaWArzaMA14=' 'sha256-5t573MY7H7LQK71Vf2b+RoOG9NlBxHctIHdMjVPJIE0=' 'sha256-ZxrnaNw21FtNs0hG3ejrGPJWMFqp2c2scn3dGBS7Xtk=' 'sha256-DaJ5+aVVCCwmIoJpsto8Q2FfkqVlML3utJdn4mDMGD0=' 'sha256-Fj\/OzUbSCuycXsQO3rkxgJpOQcr0O4grKcZDUi0FIiU=' 'sha256-L89rOqVn3e1Yeav7YFzFH7bxGr1IyHtjhNxYvrcVL4E=' 'sha256-g2T0Peh4PkAjcTj+CFHeM0y83Uuh+6W\/+Ay4nUyncSo=' 'sha256-BpTz1JC47PMe4NhdM7n0gmuvr+83Jo3c+LLXav8o+Wc=' 'sha256-+i46atGTJGrevoy\/LaA\/uxqfIvacu6J\/34f4LYs4FLU=' 'sha256-NW1gvrymt4M+SBgRpB7GKpbvkiAcBF120jBugIgwTkY=' 'sha256-TCOS0LXlyOYGx+xlpfAYkRxyaOiYLTlRzHwI0YQSm3Q=' 'sha256-XdoX181xfRJT12LmChyU6l4zxvoIsaAHf4FxTHoJM+I=' 'sha256-NKT4ofJEPzU1gDi1WITFInJvz8potrsIe5i+LSnCKqo=' 'sha256-w6kdg\/3YV4tBVkaDe4i2aktYPtaPLEHNIGHKOXJ7aZI=' 'sha256-7OI\/iFnRHuxJU3EbXDhDFX6g3cZ0C1I8U6VTbbk7bPw=' 'sha256-VY8NVZZ8EZKkngWGPFlpnC0jlPPS4naDQeeIKqLpgUU=' 'sha256-3ThNsno0lln5H88qDcBDPljNxQaOgkPiulXpM\/OsV1s=' 'sha256-8N1I80yqbb8\/sRov2zmhZf1nwe9Hd8PifhnSJaDP664=' 'sha256-LG4xcV34tsaAdFNYuH8Lr84Ovn0ZnSV2GoIA+TiLP5s=' 'sha256-y36RoFUJWgc8gbl\/5Pk2\/0bsYv2bJ+bMa8Y4LV\/Wz\/k=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-3FPxyKucOIUnwkis1jUlVWeg63ttBCdsnPZ7d1\/U9vQ=' 'sha256-lBxE5qVCAIfADFr1+pdyVxAP7I\/YVviosUAsCf3pZtU=' 'sha256-3iXpidN34sHSaOL+oY8lqqkqIs8qgMSZmmFOyyyJq5o=' 'sha256-TZjz12EnkJLarfuyWy8NqZ9HG8RpIuFAlQySbT4\/4h8=' 'sha256-Y4y\/Z3pJNei7wFfh20klvIrbZiajvE\/JWO1KhI668Xo=' 'sha256-LigV2Z6\/JVA57qW0q8wSx849ylkhI35JZTPqGObl9ks=' 'sha256-83sIN1kEH+EziQHRTaQiSWImOUtv0wFFfa74npfXyoE=' 'sha256-BMIPp0uCJPYMdHFyQdug09fBOv1yC4c3ATQ5HIB8lnU=' 'sha256-mkZ77JgvPSMOW\/FuYQr4tf+Z2qIq0e\/ozaNEcVp9eyc=' cdn.jsdelivr.net cdn.equalweb.com code.jquery.com track.adform.net s2.adform.net www.googletagservices.com cdn.cookielaw.org googleads.g.doubleclick.net connect.facebook.net static.hotjar.com metrics.hotjar.io script.hotjar.com *.googletagmanager.com *.google-analytics.com snap.licdn.com static.ads-twitter.com analytics.tiktok.com *.googleapis.com pro-becas-images-s3.s3.eu-west-1.amazonaws.com *.gstatic.com *.omappapi.com *.googleadservices.com *.santanderopenacademy.com *.googlesyndication.com sc-static.net *.sc-static.net snapchat.com *.snapchat.com onetrust.com *.onetrust.com omtrdc.net *.omtrdc.net analytics.google.com *.google.com *.adoberesources.net adoberesources.net *.adobedc.net adobedc.net *.demdex.net demdex.net st.hybrid.ai; style-src 'self' 'unsafe-inline' stackpath.bootstrapcdn.com *.googletagmanager.com fonts.googleapis.com *.omappapi.com; worker-src *.universia.net","count":2},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/robbreport.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/headless-storefront-assets.wildtangent.com; media-src 'self' data: https:; connect-src 'self' https:; frame-src https:; frame-ancestors 'self'; worker-src 'self' blob:; form-action 'self'; base-uri 'self'; report-uri https:\/\/reporting-api.gamigo.com\/report\/wildtangent.com; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.artnews.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/themes.googleusercontent.com\/ https:\/\/apps.geodan.nl https:\/\/acc.apps.geodan.nl https:\/\/platform.twitter.com\/ https:\/\/syndication.twitter.com\/ http:\/\/www.rovid.nl https:\/\/geodata.rivm.nl https:\/\/statistiek.rijksoverheid.nl https:\/\/mebi.rivm.nl https:\/\/cstm.rivm.nl\/ https:\/\/cgl-web-api.rivm.nl\/ https:\/\/acceptatie-cgl-web-api.rivm.nl\/ https:\/\/data.rivm.nl\/ https:\/\/chemkap.rivm.nl https:\/\/app.powerbi.com\/ https:\/\/api.pdok.nl\/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/statistiek.rijksoverheid.nl http:\/\/platform.twitter.com\/ https:\/\/cdn.syndication.twimg.com https:\/\/mebi.rivm.nl https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cstm.rivm.nl\/ https:\/\/cgl-web-api.rivm.nl\/ https:\/\/acceptatie-cgl-web-api.rivm.nl\/ https:\/\/data.rivm.nl\/  https:\/\/apps.rivm.nl https:\/\/chemkap.rivm.nl https:\/\/*.mopinion.com https:\/\/api.pdok.nl\/; object-src https:\/\/cstm.rivm.nl\/ https:\/\/cgl-web-api.rivm.nl\/ https:\/\/acceptatie-cgl-web-api.rivm.nl\/ https:\/\/app.powerbi.com\/ https:\/\/api.pdok.nl\/; style-src 'self' 'unsafe-inline' https:\/\/platform.twitter.com\/ https:\/\/ton.twimg.com\/ https:\/\/mebi.rivm.nl https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cstm.rivm.nl\/ https:\/\/cgl-web-api.rivm.nl\/ https:\/\/acceptatie-cgl-web-api.rivm.nl\/ https:\/\/*.mopinion.com https:\/\/data.rivm.nl\/ https:\/\/api.pdok.nl\/; img-src 'self' https:\/\/rivm.nl\/ https:\/\/*.rivm.nl\/ https:\/\/statistiek.rijksoverheid.nl\/ https:\/\/geodata.nationaalgeoregister.nl\/ https:\/\/syndication.twitter.com\/ https:\/\/pbs.twimg.com\/ https:\/\/ton.twimg.com\/ https:\/\/abs.twimg.com\/ https:\/\/platform.twitter.com\/ http:\/\/abs.twimg.com\/ data:  http:\/\/www.rovid.nl https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cstm.rivm.nl\/ https:\/\/cgl-web-api.rivm.nl\/ https:\/\/acceptatie-cgl-web-api.rivm.nl\/  https:\/\/service.pdok.nl\/ https:\/\/data.rivm.nl\/  https:\/\/*.openstreetmap.org\/ https:\/\/chemkap.rivm.nl https:\/\/api.pdok.nl\/; frame-src 'self' https:\/\/cibrapportage.rivm.nl https:\/\/esp-ext.rivm.nl https:\/\/login-ext.rivm.nl https:\/\/chemkap.rivm.nl https:\/\/www.infectieradar.nl https:\/\/app.powerbi.com https:\/\/api.pdok.nl\/; frame-ancestors 'self' https:\/\/www.atlasleefomgeving.nl https:\/\/*.gezondeleefomgeving.nl https:\/\/*.woondossier.nl https:\/\/roosendaal.incijfers.nl https:\/\/*.nhnieuws.nl https:\/\/chemkap.rivm.nl https:\/\/www.infectieradar.nl https:\/\/api.pdok.nl; child-src https:\/\/cstm.rivm.nl\/ https:\/\/cgl-web-api.rivm.nl\/ https:\/\/acceptatie-cgl-web-api.rivm.nl\/ https:\/\/data.rivm.nl\/  https:\/\/app.powerbi.com https:\/\/api.pdok.nl\/; font-src 'self' https:\/\/rivm.nl\/ https:\/\/*.rivm.nl\/ https:\/\/themes.googleusercontent.com\/ https:\/\/cstm.rivm.nl\/ https:\/\/*.mopinion.com https:\/\/cgl-web-api.rivm.nl\/ https:\/\/acceptatie-cgl-web-api.rivm.nl\/ https:\/\/data.rivm.nl\/ https:\/\/api.pdok.nl\/; connect-src 'self' https:\/\/mebi.rivm.nl\/ https:\/\/statistiek.rijksoverheid.nl\/ https:\/\/statistiek.rijksoverheid.nl\/* https:\/\/cstm.rivm.nl\/ https:\/\/cstm.rivm.nl\/* https:\/\/cgl-web-api.rivm.nl\/ https:\/\/acceptatie-cgl-web-api.rivm.nl\/ https:\/\/acc-api.rivm.nl https:\/\/api.rivm.nl\/ https:\/\/api.pdok.nl\/* https:\/\/*.mopinion.com; report-uri \/report-csp-violation","count":2},{"content-security-policy-report-only":" : default-src 'self'; report-uri https:\/\/mtsrs.report-uri.com\/r\/d\/csp\/reportOnly;","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; object-src 'self' https:; style-src 'self' data: 'unsafe-inline' https:; img-src 'self' data: blob: https:; media-src 'self' data: blob: https:; frame-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' data: https:;","count":2},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https:\/\/jadlog.com.br https:\/\/www.jadlog.com.b; script-src 'self' https:\/\/static.zdassets.com https:\/\/www.googletagmanager.com https:\/\/ssl.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/static.cloudflareinsights.com https:\/\/code.jquery.com https:\/\/cdnjs.cloudflare.com https:\/\/ajax.cloudflare.com https:\/\/pod-27-sunco-ws.zendesk.com; style-src 'self' https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/code.jquery.com https:\/\/cdnjs.cloudflare.com https:\/\/static.zdassets.com https:\/\/cdn.cookielaw.org; img-src 'self' data: https:\/\/*.tile.openstreetmap.org https:\/\/ssl.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.google.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com; connect-src 'self' https:\/\/cdn.cookielaw.org https:\/\/ekr.zdassets.com https:\/\/jadloglogsticahelp.zendesk.com https:\/\/pod-27-sunco-ws.zendesk.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/cloudflareinsights.com; frame-src 'self' https:\/\/www.google.com https:\/\/jadlog.force.com https:\/\/jadloglogsticahelp.zendesk.com; report-uri https:\/\/service.jadlog.com.br\/csp-report-endpoint; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.wellhub.com *.amplitude.com https:\/\/js.appboycdn.com\/web-sdk\/4.0\/braze.no-amd.min.js https:\/\/widget-mediator.zopim.com https:\/\/js-na1.hs-scripts.com https:\/\/static.zdassets.com https:\/\/sdk.inbenta.io https:\/\/chatbot.backoffice.gympass-staging.com\/chatbot-site-gympass-com.js https:\/\/cdn.optimizely.com https:\/\/maps.googleapis.com https:\/\/x.clearbitjs.com https:\/\/js.hscollectedforms.net https:\/\/connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com cdn.cookielaw.org\/ cdn.segment.com bat.bing.com\/bat.js cdn.jsdelivr.net\/npm\/jquery-validation@1.19.5\/dist\/jquery.validate.min.js cdn.optimizely.com\/js\/ cdn.segment.com\/analytics.js\/ cdnjs.cloudflare.com\/ajax\/libs\/jquery.mask\/1.14.16\/jquery.mask.min.js code.jquery.com\/jquery-3.6.0.min.js connect.facebook.net\/en_US\/fbevents.js googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/ j.6sc.co\/6si.min.js js.driftt.com\/include\/ js.hs-analytics.net\/analytics\/ js.hs-banner.com\/ js.hs-scripts.com\/ js.hsadspixel.net\/fb.js js.hsforms.net\/forms\/v2.js js.hsleadflows.net\/leadflows.js js.usemessages.com\/conversations-embed.js rum-static.pingdom.net\/ s.yimg.com\/wi\/ytc.js script.hotjar.com\/ snap.licdn.com\/li.lms-analytics\/ static.hotjar.com\/c\/ static.hsappstatic.net\/MeetingsEmbed\/ex\/MeetingsEmbedCode.js tag.clearbitscripts.com\/v1\/ tpc.googlesyndication.com\/ unpkg.com\/blip-chat-widget https:\/\/js.qualified.com\/ https:\/\/*.salesloft.com\/ clarity.ms\/tag\/uet\/ *.clarity.ms\/tag\/uet\/ x.clearbitjs.com\/v2\/ https:\/\/s3.amazonaws.com\/raichu-beta\/ https:\/\/static.play.ht\/playht-pageplayer-plugin.js https:\/\/bat.bing.com\/p\/action\/ https:\/\/connect.facebook.net\/signals\/config\/ https:\/\/js.hubspot.com\/web-interactives-embed.js https:\/\/analytics.tiktok.com\/ https:\/\/www.clarity.ms\/s\/ https:\/\/static.xingcdn.com\/xingtrk\/index.js; style-src 'self' 'unsafe-inline' https:\/\/sdk.inbenta.io fonts.googleapis.com https:\/\/www.googletagmanager.com\/ https:\/\/s3.amazonaws.com\/raichu-beta\/ https:\/\/static.play.ht\/playht-pageplayer-plugin.css; object-src 'none'; base-uri 'self'; connect-src 'self' *.wellhub.com https:\/\/app.qualified.com\/ wss:\/\/*.qualified.com https:\/\/unleash-edge-mep.gympass.com https:\/\/unleash-edge-mep.gympass.com\/api\/frontend\/ https:\/\/traces.observability.prd.us.gympass.cloud\/collect https:\/\/ext-otel.mep.prd.us.gympass.cloud\/collect https:\/\/sdk.iad-03.braze.com\/api\/v3\/data cdn.cookielaw.org\/ *.onetrust.com inbenta.io *.inbenta.io https:\/\/api.inbenta.io wss:\/\/widget-mediator.zopim.com https:\/\/zendesk-eu.my.sentry.io *.zendesk.com zendesk.com https:\/\/static.zdassets.com https:\/\/ekr.zdassets.com https:\/\/maps.googleapis.com https:\/\/unlogged.users.gympass-staging.com https:\/\/mpc2-prod-23-is5qnl632q-ue.a.run.app https:\/\/mpc2-prod-1-is5qnl632q-uc.a.run.app https:\/\/analytics-ipv6.tiktokw.us https:\/\/demo-1.conversionsapigateway.com https:\/\/translate.googleapis.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com google.com googleadservices.com https:\/\/www.google.com.br\/ google.com.br googleads.g.doubleclick.net https:\/\/googleads.g.doubleclick.net\/ api.hubapi.com hubspot.com *.hubspot.com api.segment.io app.clearbit.com bat.bing.com cdn.segment.com epsilon.6sense.com *.optimizely.com optimizely.com forms.hsforms.com in.hotjar.com ipv6.6sc.co js.hs-banner.com *.clarity.ms rum-collector-2.pingdom.net s.yimg.com stats.g.doubleclick.net unlogged.users.gympass.com https:\/\/play.ht\/api\/v2\/ https:\/\/places.geo.us-east-1.amazonaws.com https:\/\/*.cloudfront.net https:\/\/px.ads.linkedin.com https:\/\/analytics.tiktok.com\/ api.reclameaqui.com.br https:\/\/browser-intake-datadoghq.com\/api\/v2\/ https:\/\/rum.browser-intake-datadoghq.com\/api\/v2\/ https:\/\/www.facebook.com\/ https:\/\/region1.analytics.google.com\/ wss:\/\/*.hotjar.com\/ https:\/\/*.hotjar.io\/ https:\/\/o4504963224764416.ingest.us.sentry.io\/api\/ https:\/\/www.xing.com\/xas\/api\/tracking_pixel_verification; font-src 'self' data: https:\/\/cdn.inbenta.io fonts.gstatic.com https:\/\/assets-cdn.gympass.com https:\/\/assets-cdn.wellhub.com https:\/\/script.hotjar.com\/ https:\/\/s3.amazonaws.com\/play-plugin\/build\/font https:\/\/js.qualified.com; frame-src 'self' https:\/\/gympass.chat.blip.ai https:\/\/app.qualified.com\/ optimizely.com *.cdn.optimizely.com googleadservices.com bid.g.doubleclick.net forms.hsforms.com js.driftt.com meetings.hubspot.com tpc.googlesyndication.com vars.hotjar.com facebook.com https:\/\/www.facebook.com\/ www.googletagmanager.com\/ https:\/\/www.youtube.com\/ https:\/\/td.doubleclick.net; img-src 'self' data: https:\/\/s3.amazonaws.com\/raichu-beta\/ https:\/\/assets-cdn.gympass-staging.com https:\/\/assets-cdn.gympass.com https:\/\/assets-cdn.wellhub.com https:\/\/images.partners.gympass.com\/ https:\/\/tmp-images.partners.gympass.com\/ https:\/\/p.adsymptotic.com https:\/\/www.googletagmanager.com https:\/\/translate.google.com cdn.cookielaw.org\/ *.inbenta.com inbenta.com https:\/\/gympass-staging-images-us.s3.amazonaws.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/analytics.tiktok.com\/ https:\/\/connect.facebook.net *.clarity.ms\/ cloudfront.net *.cloudfront.net https:\/\/www.google.com\/ads\/ga-audiences https:\/\/www.google.com.br\/ads\/ga-audiences https:\/\/www.google.com\/pagead\/1p-user-list\/ b.6sc.co bat.bing.com https:\/\/c.bing.com\/ forms-na1.hsforms.com forms.hsforms.com googleads.g.doubleclick.net https:\/\/googleads.g.doubleclick.net\/ px.ads.linkedin.com sp.analytics.yahoo.com track.hubspot.com facebook.com https:\/\/www.google-analytics.com google.com google.com.br www.google.com.br https:\/\/www.google.co.uk\/ https:\/\/www.google.com.ar\/ https:\/\/www.google.com.mx\/ https:\/\/www.google.de\/ https:\/\/www.google.es\/ https:\/\/www.google.cl\/ https:\/\/www.google.it\/ https:\/\/www.facebook.com\/ https:\/\/fonts.gstatic.com\/ https:\/\/px4.ads.linkedin.com\/collect https:\/\/www.linkedin.com\/px\/ https:\/\/ads01.groovinads.com\/ https:\/\/perf-na1.hsforms.com\/embed\/v3\/counters.gif; manifest-src 'self'; media-src 'self' https:\/\/static.zdassets.com https:\/\/*.qualified.com; worker-src 'self' *.gympass-staging.com blob:;","count":2},{"content-security-policy-report-only":" default-src 'self';connect-src 'self' https:\/\/analytics.majestic.com https:\/\/analytics.majesticseo.com https:\/\/*.google-analytics.com https:\/\/*.g.doubleclick.net https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/analytics.majesticseo.com https:\/\/analytics.majestic.com https:\/\/info.majestic.com https:\/\/*.googletagmanager.com www.google-analytics.com https:\/\/www.googleadservices.com\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/platform.twitter.com\/ https:\/\/challenges.cloudflare.com;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https:\/\/www.youtube-nocookie.com\/ https:\/\/player.vimeo.com\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/platform.twitter.com\/ https:\/\/player.captivate.fm\/ https:\/\/syndication.twitter.com\/ https:\/\/challenges.cloudflare.com;child-src www.openstreetmap.org www.youtube.com https:\/\/www.google.com\/recaptcha\/ https:\/\/platform.twitter.com\/ https:\/\/syndication.twitter.com\/;frame-ancestors https:\/\/docs.google.com https:\/\/*.googleusercontent.com;report-uri \/csp\/report;report-to report-endpoint","count":2},{"content-security-policy-report-only":" default-src 'self' *.adsrvr.org *.google.com *.doubleclick.net *.optimizely.com *.facebook.com *.cookielaw.org *.clarity.ms apps.usw2.pure.cloud www.googletagmanager.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com cdn.jsdelivr.net code.jquery.com embed.signalintent.com *.optimizely.com cdn.segment.com *.googleapis.com www.googletagmanager.com www.google.com www.gstatic.com *.btttag.com *.bing.com *.app-us1.com *.adsrvr.org *.doubleclick.net *.cookielaw.org www.google-analytics.com *.mypurecloud.com *.googleadservices.com *.pure.cloud *.aptrinsic.com *.bootstrapcdn.com js.monitor.azure.com *.facebook.net *.facebook.com trackcmp.net extractable-finalytics-storage.s3.us-west-2.amazonaws.com extractable-finalytics-stable.s3.us-west-2.amazonaws.com *.cloudfront.net snap.licdn.com www.redditstatic.com;style-src 'self' 'unsafe-inline' use.fontawesome.com use.typekit.net embed.signalintent.com p.typekit.net *.mypurecloud.com *.googleapis.com *.aptrinsic.com *.jsdelivr.net *.bootstrapcdn.com extractable-finalytics-storage.s3.us-west-2.amazonaws.com extractable-finalytics-stable.s3.us-west-2.amazonaws.com *.cloudfront.net;img-src 'self' data: bat.bing.com *.google.com www.google-analytics.com content-cdn.com *.gstatic.com *.googleapis.com www.googletagmanager.com *.facebook.net *.facebook.com *.adsrrvr.org *.doubleclick.net *.yahoo.com *.cookielaw.org *.googlesyndication.com *.ads.linkedin.com embed.signalintent.com insight.adsrvr.org ib.adnxs.com *.reddit.com;font-src 'self' use.fontawesome.com embed.signalintent.com use.typekit.net *.mypurecloud.com *.gstatic.com *.googleapis.com *.cloudfront.net data:;connect-src 'self' ws: wss: *.googlesyndication.com signal-intent-production-back.herokuapp.com cdn.segment.com *.optimizely.com *.cookielaw.org calc-backend-prod.herokuapp.com d.btttag.com *.googleapis.com www.google-analytics.com api.segment.io *.doubleclick.net *.alaskausa.org *.bing.com *.aptrinsic.com *.episerver.net *.visualstudio.com *.google.com *.facebook.com finalyticsdata.com devfinalyticsdata.com stgfinalyticsdata.com px.ads.linkedin.com api-cdn.usw2.pure.cloud pixel-config.reddit.com www.redditstatic.com;worker-src 'self' blob:;block-all-mixed-content","count":2},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval' ; img-src https:\/\/* data: ; frame-src https:\/\/* about: javascript:","count":2},{"content-security-policy-report-only":" img-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.hsforms.net https:\/\/js.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js-na2.hs-scripts.com https:\/\/js-na2.hubspot.com https:\/\/js-na2.hscollectedforms.net https:\/\/js-na2.hs-banner.com https:\/\/js-na2.hs-analytics.net https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.analytics.google.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/cdn-cookieyes.com https:\/\/*.cookieyes.com https:\/\/j.6sc.co https:\/\/snap.licdn.com https:\/\/connect.facebook.net; style-src 'self' 'unsafe-inline' https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/fonts.googleapis.com https:\/\/cdn-cookieyes.com; img-src 'self' data: https: http:; font-src 'self' data: https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/fonts.gstatic.com https:\/\/cdn.jsdelivr.net; connect-src 'self' https:\/\/forms.hsforms.com https:\/\/forms-na2.hsforms.com https:\/\/api.hsforms.com https:\/\/cta-na2.hubspot.com https:\/\/forms-na2.hscollectedforms.net https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/cdn-cookieyes.com https:\/\/*.cookieyes.com https:\/\/directory.cookieyes.com https:\/\/c.6sc.co https:\/\/ipv6.6sc.co https:\/\/epsilon.6sense.com https:\/\/secure.adnxs.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/www.googletagmanager.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" default-src 'self' bard.edu www.bard.edu inside.bard.edu tools.bard.edu maps.bard.edu opensocietyuniversitynetwork.org ghea21.org; \tform-action 'self' bard.edu www.bard.edu tools.bard.edu connect.bard.edu opensocietyuniversitynetwork.org ghea21.org; \tbase-uri 'self' bard.edu www.bard.edu tools.bard.edu opensocietyuniversitynetwork.org ghea21.org; \tfont-src 'self' data: www.bard.edu opensocietyuniversitynetwork.org ghea21.org fonts.gstatic.com *.fontawesome.com cdnjs.cloudflare.com; \tstyle-src 'self' 'unsafe-inline' www.bard.edu tools.bard.edu opensocietyuniversitynetwork.org ghea21.org fonts.googleapis.com *.fontawesome.com tagmanager.google.com www.google.com *.technolutions.net static.ctctcdn.com cdnjs.cloudflare.com *.curator.io; \tscript-src 'self' 'unsafe-inline' 'report-sample' www.bard.edu tools.bard.edu connect.bard.edu explore.bard.edu opensocietyuniversitynetwork.org ghea21.org code.jquery.com player.vimeo.com *.fontawesome.com www.google-analytics.com ssl.google-analytics.com *.googletagmanager.com tagmanager.google.com www.google.com cse.google.com googleads.g.doubleclick.net connect.facebook.net consent.cookiebot.com cdn.unibuddy.co www.youvisit.com *.technolutions.net analytics.tiktok.com *.curator.io; \timg-src 'self' data: bard.edu www.bard.edu inside.bard.edu tools.bard.edu opensocietyuniversitynetwork.org ghea21.org www.facebook.com trck.youvisit.com ssl.gstatic.com www.gstatic.com www.google.com *.google-analytics.com *.googletagmanager.com curator-assets.b-cdn.net; \tconnect-src 'self' www.bard.edu tools.bard.edu opensocietyuniversitynetwork.org ghea21.org *.google-analytics.com *.analytics.google.com analytics.google.com www.google.com *.googletagmanager.com *.doubleclick.net *.technolutions.net analytics.tiktok.com *.curator.io; \tmedia-src 'self' www.bard.edu tools.bard.edu opensocietyuniversitynetwork.org ghea21.org player.vimeo.com *.vimeocdn.com www.buzzsprout.com curator-assets.b-cdn.net; \tobject-src 'self' www.bard.edu tools.bard.edu maps.bard.edu opensocietyuniversitynetwork.org ghea21.org; \tchild-src 'self' www.bard.edu tools.bard.edu maps.bard.edu opensocietyuniversitynetwork.org ghea21.org www.youtube.com www.youtube-nocookie.com player.vimeo.com unibuddy.co popcard.unibuddy.co cdn.youvisit.com e.issuu.com; \tframe-src 'self' www.bard.edu tools.bard.edu maps.bard.edu opensocietyuniversitynetwork.org ghea21.org www.youtube.com www.youtube-nocookie.com player.vimeo.com *.googletagmanager.com *.doubleclick.net unibuddy.co popcard.unibuddy.co cdn.youvisit.com e.issuu.com; \tframe-ancestors 'self' www.bard.edu tools.bard.edu opensocietyuniversitynetwork.org ghea21.org;","count":2},{"content-security-policy-report-only":" default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';","count":2},{"content-security-policy-report-only":" block-all-mixed-content; report-uri https:\/\/events.ocdn.eu\/v2\/csp-report?_ac=events&_fv=www.onet.pl::ONET2_APROD_4_7_0","count":2},{"content-security-policy-report-only":" default-src 'self'; connect-src 'none'; script-src-elem https:\/\/sdk.privacy-center.org https:\/\/www.googletagmanager.com; style-src-elem https:\/\/cdn.jsdelivr.net; img-src 'self' https:\/\/assets-eu-01.kc-usercontent.com https:\/\/cdn-prod.ppg.com; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src 'none'; connect-src 'self' *.siteminder.com 123compareme.com *.123compareme.com *.ada-tray.com *.bookmebob.com *.flip.to *.gtsgapps.com *.hijiffy.com messenger-services.com *.sojern.com *.thehotelsnetwork.com *.triptease.io *.triptease.net *.userguest.com *.theguestbook.com connect.facebook.net *.facebook.com *.edge.sdk.awswaf.com *.paypal.com recaptcha.net *.launchdarkly.com *.newrelic.com bam.nr-data.net *.hotjar.com *.hotjar.io *.googletagmanager.com *.gstatic.com *.google-analytics.com *.google.com *.googlesyndication.com *.googleadservices.com *.g.doubleclick.net *.doubleclick.net *.imgix.net; script-src 'self' 123compareme.com *.123compareme.com *.ada-tray.com *.adatray.com *.bookmebob.com *.flip.to *.gtsgapps.com *.hijiffy.com *.sojern.com *.thehotelsnetwork.com *.triptease.io *.triptease.net *.userguest.com theguestbook.com *.theguestbook.com connect.facebook.net *.edge.sdk.awswaf.com *.paypal.com recaptcha.net *.launchdarkly.com *.newrelic.com bam.nr-data.net *.hotjar.com *.googletagmanager.com *.gstatic.com *.gstatic.cn *.google-analytics.com *.google.com *.googlesyndication.com *.googleadservices.com *.g.doubleclick.net *.doubleclick.net; frame-src 'self' recaptcha.net www.googletagmanager.com *.paypal.com *.triptease.io; img-src 'self' *.imgix.net *.siteminder.com *.paypalobjects.com *.googletagmanager.com *.openstreetmap.org *.adatray.com *.thehotelsnetwork.com data:; style-src 'self' 'unsafe-inline' *.adatray.com *.thehotelsnetwork.com *.userguest.com fonts.googleapis.com; font-src 'self' data: *.adatray.com *.thehotelsnetwork.com *.userguest.com fonts.gstatic.com; report-to cspendpoint; report-uri https:\/\/csp-report.siteminder.com\/api\/quokka\/booking-engine\/report; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' blob:; frame-src *; img-src * data:; script-src * 'report-sample' 'unsafe-inline' 'unsafe-eval' blob:; style-src * 'report-sample' 'unsafe-inline'; base-uri *; form-action *; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/js.hsforms.net https:\/\/js.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js.hscollectedforms.net https:\/\/snap.licdn.com https:\/\/cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: https:\/\/px.ads.linkedin.com https:\/\/www.googletagmanager.com https:\/\/track.hubspot.com https:\/\/*.hsforms.com; font-src 'self' https:\/\/fonts.gstatic.com data:; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/js.hsforms.net; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/api.hubspot.com https:\/\/*.hubspot.com https:\/\/*.hsforms.com; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/forms.hsforms.com","count":2},{"content-security-policy-report-only":" base-uri 'self'; default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/maps.googleapis.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/vault.pactsafe.io https:\/\/pactsafe.io https:\/\/*.siteintercept.qualtrics.com https:\/\/siteintercept.qualtrics.com https:\/\/dx.steelhousemedia.com https:\/\/px.steelhousemedia.com https:\/\/bat.bing.com https:\/\/*.btttag.com https:\/\/cdn.optimizely.com https:\/\/cdn.quantummetric.com https:\/\/assets.sitescdn.net https:\/\/connect.facebook.net https:\/\/cdn.unitmap.com https:\/\/cdn.jsdelivr.net https:\/\/js.paygateway.com https:\/\/twilio.dev.myaccount.extraspace.com https:\/\/twilio.myaccount.extraspace.com https:\/\/client.px-cloud.net ; connect-src 'self' https:\/\/browser-intake-datadoghq.com https:\/\/www.google.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/maps.googleapis.com https:\/\/pagead2.googlesyndication.com https:\/\/siteintercept.qualtrics.com https:\/\/api.usercentrics.eu https:\/\/aggregator.service.usercentrics.eu https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/graphql.usercentrics.eu https:\/\/app.usercentrics.eu https:\/\/fbtracking.extraspace.com https:\/\/d.btttag.com https:\/\/bat.bing.com https:\/\/pactsafe.io https:\/\/o494745.ingest.sentry.io https:\/\/logx.optimizely.com https:\/\/cdn.optimizely.com https:\/\/webchat-3914-prod.twil.io https:\/\/ingest.quantummetric.com https:\/\/rl.quantummetric.com https:\/\/collector-pxnyx0n2sc.px-cloud.net https:\/\/collector-pxnyx0n2sc.px-client.net https:\/\/tzm.px-cloud.net ; img-src 'self' data: https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/www.googletagmanager.com https:\/\/images.ctfassets.net https:\/\/www.facebook.com https:\/\/iad1.qualtrics.com https:\/\/siteintercept.qualtrics.com https:\/\/app.usercentrics.eu https:\/\/bat.bing.com https:\/\/i.ytimg.com https:\/\/collector-pxnyx0n2sc.px-client.net ; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/use.fontawesome.com https:\/\/maxcdn.bootstrapcdn.com ; form-action 'self' https:\/\/www.facebook.com https:\/\/extraspacecx.co1.qualtrics.com https:\/\/siteintercept.qualtrics.com ; frame-ancestors 'none'; frame-src 'self' https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.youtube-nocookie.com https:\/\/*.cdn.optimizely.com https:\/\/extraspacecx.co1.qualtrics.com https:\/\/videos.virtualapt.com https:\/\/tzm.px-cloud.net https:\/\/js.paygateway.com ; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/maxcdn.bootstrapcdn.com https:\/\/use.fontawesome.com ; object-src 'none';","count":2},{"content-security-policy-report-only":" default-src *; font-src 'self' https: data:; img-src * blob: data:; object-src 'none'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-attr 'self' 'unsafe-inline'; style-src * 'unsafe-inline'; base-uri 'self'; form-action 'self' http:\/\/*.enterprisedb.com http:\/\/enterprisedb.com http:\/\/enterprisedb.okta.com; frame-ancestors 'self'; report-uri https:\/\/www.enterprisedb.com\/log-report-uri\/reportOnly","count":2},{"content-security-policy-report-only":" default-src *.quikr.com *.kuikr.com ;script-src *.quikr.com *.kuikr.com *.google-analytics.com *.facebook.net *.facebook.com 'unsafe-inline' cdnjs.cloudflare.com *.google.com securepubads.g.doubleclick.net csi.gstatic.com *.googletagservices.com adservice.google.co.in cdn.ampproject.org adservice.google.com *.googletagmanager.com www.gstatic.com www.googleadservices.com bam.nr-data.net googleads.g.doubleclick.net ;style-src *.quikr.com *.kuikr.com 'unsafe-inline' ;img-src * ;frame-src https:\/\/*.doubleclick.net https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/*.adtrafficquality.google https:\/\/*.safeframe.googlesyndication.com https:\/\/*.facebook.com https:\/\/www.googleadservices.com ;connect-src *.quikr.com *.kuikr.com www.google-analytics.com securepubads.g.doubleclick.net csi.gstatic.com wss:\/\/chat.kuikr.com:5291 ;script-src-elem *.quikr.com *.kuikr.com *.google-analytics.com *.facebook.net *.facebook.com 'unsafe-inline' cdnjs.cloudflare.com *.google.com securepubads.g.doubleclick.net csi.gstatic.com *.googletagservices.com adservice.google.co.in cdn.ampproject.org *.google.com *.googletagmanager.com http:\/\/*.kuikr.com www.gstatic.com www.googleadservices.com bam.nr-data.net googleads.g.doubleclick.net ;","count":2},{"content-security-policy-report-only":" default-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; base-uri 'self'; object-src 'none'; frame-ancestors 'self';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https: data:; connect-src 'self' https:; frame-ancestors 'self';","count":2},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; frame-ancestors 'self' https:\/\/www.zerobounce.net https:\/\/impact.com https:\/\/*.impact.com; form-action 'self' https:\/\/forms.hsforms.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/google.com https:\/\/try.abtasty.com *.abtasty.com https:\/\/www.zerobounce.net https:\/\/ingest.promptwatch.com https:\/\/extension-api.zerobounce.net https:\/\/gtm.zerobounce.net https:\/\/www.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/connect.facebook.net https:\/\/www.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/bat.bing.net https:\/\/bat.bing.com https:\/\/static.hsappstatic.net https:\/\/accounts.google.com https:\/\/apis.google.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.lgrckt-in.com https:\/\/global.oktacdn.com https:\/\/static.zdassets.com https:\/\/js.hs-scripts.com https:\/\/js-na1.hs-scripts.com https:\/\/js.hscollectedforms.net https:\/\/js-na1.hscollectedforms.net https:\/\/*.clarity.ms https:\/\/www.youtube.com https:\/\/hcaptcha.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/google.com https:\/\/try.abtasty.com https:\/\/*.abtasty.com https:\/\/*.zendesk.com https:\/\/api.smooch.io https:\/\/gtm.zerobounce.net https:\/\/www.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/connect.facebook.net https:\/\/www.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/bat.bing.net https:\/\/bat.bing.com https:\/\/static.hsappstatic.net https:\/\/accounts.google.com https:\/\/apis.google.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/ingest.promptwatch.com https:\/\/cdn.lgrckt-in.com https:\/\/global.oktacdn.com https:\/\/static.zdassets.com https:\/\/js.hs-scripts.com http:\/\/js.hs-scripts.com https:\/\/js-na1.hs-scripts.com http:\/\/js-na1.hs-scripts.com https:\/\/js.hscollectedforms.net http:\/\/js.hscollectedforms.net https:\/\/js-na1.hscollectedforms.net http:\/\/js-na1.hscollectedforms.net https:\/\/*.clarity.ms https:\/\/scripts.clarity.ms https:\/\/js.usemessages.com https:\/\/js.hs-banner.com https:\/\/js.hsadspixel.net https:\/\/js.hs-analytics.net https:\/\/js.hsforms.net http:\/\/js.hsforms.net https:\/\/snap.licdn.com https:\/\/www.zerobounce.net https:\/\/zerobounce.net https:\/\/web-vitals-script.leaderint.workers.dev https:\/\/*.zerobounce.net https:\/\/www.zerobounce.xyz https:\/\/widget.trustpilot.com\/bootstrap\/v5\/tp.widget.bootstrap.min.js; connect-src 'self' https:\/\/raw.githubusercontent.com\/zerobounce\/ *.abtasty.com https:\/\/*.mixpanel.com https:\/\/api.mixpanel.com https:\/\/members-api.zerobounce.net https:\/\/global.oktacdn.com https:\/\/okta.zerobounce.net https:\/\/www.googleadservices.com https:\/\/static.hsappstatic.net https:\/\/forms.hscollectedforms.net https:\/\/forms.hsforms.com https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/modules.zerobounce.net https:\/\/members-api.zerobounce.net https:\/\/members-api.zerobounce.net\/api\/promotions\/validate\/zbone\/ https:\/\/*.clarity.ms https:\/\/ingest.promptwatch.com https:\/\/bat.bing.net https:\/\/bat.bing.com https:\/\/www.zerobounce.net https:\/\/zerobounce.net https:\/\/extension-api.zerobounce.net https:\/\/apiassistant.zerobounce.net https:\/\/www.zerobounce.net\/blog https:\/\/ekr.zdassets.com https:\/\/stats.g.doubleclick.net https:\/\/stats.gdoubleclick.net https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/www.zbapis.net https:\/\/zerobounce.zendesk.com https:\/\/*.zendesk.com wss:\/\/*.zendesk.com https:\/\/api.smooch.io wss:\/\/api.smooch.io https:\/\/*.hubspot.com https:\/\/api.hubapi.com wss:\/\/widget-mediator.zopim.com https:\/\/accounts.google.com https:\/\/oauth2.googleapis.com https:\/\/gtm.zerobounce.net https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.com.ai https:\/\/*.google.com.ar https:\/\/*.google.com.au https:\/\/*.google.at https:\/\/*.google.be https:\/\/*.google.com.bd https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.ca https:\/\/*.google.cl https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.in https:\/\/*.google.co.id https:\/\/*.google.co.jp https:\/\/*.google.co.kr https:\/\/*.google.com.mx https:\/\/*.google.co.nz https:\/\/*.google.com.ph https:\/\/*.google.pl https:\/\/*.google.ru https:\/\/*.google.com.sa https:\/\/*.google.com.sg https:\/\/*.google.co.th https:\/\/*.google.co.uk https:\/\/*.google.com.vn https:\/\/*.google.co.za https:\/\/*.google.ro https:\/\/r.lgrckt-in.com https:\/\/px.ads.linkedin.com https:\/\/rum-collector.leaderint.workers.dev https:\/\/widget.trustpilot.com\/bootstrap\/v5\/tp.widget.bootstrap.min.js https:\/\/widget.trustpilot.com; style-src 'self' 'unsafe-inline' *.abtasty.com https:\/\/fonts.googleapis.com https:\/\/p.typekit.net https:\/\/use.typekit.net; style-src-elem 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/fonts.googleapis.com https:\/\/p.typekit.net https:\/\/use.typekit.net https:\/\/cdn.jsdelivr.net https:\/\/gc.kis.v2.scr.kaspersky-labs.com https:\/\/decision.etc4.com https:\/\/js-c.etc4.com https:\/\/accounts.google.com https:\/\/common-fonts.abtasty.com https:\/\/editor.abtasty.com https:\/\/teddytor.abtasty.com https:\/\/*.zerobounce.net https:\/\/www.zerobounce.xyz; img-src 'self' data: *.abtasty.com https:\/\/zerobounce.net https:\/\/v2assets.zopim.io https:\/\/bat.bing.net https:\/\/bat.bing.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/*.google.com https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.com.ai https:\/\/*.google.com.ar https:\/\/*.google.com.au https:\/\/*.google.at https:\/\/*.google.be https:\/\/*.google.com.bd https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.ca https:\/\/*.google.cl https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.in https:\/\/*.google.co.id https:\/\/*.google.co.jp https:\/\/*.google.co.kr https:\/\/*.google.com.mx https:\/\/*.google.co.nz https:\/\/*.google.com.ph https:\/\/*.google.pl https:\/\/*.google.ru https:\/\/*.google.com.sa https:\/\/*.google.com.sg https:\/\/*.google.co.th https:\/\/*.google.co.uk https:\/\/*.google.com.vn https:\/\/*.google.co.za https:\/\/*.google.ro https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/editor-assets.abtasty.com https: https:\/\/*.gravatar.com; font-src 'self' data: *.abtasty.com https:\/\/fonts.gstatic.com https:\/\/use.typekit.net https:\/\/common-fonts.abtasty.com https:\/\/teddytor.abtasty.com https:\/\/www.cdn-tinkoff.ru https:\/\/cdn.scite.ai https:\/\/account.affilitizer.com chrome-extension: moz-extension:; worker-src 'self' blob:; frame-src 'self' *.abtasty.com https:\/\/*.zendesk.com https:\/\/accounts.google.com https:\/\/bat.bing.net https:\/\/bat.bing.com https:\/\/app.hubspot.com https:\/\/gtm.zerobounce.net https:\/\/www.googletagmanager.com https:\/\/meetings.hubspot.com https:\/\/hs.zerobounce.net https:\/\/*.hubspot.com https:\/\/*.googletagmanager.com https:\/\/td.doubleclick.net https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.youtube.com https:\/\/competitivecomparisons.capterra.com https:\/\/competitivecomparisons.getapp.com https:\/\/competitivecomparisons.softwareadvice.com https:\/\/www.trustpilot.com https:\/\/widget.trustpilot.com https:\/\/registration.events.ringcentral.com\/ https:\/\/streamyard.com https:\/\/app.livestorm.co https:\/\/i.zerobounce.net https:\/\/datainsights-cdn.dm.aws.gartner.com https:\/\/feedback-pa.clients6.google.com https:\/\/forms.hsforms.com http:\/\/js.hsforms.net\/ https:\/\/recaptcha.net https:\/\/*.recaptcha.net https:\/\/google.com; report-uri https:\/\/zero.report-uri.com\/r\/t\/csp\/enforce; report-to default;","count":2},{"content-security-policy-report-only":" worker-src 'self' blob:;     object-src 'self';     script-src 'self' 'unsafe-inline' 'unsafe-eval'         *.alida.com         *.bing.com         *.cloudfirst.digital         *.cnd-motionmedia.de         *.dkv.com         *.doubleclick.net         *.ergo-reiseversicherung.de         *.ergo.com         *.ergo.de         *.ergocarbon.com         *.ergodirekt.de         *.facebook.net         *.fww.de         *.google.com         *.googlesyndication.com         *.googletagmanager.com         *.gstatic.com         *.intelliad.de         *.licdn.com         *.onetrust.com         *.outbrain.com         *.podigee-cdn.net         *.realperson.de         *.spoteffects.net         *.taboola.com         *.youtube.com         assets.adobedtm.com         cdn.cookielaw.org         cdn.mouseflow.com         cdn.scarabresearch.com         cdn.trackjs.com         cdnjs.cloudflare.com         edge.eu1.fullstory.com         ergo-live.s3.eu-central-1.amazonaws.com         maps.googleapis.com         platform.twitter.com         rum.hlx.page         static.xingcdn.com         wave.outbrain.com         www.facebook.com         www.googleadservices.com;     report-uri https:\/\/csp-reporting.ergo.com\/csp-reports?tenant=dospa;     report-to csp-endpoint;","count":2},{"content-security-policy-report-only":" default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * blob:; worker-src * blob:; frame-src * data: blob:; connect-src *; frame-ancestors 'none'; report-uri \/csp-violation-report","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/framerusercontent.com https:\/\/*.framer.com https:\/\/*.framer.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/framerusercontent.com https:\/\/*.framer.com https:\/\/*.framer.app https:\/\/events.framer.com https:\/\/app.framerstatic.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; style-src 'self' 'unsafe-inline' https:\/\/framerusercontent.com https:\/\/*.framer.com https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https:\/\/framerusercontent.com https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/*.framer.com https:\/\/events.framer.com https:\/\/framerusercontent.com https:\/\/www.google-analytics.com https:\/\/*.analytics.google.com; frame-src 'self' https:\/\/*.framer.com https:\/\/*.framer.website; media-src 'self' https:\/\/framerusercontent.com data: blob:; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/*.framer.com; frame-ancestors 'self'; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/globalservices.conde.digital https:\/\/privacy.condenastdigital.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: http:; font-src 'self' data:; connect-src 'self' https:\/\/strapi.gp-prod.conde.digital https:\/\/strapi-bus-eng.gp-prod-na-0.conde.digital https:\/\/com-condenast-prod1.collector.snplow.net https:\/\/privacy.condenastdigital.com; frame-src 'self' https:\/\/vanityfair-poty.figma.site https:\/\/ion-jeep-01175370.figma.site https:\/\/bird-year-19865975.figma.site; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; media-src https: http: rtsp: rtmp: data:; report-uri \/csp-report","count":2},{"content-security-policy-report-only":" script-src 'self' https:\/\/challenges.cloudflare.com https:\/\/hcaptcha.com https:\/\/static.cloudflareinsights.com https:\/\/*.hcaptcha.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/www.google-analytics.com\/ https:\/\/www.googletagmanager.com\/; base-uri 'self'; object-src 'self'; report-uri \/cdn-cgi\/script_monitor\/report","count":2},{"content-security-policy-report-only":" default-src 'self' disney.okta.com sso.myid.disney.com *.oktacdn.com; connect-src 'self' disney.okta.com disney-admin.okta.com sso.myid.disney.com *.oktacdn.com *.mixpanel.com *.mapbox.com disney.kerberos.okta.com disney.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' disney.okta.com sso.myid.disney.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' disney.okta.com sso.myid.disney.com *.oktacdn.com; frame-src 'self' disney.okta.com disney-admin.okta.com sso.myid.disney.com login.okta.com *.vidyard.com com-okta-authenticator: api-5a45a87b.duosecurity.com; img-src 'self' disney.okta.com sso.myid.disney.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' disney.okta.com sso.myid.disney.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https:\/\/data.disneystreaming.com https:\/\/data-staging.disneystreaming.com https:\/\/data-dev.disneystreaming.com https:\/\/outlooksts.disney.com","count":2},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' https:\/\/*.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/*.googlesyndication.com https:\/\/*.googleapis.com https:\/\/*.doubleclick.net; style-src https: 'unsafe-inline'; img-src data: https: 'unsafe-inline'; font-src data: https: 'unsafe-inline'; worker-src blob: https:;","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' *.argenta.be argenta-aam.be *.argenta-aam.be *.googleapis.com *.adobedtm.com *.googletagmanager.com *.doubleclick.net *.adsrvr.org *.teads.tv *.facebook.net *.hotjar.com *.tiqcdn.com *.pingdom.net *.google.ie 'unsafe-inline' 'unsafe-eval' wasm-eval; style-src 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/agentaspaarbank.tt.omtrdc.net *.googleapis.com *.simargenta.be *.argenta.be argenta-aam.be *.argenta-aam.be *.teads.tv *.googlesyndication.com *.pingdom.net *.google.com; font-src 'self'; frame-src 'self'  *.tst-argenta.be *.argenta-aam.be *.adsrvr.org *.teads.tv *.doubleclick.net *.googletagmanager.com; img-src 'self' *.argenta.be *.simargenta.be argenta-aam.be *.argenta-aam.be *.facebook.com *.google.be *.google.com *.google.ie *.teads.tv *.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none';","count":2},{"content-security-policy-report-only":" default-src 'self' http: https: data: blob: 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self';","count":2},{"content-security-policy-report-only":" default-src 'self' data: 'unsafe-inline' *.belden.com belden.com cdn.cookielaw.org fonts.googleapis.com fonts.gstatic.com go.alphawire.com pi.pardot.com static.cloud.coveo.com www.googletagmanager.com analytics.google.com siteintercept.qualtrics.com stats.g.doubleclick.net zn2avekmmkqwmhtco-belden.siteintercept.qualtrics.com beldencableproductionbugpvwoi.analytics.org.coveo.com beldencableproductionbugpvwoi.org.coveo.com code.jquery.com null; script-src 'unsafe-inline' 'unsafe-eval' bat.bing.com *.belden.com belden.com cdn.pardot.com cdn.cookielaw.org view.ceros.com  cdn.evgnet.com code.jquery.com connect.facebook.net googleads.g.doubleclick.net j.6sc.co maps.googleapis.com pi.pardot.com siteintercept.qualtrics.com snap.licdn.com ssl.google-analytics.com static.cloud.coveo.com wasm-eval www.googletagmanager.com www.youtube.com znddv5x3kanrnsrdw-belden.siteintercept.qualtrics.com zn1jm0i9w5rbcjil6-belden.siteintercept.qualtrics.com go.alphawire.com cdnjs.cloudflare.com www.alphawire.com www.googleadservices.com pagead2.googlesyndication.com code.metalocator.com; script-src-elem 'self' 'unsafe-inline' analytics.convertlanguage.com bat.bing.com belden.com *.belden.com cdn.cookielaw.org view.ceros.com  cdn.evgnet.com cdnjs.cloudflare.com code.jquery.com connect.facebook.net go.alphawire.com googleads.g.doubleclick.net j.6sc.co pi.pardot.com siteintercept.qualtrics.com snap.licdn.com ssl.google-analytics.com static.cloud.coveo.com www.googletagmanager.com www.youtube.com zn2avekmmkqwmhtco-belden.siteintercept.qualtrics.com zn1jm0i9w5rbcjil6-belden.siteintercept.qualtrics.com znddv5x3kanrnsrdw-belden.siteintercept.qualtrics.com html5.dcatalog.com www.google.com maps.googleapis.com pagead2.googlesyndication.com code.metalocator.com www.googleadservices.com; script-src-attr 'unsafe-inline'; style-src 'unsafe-inline' *.belden.com static.cloud.coveo.com fonts.googleapis.com www.alphawire.com www.gstatic.com; style-src-elem 'self' 'unsafe-inline' *.belden.com belden.com fonts.googleapis.com static.cloud.coveo.com cdnjs.cloudflare.com; style-src-attr 'unsafe-inline'; img-src 'self' data: ad.doubleclick.net ade.googlesyndication.com analytics.convertlanguage.com hm.baidu.com *.belden.com belden.com b.6sc.co bat.bing.com cdn.cookielaw.org px.ads.linkedin.com ssl.google-analytics.com www.facebook.com www.google.cl www.google.com www.googletagmanager.com www.google.com.gt www.google.hu googleads.g.doubleclick.net pagead2.googlesyndication.com www.google.ca iad1.qualtrics.com www.google.co.il www.google.com.mx siteintercept.qualtrics.com 61320.global.siteimproveanalytics.io www.google.com.tr www.google.es cts.businesswire.com dilp.netcomponents.com http:\/\/dilp.netcomponents.com\/images\/gocart.gif maps.googleapis.com maps.gstatic.com www.google.bf www.google.co.in www.google.co.jp www.google.co.uk www.google.com.au www.google.com.co www.google.fr www.google.nl www.google.no www.google.be www.google.se www.google.sk www.google.kz www.google.pl www.google.com.tw www.google.cz www.google.co.nz www.google.com.sa www.google.mv translate.google.com www.google.ru www.google.com.vn www.google.ee www.google.com.eg www.google.co.th www.google.co.ve www.google.fi www.google.ch www.google.ie www.google.ro www.google.bg www.google.com.tw google.com.ng www.google.co.ve fonts.gstatic.com google.com.ar www.google.com.hk www.google.com.eg adservice.google.com blob: cdn.metalocator.com connect.facebook.net px4.ads.linkedin.com www.google.co.cr www.google.co.id www.google.com.cu www.google.com.my www.google.com.pr www.google.com.sg www.google.de www.google.gr www.google.is www.google.it www.google.lk www.linkedin.com file; font-src 'self' data: *.belden.com fonts.gstatic.com null; connect-src 'self' www.googleadservices.com adservice.google.com *.belden.com analytics.google.com beldencableproductionbugpvwoi.analytics.org.coveo.com beldencableproductionbugpvwoi.org.coveo.com beldeninc.us-7.evergage.com c.6sc.co cdn.cookielaw.org ipv6.6sc.co pagead2.googlesyndication.com privacyportal.onetrust.com px.ads.linkedin.com siteintercept.qualtrics.com static.cloud.coveo.com stats.g.doubleclick.net www.google-analytics.com www.google.com bat.bing.com region1.google-analytics.com www.facebook.com region1.analytics.google.com maps.googleapis.com ssl.google-analytics.com googleads.g.doubleclick.net login.microsoftonline.com mozendaagent.ecoinsight.com www.google.ca www.google.com.mx localhost:12387 epsilon.6sense.com secure.adnxs.com; media-src 'self' belden.com *.belden.com bynder-media-us-east-1.s3.amazonaws.com data:; child-src 11330854.fls.doubleclick.net 14683840.fls.doubleclick.net; frame-src 'self' div.show 11330854.fls.doubleclick.net 14683840.fls.doubleclick.net belden.com *.belden.com *.alphawire.com td.doubleclick.net html5.dcatalog.com belden.prod01.logik.io view.ceros.com www.googletagmanager.com www.youtube.com block.opendns.com code.metalocator.com photos.productphoto.com td.doubleclick.net.x.caf244fb07dc70414c0a22903e52945843c7.d043db89.id.opendns.com td.doubleclick.net.x.f46a820d0d27604f490949006659b57240b8.d043db9c.id.opendns.com www.facebook.com; frame-ancestors 'self'; form-action 'self' https:\/\/www.facebook.com; report-uri https:\/\/bdnaw.report-uri.com\/r\/d\/csp\/reportOnly; report-to https:\/\/bdnaw.report-uri.com\/r\/d\/csp\/reportOnly;","count":2},{"content-security-policy-report-only":" script-src 'self' https:\/\/ajax.googleapis.com https:\/\/f1000research.s3-eu-west-1.amazonaws.com https:\/\/cdnjs.cloudflare.com https:\/\/cdnjs.cloudflare.com https:\/\/js.hs-scripts.com","count":2},{"content-security-policy-report-only":" default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; report-uri https:\/\/www.milestonesys.com\/csp\/report","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/www.google.com; connect-src 'self' https:\/\/api.stripe.com https:\/\/*.google-analytics.com https:\/\/live.pdf-xchange.com https:\/\/translate.googleapis.com https:\/\/translate-pa.googleapis.com https:\/\/*.pdf-xchange.com https:\/\/www.paypal.com https:\/\/www.google.com https:\/\/www.googletagmanager.com; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/*.pdf-xchange.com data:; frame-src 'self' https:\/\/*.pdf-xchange.com https:\/\/js.stripe.com https:\/\/*.paypal.com https:\/\/assets.braintreegateway.com https:\/\/www.google.com https:\/\/www.youtube.com; img-src 'self' https:\/\/*.pdf-xchange.com https:\/\/www.googletagmanager.com https:\/\/translate.googleapis.com https:\/\/translate.google.com https:\/\/fonts.gstatic.com https:\/\/www.gstatic.com https:\/\/www.google.com https:\/\/*.paypal.com https:\/\/www.paypalobjects.com https:\/\/img.youtube.com data:; media-src data:; script-src 'self' 'unsafe-inline' https:\/\/*.pdf-xchange.com https:\/\/js.stripe.com https:\/\/m.stripe.network https:\/\/www.googletagmanager.com https:\/\/translate.google.com https:\/\/live.pdf-xchange.com https:\/\/www.paypal.com https:\/\/www.paypalobjects.com https:\/\/translate.googleapis.com https:\/\/translate-pa.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com; style-src 'self' 'unsafe-inline' https:\/\/*.pdf-xchange.com https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/www.paypalobjects.com; report-uri \/csp-report; report-to \/csp-report","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/static.klaviyo.com https:\/\/connect.facebook.net https:\/\/static.zdassets.com https:\/\/js.stripe.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com data:; img-src 'self' data: https:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/a.klaviyo.com https:\/\/api.stripe.com https:\/\/ekr.zdassets.com wss:\/\/*.zendesk.com; frame-src 'self' https:\/\/js.stripe.com https:\/\/www.facebook.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-uri \/csp-violations","count":2},{"content-security-policy-report-only":" style-src-elem cdn.consentmanager.net cdn.honey.io www.bing.com r.bing.com *.hagel-shop.de *.hagel-shop.at 'unsafe-inline' tracking.paqato.com static-tracking.klaviyo.com m2stage-blog.hagel-shop.de www.gstatic.com fonts.googleapis.com; script-src-elem rum.hlx.page tracking.paqato.com platform.instagram.com dynamic.criteo.com www.googletagmanager.com www.dwin1.com kerastase-quiz.vercel.app unpkg.com lantern.roeyecdn.com www.instagram.com commerce.adobedtm.com cdn.consentmanager.net a.delivery.consentmanager.net www.clarity.ms static-eu.payments-amazon.com magento-recs-sdk.adobe.net bat.bing.com player.reetags.com connect.facebook.net analytics.tiktok.com js.mollie.com sslwidget.criteo.com; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com data: *.paypal.com *.paypalobjects.com applepay.cdn-apple.com http:\/\/*.hotjar.com https:\/\/*.hotjar.com http:\/\/*.hotjar.io https:\/\/*.hotjar.io d3dc1lgancj6l0.cloudfront.net maxcdn.bootstrapcdn.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com cdn.elev.io media.flixfacts.com static.klaviyo.com tracking.paqato.com account.affilitizer.com at.alicdn.com cdn-uicons.flaticon.com cdn.faceworks.nl cdn.honey.io media.flixcar.com moz-extension: r2cdn.perplexity.ai data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com http:\/\/*.facebook.com https:\/\/*.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.hagel-shop.de 'self' www.hagel-shop.de 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.sandbox.paypal.com https:\/\/*.hotjar.com http:\/\/*.hotjar.io https:\/\/*.hotjar.io https:\/\/www.google.com\/ http:\/\/*.facebook.com https:\/\/*.facebook.com js.mollie.com www.awin1.com cdn.consentmanager.net *.criteo.com *.criteo.net *.dixa.io *.doubleclick.net *.durchsichtig.xyz *.hagel-shop.de *.hotjar.com media.flixcar.com *.klarinsights.net www.paypalobjects.com www.sovendus-benefits.com www.sovendus-campaign.com www.sovendus-connect.com www.sovendus-network.com bat.bing.com www.instagram.com return.4sellers.de 10.10.10.1:8090 bcsgsrv.com bispadisch.de caclk.com cdn.elev.io cmodul.solutenetwork.com div.show fwwh.werkhaus-bielefeld.de:8091 gateway.zscaler.net gateway.zscloud.net hipodi.com kerastase-quiz.vercel.app oponas.com ptclk.com www.explorr.net www.pricejoe.com gateways.zscloud.net ifw.noel.gv.at 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net validate.fishpig.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.sandbox.paypal.com http:\/\/*.hotjar.com https:\/\/*.hotjar.com http:\/\/*.hotjar.io https:\/\/*.hotjar.io http:\/\/*.linkedin.com https:\/\/*.linkedin.com http:\/\/*.facebook.com https:\/\/*.facebook.com http:\/\/www.google.com\/ http:\/\/www.google.de\/ https:\/\/www.google.de\/ https:\/\/www.googletagmanager.com http:\/\/www.googletagmanager.com userlike-cdn-operators.s3-eu-west-1.amazonaws.com https:\/\/widgets.trustedshops.com\/ https:\/\/www.mollie.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com sync.1rx.io ad.360yield.com eb2.3lift.com *.adnxs.com *.agkn.com www.awin1.com *.bing.com *.bing.net *.bidswitch.net *.casalemedia.com *.cloudfront.net *.consentmanager.net *.criteo.com public-prod-dspcookiematching.dmxleo.com *.doubleclick.net e1.emxdgt.com media.flixcar.com *.flix360.com *.google.com *.google.de *.googletagmanager.com fonts.gstatic.com *.hagel-shop.de id5-sync.com matching.ivitrack.com contextual.media.net exchange.mediavine.com visitor.omnitagjs.com sync.outbrain.com jadserve.postrelease.com simage2.pubmatic.com *.roeye.com pixel.rubiconproject.com match.sharethrough.com rtb-csync.smartadserver.com criteo-sync.teads.tv *.tiktok.com criteo-partners.tremorhub.com a.twiago.com *.taboola.com sync.targeting.unrulymedia.com t.ssl.ak.dynamic.tiles.virtualearth.net www.wepowerconnections.com ad.yieldlab.net sync-criteo.ads.yieldmo.com *.zenaps.com c.clarity.ms assets.paqato.com www.google.hu www.google.es csm.nl3.eu.criteo.net www.google.nl *.hagel-shop.at bat.bing.com blob: client-side-metrics.fr3.eu.criteo.net client-side-metrics.nl3.eu.criteo.net d3k81ch9hvuctc.cloudfront.net google.com hagel-de.ddev.site media.flixfacts.com modular.flix360.io static-eu.payments-amazon.com t0.ssl.ak.dynamic.tiles.virtualearth.net t1.ssl.ak.dynamic.tiles.virtualearth.net www.google.ae www.google.am www.google.at www.google.ba www.google.be www.google.bg www.google.ca www.google.ch www.google.co.il www.google.co.in www.google.co.kr www.google.co.th www.google.co.uk www.google.co.uz www.google.co.za www.google.com.au www.google.com.br www.google.com.eg www.google.com.hk www.google.com.lb www.google.com.mt www.google.com.mx www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.vn www.google.cz www.google.de www.google.dk www.google.ee www.google.fi www.google.fr www.google.gr www.google.hr www.google.ie www.google.it www.google.jo www.google.li www.google.lu www.google.lv www.google.md www.google.mk www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.se www.google.si www.google.sk www.google.tn www.zenaps.com www.hagel-shop.at www.googleads.g.doubleckick.net www.google.com.ro data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de jsd-widget.atlassian.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com https:\/\/connect.facebook.net\/ https:\/\/snap.licdn.com\/li.lms-analytics\/insight.min.js http:\/\/*.hotjar.com https:\/\/*.hotjar.com http:\/\/*.hotjar.io https:\/\/*.hotjar.io unsafe-inline userlike-cdn-widgets.s3-eu-west-1.amazonaws.com d3dc1lgancj6l0.cloudfront.net api.userlike.com http:\/\/www.google.com\/recaptcha\/ https:\/\/widgets.trustedshops.com\/ js.mollie.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com *.hagel-shop.de *.hagel-shop.at *.ablyft.com www.awin1.com *.bing.com *.clarity.ms *.consentmanager.net *.criteo.com messenger.dixa.io www.dwin1.com cdn.elev.io prod.flixgvid.flix360.io media.flixcar.com media.flixfacts.com *.google-analytics.com *.googleoptimize.com *.hotjar.com lantern.roeyecdn.com lantern.roeye.com the.sciencebehindecommerce.com *.sovendus.com www.sovendus-benefits.com www.sovendus-campaign.com www.sovendus-connect.com www.sovendus-network.com analytics.tiktok.com *.virtualearth.net www.zeitung-direkt.de tracking.paqato.com rum.hlx.page 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com *.magento-datasolutions.com *.magento-ds.com https:\/\/static.klaviyo.com maxcdn.bootstrapcdn.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com *.bing.com media.flixcar.com *.googletagmanager.com css\/light.theme.css static-tracking.klaviyo.com tracking.paqato.com www.gstatic.com 'unsafe-inline' 'self' 'unsafe-inline'; object-src https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net data: 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ *.hagel-shop.de data: mcprod.hagel-shop.de media.flixfacts.com youtube.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de jsd-widget.atlassian.com api-private.atlassian.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.sandbox.paypal.com http:\/\/*.hotjar.com:* https:\/\/*.hotjar.com:* http:\/\/*.hotjar.io https:\/\/*.hotjar.io wss:\/\/*.hotjar.com http:\/\/salesviewer.org\/ userlike-cdn-widgets.s3-eu-west-1.amazonaws.com autocomplete2.postdirekt.de *.trustedshops.com *.etrusted.com *.ablyft.com magento-recs-sdk.adobe.net commerce.adobedtm.com *.bing.com *.bing.net *.clarity.ms *.consentmanager.net *.dixa.io *.criteo.com *.doubleclick.net *.durchsichtig.xyz *.elev.io media.flixcar.com maps.googleapis.com *.google-analytics.com *.google.de *.hagel-shop.de *.hotjar.com *.hotjar.io *.klarinsights.net the.sciencebehindecommerce.com *.sovendus.com analytics.tiktok.com unpkg.com\/@adobe\/ www.wepowerconnections.com tracking.paqato.com api-js.datadome.co api.killadsapi.com api.vid-adblocker.com cmodul.solutenetwork.com data: overbridgenet.com rt.flix360.com static-eu.payments-amazon.com update.adblock360.org www.google.at www.google.ba www.google.be www.google.bg www.google.ca www.google.ch www.google.co.il www.google.co.in www.google.co.kr www.google.co.th www.google.co.uk www.google.com.eg www.google.com.hk www.google.com.mx www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.vn www.google.dk www.google.es www.google.fi www.google.fr www.google.gr www.google.hr www.google.hu www.google.it www.google.lt www.google.lu www.google.mk www.google.nl www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.se www.google.si www.google.sk www.google.tn rum.hlx.page analytics-ipv6.tiktokw.us www.google.cz 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https: data:; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'","count":2},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval'","count":2},{"content-security-policy-report-only":" frame-src 'self' https:\/\/lvpr.tv https:\/\/player.kick.com https:\/\/hosted.paysafe.com https:\/\/buy.moonpay.com https:\/\/*.meshconnect.com https:\/\/*.amazoncognito.com https:\/\/*.myprize.us https:\/\/*.myprize.com https:\/\/*.tequity.ventures https:\/\/*.relaxg.com https:\/\/*.hacksawgaming.com https:\/\/*.bgaming-network.com https:\/\/*.evo-games.com https:\/\/*.petros04.com https:\/\/*.bangspin.com https:\/\/*.slotmill.com https:\/\/*.vegassoftware.com https:\/\/*.mascot.games https:\/\/*.netgaming.com https:\/\/*.pubinterlayer.online https:\/\/*.bgaming-system.com https:\/\/*.marbles.xyz https:\/\/open.mascot.host https:\/\/assets.cdn.systems https:\/\/*.konquer.tech https:\/\/*.gmslnk001.cfd https:\/\/*.gmslnk002.cfd https:\/\/*.evo-games.com http:\/\/static.8127-dg.com https:\/\/lajyanayd8.yrolduiyie.net https:\/\/mck6861dje.xtsbzfybyl.net https:\/\/*.snapchat.com https:\/\/*.facebook.com https:\/\/*.adform.net https:\/\/www.aerosync.com https:\/\/sandbox.aerosync.com https:\/\/*.amazonaws.com; report-uri https:\/\/devops-web-reporting-api.use1.prod.myprize.io\/v1\/reports","count":2},{"content-security-policy-report-only":" default-src 'self';img-src * blob: data: px.ads.linkedin.com www.facebook.com *.doubleclick.net *.clarity.ms;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.amplitude.com *.bootstrapcdn.com *.typekit.net cdn.jsdelivr.net cdn.rlets.com cdnjs.cloudflare.com code.jquery.com js.hsforms.net www.googletagmanager.com *.mysanfordchart.org *.addthis.com *.adroll.com *.adsrvr.org *.ads-twitter.com *.clarity.ms *.cloudfront.net *.doubleclick.net *.fls.doubleclick.net formstack.com *.formstack.com *.formstack.io *.g.doubleclick.net *.google.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.gstatic.com *.invocacdn.com *.liveperson.net *.lpsnmedia.net *.mpio.io onesignal.com *.onesignal.com *.qualtrics.com *.quantcount.com *.quantserve.com *.serving-sys.com *.simpli.fi *.siteintercept.qualtrics.com *.talentegy.com *.tvsquared.com *.twitter.com *.v.liveperson.net *.vimeo.com *.vimeocdn.com aa.agkn.com ajax.aspnetcdn.com assets.sitescdn.net az416426.vo.msecnd.net bat.bing.com cdn.mouseflow.com cdn.popt.in chimpstatic.com data.adxcel-ec2.com embed.typeform.com js.hsadspixel.net js.hs-analytics.net js.hs-banner.com js.hscollectedforms.net js.hsleadflows.net js.hs-scripts.com pixel.mathtag.com pixel.videohub.tv pnapi.invoca.net px.ads.linkedin.com s.amazon-adsystem.com s.pinimg.com s3.amazonaws.com\/checkout.squadup.com\/default\/css\/bootstrap-namespace.min.css script.crazyegg.com sc-static.net siteimproveanalytics.com snap.licdn.com static.addtoany.com static.cloud.coveo.com tags.srv.stackadapt.com tracking.logpostback.com transparency.nrchealth.com trkn.us v1.addthisedge.com www.buzzsprout.com www.groupexpro.com www.youtube.com www.ypo.education\/js\/jsembedcode.js z.moatads.com cdn.mxpnl.com js.hubspot.com *.snapchat.com *.instabot.io *.roobrik.com connect.facebook.net services.cattailsservices.com *.binaryfountain.com *.consumerism.pressganey.com;style-src 'self' 'unsafe-inline' *.bootstrapcdn.com *.fontawesome.com *.googleapis.com *.typekit.net cdn.jsdelivr.net cdnjs.cloudflare.com cloud.typography.com code.jquery.com www.googletagmanager.com *.mysanfordchart.org *.formstack.com *.formstack.io *.gstatic.com *.vimeocdn.com cdn.thinglink.me checkout.stripe.com formsprod.azureedge.net onesignal.com static.cloud.coveo.com tags.srv.stackadapt.com www.groupexpro.com www.youtube.com *.instabot.io services.cattailsservices.com *.consumerism.pressganey.com;font-src 'self' data: *.fontawesome.com *.typekit.com *.typekit.net cdn.jsdelivr.net cdnjs.cloudflare.com *.formstack.com *.gstatic.com *.googleusercontent.com static.cloud.coveo.com staticdev.cloud.coveo.com *.roobrik.com *.consumerism.pressganey.com;frame-src 'self' cdn.jsdelivr.net cdn.rlets.com cdnjs.cloudflare.com www.googletagmanager.com tools.sanfordhealthplan.com *.mysanfordchart.org *.addthis.com *.adsrvr.org *.c.liveperson.net *.doubleclick.net *.fls.doubleclick.net *.formstack.com *.g.doubleclick.net *.google.com *.ipcamlive.com *.lpsnmedia.net *.snapchat.com *.soundcloud.com *.stripe.com *.twitter.com *.v.liveperson.net vimeo.com *.vimeo.com *.youtube.com cdn.onesignal.com e.issuu.com fast.wistia.net forms.hsforms.com host.visualcalc.com js.hsadspixel.net js.hsforms.net pixel.mathtag.com players.brightcove.net static.addtoany.com www.buzzsprout.com www.pinterest.ca www.pinterest.co.uk www.pinterest.com www.pinterest.fr www.pinterest.it www.pinterest.ph ct.pinterest.com www.thinglink.com forms.hubspot.com *.roobrik.com *.cloudfront.net sanford.az1.qualtrics.com www.groupexpro.com;frame-ancestors 'self' *.mysanfordchart.org *.snapchat.com;connect-src 'self' *.amplitude.com cdn.jsdelivr.net cdn.rlets.com cdnjs.cloudflare.com cloud.typography.com code.jquery.com www.googletagmanager.com *.addthis.com *.adroll.com *.clarity.ms *.doubleclick.net *.g.doubleclick.net *.gannettdigital.com *.google.com *.analytics.google.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.gstatic.com *.linkedin.oribi.io onesignal.com *.onesignal.com *.pinterest.com *.quantcount.com *.reachlocalservices.com *.serving-sys.com *.snapchat.com *.squadup.com *.twitter.com *.vimeocdn.com *.z1.dca0.com api.hubapi.com az416426.vo.msecnd.net bat.bing.com dc.services.visualstudio.com *.hsforms.com *.hubspot.com js.hs-scripts.com hubspot-forms-static-embed.s3.amazonaws.com js.hsadspixel.net forms.hscollectedforms.net js.hscollectedforms.net n2.mouseflow.com pnapi.invoca.net sanfordhealth.formstack.com *.formstack.io usageanalytics.coveo.com *.cloud.coveo.com px.ads.linkedin.com snap.licdn.com sc-static.net api.sanfordhealth.org api-js.mixpanel.com *.instabot.io api.fbanalytics.org connect.facebook.net assets.sitescdn.net *.cloudfront.net siteimproveanalytics.com *.roobrik.com services.cattailsservices.com *.consumerism.pressganey.com;form-action 'self' *.fontawesome.com cdnjs.cloudflare.com *.sanfordhealthfoundation.org *.adroll.com *.doubleclick.net *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.pinterest.com *.serving-sys.com *.snapchat.com *.vimeocdn.com api.hubapi.com forms.hsforms.com forms.hubspot.com hubspot-forms-static-embed.s3.amazonaws.com;media-src * data:;object-src 'none';report-uri https:\/\/csp-reporting.sanfordhealth.org\/;","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com fonts.googleapis.com cludo.com customer.cludo.com api.cludo.com *.cookiebot.com siteimprove.com *.siteimprove.com *.siteimproveanalytics.io *.google.com *.newrelic.com newrelic.com *.23video.com *.gstatic.com *.rm.dk *.analysefortegnelsen.dk connect.facebook.net\/en_US\/sdk.js *.rm.dk *.regionshospitalet-horsens.dk *.cpropslagqa.rm.dk *.cpropslagtest.rm.dk auh.intranet.rm.dk alvorligpatologi.dk auh.dk danishairambulance.dk danishneurosciencecenter.dk desikredeinstitutioner.dk diabetes.rm.dk godstrup.dk groennekompetencer.dk horsens.rm.dk human-first.org ikh.rm.dk innoccus-simply.dk klinik-almenmedicin-lemvig.dk landsbyviden.dk life-act.eu madsonline.dk mit.ikh.rm.dk move-interreg.eu psykiatrien.rm.dk randers.rm.dk regionaludvikling.intranet.rm.dk regionsklinikkenskive.dk regionsklinikkenskjern.dk regionsklinikkenthyholm.dk *.akutlaegehelikopter.dk *.antk.dk *.auh.dk *.c2ccc.eu *.cdss.dk *.cfbh.rm.dk *.coolgeoheat.eu *.danishairambulance.dk *.danishneurosciencecenter.dk *.dccc.dk *.defactum.dk *.desikredeinstitutioner.dk *.digi-lingo.eu *.dmcg.dk *.dok.rm.dk en.auh.dk *.faellesservicecenter.dk *.fagperson.auh.dk *.fagperson.hospitalsenhedmidt.dk *.fagperson.psykiatrien.rm.dk *.fagperson.regionshospitalet-goedstrup.dk *.fagperson.regionshospitalet-horsens.dk *.fagperson.regionshospitalet-randers.dk *.fagperson.sundhed.rm.dk *.godstrup.dk *.grenaasundhedshus.dk *.groennekompetencer.dk *.harts.dk *.hemidt.dk *.hemidt.intranet.rm.dk *.holmstrupgaard.rm.dk *.horsens.rm.dk *.hospitalsenhedmidt.dk *.human-first.org *.ikh.rm.dk *.klinik-almenmedicin-lemvig.dk *.kulturregion.dk *.laege-kvalitet.dk *.landsbyviden.rm.dk *.lemvigsundhedshus.dk *.life-bioscape.eu *.marselisborgcentret.dk *.medarbejder.rm.dk *.organdonation.dk *.pa.intra.rm.dk *.patientkommunikation.dk *.ph.rm.dk *.ps-horsens.intra.rm.dk *.ps-midt.intra.rm.dk *.ps-randers.intra.rm.dk *.ps-vest.intra.rm.dk *.psykiatriakademiet.rm.dk *.psykiatrien.rm.dk *.randers.intranet.rm.dk *.randers.rm.dk *.refer-cdr.eu *.regionshospitalet-goedstrup.dk *.regionshospitalet-horsens.dk *.regionshospitalet-randers.dk *.regionsklinikkenskive.dk *.regionsklinikkenskjern.dk *.regionsklinikkenthyholm.dk *.rehabiliteringsforum.dk *.rkkp.dk *.ru.rm.dk *.sau.rm.dk *.sbu.rm.dk *.sekretariatet.intra.rm.dk *.sektorovergang.rm.dk *.skivesundhedshus.dk *.sku.rm.dk *.social.rm.dk *.socialkvalitetsmodel.dk *.socialmedicin.rm.dk *.soh.rm.dk *.specialpsykologuddannelsen.dk *.specpsyksygeplejerske.dk *.stenoaarhus.dk *.sua.rm.dk *.sundhed.rm.dk *.sundhedsaftalen.rm.dk *.sundhedshusringkoebing.dk *.svo.rm.dk *.tvaerspor.dk *.videreuddannelsen-nord.dk *.voldtaegt.dk *.voresbaredygtighed.rm.dk *.windowstudiet.dk *.zgodkender.rm.dk *.ramazzini.dk; style-src 'self'  'unsafe-inline' unpkg.com fonts.googleapis.com cludo.com customer.cludo.com api.cludo.com *.cookiebot.com siteimprove.com *.siteimprove.com *.siteimproveanalytics.io *.google.com *.newrelic.com newrelic.com *.23video.com *.gstatic.com *.rm.dk *.analysefortegnelsen.dk connect.facebook.net\/en_US\/sdk.js *.rm.dk *.regionshospitalet-horsens.dk *.cpropslagqa.rm.dk *.cpropslagtest.rm.dk auh.intranet.rm.dk alvorligpatologi.dk auh.dk danishairambulance.dk danishneurosciencecenter.dk desikredeinstitutioner.dk diabetes.rm.dk godstrup.dk groennekompetencer.dk horsens.rm.dk human-first.org ikh.rm.dk innoccus-simply.dk klinik-almenmedicin-lemvig.dk landsbyviden.dk life-act.eu madsonline.dk mit.ikh.rm.dk move-interreg.eu psykiatrien.rm.dk randers.rm.dk regionaludvikling.intranet.rm.dk regionsklinikkenskive.dk regionsklinikkenskjern.dk regionsklinikkenthyholm.dk *.akutlaegehelikopter.dk *.antk.dk *.auh.dk *.c2ccc.eu *.cdss.dk *.cfbh.rm.dk *.coolgeoheat.eu *.danishairambulance.dk *.danishneurosciencecenter.dk *.dccc.dk *.defactum.dk *.desikredeinstitutioner.dk *.digi-lingo.eu *.dmcg.dk *.dok.rm.dk en.auh.dk *.faellesservicecenter.dk *.fagperson.auh.dk *.fagperson.hospitalsenhedmidt.dk *.fagperson.psykiatrien.rm.dk *.fagperson.regionshospitalet-goedstrup.dk *.fagperson.regionshospitalet-horsens.dk *.fagperson.regionshospitalet-randers.dk *.fagperson.sundhed.rm.dk *.godstrup.dk *.grenaasundhedshus.dk *.groennekompetencer.dk *.harts.dk *.hemidt.dk *.hemidt.intranet.rm.dk *.holmstrupgaard.rm.dk *.horsens.rm.dk *.hospitalsenhedmidt.dk *.human-first.org *.ikh.rm.dk *.klinik-almenmedicin-lemvig.dk *.kulturregion.dk *.laege-kvalitet.dk *.landsbyviden.rm.dk *.lemvigsundhedshus.dk *.life-bioscape.eu *.marselisborgcentret.dk *.medarbejder.rm.dk *.organdonation.dk *.pa.intra.rm.dk *.patientkommunikation.dk *.ph.rm.dk *.ps-horsens.intra.rm.dk *.ps-midt.intra.rm.dk *.ps-randers.intra.rm.dk *.ps-vest.intra.rm.dk *.psykiatriakademiet.rm.dk *.psykiatrien.rm.dk *.randers.intranet.rm.dk *.randers.rm.dk *.refer-cdr.eu *.regionshospitalet-goedstrup.dk *.regionshospitalet-horsens.dk *.regionshospitalet-randers.dk *.regionsklinikkenskive.dk *.regionsklinikkenskjern.dk *.regionsklinikkenthyholm.dk *.rehabiliteringsforum.dk *.rkkp.dk *.ru.rm.dk *.sau.rm.dk *.sbu.rm.dk *.sekretariatet.intra.rm.dk *.sektorovergang.rm.dk *.skivesundhedshus.dk *.sku.rm.dk *.social.rm.dk *.socialkvalitetsmodel.dk *.socialmedicin.rm.dk *.soh.rm.dk *.specialpsykologuddannelsen.dk *.specpsyksygeplejerske.dk *.stenoaarhus.dk *.sua.rm.dk *.sundhed.rm.dk *.sundhedsaftalen.rm.dk *.sundhedshusringkoebing.dk *.svo.rm.dk *.tvaerspor.dk *.videreuddannelsen-nord.dk *.voldtaegt.dk *.voresbaredygtighed.rm.dk *.windowstudiet.dk *.zgodkender.rm.dk *.ramazzini.dk; img-src 'self' data: 'unsafe-inline' unpkg.com fonts.googleapis.com cludo.com customer.cludo.com api.cludo.com *.cookiebot.com siteimprove.com *.siteimprove.com *.siteimproveanalytics.io *.google.com *.newrelic.com newrelic.com *.23video.com *.gstatic.com *.rm.dk *.analysefortegnelsen.dk connect.facebook.net\/en_US\/sdk.js *.rm.dk *.regionshospitalet-horsens.dk *.cpropslagqa.rm.dk *.cpropslagtest.rm.dk auh.intranet.rm.dk alvorligpatologi.dk auh.dk danishairambulance.dk danishneurosciencecenter.dk desikredeinstitutioner.dk diabetes.rm.dk godstrup.dk groennekompetencer.dk horsens.rm.dk human-first.org ikh.rm.dk innoccus-simply.dk klinik-almenmedicin-lemvig.dk landsbyviden.dk life-act.eu madsonline.dk mit.ikh.rm.dk move-interreg.eu psykiatrien.rm.dk randers.rm.dk regionaludvikling.intranet.rm.dk regionsklinikkenskive.dk regionsklinikkenskjern.dk regionsklinikkenthyholm.dk *.akutlaegehelikopter.dk *.antk.dk *.auh.dk *.c2ccc.eu *.cdss.dk *.cfbh.rm.dk *.coolgeoheat.eu *.danishairambulance.dk *.danishneurosciencecenter.dk *.dccc.dk *.defactum.dk *.desikredeinstitutioner.dk *.digi-lingo.eu *.dmcg.dk *.dok.rm.dk en.auh.dk *.faellesservicecenter.dk *.fagperson.auh.dk *.fagperson.hospitalsenhedmidt.dk *.fagperson.psykiatrien.rm.dk *.fagperson.regionshospitalet-goedstrup.dk *.fagperson.regionshospitalet-horsens.dk *.fagperson.regionshospitalet-randers.dk *.fagperson.sundhed.rm.dk *.godstrup.dk *.grenaasundhedshus.dk *.groennekompetencer.dk *.harts.dk *.hemidt.dk *.hemidt.intranet.rm.dk *.holmstrupgaard.rm.dk *.horsens.rm.dk *.hospitalsenhedmidt.dk *.human-first.org *.ikh.rm.dk *.klinik-almenmedicin-lemvig.dk *.kulturregion.dk *.laege-kvalitet.dk *.landsbyviden.rm.dk *.lemvigsundhedshus.dk *.life-bioscape.eu *.marselisborgcentret.dk *.medarbejder.rm.dk *.organdonation.dk *.pa.intra.rm.dk *.patientkommunikation.dk *.ph.rm.dk *.ps-horsens.intra.rm.dk *.ps-midt.intra.rm.dk *.ps-randers.intra.rm.dk *.ps-vest.intra.rm.dk *.psykiatriakademiet.rm.dk *.psykiatrien.rm.dk *.randers.intranet.rm.dk *.randers.rm.dk *.refer-cdr.eu *.regionshospitalet-goedstrup.dk *.regionshospitalet-horsens.dk *.regionshospitalet-randers.dk *.regionsklinikkenskive.dk *.regionsklinikkenskjern.dk *.regionsklinikkenthyholm.dk *.rehabiliteringsforum.dk *.rkkp.dk *.ru.rm.dk *.sau.rm.dk *.sbu.rm.dk *.sekretariatet.intra.rm.dk *.sektorovergang.rm.dk *.skivesundhedshus.dk *.sku.rm.dk *.social.rm.dk *.socialkvalitetsmodel.dk *.socialmedicin.rm.dk *.soh.rm.dk *.specialpsykologuddannelsen.dk *.specpsyksygeplejerske.dk *.stenoaarhus.dk *.sua.rm.dk *.sundhed.rm.dk *.sundhedsaftalen.rm.dk *.sundhedshusringkoebing.dk *.svo.rm.dk *.tvaerspor.dk *.videreuddannelsen-nord.dk *.voldtaegt.dk *.voresbaredygtighed.rm.dk *.windowstudiet.dk *.zgodkender.rm.dk *.ramazzini.dk; connect-src 'self' bam.eu01.nr-data.net sentry.io unpkg.com fonts.googleapis.com cludo.com customer.cludo.com api.cludo.com *.cookiebot.com siteimprove.com *.siteimprove.com *.siteimproveanalytics.io *.google.com *.newrelic.com newrelic.com *.23video.com *.gstatic.com *.rm.dk *.analysefortegnelsen.dk connect.facebook.net\/en_US\/sdk.js *.rm.dk *.regionshospitalet-horsens.dk *.cpropslagqa.rm.dk *.cpropslagtest.rm.dk auh.intranet.rm.dk alvorligpatologi.dk auh.dk danishairambulance.dk danishneurosciencecenter.dk desikredeinstitutioner.dk diabetes.rm.dk godstrup.dk groennekompetencer.dk horsens.rm.dk human-first.org ikh.rm.dk innoccus-simply.dk klinik-almenmedicin-lemvig.dk landsbyviden.dk life-act.eu madsonline.dk mit.ikh.rm.dk move-interreg.eu psykiatrien.rm.dk randers.rm.dk regionaludvikling.intranet.rm.dk regionsklinikkenskive.dk regionsklinikkenskjern.dk regionsklinikkenthyholm.dk *.akutlaegehelikopter.dk *.antk.dk *.auh.dk *.c2ccc.eu *.cdss.dk *.cfbh.rm.dk *.coolgeoheat.eu *.danishairambulance.dk *.danishneurosciencecenter.dk *.dccc.dk *.defactum.dk *.desikredeinstitutioner.dk *.digi-lingo.eu *.dmcg.dk *.dok.rm.dk en.auh.dk *.faellesservicecenter.dk *.fagperson.auh.dk *.fagperson.hospitalsenhedmidt.dk *.fagperson.psykiatrien.rm.dk *.fagperson.regionshospitalet-goedstrup.dk *.fagperson.regionshospitalet-horsens.dk *.fagperson.regionshospitalet-randers.dk *.fagperson.sundhed.rm.dk *.godstrup.dk *.grenaasundhedshus.dk *.groennekompetencer.dk *.harts.dk *.hemidt.dk *.hemidt.intranet.rm.dk *.holmstrupgaard.rm.dk *.horsens.rm.dk *.hospitalsenhedmidt.dk *.human-first.org *.ikh.rm.dk *.klinik-almenmedicin-lemvig.dk *.kulturregion.dk *.laege-kvalitet.dk *.landsbyviden.rm.dk *.lemvigsundhedshus.dk *.life-bioscape.eu *.marselisborgcentret.dk *.medarbejder.rm.dk *.organdonation.dk *.pa.intra.rm.dk *.patientkommunikation.dk *.ph.rm.dk *.ps-horsens.intra.rm.dk *.ps-midt.intra.rm.dk *.ps-randers.intra.rm.dk *.ps-vest.intra.rm.dk *.psykiatriakademiet.rm.dk *.psykiatrien.rm.dk *.randers.intranet.rm.dk *.randers.rm.dk *.refer-cdr.eu *.regionshospitalet-goedstrup.dk *.regionshospitalet-horsens.dk *.regionshospitalet-randers.dk *.regionsklinikkenskive.dk *.regionsklinikkenskjern.dk *.regionsklinikkenthyholm.dk *.rehabiliteringsforum.dk *.rkkp.dk *.ru.rm.dk *.sau.rm.dk *.sbu.rm.dk *.sekretariatet.intra.rm.dk *.sektorovergang.rm.dk *.skivesundhedshus.dk *.sku.rm.dk *.social.rm.dk *.socialkvalitetsmodel.dk *.socialmedicin.rm.dk *.soh.rm.dk *.specialpsykologuddannelsen.dk *.specpsyksygeplejerske.dk *.stenoaarhus.dk *.sua.rm.dk *.sundhed.rm.dk *.sundhedsaftalen.rm.dk *.sundhedshusringkoebing.dk *.svo.rm.dk *.tvaerspor.dk *.videreuddannelsen-nord.dk *.voldtaegt.dk *.voresbaredygtighed.rm.dk *.windowstudiet.dk *.zgodkender.rm.dk *.ramazzini.dk; font-src 'self' fonts.gstatic.com fonts.googleapis.com; frame-src 'self' unpkg.com fonts.googleapis.com cludo.com customer.cludo.com api.cludo.com *.cookiebot.com siteimprove.com *.siteimprove.com *.siteimproveanalytics.io *.google.com *.newrelic.com newrelic.com *.23video.com *.gstatic.com *.rm.dk *.analysefortegnelsen.dk connect.facebook.net\/en_US\/sdk.js *.rm.dk *.regionshospitalet-horsens.dk *.cpropslagqa.rm.dk *.cpropslagtest.rm.dk auh.intranet.rm.dk alvorligpatologi.dk auh.dk danishairambulance.dk danishneurosciencecenter.dk desikredeinstitutioner.dk diabetes.rm.dk godstrup.dk groennekompetencer.dk horsens.rm.dk human-first.org ikh.rm.dk innoccus-simply.dk klinik-almenmedicin-lemvig.dk landsbyviden.dk life-act.eu madsonline.dk mit.ikh.rm.dk move-interreg.eu psykiatrien.rm.dk randers.rm.dk regionaludvikling.intranet.rm.dk regionsklinikkenskive.dk regionsklinikkenskjern.dk regionsklinikkenthyholm.dk *.akutlaegehelikopter.dk *.antk.dk *.auh.dk *.c2ccc.eu *.cdss.dk *.cfbh.rm.dk *.coolgeoheat.eu *.danishairambulance.dk *.danishneurosciencecenter.dk *.dccc.dk *.defactum.dk *.desikredeinstitutioner.dk *.digi-lingo.eu *.dmcg.dk *.dok.rm.dk en.auh.dk *.faellesservicecenter.dk *.fagperson.auh.dk *.fagperson.hospitalsenhedmidt.dk *.fagperson.psykiatrien.rm.dk *.fagperson.regionshospitalet-goedstrup.dk *.fagperson.regionshospitalet-horsens.dk *.fagperson.regionshospitalet-randers.dk *.fagperson.sundhed.rm.dk *.godstrup.dk *.grenaasundhedshus.dk *.groennekompetencer.dk *.harts.dk *.hemidt.dk *.hemidt.intranet.rm.dk *.holmstrupgaard.rm.dk *.horsens.rm.dk *.hospitalsenhedmidt.dk *.human-first.org *.ikh.rm.dk *.klinik-almenmedicin-lemvig.dk *.kulturregion.dk *.laege-kvalitet.dk *.landsbyviden.rm.dk *.lemvigsundhedshus.dk *.life-bioscape.eu *.marselisborgcentret.dk *.medarbejder.rm.dk *.organdonation.dk *.pa.intra.rm.dk *.patientkommunikation.dk *.ph.rm.dk *.ps-horsens.intra.rm.dk *.ps-midt.intra.rm.dk *.ps-randers.intra.rm.dk *.ps-vest.intra.rm.dk *.psykiatriakademiet.rm.dk *.psykiatrien.rm.dk *.randers.intranet.rm.dk *.randers.rm.dk *.refer-cdr.eu *.regionshospitalet-goedstrup.dk *.regionshospitalet-horsens.dk *.regionshospitalet-randers.dk *.regionsklinikkenskive.dk *.regionsklinikkenskjern.dk *.regionsklinikkenthyholm.dk *.rehabiliteringsforum.dk *.rkkp.dk *.ru.rm.dk *.sau.rm.dk *.sbu.rm.dk *.sekretariatet.intra.rm.dk *.sektorovergang.rm.dk *.skivesundhedshus.dk *.sku.rm.dk *.social.rm.dk *.socialkvalitetsmodel.dk *.socialmedicin.rm.dk *.soh.rm.dk *.specialpsykologuddannelsen.dk *.specpsyksygeplejerske.dk *.stenoaarhus.dk *.sua.rm.dk *.sundhed.rm.dk *.sundhedsaftalen.rm.dk *.sundhedshusringkoebing.dk *.svo.rm.dk *.tvaerspor.dk *.videreuddannelsen-nord.dk *.voldtaegt.dk *.voresbaredygtighed.rm.dk *.windowstudiet.dk *.zgodkender.rm.dk *.ramazzini.dk; base-uri 'self'; frame-ancestors 'self'; report-uri https:\/\/o4504207644033024.ingest.us.sentry.io\/api\/4510300403204096\/security\/?sentry_key=0f83650c1c0c90a8ea22a527173f4833&sentry_environment=prod; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" connect-src *; default-src *; font-src * data:; frame-src *; img-src data: *; script-src 'unsafe-inline' 'unsafe-eval' *; script-src-elem 'unsafe-inline' *; style-src 'unsafe-inline' *; style-src-elem 'unsafe-inline' *;","count":2},{"content-security-policy-report-only":" default-src 'self'; style-src 'self' https:\/\/*.typekit.net https:\/\/cdnjs.cloudflare.com; font-src https:\/\/*.typekit.net; script-src 'self' https:\/\/sparkplatform.com https:\/\/cdnjs.cloudflare.com","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https:\/\/locize.app https:\/\/*.locize.app; worker-src 'self' blob:; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; object-src 'none'","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/static.unzer.com https:\/\/applepay.cdn-apple.com maxcdn.bootstrapcdn.com data: 'self' data: https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de https:\/\/plumrocket.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * www.facebook.com *.facebook.com *.nkd.com *.nkd.it 'self' 'unsafe-inline'; frame-ancestors *.nkd.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de https:\/\/www.googletagmanager.com\/ *.facebook.com https:\/\/plumrocket.com https:\/\/payment.unzer.com https:\/\/payment.heidelpay.com https:\/\/sbx-payment.heidelpay.com https:\/\/sbx-payment.unzer.com https:\/\/static-cc.test.unzer.com https:\/\/h.online-metrix.net https:\/\/google.com\/pay https:\/\/pay.google.com\/ https:\/\/test-heidelpay.hpcgw.net\/ https:\/\/sbx-api.heidelpay.com\/ https:\/\/sandbox.clicktopay.auth.visa.com https:\/\/clicktopay.visa.com https:\/\/sandbox.secure.checkout.visa.com https:\/\/secure.checkout.visa.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * secure.pay1.de payments.amazon.de jsctool.com www.jsctool.com js.playground.klarna.com *.tokenization.secure.payone.com https:\/\/accounts.google.com ad4m.at *.criteo.com *.doubleclick.net www.facebook.com hal9000.redintelligence.net *.usercentrics.eu www.usemaxserver.de *.fls.doubleclick.net *.creativecdn.com tsdtocl.com *.sovendus-benefits.com *.sovendus-connect.com *.usemaxserver.de 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.cdninstagram.com maps.googleapis.com maps.gstatic.com https:\/\/static.unzer.com *.online-metrix.net https:\/\/www.gstatic.com flagpedia.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com cdn.pay1.de x.klarnacdn.net *.cloudfront.net m.media-amazon.com static-eu.payments-amazon.com *.hsforms.net *.hsforms.com 'self' data: ad11.adfarm1.adition.com bat.bing.com *.doubleclick.net *.google.com *.google.pl imagesrv.adition.com lantern.roeye.com *.nkd.com track.adform.net usage.trackjs.com *.usercentrics.eu widgets.trustedshops.com www.facebook.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com *.360yield.com *.3lift.com *.addlv.smt.docomo.ne.jp *.adform.net *.admixer.net *.adnxs.com *.adscale.de *.adx.opera.com *.bing.com *.casalemedia.com *.ck-ie.com *.connectad.io *.console.adtarget.com.tr *.creativecdn.com *.dmxleo.com *.e-planning.net *.facebook.com *.facebook.net *.g.doubleclick.net *.go.sonobi.com *.gumgum.com *.inmobi.com *.leap.de *.loopme.me *.marphezis.com *.media.net *.mgid.com *.nexx360.io *.openx.net *.outbrain.com *.roeye.com *.rubiconproject.com *.sharethrough.com *.taboola.com *.teads.tv *.trackjs.com *.udmserve.net *.visx.net *.adition.com *.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.plugins.emarsys.net *.scarabresearch.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.googleapis.com player.vimeo.com connect.facebook.net cdnjs.cloudflare.com *.googleoptimize.com maps.googleapis.com https:\/\/static.unzer.com https:\/\/applepay.cdn-apple.com https:\/\/pay.google.com https:\/\/code.jquery.com https:\/\/h.online-metrix.net https:\/\/h64.online-metrix.net https:\/\/static-v2.unzer.com\/v2\/ui-components\/ *.gstatic.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com secure.pay1.de d.ratepay.com static-eu.payments-amazon.com x.klarnacdn.net cdn.klarna.com jsctool.com d.payla.io *.tokenization.secure.payone.com https:\/\/accounts.google.com https:\/\/www.gstatic.com *.hsforms.net *.hsforms.com ad4m.at api.sovendus.com bat.bing.com *.taboola.com cdn.mouseflow.com core.loopingo.com *.criteo.com *.epoq.de epoq-systems.de *.facebook.net lantern.roeyecdn.com *.nkd.com tags.creativecdn.com *.usercentrics.eu webanalytics.mso.digital widgets.trustedshops.com www.dwin1.com www.usemaxserver.de https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.bing.com *.dwin1.com *.epoq-systems.de *.loopingo.com *.usemaxserver.de *.trustedshops.com *.googletagmanager.com *.mouseflow.com *.outbrain.com *.creativecdn.com d22q3dafggn5rg.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/sandbox.src.mastercard.com https:\/\/static-v2.unzer.com\/v2\/ui-components\/ maxcdn.bootstrapcdn.com *.gstatic.com assets.braintreegateway.com d.ratepay.com d.payla.io dr.payla.io src.mastercard.com https:\/\/accounts.google.com https:\/\/www.gstatic.com *.googleapis.com *.epoq.de epoq-systems.de https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.scarabresearch.com *.eservice.emarsys.net http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ maps.googleapis.com https:\/\/api.unzer.com https:\/\/api.heidelpay.com https:\/\/sbx-api.heidelpay.com https:\/\/sbx-api.unzer.com https:\/\/payment.unzer.com https:\/\/payment.heidelpay.com https:\/\/sbx-payment.heidelpay.com https:\/\/sbx-payment.unzer.com https:\/\/h.online-metrix.net https:\/\/h64.online-metrix.net https:\/\/google.com\/pay https:\/\/www.google.com\/pay https:\/\/pay.google.com https:\/\/test-heidelpay.hpcgw.net\/ https:\/\/sbx-api.heidelpay.com\/ https:\/\/static-cc.test.unzer.com https:\/\/static-v2.unzer.com\/v2\/ui-components\/ www.gstatic.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com payments.amazon.de payments-eu.amazon.com d.ratepay.com jsctool.com eu.playground.klarnaevt.com *.tokenization.secure.payone.com https:\/\/accounts.google.com t.elasticsuite.io *.hsforms.net *.hsforms.com ams.creativecdn.com api.usercentrics.eu bat.bing.com *.criteo.com *.googleapis.com *.taboola.com webanalytics.mso.digital *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.bing.com *.usercentrics.eu *.creativecdn.com *.bing.net *.loopingo.com *.kameleoon.eu *.sovendus.com *.arc.epoq.de *.facebook.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/apis.google.com https:\/\/va.vercel-scripts.com https:\/\/www.googletagmanager.com https:\/\/cdn.intergient.com https:\/\/config.playwire.com https:\/\/*.playwire.com https:\/\/*.intergient.com https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/*.googletagservices.com https:\/\/*.adtrafficquality.google https:\/\/btloader.com https:\/\/*.btloader.com https:\/\/*.amazon-adsystem.com https:\/\/*.adsymptotic.com https:\/\/*.rubiconproject.com https:\/\/*.pubmatic.com https:\/\/*.openx.net https:\/\/*.adnxs.com https:\/\/*.moatads.com https:\/\/*.sharethrough.com https:\/\/*.criteo.com https:\/\/*.crwdcntrl.net https:\/\/cdn.hadronid.net https:\/\/*.id5-sync.com https:\/\/secure.cdn.fastclick.net https:\/\/*.ad.gt https:\/\/*.3lift.com https:\/\/*.2mdn.net; style-src 'self' 'unsafe-inline' https:\/\/www.gstatic.com https:\/\/fonts.googleapis.com https:\/\/config.playwire.com https:\/\/*.intergient.com https:\/\/*.playwire.com; img-src 'self' data: blob: https:\/\/efimg.com https:\/\/cdn.efhub.com https:\/\/lh3.googleusercontent.com https:\/\/www.gstatic.com https:\/\/firebasestorage.googleapis.com https:\/\/*.firebasestorage.app https:\/\/cdn.discordapp.com https:\/\/media.discordapp.net https:\/\/*.playwire.com https:\/\/*.intergient.com https:\/\/*.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/*.amazon-adsystem.com https:\/\/*.moatads.com https:\/\/*.adsymptotic.com https:\/\/raw.githubusercontent.com https:\/\/www.googletagmanager.com https:\/\/*.google.com https:\/\/ad-delivery.net https:\/\/*.ad-delivery.net https:\/\/*.crwdcntrl.net https:\/\/*.id5-sync.com https:\/\/*.nextmillmedia.com https:\/\/*.3lift.com https:\/\/*.criteo.com https:\/\/*.2mdn.net; font-src 'self' https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/identitytoolkit.googleapis.com https:\/\/securetoken.googleapis.com https:\/\/www.googleapis.com https:\/\/apis.google.com https:\/\/firestore.googleapis.com https:\/\/firebasestorage.googleapis.com https:\/\/efootballhub-501e4.firebaseapp.com https:\/\/aqiefltgaydhzehddawg.supabase.co wss:\/\/aqiefltgaydhzehddawg.supabase.co https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.r2.cloudflarestorage.com https:\/\/*.amazonaws.com https:\/\/cdn.intergient.com https:\/\/config.playwire.com https:\/\/*.playwire.com https:\/\/*.intergient.com https:\/\/*.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/*.googletagservices.com https:\/\/*.amazon-adsystem.com https:\/\/*.rubiconproject.com https:\/\/*.pubmatic.com https:\/\/*.openx.net https:\/\/*.adnxs.com https:\/\/*.moatads.com https:\/\/*.adsymptotic.com https:\/\/*.sharethrough.com https:\/\/*.criteo.com https:\/\/fundingchoicesmessages.google.com https:\/\/btloader.com https:\/\/*.btloader.com https:\/\/*.ad-delivery.net https:\/\/ab.dns-finder.com https:\/\/*.crwdcntrl.net https:\/\/*.id5-sync.com https:\/\/cdn.hadronid.net https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.adtrafficquality.google https:\/\/ad-delivery.net https:\/\/id5-sync.com https:\/\/*.eu-1-id5-sync.com https:\/\/direct.adsrvr.org https:\/\/hb.yellowblue.io https:\/\/*.3lift.com https:\/\/*.cootlogix.com https:\/\/*.nextmillmedia.com https:\/\/secure.cdn.fastclick.net https:\/\/*.ad.gt https:\/\/*.gstatic.com https:\/\/*.gumgum.com https:\/\/*.a9.amazon.dev https:\/\/*.tq-tungsten.com; frame-src https:\/\/efootballhub-501e4.firebaseapp.com https:\/\/accounts.google.com https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.adtrafficquality.google https:\/\/*.playwire.com https:\/\/*.intergient.com https:\/\/*.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/*.amazon-adsystem.com https:\/\/*.rubiconproject.com https:\/\/*.pubmatic.com https:\/\/*.openx.net https:\/\/*.adnxs.com https:\/\/*.sharethrough.com https:\/\/*.criteo.com https:\/\/*.3lift.com https:\/\/*.cootlogix.com https:\/\/*.streamrail.com https:\/\/fundingchoicesmessages.google.com https:\/\/btloader.com https:\/\/*.btloader.com; worker-src 'self' blob:; media-src 'self' blob: data: https:\/\/*.intergient.com https:\/\/*.playwire.com https:\/\/*.azurefd.net; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'","count":2},{"content-security-policy-report-only":" default-src 'self' http: filesystem: https:\/\/*-c2es.pantheonsite.io\/ https:\/\/c2es.ddev.site https:\/\/*.addthis.com https:\/\/*.youtube.com; script-src 'unsafe-inline' 'unsafe-eval' http: filesystem: https:\/\/*.google.com https:\/\/fonts.googleapis.com https:\/\/ajax.googleapis.com https:\/\/jnn-pa.googleapis.com https:\/\/*.googletagmanager.com https:\/\/*.youtube.com https:\/\/*.addthis.com https:\/\/*.google-analytics.com https:\/\/*.ytimg.com https:\/\/*.moatads.com https:\/\/*.doubleclick.net https:\/\/*.addthisedge.com https:\/\/cdnjs.cloudflare.com; style-src 'unsafe-inline' http: filesystem: https:\/\/*.google.com https:\/\/fonts.googleapis.com https:\/\/ajax.googleapis.com https:\/\/jnn-pa.googleapis.com https:\/\/*.youtube.com; img-src 'self' http: data: filesystem: https:\/\/*.ytimg.com https:\/\/*.ggpht.com https:\/\/*.gstatic.com https:\/\/*.google-analytics.com; connect-src 'self' filesystem: https:\/\/*.google-analytics.com https:\/\/*.bookingbug.com https:\/\/geolocation.onetrust.com https:\/\/*.cookielaw.org https:\/\/fonts.googleapis.com https:\/\/ajax.googleapis.com https:\/\/jnn-pa.googleapis.com *.addtoany.com; font-src 'self' data: filesystem: fonts.gstatic.com use.typekit.net use.fontawesome.com bespoke.bookingbug.com; media-src 'self' filesystem: *.youtube.com *.vimeo.com *.akamaized.net; report-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'self'; frame-src 'self'; worker-src 'self'; manifest-src 'self'; navigate-to 'self'; prefetch-src 'self'; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" default-src 'self' data:; img-src 'self' data: *.hva.nl *.amsterdamuas.com imgsct.cookiebot.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' consent.cookiebot.com consentcdn.cookiebot.com consent.cookiebot.eu consentcdn.cookiebot.eu www.googletagmanager.com www.google.com www.google-analytics.com; script-src-elem 'unsafe-inline' 'self' consent.cookiebot.com consentcdn.cookiebot.com consent.cookiebot.eu consentcdn.cookiebot.eu www.googletagmanager.com www.google.com www.google-analytics.com; object-src 'self'; base-uri 'none'; frame-ancestors 'self'; frame-src 'self' consent.cookiebot.com consentcdn.cookiebot.com consent.cookiebot.eu consentcdn.cookiebot.eu www.google.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' fonts.gstatic.com; connect-src 'self' *.hva.nl *.amsterdamuas.com www.google-analytics.com www.googletagmanager.com consent.cookiebot.com consentcdn.cookiebot.com consent.cookiebot.eu consentcdn.cookiebot.eu","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/captcha-api.yandex.ru https:\/\/bitrix.info https:\/\/api-maps.yandex.ru https:\/\/yastatic.net https:\/\/core-renderer-tiles.maps.yandex.net; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:\/\/yastatic.net https:\/\/core-renderer-tiles.maps.yandex.net https:\/\/yandex.ru https:\/\/log.api-maps.yandex.ru; font-src 'self' data:; connect-src 'self'; frame-src 'self' https:\/\/kinescope.io https:\/\/captcha-api.yandex.ru https:\/\/bidzaar.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.pike13.com https:\/\/cdnjs.cloudflare.com https:\/\/connect.facebook.net https:\/\/platform.linkedin.com https:\/\/platform.twitter.com https:\/\/snap.licdn.com https:\/\/tracking.g2crowd.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/*.hotjar.com https:\/\/*.hs-analytics.net https:\/\/*.hs-banner.com https:\/\/*.hs-scripts.com https:\/\/*.hsadspixel.net https:\/\/*.hscollectedforms.net https:\/\/*.hsforms.net https:\/\/*.hubspot.com https:\/\/*.hubspotusercontent-na1.net https:\/\/*.hsappstatic.net https:\/\/*.hubapi.com https:\/\/*.wufoo.com; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https:\/\/*.pike13.com https:\/\/fonts.googleapis.com https:\/\/*.hsappstatic.net https:\/\/*.hsforms.net https:\/\/*.hubspotusercontent-na1.net; font-src 'self' https:\/\/*.pike13.com https:\/\/fonts.gstatic.com https:\/\/*.hubspotusercontent-na1.net https:\/\/www.google.com; img-src 'self' https:\/\/*.pike13.com https:\/\/*.hubspot.com https:\/\/*.hubspot.net https:\/\/*.hsforms.com https:\/\/*.hubspotusercontent-na1.net https:\/\/*.hsforms.com https:\/\/*.linkedin.com https:\/\/*.hsappstatic.net https:\/\/*.facebook.com https:\/\/*.facebook.net https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.twitter.com; connect-src 'self' https:\/\/*.pike13.com https:\/\/analytics.google.com https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/px.ads.linkedin.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/*.hs-banner.com https:\/\/*.hscollectedforms.net https:\/\/*.hs-collectedforms.net https:\/\/*.hsforms.net https:\/\/*.hsforms.com https:\/\/*.hubapi.com https:\/\/*.hubspot.com https:\/\/*.doubleclick.net; frame-src 'self' https:\/\/*.pike13.com https:\/\/*.hs-sites.com https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/*.facebook.com https:\/\/*.twitter.com; object-src 'none'; worker-src 'none'; base-uri 'self'; manifest-src 'self'; media-src 'self'; report-uri https:\/\/pike13.report-uri.com\/r\/d\/csp\/wizard;","count":2},{"content-security-policy-report-only":" default-src 'self';  script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval'   *.hubspot.com *.cookielaw.org *.cdntwrk.com *.wistia.com *.wistia.net *.q2.com   *.sentry-cdn.com *.clarity.ms *.google.com *.googletagmanager.com *.googleapis.com   *.googleadservices.com *.gstatic.com *.hsappstatic.com *.hsappstatic.net *.hubspot.net   *.hs-banner.com *.hsadspixel.net *.hs-analytics.com *.hs-analytics.net *.licdn.com   *.marketo.net *.marketo.com *.zoominfo.com *.bizible.com *.6sc.co *.qualified.com   *.segment.com *.bugcrowd.com *.bugcrowdusercontent.com bugcrowd.com   *.jsdeliver.net *.jsdelivr.net *.cloudflare.com *.doubleclick.net *.youtube.com   *.hubspotusercontent-na1.net *.pathfactory.com *.zuddl.com   8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com   *.crazyegg.com *.callrail.com *.linkedin.com *.facebook.net *.twitter.com;  style-src 'self' *.q2.com 'report-sample' 'unsafe-inline'   *.cdntwrk.com *.googleapis.com *.hsappstatic.net *.hubspot.net   *.jsdeliver.net *.jsdelivr.net *.marketo.com   7044196.fs1.hubspotusercontent-na1.net 7044196.fs2.hubspotusercontent-na1.net   *.hubspotusercontent-na1.net *.pathfactory.com *.googletagmanager.com   *.zuddl.com *.qualified.com;  object-src 'none';  base-uri 'self';  connect-src 'self'   *.mktoresp.com *.hubspotusercontent-na1.net *.google.com *.hubspot.com   *.hs-banner.com *.onetrust.com *.cookielaw.org *.wistia.com   *.embed-cloudfront.wistia.com *.wistia.net *.6sc.co *.6sense.com   *.qualified.com wss:\/\/*.qualified.com *.segment.com *.segment.io *.linkedin.com   *.google-analytics.com *.clarity.ms *.hubapi.com *.doubleclick.com   https:\/\/stats.g.doubleclick.net *.zoominfo.com *.adnxs.com *.litix.io   *.marketo.com *.doubleclick.net *.youtube.com *.pathfactory.com   *.zuddl.com api.prod.zuddl.com *.crazyegg.com *.gonorth.io *.callrail.com   *.googleadservices.com *.sentry-cdn.com *.hsappstatic.net;  font-src 'self' data:   *.gstatic.com *.cdntwrk.com *.wistia.com *.wistia.net   7044196.fs1.hubspotusercontent-na1.net *.pathfactory.com *.zuddl.com *.hsappstatic.net;  frame-src 'self' *.q2.com *.qualified.com *.doubleclick.net *.wistia.net *.gstatic.com   *.google.com *.googletagmanager.com *.bugcrowd.com bugcrowd.com *.hubspotvideo.com   *.marketo.com *.youtube.com *.pathfactory.com *.uberflip.com *.zuddl.com *.on24.com   *.libsyn.com;  img-src 'self' *.q2.com data:   *.hubspotusercontent-na1.net *.hsappstatic.net *.6sc.co *.cdntwrk.com   *.cookielaw.org *.wistia.com *.hsforms.com *.linkedin.com *.hubspot.com *.hubspot.net   *.bizible.com *.cloudinary.com *.clarity.ms *.bing.com *.googletagmanager.com   *.placeholder.com *.marketo.com googleads.g.doubleclick.net *.doubleclick.net   *.google.com *.youtube.com *.hubspotusercontent40.net *.pathfactory.com   *.bizibly.com *.gstatic.com *.zuddl.com *.imgix.net *.wistia.net *.qualified.com;  manifest-src 'self';  media-src 'self' *.q2.com   7044196.fs1.hubspotusercontent-na1.net 7044196.fs2.hubspotusercontent-na1.net   7044196.fs1.hubspotusercontent-eu1.net 7044196.fs2.hubspotusercontent-eu1.net   *.marketo.com blob: *.doubleclick.net *.youtube.com *.pathfactory.com;  form-action 'self'   *.marketo.com *.mktoweb.com *.zuddl.com *.callrail.com *.googleadservices.com   *.qualified.com;  frame-ancestors 'self' *.q2.com *.pathfactory.com *.lookbookhq.com;  report-to https:\/\/343747560e392f7a31ae9a0247c09302.report-uri.com\/r\/d\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" worker-src *.litter-robot.com *.litterbox.com *.whisker.com *.osano.com blob:; font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.elev.io *.paypalobjects.com *.klarnacdn.net 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.certcapture.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.osano.com *.klarna.com https:\/\/*.talkable.com 'self' 'unsafe-inline'; img-src data: *.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io widgets.automizely.com widgets.automizely.io *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.affirm.com *.affirm.ca *.certcapture.com magefan.com cm.magefan.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.adnxs.com *.adsrvr.org *.applovin.com aa.agkn.com *.bidr.io *.bing.com *.doubleclick.net *.facebook.com *.gotolstoy.com *.lightboxcdn.com *.localizecdn.com *.reddit.com *.twitter.com *.pinterest.com *.pbbl.co *.tiktok.com *.litter-robot.com *.litterbox.com *.whisker.com https:\/\/*.ordergroove.com *.klarna.com *.klarnaevt.com *.klarnacdn.net *.disqus.com *.cdn.imgeng.in *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com ajax.googleapis.com fonts.googleapis.com widgets.automizely.com widgets.automizely.io *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.certcapture.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.acsbapp.com *.adnxs.com *.ads-twitter.com *.adsrvr.org *.applovin.com *.attn.tv *.bing.com *.byspotify.com *.dixa.io *.dstillery.com *.elev.io *.exponea.com *.facebook.net *.gleamjs.io *.gotolstoy.com *.hotjar.com *.impactcdn.com *.iubenda.com *.lightboxcdn.com *.localizecdn.com action.media6degrees.com *.noibu.com *.onescreen.ai *.pepperjam.com *.pinimg.com *.pinterest.com *.redditstatic.com *.tiktok.com getrockerbox.com *.litter-robot.com *.litterbox.com *.whisker.com *.optimizely.com s3-us-west-2.amazonaws.com *.pbbl.co d2hrivdxn8ekm8.cloudfront.net c.amazon-adsystem.com *.osano.com https:\/\/*.ordergroove.com https:\/\/elements.sika.health *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.disqus.com *.cdn.imgeng.in *.hsforms.net *.hsforms.com https:\/\/d2jjzw81hqbuqv.cloudfront.net https:\/\/di6re4dxelnn2.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com widgets.automizely.com widgets.automizely.io *.certcapture.com assets.braintreegateway.com *.gotolstoy.com *.lightboxcdn.com *.plyr.io *.litter-robot.com *.litterbox.com *.whisker.com *.osano.com *.klarnacdn.net *.adobedtm.com *.cdn.imgeng.in *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.gotolstoy.com *.litter-robot.com *.litterbox.com *.whisker.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com api.automizely.com api.automizely.io *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.certcapture.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.acsbapp.com *.adsrvr.org *.adnxs.com *.applovin.com s.axon.ai c.albss.com *.attentivemobile.com *.attn.tv *.bing.com *.dixa.io *.doubleclick.net *.elev.io *.exponea.com *.facebook.com js.go2sdk.com *.googlesyndication.com *.gotolstoy.com *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com *.iubenda.com *.localizecdn.com *.noibu.com wss:\/\/*.noibu.com *.onescreen.ai *.pinterest.com *.plyr.io *.reddit.com *.redditstatic.com *.spotify.com *.tiktok.com *.litter-robot.com *.litterbox.com *.whisker.com *.optimizely.com *.telemetry.vaultdcr.com rp.liadm.com whisker.pxf.io *.osano.com https:\/\/*.ordergroove.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/472ad5a6-d25e-45ca-8d99-f4067de68ea9.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src 'self' https:; connect-src 'self' https: wss: javascript:; font-src 'self' data: use.typekit.net fonts.gstatic.com *.cloudfront.net fonts.googleapis.com assets.parentsquare.com assets.sandbox.parentsquare.com assets.staging.parentsquare.com themes.googleusercontent.com; form-action 'self' https:; frame-ancestors 'self'; img-src 'self' blob: data: https: pbs.twimg.com; media-src 'self' data: blob: https:; object-src 'self' parentsquare-restricted-data-production.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; worker-src 'self' blob:; report-uri \/csp_report","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' platform.twitter.com cdn.cookielaw.org geolocation.onetrust.com native.sharethrough.com connect.facebook.net www.instagram.com pagead2.googlesyndication.com *.googlesyndication.com www.google.com www.gstatic.com code.jquery.com ep2.adtrafficquality.google securepubads.g.doubleclick.net *.doubleclick.net *.doubleverify.com use.typekit.net *.typekit.net assets.adobedtm.com mps.nbcuni.com *.nbcuni.com commerce.nbcuni.com nonprod-commerce.nbcuni.com *.pubexchange.com player.theplatform.com *.theplatform.com *.fwmrm.net *.omtrdc.net jssdkcdns.mparticle.com *.rubiconproject.com cdn.amplitude.com nbcu.track.securedvisit.com cdn.ampproject.org www.googletagservices.com cdn.concert.io pn.ybp.yahoo.com *.adroll.com cdn.js7k.com pixel.adsafeprotected.com; style-src 'self' 'unsafe-inline' use.typekit.net *.typekit.net platform.twitter.com fonts.googleapis.com commerce.nbcuni.com; img-src 'self' data: https: http:; font-src 'self' data: use.typekit.net *.typekit.net fonts.gstatic.com *.media-amazon.com cdn.bidbrain.app nonprod-commerce.nbcuni.com; connect-src 'self' https: wss: http:\/\/mps.nbcuni.com http:\/\/match.adsrvr.org http:\/\/id.sv.rkdms.com http:\/\/api.rlcdn.com geolocation.onetrust.com cdn.cookielaw.org; media-src 'self' https: blob:; frame-src 'self' platform.twitter.com www.instagram.com connect.facebook.net player.theplatform.com *.theplatform.com www.google.com ep2.adtrafficquality.google googleads.g.doubleclick.net *.doubleclick.net *.googlesyndication.com www.googleadservices.com *.demdex.net *.criteo.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self'","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/exercism.org https:\/\/api.exercism.org https:\/\/assets.exercism.org; connect-src 'self' ws:\/\/exercism.org https:\/\/cdn.jsdelivr.net https:\/\/*.ingest.sentry.io; img-src 'self' data: https:\/\/*; media-src *; script-src 'self' https:\/\/exercism.org https:\/\/api.exercism.org https:\/\/assets.exercism.org https:\/\/js.stripe.com https:\/\/cdn.jsdelivr.net https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/; frame-src https:\/\/js.stripe.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/; font-src 'self' https:\/\/exercism.org https:\/\/api.exercism.org https:\/\/assets.exercism.org https:\/\/maxcdn.bootstrapcdn.com; style-src 'self' https:\/\/exercism.org https:\/\/api.exercism.org https:\/\/assets.exercism.org 'unsafe-inline' https:\/\/maxcdn.bootstrapcdn.com; child-src 'none'","count":2},{"content-security-policy-report-only":" connect-src 'self' https: wss:; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' data:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; script-src-elem 'self'; style-src 'self'; style-src-elem 'self'; worker-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; report-uri https:\/\/csp.volet.com\/csp-reports; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; form-action 'self' https:; object-src 'none'; base-uri 'self'; frame-ancestors 'self'; upgrade-insecure-requests;","count":2},{"content-security-policy-report-only":" connect-src 'self' data: ; default-src 'self' blob: data: ; font-src 'self' data: ; img-src 'self' data: ; media-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; worker-src 'self' blob:;","count":2},{"content-security-policy-report-only":" default-src 'self' data: blob: *.armstrong.com *.armstrongceilings.com armstrongceilings.my.salesforce-sites.com d2qrdklrsxowl2.cloudfront.net player.interactivity.brightcove.com fonts.gstatic.com www.google-analytics.com;style-src 'self' 'unsafe-inline' fast.fonts.net d2qrdklrsxowl2.cloudfront.net *.s3.amazonaws.com fonts.googleapis.com player.interactivity.brightcove.com;form-action 'self' *.armstrong.com  *.armstrongceilings.com  *.salesforceliveagent.com armstrongceilings.my.site.com;frame-ancestors 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.armstrong.com *.armstrongceilings.com *.analytics.google.com *.clearbitscripts.com *.google-analytics.com *.google.com *.mountain.com *.outbrain.com *.salesforceliveagent.com assets.adobedtm.com cdn-cookieyes.com connect.facebook.net d2qrdklrsxowl2.cloudfront.net googleads.g.doubleclick.net js-na1.hs-scripts.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsadspixel.net js.hscollectedforms.net js.hsforms.net lib-us-3.brilliantcollector.com players.brightcove.net scripts.clarity.ms snap.licdn.com vjs.zencdn.net www.googleadservices.com www.googletagmanager.com www.gstatic.com 100.20.58.101 18.210.229.244 3.212.39.155 34.215.155.61 35.160.46.251 35.85.84.151 44.212.189.233 44.228.85.26 44.238.122.172 52.22.50.55 52.71.121.170 54.156.2.105 54.156.2.105100.20.58.101;frame-src 'self' bid.g.doubleclick.net d2qrdklrsxowl2.cloudfront.net armstrong.demdex.net www.google.com;img-src 'self' data: *.armstrong.com *.armstrongceilings.com  *.brightcove.com *.outbrain.com armstrongceilings.my.salesforce-sites.com cdn-cookieyes.com cf-images.us-east-1.prod.boltdns.net cm.everesttech.net data.coremetrics.com dpm.demdex.net p.adsymptotic.com px.ads.linkedin.com s7d2.scene7.com www.google-analytics.com www.google.com www.googletagmanager.com track.hubspot.com www.facebook.com;connect-src 'self' *.armstrong.com *.armstrongceilings.com *.akamaihd.net *.brightcove.com *.clearbitscripts.com *.cookieyes.com *.google-analytics.com *.hapyak.com api.hubapi.com armstrong.tt.omtrdc.net brightcove.hs.llnwd.net cdn-cookieyes.com cdn.linkedin.oribi.io dpm.demdex.net edge.adobedc.net edge.api.brightcove.com forms.hsforms.com house-fastly-signed-us-east-1-prod.brightcovecdn.com i.clarity.ms lib-us-3.brilliantcollector.com manifest.prod.boltdns.net px.ads.linkedin.com stats.g.doubleclick.net 100.20.58.101 18.210.229.244 3.212.39.155 34.215.155.61 35.160.46.251 35.85.84.151 44.212.189.233 44.228.85.26 44.238.122.172 52.22.50.55 52.71.121.170 54.156.2.105","count":2},{"content-security-policy-report-only":" font-src 'self'; frame-src 'self'; img-src 'self' data: https:\/\/img.airtel.tv https:\/\/moe-email-campaigns.s3.amazonaws.com https:\/\/image.moengage.com; style-src report-sample 'self' 'unsafe-inline'; script-src report-sample 'self' 'unsafe-inline' https:\/\/app.link\/_r https:\/\/cdn.branch.io\/branch-latest.min.js https:\/\/www.googletagmanager.com\/gtag\/js;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.fontawesome.com maxcdn.bootstrapcdn.com *.gls.com *.szybkapaczka.pl *.gls-poland.com\/ https:\/\/*.easypack24.net https:\/\/fonts.bunny.net fonts.googleapis.com https:\/\/*.typekit.net https:\/\/font.static.useinsider.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com accounts.google.com www.facebook.com api.twitter.com www.linkedin.com api.instagram.com *.amazon.com *.twitch.tv login.microsoftonline.com https:\/\/pinterest.com https:\/\/www.pinterest.com appleid.apple.com https:\/\/*.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/www.googletagmanager.com\/ secure.payu.com merch-prod.snd.payu.com https:\/\/parcelshop.dhl.pl https:\/\/pudofinder.dpd.com.pl https:\/\/widget.packeta.com https:\/\/backup.widget.packeta.com *.szybkapaczka.pl *.gls-poland.com\/ https:\/\/*.dpd.com.pl\/ https:\/\/*.dpd.cz\/ https:\/\/consentcdn.cookiebot.com https:\/\/*.livechatinc.com https:\/\/secure-fra.livechatinc.com https:\/\/creativecdn.com https:\/\/martes.api.useinsider.com https:\/\/ams.creativecdn.com https:\/\/*.doubleclick.net https:\/\/*.criteo.com https:\/\/martes.api.useinsider.com\/ https:\/\/*.criteo.net https:\/\/www.facebook.com https:\/\/*.avin1.com https:\/\/*.packeta.com https:\/\/api.dpd.cz\/ 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ static.payu.com https:\/\/*.sysadvisors.pl *.szybkapaczka.pl *.openstreetmap.org *.gls-poland.com\/ *.gls-poland.com.pl\/ https:\/\/*.easypack24.net https:\/\/*.inpost.pl https:\/\/trustmate.io magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com quickchart.io img.youtube.com https:\/\/fitanu.com https:\/\/*.paynow.pl https:\/\/*.cookiebot.com https:\/\/*.glami.pl https:\/\/*.bing.com https:\/\/google.pl https:\/\/*.useinsider.com https:\/\/*.google.pl https:\/\/log.api.useinsider.com https:\/\/*.adnxs.com https:\/\/cm.g.doubleclick.net https:\/\/*.creativecdn.com https:\/\/*.udmserve.net https:\/\/*.rubiconproject.com https:\/\/*.wp.pl https:\/\/*.teads.tv https:\/\/*.taboola.com https:\/\/*.adscale.de https:\/\/*.3lift.com https:\/\/*.outbrain.com https:\/\/*.smartadserver.com https:\/\/*.yieldmo.com https:\/\/*.openx.net https:\/\/*.360yield.com https:\/\/*.33across.com https:\/\/*.seedtag.com https:\/\/sync.go.sonobi.com https:\/\/*.nexx360.io https:\/\/*.clarity.ms https:\/\/*.casalemedia.com https:\/\/*.lijit.com https:\/\/*.omnitagjs.com https:\/\/*.media.net https:\/\/*.loopme.me https:\/\/onetag-sys.com https:\/\/*.mgid.com https:\/\/*.ad.smaato.net https:\/\/*.rmp.rakuten.com https:\/\/*.visx.net http:\/\/*.credit-agricole.pl https:\/\/*.facebook.com https:\/\/*.bidswitch.net https:\/\/*.zdusercontent.com https:\/\/*.criteo.com https:\/\/*.1rx.io https:\/\/*.emxdgt.com https:\/\/*.yieldlab.net https:\/\/*.tremorhub.com https:\/\/*.sharethrough.com https:\/\/*.pubmatic.com https:\/\/*.postrelease.com https:\/\/*.mediavine.com https:\/\/*.ivitrack.com https:\/\/id5-sync.com https:\/\/*.zendesk.com https:\/\/*.dmxleo.com https:\/\/*.facebook.net https:\/\/*.avin1.com https:\/\/*.unrulymedia.com https:\/\/sklepmartes.pl https:\/\/*.packeta.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ secure.payu.com secure.snd.payu.com https:\/\/*.sysadvisors.pl *.snrbox.com https:\/\/*.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/*.mapbox.com https:\/\/widget.packeta.com https:\/\/backup.widget.packeta.com *.szybkapaczka.pl *.openstreetmap.org *.gls-poland.com\/ *.klarna.com https:\/\/unpkg.com https:\/\/cdn.jsdelivr.net https:\/\/*.easypack24.net https:\/\/trustmate.io https:\/\/cz.im9.cz https:\/\/sk.im9.cz *.avada.io *.shopify.com https:\/\/*.paynow.pl https:\/\/*.intum.com https:\/\/*.demoup.com https:\/\/cdn.intum.com https:\/\/*.cookiebot.com https:\/\/*.clarity.ms https:\/\/*.azureedge.net https:\/\/*.livechatinc.com https:\/\/*.wp.pl https:\/\/*.dmdi.pl https:\/\/*.savecart.pl https:\/\/*.goadservices.com https:\/\/*.bing.com https:\/\/*.dwin1.com https:\/\/glamipixel.com https:\/\/trafficscanner.pl https:\/\/*.cloudflareinsights.com https:\/\/martes.api.useinsider.com https:\/\/tags.creativecdn.com https:\/\/script.ar-mtch1.com https:\/\/eitri.api.useinsider.com https:\/\/*.allekurier.pl https:\/\/*.luigisbox.tech https:\/\/*.criteo.com https:\/\/*.facebook.net https:\/\/*.tiktok.com https:\/\/*.avin1.com https:\/\/*.martessport.eu https:\/\/*.packeta.com https:\/\/*.sklepmartes.pl https:\/\/cdn.thulium.com\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/*.sysadvisors.pl *.snrcdn.net https:\/\/*.mapbox.com *.szybkapaczka.pl *.gls-poland.com\/ *.klarnacdn.net https:\/\/cdn.jsdelivr.net https:\/\/*.easypack24.net https:\/\/trustmate.io https:\/\/fonts.bunny.net fonts.gstatic.com https:\/\/assets.api.useinsider.com https:\/\/*.luigisbox.tech https:\/\/*.sklepmartes.pl 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ *.szybkapaczka.pl *.gls-poland.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ secure.payu.com merch-prod.snd.payu.com https:\/\/*.sysadvisors.pl *.snrbox.com https:\/\/api.mapbox.com https:\/\/events.mapbox.com https:\/\/widget.packeta.com https:\/\/backup.widget.packeta.com *.szybkapaczka.pl *.openstreetmap.org *.gls-poland.com\/ *.klarna.com https:\/\/*.easypack24.net https:\/\/trustmate.io https:\/\/get.geojs.io *.avada.io https:\/\/*.demoup.com https:\/\/mycliplister.com https:\/\/*.google-analytics.com https:\/\/*.livechatinc.com https:\/\/googleads.g.doubleclick.net https:\/\/ams.creativecdn.com https:\/\/lt.ar-mtch1.com https:\/\/*.cookiebot.com https:\/\/*.useinsider.com https:\/\/*.clarity.ms https:\/\/*.bing.com https:\/\/*.inpost.pl https:\/\/*.luigisbox.tech https:\/\/*.tiktok.com https:\/\/*.sklepmartes.pl https:\/\/*.criteo.com https:\/\/*.keys.adm-services.goog https:\/\/*.facebook.com https:\/\/*.googlesyndication.com https:\/\/*.packeta.com https:\/\/pixel.wp.pl\/ https:\/\/cdn.thulium.com\/ https:\/\/*.google.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" base-uri 'self'; connect-src 'self' https:\/\/*.google.com https:\/\/boards-api.greenhouse.io https:\/\/images.prismic.io https:\/\/o43253.ingest.sentry.io https:\/\/pagead2.googlesyndication.com https:\/\/www.gstatic.com https:\/\/bat.bing.com https:\/\/*.clarity.ms; default-src 'self'; font-src 'self'; form-action 'none'; frame-ancestors 'none'; frame-src https:\/\/*.enterprise.ada.com https:\/\/boards.greenhouse.io https:\/\/insight.adsrvr.org https:\/\/td.doubleclick.net https:\/\/tpc.googlesyndication.com https:\/\/www.youtube-nocookie.com; img-src 'self' data: https:\/\/adahealth.cdn.prismic.io https:\/\/assets.ada.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/images.prismic.io https:\/\/prismic-io.s3.amazonaws.com https:\/\/www.facebook.com https:\/\/pagead2.googlesyndication.com https:\/\/adservice.google.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/bat.bing.com https:\/\/*.clarity.ms; manifest-src 'self'; media-src 'self' https:\/\/adahealth.cdn.prismic.io; script-src 'self' 'unsafe-inline' https:\/\/boards.greenhouse.io https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/js.adsrvr.org https:\/\/tpc.googlesyndication.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com https:\/\/bat.bing.com https:\/\/www.clarity.ms; style-src 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/bioland.we.network\/ https:\/\/my.dlv.de\/","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.wistia.com https:\/\/*.wistia.net https:\/\/cdn.growthbook.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com https:\/\/gtm.moneybird.nl https:\/\/gtm.moneybird.de https:\/\/gtm.moneybird.com https:\/\/gtm.moneybird.be https:\/\/www.google-analytics.com https:\/\/www.youtube.com https:\/\/maps.googleapis.com https:\/\/bat.bing.com https:\/\/*.demio.com https:\/\/d3s4clg74dg0wr.cloudfront.net https:\/\/zapier.com https:\/\/www.clarity.ms https:\/\/static.homerun.co https:\/\/unpkg.com\/@googlemaps\/ https:\/\/euc-widget.freshworks.com https:\/\/moneybird.freshdesk.com https:\/\/*.wistia.com https:\/\/*.wistia.net https:\/\/*.intercom.io wss:\/\/*.intercom.io https:\/\/intercom-sheets.com\/ https:\/\/*.intercomcdn.eu https:\/\/*.intercomcdn.com https:\/\/*.intercomassets.eu; style-src 'self' 'unsafe-inline' https:\/\/moneybird.nl https:\/\/www.moneybird.nl https:\/\/www.googletagmanager.com https:\/\/gtm.moneybird.nl https:\/\/gtm.moneybird.de https:\/\/gtm.moneybird.com https:\/\/gtm.moneybird.be https:\/\/www.gstatic.com https:\/\/d3s4clg74dg0wr.cloudfront.net https:\/\/fonts.googleapis.com https:\/\/*.demio.com https:\/\/static.homerun.co https:\/\/fonts.bunny.net https:\/\/euc-widget.freshworks.com https:\/\/moneybird.freshdesk.com https:\/\/*.adyen.com\/ https:\/\/intercom-sheets.com\/ https:\/\/*.intercomcdn.eu https:\/\/*.intercomcdn.com https:\/\/*.intercomassets.eu; img-src 'self' https:\/\/moneybird.nl https:\/\/www.moneybird.nl https:\/\/prismic-io.s3.amazonaws.com https:\/\/images.prismic.io https:\/\/moneybird.cdn.prismic.io https:\/\/dl6oytjgv033w.cloudfront.net https:\/\/www.gstatic.com https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/gtm.moneybird.nl https:\/\/gtm.moneybird.de https:\/\/gtm.moneybird.com https:\/\/gtm.moneybird.be https:\/\/www.google.nl https:\/\/www.google.com https:\/\/i.ytimg.com https:\/\/maps.gstatic.com https:\/\/csi.gstatic.com https:\/\/maps.googleapis.com https:\/\/bat.bing.com https:\/\/zapier.com https:\/\/cdn.zapier.com https:\/\/euc-widget.freshworks.com https:\/\/moneybird.freshdesk.com https:\/\/*.wistia.com https:\/\/*.wistia.net data: https:\/\/*.adyen.com\/ https:\/\/intercom-sheets.com\/ https:\/\/*.intercomcdn.eu https:\/\/*.intercomcdn.com https:\/\/*.intercomassets.eu; object-src 'self' https:\/\/www.youtube-nocookie.com https:\/\/www.youtube.com; connect-src 'self' https:\/\/moneybird.nl https:\/\/www.moneybird.nl https:\/\/help.moneybird.nl https:\/\/bat.bing.com https:\/\/gtm.moneybird.nl https:\/\/gtm.moneybird.com https:\/\/gtm.moneybird.be https:\/\/gtm.moneybird.de https:\/\/pagead2.googlesyndication.com https:\/\/*.google-analytics.com https:\/\/www.gstatic.com https:\/\/moneybird.com https:\/\/www.moneybird.com https:\/\/homerun.co https:\/\/stats.g.doubleclick.net https:\/\/*.demio.com https:\/\/*.clarity.ms https:\/\/embed.homerun.co https:\/\/maps.googleapis.com https:\/\/euc-widget.freshworks.com https:\/\/moneybird.freshdesk.com https:\/\/*.wistia.com https:\/\/*.wistia.net https:\/\/cdn.growthbook.io https:\/\/*.intercom.io wss:\/\/*.intercom.io https:\/\/*.intercom-messenger.com wss:\/\/*.intercom-messenger.com https:\/\/intercom-sheets.com\/ https:\/\/*.intercomcdn.eu https:\/\/*.intercomcdn.com https:\/\/*.intercomassets.eu; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/gtm.moneybird.nl https:\/\/gtm.moneybird.de https:\/\/gtm.moneybird.com https:\/\/gtm.moneybird.be https:\/\/www.google.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/moneybird.clickwebinar.com https:\/\/w.soundcloud.com https:\/\/euc-widget.freshworks.com https:\/\/moneybird.freshdesk.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/intercom-sheets.com\/ https:\/\/*.intercomcdn.eu https:\/\/*.intercomcdn.com https:\/\/*.intercomassets.eu; font-src 'self' https:\/\/moneybird.nl https:\/\/www.moneybird.nl https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/fonts.bunny.net https:\/\/*.wistia.com data: https:\/\/intercom-sheets.com\/ https:\/\/*.intercomcdn.eu https:\/\/*.intercomcdn.com https:\/\/*.intercomassets.eu; report-uri https:\/\/moneybird.com\/csp_report;","count":2},{"content-security-policy-report-only":" default-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/maps.googleapis.com *.inviewuclab.com static.zdassets.com js.stripe.com *.google.com *.gstatic.com gstatic.com connect.facebook.net *.zendesk.com blob: ; script-src-elem 'self' 'unsafe-inline' https:\/\/maps.googleapis.com *.google.com *.gstatic.com static.zdassets.com js.stripe.com ; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com cdn.datatables.net ; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com cdn.datatables.net ; style-src-attr 'unsafe-inline' ; img-src 'self' https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com data: blob: 127.0.0.1:18623 *.mapbox.com *.facebook.com *.google.com *.gstatic.com ; frame-src 'self' *.google.com *.google.ie js.stripe.com player.vimeo.com www.youtube.com; font-src 'self' https:\/\/fonts.gstatic.com data: gstatic.com *.gstatic.com *.alicdn.com ; connect-src 'self' https:\/\/google.com *.google.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com ekr.zdassets.com *.zendesk.com wss:\/\/127.0.0.1:18623 https:\/\/127.0.0.1:18623 mlts.dynamsoft.com *.mapbox.com https:\/\/events.mapbox.com *.inviewuclab.com https:\/\/tiles.openfreemap.org https:\/\/export.highcharts.com ; worker-src 'self' blob: ; upgrade-insecure-requests ; report-uri https:\/\/9a1a6d99ab6aa4ac3290a60bae476ab7.report-uri.com\/r\/d\/csp\/enforce","count":2},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com *.fontawesome.com fonts.googleapis.com https:\/\/fonts.bunny.net local.parfu.com local.eprivee.com pfuat.66ecommerce.com pfhyva.66ecommerce.com pftesting.66ecommerce.com pfprod.66ecommerce.com epuat.66ecommerce.com eptesting.66ecommerce.com epprod.66ecommerce.com parfumerie.com.ar www.parfumerie.com.ar parfubot.cortassaws.com d3cdlnm7te7ky2.cloudfront.net editionprivee.com www.editionprivee.com d28dzyqv2ij3aj.cloudfront.net diorassets.blob.core.windows.net player.freecaster.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com https:\/\/seo.mageplaza.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; frame-ancestors *.despegar.com *.koin.com.br *.googletagmanager.com *.gocuotas.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com bytedance: sslocal: ai.66ecommerce.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.despegar.com *.koin.com.br *.googletagmanager.com maps.googleapis.com chart.googleapis.com *.gocuotas.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/mobbex.com *.weltpixel.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com *.googleapis.com *.gstatic.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.adobedtm.com *.despegar.com *.koin.com.br *.googletagmanager.com fonts.googleapis.com *.gocuotas.com https:\/\/firebasestorage.googleapis.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com res.sugaway.io local.parfu.com local.eprivee.com pfuat.66ecommerce.com pfhyva.66ecommerce.com pftesting.66ecommerce.com pfprod.66ecommerce.com epuat.66ecommerce.com eptesting.66ecommerce.com epprod.66ecommerce.com parfumerie.com.ar www.parfumerie.com.ar parfubot.cortassaws.com d3cdlnm7te7ky2.cloudfront.net static.whatsapp.net editionprivee.com www.editionprivee.com d28dzyqv2ij3aj.cloudfront.net c.clarity.ms www.google.com.ar www.mercadopago.com.ar c.bing.com diorassets.blob.core.windows.net player.freecaster.com maps.gstatic.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.gstatic.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.despegar.com *.koin.com.br *.googletagmanager.com maps.googleapis.com chart.googleapis.com *.gocuotas.com *.avada.io *.shopify.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.mobbex.com local.parfu.com local.eprivee.com pfuat.66ecommerce.com pfhyva.66ecommerce.com pftesting.66ecommerce.com pfprod.66ecommerce.com epuat.66ecommerce.com eptesting.66ecommerce.com epprod.66ecommerce.com parfumerie.com.ar www.parfumerie.com.ar parfubot.cortassaws.com d3cdlnm7te7ky2.cloudfront.net editionprivee.com www.editionprivee.com d28dzyqv2ij3aj.cloudfront.net js-agent.newrelic.com www.clarity.ms maps.google.com live.decidir.com fpcdn.io assets-cdn.woowup.com diorassets.blob.core.windows.net player.freecaster.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com local.parfu.com local.eprivee.com pfuat.66ecommerce.com pfhyva.66ecommerce.com pftesting.66ecommerce.com pfprod.66ecommerce.com epuat.66ecommerce.com eptesting.66ecommerce.com epprod.66ecommerce.com parfumerie.com.ar www.parfumerie.com.ar parfubot.cortassaws.com d3cdlnm7te7ky2.cloudfront.net editionprivee.com www.editionprivee.com d28dzyqv2ij3aj.cloudfront.net cdn.jsdelivr.net diorassets.blob.core.windows.net player.freecaster.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; object-src maps.googleapis.com chart.googleapis.com 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com local.parfu.com local.eprivee.com pfuat.66ecommerce.com pfhyva.66ecommerce.com pftesting.66ecommerce.com pfprod.66ecommerce.com epuat.66ecommerce.com eptesting.66ecommerce.com epprod.66ecommerce.com parfumerie.com.ar www.parfumerie.com.ar parfubot.cortassaws.com d3cdlnm7te7ky2.cloudfront.net static.whatsapp.net editionprivee.com www.editionprivee.com d28dzyqv2ij3aj.cloudfront.net diorassets.blob.core.windows.net player.freecaster.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.googleapis.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.despegar.com *.googletagmanager.com maps.googleapis.com chart.googleapis.com *.gocuotas.com https:\/\/get.geojs.io *.avada.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.mobbex.com local.parfu.com local.eprivee.com pfuat.66ecommerce.com pfhyva.66ecommerce.com pftesting.66ecommerce.com pfprod.66ecommerce.com epuat.66ecommerce.com eptesting.66ecommerce.com epprod.66ecommerce.com parfumerie.com.ar www.parfumerie.com.ar d3cdlnm7te7ky2.cloudfront.net editionprivee.com www.editionprivee.com parfubot.cortassaws.com d28dzyqv2ij3aj.cloudfront.net google.com i.clarity.ms n.clarity.ms z.clarity.ms parfumerie.zendesk.com pod-20.zendesk.com bam.nr-data.net api.fpjs.io rum-collector-2.pingdom.net events.woowup.com diorassets.blob.core.windows.net player.freecaster.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; img-src * data: https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' *; frame-src https:; connect-src https:; font-src 'self' https:\/\/cdn.segmentify.com;","count":2},{"content-security-policy-report-only":" default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https:\/\/draft.blogger.com\/cspreport","count":2},{"content-security-policy-report-only":" upgrade-insecure-requests; report-to https:\/\/www.codium.ai; report-uri https:\/\/www.codium.ai;","count":2},{"content-security-policy-report-only":" font-src *.agrialpro.fr *.lamaison.fr fonts.gstatic.com https:\/\/cdnjs.cloudflare.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors api.oney.io 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com youtu.be facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io magefan.com cm.magefan.com *.agrialpro.fr *.lamaison.fr maps.gstatic.com maps.google.com maps.googleapis.com cl.avis-verifies.com www.google.fr www.facebook.com *.dmxleo.com *.bidswitch.net *.adform.net *.casalemedia.com *.id5-sync.com id5-sync.com *.ivitrack.com *.mediavine.com *.postrelease.com *.outbrain.com *.pubmatic.com *.yieldmo.com *.yieldlab.net *.emxdgt.com *.doubleclick.net *.adnxs.com *.media.net *.rubiconproject.com *.smartadserver.com *.taboola.com *.teads.tv *.yahoo.net *.3lift.com *.omnitagjs.com *.360yield.com *.sharethrough.com *.tremorhub.com *.krxd.net *.join-stories.com ade.googlesyndication.com *.hsforms.net *.hsforms.com *.disqus.com https:\/\/img.youtube.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/rum.hlx.page maps.google.com maps.googleapis.com *.agrialpro.fr *.lamaison.fr cdn.jsdelivr.net cl.avis-verifies.com connect.facebook.net js-agent.newrelic.com bam.nr-data.net *.join-stories.com cdn.webotit.ai secure.adnxs.com *.hsforms.net *.hsforms.com *.disqus.com https:\/\/cdn.jsdelivr.net\/npm\/pwacompat@2.0.8\/pwacompat.min.js https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.google.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.agrialpro.fr *.lamaison.fr https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com unsafe-inline assets.braintreegateway.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.join-stories.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.agrialpro.fr *.lamaison.fr stats.g.doubleclick.net bam.nr-data.net maps.googleapis.com *.stories.studio t.elasticsuite.io *.hsforms.net *.hsforms.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; worker-src blob:","count":2},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors https:\/\/*.doubleclick.net https:\/\/*.sharethis.com 'self' https:\/\/zb.tdicompliancecloud.com https:\/\/drive.zimmerbiomet.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/*.adsrvr.org https:\/\/*.clarity.ms https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.marketo.com https:\/\/*.mouseflow.com https:\/\/*.youtube.com https:\/\/*.zimmerbiomet.com https:\/\/acsbapp.com https:\/\/assets.adobedtm.com https:\/\/assets.map.brightcove.com https:\/\/bat.bing.com https:\/\/cdn.cookielaw.org https:\/\/connect.facebook.net https:\/\/js.driftt.com https:\/\/munchkin.marketo.net https:\/\/pagead2.googlesyndication.com https:\/\/players.brightcove.net https:\/\/snap.licdn.com https:\/\/tags.srv.stackadapt.com https:\/\/vjs.zencdn.net https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/*.sharethis.com https:\/\/buttons-config.sharethis.com https:\/\/cdn.jsdelivr.net https:\/\/platform-api.sharethis.com https:\/\/qvdt3feo.com; style-src 'self' 'unsafe-inline' https:\/\/*.googleapis.com https:\/\/*.marketo.com https:\/\/cdn.cookielaw.org https:\/\/tags.srv.stackadapt.com https:\/\/cdn.jsdelivr.net; img-src 'self' data: https:\/\/*.bing.com https:\/\/*.clarity.ms https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.picsum.photos https:\/\/*.salesforce.com https:\/\/*.scene7.com https:\/\/*.zimmerbiomet.com https:\/\/assets.adobedtm.com https:\/\/assets.map.brightcove.com https:\/\/bat.bing.com https:\/\/cdn.cookielaw.org https:\/\/cf-images.us-east-1.prod.boltdns.net https:\/\/cm.everesttech.net https:\/\/connect.facebook.net https:\/\/dev.day.com https:\/\/dpm.demdex.net https:\/\/hostedseal.trustarc.com https:\/\/metrics.brightcove.com https:\/\/pagead2.googlesyndication.com https:\/\/picsum.photos https:\/\/privacy-policy.truste.com https:\/\/snap.licdn.com https:\/\/tags.srv.stackadapt.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/zimzbdotcomprod.112.2o7.net https:\/\/*.sharethis.com https:\/\/www.google.com.mx https:\/\/www.thepersonalizedknee.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/cdn.jsdelivr.net; connect-src 'self' data: https:\/\/*.adsrvr.org https:\/\/*.bing.com https:\/\/*.clarity.ms https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.mktoresp.com https:\/\/*.mktoutil.com https:\/\/*.salesforce.com https:\/\/*.zimmerbiomet.com https:\/\/api.ipdata.co https:\/\/assets.adobedtm.com https:\/\/assets.map.brightcove.com https:\/\/bat.bing.com https:\/\/bcp.crwdcntrl.net https:\/\/cdn.acsbapp.com https:\/\/cdn.cookielaw.org https:\/\/connect.facebook.net https:\/\/dpm.demdex.net https:\/\/edge.api.brightcove.com https:\/\/geolocation.onetrust.com https:\/\/js.driftt.com https:\/\/manifest.prod.boltdns.net https:\/\/metrics.brightcove.com https:\/\/n2.mouseflow.com https:\/\/pagead2.googlesyndication.com https:\/\/privacyportal.onetrust.com https:\/\/snap.licdn.com https:\/\/tags.srv.stackadapt.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/zimmerbiomet.tt.omtrdc.net https:\/\/zimzbdotcomprod.112.2o7.net https:\/\/*.sharethis.com https:\/\/data.stbuttons.click https:\/\/house-fastly-signed-us-east-1-prod.brightcovecdn.com https:\/\/platform-api.sharethis.com; frame-src 'self' https:\/\/*.adsrvr.org https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.marketo.com https:\/\/*.youtube.com https:\/\/assets.map.brightcove.com https:\/\/connect.facebook.net https:\/\/js.driftt.com https:\/\/www.googletagmanager.com https:\/\/zimmer.demdex.net https:\/\/*.sharethis.com https:\/\/zb-id-test.vercel.app https:\/\/forms.zohopublic.com; media-src 'self' data: blob: https:\/\/*.scene7.com https:\/\/*.zimmerbiomet.com https:\/\/assets.map.brightcove.com https:\/\/*.boltdns.net https:\/\/*.brightcove.com https:\/\/*.brightcovecdn.com; form-action 'self'","count":2},{"content-security-policy-report-only":" default-src 'self' ; style-src 'self' 'unsafe-inline' https:\/\/cdn-cookieyes.com ; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https:\/\/cdn.apple-mapkit.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn-cookieyes.com ; img-src 'self' blob: data: https:\/\/snapshot.apple-mapkit.com https:\/\/cdn.apple-mapkit.com https:\/\/www.googletagmanager.com https:\/\/www.google.co.uk https:\/\/*.ytimg.com https:\/\/img.youtube.com https:\/\/secure.gravatar.com https:\/\/cdn-cookieyes.com ; font-src 'self' data: https:\/\/fonts.gstatic.com ; media-src 'self' data: ; connect-src 'self' https:\/\/api.apple-mapkit.com https:\/\/cdn.apple-mapkit.com https:\/\/gsp10.apple-mapkit.com https:\/\/www.google.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/log.cookieyes.com https:\/\/cdn-cookieyes.com https:\/\/*.cookieyes.com ; frame-src 'self' https:\/\/allergens.jdwetherspoon.com https:\/\/www.jdwetherspooncareers.com https:\/\/www.google.com https:\/\/*.youtube-nocookie.com https:\/\/*.youtube.com ; frame-ancestors 'self' ; object-src 'none' ; base-uri 'self' ; form-action 'self' ; worker-src 'self' blob: ; upgrade-insecure-requests  ; report-uri https:\/\/jdwetherspoon.report-uri.com\/r\/d\/csp\/reportOnly ; report-to default ;","count":2},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self' https:\/\/go.imohealth.com https:\/\/*.marketo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.imohealth.com https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.googleadservices.com https:\/\/*.doubleclick.net https:\/\/*.marketo.com https:\/\/*.marketo.net https:\/\/*.mktoresp.com https:\/\/*.licdn.com https:\/\/*.facebook.net https:\/\/*.cookieyes.com https:\/\/*.shortpixel.ai; style-src 'self' 'unsafe-inline' https:\/\/*.imohealth.com https:\/\/fonts.googleapis.com https:\/\/*.cookieyes.com; img-src 'self' data: blob: https:\/\/*.imohealth.com https:\/\/*.shortpixel.ai https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/*.mktoresp.com https:\/\/*.marketo.net https:\/\/*.linkedin.com https:\/\/*.licdn.com https:\/\/*.facebook.com; font-src 'self' data: https:\/\/*.imohealth.com https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/*.imohealth.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.doubleclick.net https:\/\/*.googletagmanager.com https:\/\/*.mktoresp.com https:\/\/*.marketo.com https:\/\/*.marketo.net https:\/\/*.licdn.com https:\/\/*.cookieyes.com; frame-src 'self' https:\/\/*.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/*.facebook.com https:\/\/*.youtube.com https:\/\/*.vimeo.com https:\/\/go.imohealth.com; report-uri https:\/\/csp.soliddigital.com\/log; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.jsdelivr.net https:\/\/cdn.tagcommander.com https:\/\/cdnjs.cloudflare.com https:\/\/instant.page https:\/\/polyfill-fastly.io https:\/\/unpkg.com https:\/\/use.fontawesome.com https:\/\/www.google.com; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' http:\/\/pero.securite-routiere.gouv.fr https:\/\/www.gstatic.com https:\/\/www.youtube.com https:\/\/s2.adform.net\/banners\/scripts\/st\/trackpoint-async.js https:\/\/server.adform.net\/Serving\/TrackPoint\/ https:\/\/cstatic.weborama.fr cdn.trustcommander.net www.googletagmanager.com https:\/\/api.dmcdn.net https:\/\/*.criteo.com https:\/\/connect.facebook.net https:\/\/cdn.jsdelivr.net https:\/\/cdn.tagcommander.com https:\/\/cdnjs.cloudflare.com https:\/\/instant.page https:\/\/polyfill-fastly.io https:\/\/unpkg.com https:\/\/use.fontawesome.com https:\/\/www.google.com; style-src 'self' 'unsafe-inline' code.ionicframework.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/unpkg.com; style-src-attr 'self' 'unsafe-inline'; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' *.chartbeat.com optanon.blob.core.windows.net *.brightcove.net *.brightcove.com *.googleadservices.com *.adservice.google.com https:\/\/adservice.google.com\/* adservice.google.com.br *.googletagmanager.com *.tagmanager.google.com *.chimpstatic.com chimpstatic.com *.jquery.com *.zencdn.net *.ytimg.com *.surveymonkey.com *.googleapis.com *.facebook.net *.googletagservices.com *.addthis.com *.google-analytics.com *.onetrust.com *.ampproject.org *.doubleclick.net *.google.com *.mailchimp.com *.addthisedge.com *.youtube.com *.google.co.uk *.list-manage.com *.outbrain.com *.twitter.com *.twimg.com *.googlesyndication.com *.moatads.com *.radioplayer.co.uk *.cheqzone.com *.rubiconproject.com *.cookielaw.org *.cloudflareinsights.com *.instagram.com *.apester.com *.snap.licdn.com *.doubleverify.com *.aniview.com *.vidazoo.com *.ajax.cloudflare.com *.licdn.com *.pinterest.com *.embedresponsively.com *.amazonaws.com *.apester.com\/* *.forces.liveblog.pro *.forces.liveblog.pro\/* *.strawpoll.com *.freewheel.tv *.lkqd.net *.beachfront.com *.smartadserver.com *.aniview.com *.admanmedia.com *.improvedigital.com *.onetag.com *.indexexchange.com *.pubmatic.com *.rhythmone.com *.video.unrulymedia.com *.gstatic.com *.newrelic.com cdn.jsdelivr.net cdn.bidder.dev c.amazon-adsystem.com quantcast.mgr.consensu.org secure.quantserve.com rules.quantcount.com static.criteo.net *.dotomi.com *.tiktok.com *.google.ie *.ibytedtos.com *.tiktokcdn.com chartbeat.com *.media.net *.sharethrough.com *.openx.com *.sonobi.com *.districtm.io *.emxdgt.com *.appnexus.com *.google.com *.rhythmone.com *.33across.com *.lemmatechnologies.com *.e-planning.net *.themediagrid.com *.sovrn.com *.lijit.com *.gumgum.com *.nr-data.net *.ttwstatic.com *.thinglink.com *.thinglink.me *.defybrick.com e.infogram.com *.clarity.ms; frame-src 'self'  'unsafe-eval' *.addthis.com *.googlesyndication.com *.facebook.com\/ *.outbrain.com *.twitter.com *.surveymonkey.com embeds.audioboom.com *.rubiconproject.com *.apester.com *.openx.net *.pinterest.com *.instagram.com *.embedresponsively.com *.youtube.com *.pubmatic.com *.forces.net *.forcesnews.com *.google.com *.bfbs.com apester.com\/* forces.liveblog.pro forces.liveblog.pro\/* *.strawpoll.com\/ timbre-player.sharp-stream.com *.tiktok.com googleads.g.doubleclick.net gum.criteo.com pre.ads.justpremium.com console.googletagservices.com giphy.com *.giphy.com e.infogram.com *.thinglink.com *.thinglink.me; child-src 'self' 'unsafe-inline' 'unsafe-eval' blob: apester.com\/* forces.liveblog.pro\/* *.strawpoll.com\/; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com data: *.fontawesome.com *.cloudflare.com *.twitter.com *.bootstrapcdn.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/plumrocket.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.twitter.com https:\/\/plumrocket.com https:\/\/t.pepperjamnetwork.com https:\/\/*.dwin1.com https:\/\/*.awin1.com https:\/\/*.zenaps.com *.googleapis.com *.trustpilot.com 'self' 'unsafe-inline'; img-src 'self' data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: *.googleapis.com http:\/\/hemin11112.pcapredict.com http:\/\/services.postcodeanywhere.co.uk *.cloudflare.com *.googleadservices.com *.twitter.com *.adobedtm.com https:\/\/firebasestorage.googleapis.com https:\/\/img.youtube.com https:\/\/shareasale.com\/sale.cfm https:\/\/track.linksynergy.com https:\/\/www.bizrate.com https:\/\/*.dwin1.com https:\/\/*.awin1.com https:\/\/*.zenaps.com https:\/\/track.webgains.com https:\/\/prf.hn https:\/\/track.flexlinks.com https:\/\/scripts.affiliatefuture.com https:\/\/t.powerreviews.com https:\/\/match.sharethrough.com https:\/\/cm.g.doubleclick.net https:\/\/x.bidswitch.net https:\/\/ib.adnxs.com https:\/\/rtb-csync.smartadserver.com https:\/\/sync-t1.taboola.com https:\/\/visitor.omnitagjs.com https:\/\/r.casalemedia.com https:\/\/gum.criteo.com https:\/\/jadserve.postrelease.com https:\/\/id5-sync.com https:\/\/ad.360yield.com https:\/\/matching.ivitrack.com https:\/\/contextual.media.net https:\/\/exchange.mediavine.com https:\/\/sync.outbrain.com https:\/\/simage2.pubmatic.com https:\/\/pixel.rubiconproject.com https:\/\/criteo-sync.teads.tv https:\/\/criteo-partners.tremorhub.com https:\/\/eb2.3lift.com https:\/\/ad.yieldlab.net https:\/\/sync-criteo.ads.yieldmo.com https:\/\/e1.emxdgt.com https:\/\/sync.1rx.io https:\/\/dis.criteo.com https:\/\/dpm.demdex.net https:\/\/ps.eyeota.net https:\/\/public-prod-dspcookiematching.dmxleo.com maps.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com apis.google.com *.gstatic.com http:\/\/hemin11112.pcapredict.com http:\/\/services.postcodeanywhere.co.uk *.cloudflare.com *.twitter.com *.google-analytics.com googletagmanager.com *.trustedshops.com *.fontawesome.com graph.facebook.com *.adobedtm.com https:\/\/analytics.webgains.io *.avada.io *.shopify.com s7.addthis.com https:\/\/*.dwin1.com https:\/\/intljs.rmtag.com https:\/\/cdn.avmws.com https:\/\/images.bizrate.com https:\/\/*.awin1.com https:\/\/*.zenaps.com https:\/\/the.sciencebehindecommerce.com https:\/\/swrap.tradedoubler.com https:\/\/analytics.optimalpeople.fr https:\/\/www.linkconnector.com https:\/\/d3v27wwd40f0xu.cloudfront.net https:\/\/static.criteo.net https:\/\/sslwidget.criteo.com https:\/\/*.affiliatefuture.com https:\/\/static.powerreviews.com *.googleapis.com *.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com *.fontawesome.com http:\/\/services.postcodeanywhere.co.uk *.cloudflare.com *.googleapis.com *.twitter.com *.gstatic.com *.typekit.net *.bootstrapcdn.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.googleapis.com http:\/\/hemin11112.pcapredict.com http:\/\/services.postcodeanywhere.co.uk *.cloudflare.com *.twitter.com https:\/\/get.geojs.io *.avada.io api.addressy.com ekr.zdassets.com\/ https:\/\/shareasale.com\/sale.cfm https:\/\/analytics.optimalpeople.fr https:\/\/measurement-api.criteo.com https:\/\/api.webgains.io https:\/\/the.sciencebehindecommerce.com https:\/\/*.wepowerconnections.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' *.fontawesome.com *.visualstudio.com cdn.cookielaw.org *.azure.com *.krxd.net *.facebook.com *.googletagmanager.com *.linkedin.oribi.io *.google.com *.doubleclick.net *.liveperson.net *.google-analytics.com fintactix.com *.adsrvr.org *.lpsnmedia.net *.elfsight.com *.optimizely.com *.decibelinsight.net *.onescreen.ai;script-src 'self' 'unsafe-inline' unpkg.com code.jquery.com stackpath.bootstrapcdn.com customer.cludo.com cdnjs.cloudflare.com *.fontawesome.com *.googletagmanager.com *.licdn.com *.convergetrack.com js.monitor.azure.com *.adroll.com *.facebook.net *.google-analytics.com *.doubleclick.net *.lpsnmedia.net *.liveperson.net *.adsrvr.org *.google.com *.elfsight.com cdn.cookielaw.org maxcdn.bootstrapcdn.com cdn.jsdelivr.net;style-src 'self' 'unsafe-inline' customer.cludo.com fonts.googleapis.com maxcdn.bootstrapcdn.com cdn.jsdelivr.net;img-src 'self' data: *.adsrvr.org *.convergetrack.com *.demdex.net *.google.com *.lpsnmedia.net *.linkedin.com *.facebook.com *.krxd.com *.krxd.net *.adroll.com *.google-analytics.com *.doubleclick.net *.googletagmanager.com *.elfsight.com;font-src 'self' data: fonts.gstatic.com *.fontawesome.com;worker-src 'self' blob:","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com fonts.googleapis.com *.googleapis.com data: https:\/\/fonts.gstatic.com *.stape.io *.fontawesome.com https:\/\/fonts.bunny.net *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com d114hh0cykhyb0.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com google.com *.braintreegateway.com *.paypal.com *.google.com www.google.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.stape.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.googleapis.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com superbrightleds.atlassian.net *.criteo.com *.criteo.net *.nr-data.net *.trustpilot.com *.pinimg.com *.pinterest.com *.licdn.com *.linkedin.com *.vwo.com *.facebook.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.trackedlink.net ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com magefan.com cm.magefan.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.doubleclick.net *.stape.io https:\/\/firebasestorage.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/redchamps.com livehelpnow.net *.livehelpnow.net *.placeholder.com *.cloudfront.net *.trustkeeper.net *.trustwave.com *.digicert.com dis.criteo.com tags.bluekai.com secure.adnxs.com sync.ad-stir.com *.yahoo.com *.360yield.com *.3lift.com *.addthis.com *.adnxs.com *.adscale.de *.advertising.com *.agkn.com *.amazon-adsystem.com *.bbb.org *.bidswitch.net *.bing.com *.casalemedia.com *.clmbtech.com *.contextweb.com *.criteo.com *.demdex.net *.dmxleo.com matching.ivitrack.com *.krxd.net *.liadm.com mcprod.superbrightleds.com *.media.net exchange.mediavine.com partner.mediawallahscript.com *.omnitagjs.com *.outbrain.com *.postrelease.com *.pubmatic.com *.revcontent.com *.rlcdn.com *.rubiconproject.com *.sharethrough.com *.smaato.net *.socdm.com *.smartadserver.com *.stickyadstv.com *.taboola.com *.tapad.com *.teads.tv ad.tpmn.co.kr *.tremorhub.com *.turn.com *.yieldlab.net *.yieldmo.com *.zonos.com *.pinimg.com *.pinterest.com *.linkedin.com *.visualwebsiteoptimizer.com id5-sync.com a.twiago.com sync.1rx.io *.facebook.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.magento-datasolutions.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com chimpstatic.com downloads.mailchimp.com *.list-manage.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.googletagmanager.com *.doubleclick.net *.stape.io *.avada.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com superbrightleds.atlassian.net *.digicert.com *.criteo.net *.criteo.com *.zonos.com *.trustpilot.com *.iglobalstores.com *.mixpanel.com *.mxpnl.com *.pinimg.com *.pinterest.com *.googleoptimize.com pageimprove.io *.licdn.com *.linkedin.com *.visualwebsiteoptimizer.com *.vwo.com *.facebook.net *.livehelpnow.net *.bing.com *.maxmind.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com webchat.dotdigital.com webchat.staging.dotdigital.com downloads.mailchimp.com https:\/\/fonts.googleapis.com *.googleapis.com *.googletagmanager.com *.stape.io *.fontawesome.com https:\/\/fonts.bunny.net *.stripe.network *.stripecdn.com *.amazon.com d114hh0cykhyb0.cloudfront.net http:\/\/localhost:* *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.magento-datasolutions.com *.magento-ds.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io https:\/\/maps.googleapis.com https:\/\/player.vimeo.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.doubleclick.net *.googlesyndication.com *.stape.io https:\/\/get.geojs.io *.avada.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.criteo.com *.zonos.com *.mixpanel.com *.pinimg.com *.pinterest.com pageimprove.io *.visualwebsiteoptimizer.com *.facebook.com *.mmapiws.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' data: blob: https:\/\/*.trustage.com https:\/\/*.trustagedem.com https:\/\/*.trustagedemo.com; connect-src 'self' data: properties: https:\/\/cmfglifeinsurance.us-6.evergage.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.linkedin.com https:\/\/*.niceincontact.com https:\/\/clientstream.launchdarkly.com\/ https:\/\/fonts.gstatic.com https:\/\/*.optimizely.com https:\/\/*.cunamutual.com https:\/\/www.nextinsure.com https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/*.googlesyndication.com https:\/\/*.trustage.com https:\/\/us-central1-adaptive-growth.cloudfunctions.net https:\/\/cdn.linkedin.oribi.io https:\/\/s.yimg.com https:\/\/*.doubleclick.net https:\/\/*.trustagedem.com https:\/\/*.trustagedemo.com https:\/\/*.oktacdn.com https:\/\/*.bing.com https:\/\/*.googleapis.com https:\/\/cunamutual.okta.com https:\/\/cdn.cookielaw.org https:\/\/cunamutual.oktapreview.com\/ https:\/\/*.googleadservices.com\/ https:\/\/*.qualtrics.com\/ https:\/\/dc.services.visualstudio.com\/ https:\/\/*.levelaccess.net https:\/\/www.googletagmanager.com https:\/\/facebook.com\/ https:\/\/*.segment.io https:\/\/*.segment.com https:\/\/*.permutive.com https:\/\/calc-backend-prod.herokuapp.com https:\/\/www.facebook.com https:\/\/eastus2-0.in.applicationinsights.azure.com https:\/\/*.api.boomtrain.com https:\/\/cunamutualdtc--democc.sandbox.my.salesforce-scrt.com https:\/\/cunamutualdtc.my.site.com https:\/\/*.c360a.salesforce.com; frame-ancestors 'self' https:\/\/trustage.com https:\/\/*.optimizely.com https:\/\/*.trustagedem.com https:\/\/*.trustagedemo.com; frame-src 'self' https:\/\/trustage.com https:\/\/*.googlesyndication.com https:\/\/cunamutual.widen.net https:\/\/login.microsoftonline.com https:\/\/*.widencdn.net https:\/\/*.opendns.com https:\/\/*.optimizely.com https:\/\/www.youtube.com https:\/\/chase.hostedpaymentservice.net https:\/\/chase-var.hostedpaymentservice.net https:\/\/*.doubleclick.net https:\/\/*.trustage.com https:\/\/*.trustagedem.com https:\/\/*.trustagedemo.com https:\/\/*.oktacdn.com https:\/\/www.googletagmanager.com https:\/\/*.trustpilot.com\/ https:\/\/*.flashtalking.com https:\/\/*.google.com https:\/\/*.qualtrics.com https:\/\/*.affec.tv https:\/\/*.opendns.com https:\/\/www.facebook.com https:\/\/*.ceros.com https:\/\/home-c27.incontact.com https:\/\/*.polly.co https:\/\/web-modules-de-na1.niceincontact.com https:\/\/cunamutualdtc--democc.sandbox.my.site.com https:\/\/cunamutualdtc.my.site.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https:\/\/cmfglifeinsurance.us-6.evergage.com https:\/\/*.googlesyndication.com https:\/\/*.optimizely.com https:\/\/optimizely.s3.amazonaws.com https:\/\/cdn-assets-prod.s3.amazonaws.com https:\/\/static-demo.trustage.cloud https:\/\/*.trustage.com https:\/\/*.googleadservices.com https:\/\/*.trustagedem.com https:\/\/*.trustagedemo.com https:\/\/cdn.cookielaw.org https:\/\/*.signalintent.com https:\/\/*.google.com https:\/\/chase-var.hostedpaymentservice.net https:\/\/chase.hostedpaymentservice.net https:\/\/cdn.pdst.fm https:\/\/snap.licdn.com https:\/\/insurance.mediaalpha.com https:\/\/us-central1-adaptive-growth.cloudfunctions.net https:\/\/s.yimg.com https:\/\/*.facebook.net https:\/\/geolocation.onetrust.com https:\/\/cdn.linkedin.oribi.io https:\/\/privacyportal.onetrust.com https:\/\/*.google.com https:\/\/sp.analytics.yahoo.com https:\/\/*.linkedin.com https:\/\/www.pagespeed-mod.com https:\/\/*.google-analytics.com https:\/\/*.salesforceliveagent.com\/ https:\/\/*.oktacdn.com\/ https:\/\/*.trustpilot.com\/ https:\/\/*.gstatic.com\/ https:\/\/*.googletagmanager.com\/ https:\/\/az416426.vo.msecnd.net\/ https:\/\/*.levelaccess.net\/ https:\/\/*.qualtrics.com\/ https:\/\/www.googleoptimize.com https:\/\/bat.bing.com https:\/\/solutions.invocacdn.com https:\/\/pnapi.invoca.net https:\/\/*.affec.tv\/ https:\/\/*.evgnet.com\/ https:\/\/*.ceros.com https:\/\/home-c27.incontact.com https:\/\/secure.adnxs.com https:\/\/cdn.permutive.com https:\/\/trkn.us https:\/\/www.facebook.com https:\/\/cdn.c360a.salesforce.com\/ https:\/\/seal.digicert.com\/ https:\/\/*.boomtrain.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.trustage.com https:\/\/cmfglifeinsurance.us-6.evergage.com https:\/\/www.gstatic.com https:\/\/*.optimizely.com https:\/\/*.affec.tv\/ https:\/\/chase.hostedpaymentservice.net https:\/\/*.bing.com https:\/\/*.google.com https:\/\/*.doubleclick.net https:\/\/*.googleadservices.com https:\/\/*.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.googleadservices.com https:\/\/*.googlesyndication.com https:\/\/cdn.pdst.fm https:\/\/cdn.cookielaw.org https:\/\/snap.licdn.com https:\/\/*.qualtrics.com https:\/\/s.yimg.com https:\/\/*.salesforceliveagent.com https:\/\/*.facebook.com https:\/\/connect.facebook.net https:\/\/www.youtube.com https:\/\/bat.bing.com https:\/\/*.evgnet.com\/ https:\/\/*.levelaccess.net https:\/\/chase-var.hostedpaymentservice.net https:\/\/*.oktacdn.com https:\/\/www.googleoptimize.com https:\/\/*.trustpilot.com\/ https:\/\/az416426.vo.msecnd.net\/ https:\/\/solutions.invocacdn.com https:\/\/secure.adnxs.com https:\/\/cdn.permutive.com https:\/\/*.signalintent.coms https:\/\/*.segment.com https:\/\/*.ceros.coms https:\/\/cdn.c360a.salesforce.com\/ https:\/\/seal.digicert.com\/ https:\/\/tracking.intentsify.io\/ https:\/\/web-modules-de-na1.niceincontact.com\/ https:\/\/cunamutualdtc--democc.sandbox.my.site.com https:\/\/cunamutualdtc.my.site.com; style-src 'self' 'unsafe-inline' https:\/\/cmfglifeinsurance.us-6.evergage.com https:\/\/*.trustage.com https:\/\/*.trustagedem.com https:\/\/*.trustagedemo.com https:\/\/*.signalintent.com https:\/\/rsms.me https:\/\/*.googleapis.com https:\/\/*.google.com https:\/\/*.googlesyndication.com https:\/\/google.ca https:\/\/www.googleoptimize.com https:\/\/*.google-analytics.com https:\/\/*.trustpilot.com\/ https:\/\/www.youtube.com https:\/\/web-modules-de-na1.niceincontact.com  https:\/\/pwm-image.trendmicro.com https:\/\/cdn.honey.io https:\/\/www.gstatic.com\/ https:\/\/cunamutualdtc--democc.sandbox.my.site.com https:\/\/cunamutualdtc.my.site.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: https:; font-src 'self' data: https:\/\/cmfglifeinsurance.us-6.evergage.com https:\/\/fonts.gstatic.com https:\/\/rsms.me https:\/\/maxcdn.bootstrapcdn.com https:\/\/fonts.cdnfonts.com https:\/\/use.fontawesome.com https:\/\/static2.sharepointonline.com https:\/\/static.zip.co https:\/\/embed.signalintent.com https:\/\/appservice.azureedge.net\/; report-uri \/api\/csp\/report;","count":2},{"content-security-policy-report-only":" script-src-attr 'unsafe-inline'; font-src https:\/\/*.gstatic.com *.bglobale.com *.global-e.com https:\/\/use.typekit.net https:\/\/x.klarnacdn.net *.yotpo.com *.googleapis.com *.gstatic.com https:\/\/static.klaviyo.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com payments.amazon.de https:\/\/www.shopmyexchange.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.adyen.com pay.google.com *.paypal.com *.bglobale.com *.global-e.com https:\/\/ct.pinterest.com https:\/\/*.fls.doubleclick.net https:\/\/postrelease.com https:\/\/*.rfihub.com *.yotpo.com https:\/\/frame.hub-box.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com validator.swagger.io *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com https:\/\/*.gstatic.com *.bglobale.com *.global-e.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/alb.reddit.com https:\/\/analytics.twitter.com https:\/\/bat.bing.com https:\/\/*.doubleclick.net https:\/\/*.facebook.com https:\/\/sync.intentiq.com https:\/\/jadserve.postrelease.com https:\/\/t.co https:\/\/*.teads.tv https:\/\/r.turn.com https:\/\/*.yahoo.com *.yotpo.com https:\/\/i.lfi.media https:\/\/cdn.hub-box.com https:\/\/www.danner.com https:\/\/www.lacrossefootwear.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.bglobale.com *.global-e.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/cnstrc.com *.convertexperiments.com https:\/\/ads.pubmatic.com https:\/\/static.ads-twitter.com https:\/\/bat.bing.com https:\/\/cdn.attn.tv https:\/\/cdn.ravm.tv https:\/\/cdnjs.cloudflare.com https:\/\/ct.pinterest.com https:\/\/connect.facebook.net https:\/\/cdn.id5-sync.com https:\/\/agent.intentiq.com https:\/\/s.ntv.io https:\/\/s.pinimg.com https:\/\/platform.twitter.com https:\/\/jadserve.postrelease.com https:\/\/c1.rfihub.net https:\/\/*.taboola.com https:\/\/*.teads.tv https:\/\/s.yimg.com https:\/\/static.zdassets.com https:\/\/assets.calendly.com https:\/\/js.klarna.com https:\/\/*.locally.com *.yotpo.com https:\/\/*.klaviyo.com https:\/\/cdn.segment.com https:\/\/*.cdp.danner.com https:\/\/*.cdp.lacrossefootwear.com https:\/\/cdn.hub-box.com https:\/\/*.addressy.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/fonts.googleapis.com\/ *.bglobale.com *.global-e.com https:\/\/static.klaviyo.com https:\/\/cdnjs.cloudflare.com https:\/\/*.typekit.net https:\/\/x.klarnacdn.net *.yotpo.com *.googleapis.com https:\/\/*.klaviyo.com https:\/\/api.addressy.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/i.lfi.media 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adyen.com *.google.com google.com payments-eu.amazon.com *.paypal.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/ac.cnstrc.com https:\/\/*.attn.tv https:\/\/bat.bing.com https:\/\/cdn.ravm.tv https:\/\/gum.criteo.com https:\/\/id.crwdcntrl.net https:\/\/ct.pinterest.com https:\/\/*.doubleclick.net https:\/\/id5-sync.com https:\/\/eu-1-id5-sync.com\/ https:\/\/*.reddit.com https:\/\/*.redditstatic.com https:\/\/*.taboola.com https:\/\/*.teads.tv https:\/\/s.yimg.com https:\/\/*.zdassets.com https:\/\/*.zendesk.com https:\/\/tags.w55c.net https:\/\/js.klarna.com https:\/\/evt-na.klarnaservices.com https:\/\/www.locally.com *.yotpo.com https:\/\/*.klaviyo.com https:\/\/api.segment.io https:\/\/cdn.segment.com https:\/\/*.cdp.danner.com https:\/\/*.cdp.lacrossefootwear.com https:\/\/api.addressy.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" frame-src 'self'; frame-ancestors 'self'; object-src 'none'","count":2},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' wss: https:; object-src 'self'; child-src blob:; frame-src 'self' https:; worker-src blob:; frame-ancestors 'none'; base-uri 'none'; report-uri https:\/\/47327c6a613c1754bda1362d946d96dd.report-uri.com\/r\/t\/csp\/reportOnly; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.cloudfront.net https:\/\/*.vattenfall.nl https:\/\/*.vattenfall.com https:\/\/*.azure-api.net\/ https:\/\/*.mopinion.com; base-uri 'self' https:\/\/*.demdex.net https:\/\/*.cloudfront.net https:\/\/*.svtrd.com https:\/\/*.vattenfall.com; form-action 'self'  https:\/\/*.demdex.net https:\/\/*.cloudfront.net https:\/\/*.svtrd.com https:\/\/*.vattenfall.com; connect-src 'self' 'unsafe-inline' 'unsafe-eval' wss:\/\/*.stt.speech.microsoft.com wss:\/\/*.cognigy.cloud https:\/\/endpoint-vattenfall.cognigy.cloud https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/nominatim.openstreetmap.org https:\/\/*.linkedin.com https:\/\/*.demdex.net  https:\/\/*.www.google.nl\/pagead https:\/\/*.pa-cd.com\/ https:\/\/*.azure-api.net\/ https:\/\/*.vattenfall.com https:\/\/*.googleapis.com https:\/\/*.blob.core.windows.net https:\/\/*.services.visualstudio.com https:\/\/*.adoberesources.net https:\/\/*.googlesyndication.com https:\/\/*.cloudfront.net https:\/\/*.idomoo.com https:\/\/*.queue-it.net https:\/\/*.mopinion.com https:\/\/*.piwik.pro https:\/\/siteimproveanalytics.com https:\/\/*.siteimproveanalytics.com https:\/\/*.googleads https:\/\/*.googleadservices.com https:\/\/*.cdn-0.d41.co https:\/\/*.w9shetvlr6.d41.co https:\/\/*.vattenfall.nl https:\/\/tdn.r42tag.com https:\/\/*.relay42.com https:\/\/w.usabilla.com https:\/\/api.usabilla.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/dl.episerver.net https:\/\/www.youtube.com https:\/\/js.monitor.azure.com  https:\/\/westeurope-5.in.applicationinsights.azure.com https:\/\/web.telemetric.dk https:\/\/vattenfalltesting.24sessions.com https:\/\/connect.facebook.net https:\/\/img06.en25.com r2eu01.visualwebsiteoptimizer.com https:\/\/t.svtrd.com https:\/\/businessspecificapimanglobal.azure-api.ne https:\/\/*.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/www.google.nl\/pagead https:\/\/cep-api.vattenfall.com https:\/\/*.googleadservices.com https:\/\/*.bing.net https:\/\/*.bing.com https:\/\/*.lt45.net https:\/\/snap.licdn.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.google.com https:\/\/*.google.co.uk https:\/\/pingvp.com https:\/\/*.pingvp.com https:\/\/*.clarity.ms; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.adoberesources.net https:\/\/*.googlesyndication.com https:\/\/*.cloudfront.net https:\/\/*.idomoo.com https:\/\/*.queue-it.net https:\/\/*.mopinion.com https:\/\/*.piwik.pro https:\/\/siteimproveanalytics.com https:\/\/*.siteimproveanalytics.com https:\/\/*.googleadservices.com https:\/\/*.cdn-0.d41.co https:\/\/*.w9shetvlr6.d41.co https:\/\/*.vattenfall.nl https:\/\/tdn.r42tag.com https:\/\/admin.relay42.com https:\/\/w.usabilla.com https:\/\/api.usabilla.com https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/dl.episerver.net https:\/\/www.youtube.com https:\/\/js.monitor.azure.com  https:\/\/westeurope-5.in.applicationinsights.azure.com https:\/\/web.telemetric.dk https:\/\/vattenfalltesting.24sessions.com https:\/\/connect.facebook.net https:\/\/img06.en25.com r2eu01.visualwebsiteoptimizer.com https:\/\/dc.services.visualstudio.com https:\/\/*.svtrd.com https:\/\/businessspecificapimanglobal.azure-api.ne https:\/\/*.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/*.www.google.nl\/pagead https:\/\/cep-api.vattenfall.com https:\/\/td.doubleclick.net https:\/\/googleadservices.com https:\/\/*.bing.com https:\/\/*.bing.net https:\/\/*.lt45.net https:\/\/snap.licdn.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.google.com https:\/\/*.google.co.uk https:\/\/pingvp.com https:\/\/*.pingvp.com https:\/\/*.clarity.ms; frame-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.googlesyndication.com https:\/\/datawrapper.dwcdn.net https:\/\/*.dwcdn.net https:\/\/*.bbvms.com https:\/\/*.idomoo.com https:\/\/*.zonatlas.nl https:\/\/*.spotify.com https:\/\/*.cloudfront.net https:\/\/*.queue-it.net https:\/\/*.vattenfall.nl https:\/\/tdn.r42tag.com https:\/\/admin.relay42.com https:\/\/w.usabilla.com https:\/\/api.usabilla.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/dl.episerver.net https:\/\/www.youtube.com https:\/\/js.monitor.azure.com https:\/\/web.telemetric.dk https:\/\/westeurope-5.in.applicationinsights.azure.com https:\/\/vattenfalltesting.24sessions.com https:\/\/connect.facebook.net https:\/\/img06.en25.com https:\/\/r2eu01.visualwebsiteoptimizer.com https:\/\/dc.services.visualstudio.com https:\/\/*.svtrd.com https:\/\/businessspecificapimanglobal.azure-api.ne https:\/\/googleads.g.doubleclick.net https:\/\/*.www.google.nl\/pagead https:\/\/cep-api.vattenfall.com https:\/\/td.doubleclick.net https:\/\/*.doubleclick.net https:\/\/googleadservices.com https:\/\/*.cdn-0.d41.co https:\/\/*.w9shetvlr6.d41.co https:\/\/*.bing.com https:\/\/*.bing.net https:\/\/*.lt45.net https:\/\/snap.licdn.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.google.com https:\/\/*.google.co.uk https:\/\/pingvp.com https:\/\/*.pingvp.com https:\/\/www.googletagmanager.com; media-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.googlesyndication.com https:\/\/*.bing.com https:\/\/*.bing.net https:\/\/*.idomoo.com https:\/\/*.queue-it.net https:\/\/*.vattenfall.nl https:\/\/tdn.r42tag.com https:\/\/admin.relay42.com https:\/\/w.usabilla.com https:\/\/api.usabilla.com https:\/\/www.googletagmanager.com https:\/\/www.googletagmanager.com\/* https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/dl.episerver.net https:\/\/*.youtube.com https:\/\/js.monitor.azure.com https:\/\/westeurope-5.in.applicationinsights.azure.com  https:\/\/web.telemetric.dk https:\/\/vattenfalltesting.24sessions.com https:\/\/connect.facebook.net https:\/\/img06.en25.com https:\/\/r2eu01.visualwebsiteoptimizer.com https:\/\/dc.services.visualstudio.com https:\/\/t.svtrd.com https:\/\/businessspecificapimanglobal.azure-api.ne https:\/\/googleads.g.doubleclick.net https:\/\/*.www.google.nl\/pagead https:\/\/cep-api.vattenfall.com https:\/\/td.doubleclick.net https:\/\/googleadservices.com https:\/\/*.cdn-0.d41.co https:\/\/*.w9shetvlr6.d41.co https:\/\/*.bing.com https:\/\/*.bing.net https:\/\/*.lt45.net https:\/\/snap.licdn.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.google.nl https:\/\/*.google.com https:\/\/*.google.co.uk https:\/\/pingvp.com https:\/\/*.pingvp.com; style-src 'self' 'unsafe-inline' https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.googlesyndication.com https:\/\/*.vattenfall.nl https:\/\/*.idomoo.com https:\/\/*.cloudfront.net https:\/\/web.telemetric.dk https:\/\/vattenfalltesting.24sessions.com https:\/\/connect.facebook.net https:\/\/img06.en25.com https:\/\/r2eu01.visualwebsiteoptimizer.com https:\/\/dc.services.visualstudio.com https:\/\/t.svtrd.com https:\/\/businessspecificapimanglobal.azure-api.ne https:\/\/googleads.g.doubleclick.net https:\/\/*.www.google.nl\/pagead https:\/\/cep-api.vattenfall.com https:\/\/td.doubleclick.net https:\/\/googleadservices.com https:\/\/*.cdn-0.d41.co https:\/\/*.w9shetvlr6.d41.co https:\/\/*.bing.com https:\/\/*.bing.net https:\/\/*.lt45.net https:\/\/snap.licdn.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/dl.episerver.net https:\/\/pingvp.com https:\/\/*.pingvp.com https:\/\/*.mopinion.com; img-src 'self' https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.googlesyndication.com https:\/\/*.vattenfall.nl https:\/\/*.google.nl https:\/\/*.siteimproveanalytics.com https:\/\/*.siteimproveanalytics.io  https:\/\/*.linkedin.com https:\/\/tdn.r42tag.com https:\/\/admin.relay42.com https:\/\/cm.g.doubleclick.net https:\/\/ad.doubleclick.net https:\/\/*.piwik.pro https:\/\/*.facebook.com https:\/\/*.clarity.ms https:\/\/*.bing.com https:\/\/*.bing.net https:\/\/*.svtrd.com https:\/\/*.cloudfront.net https:\/\/w.usabilla.com https:\/\/web.telemetric.dk https:\/\/vattenfalltesting.24sessions.com https:\/\/connect.facebook.net https:\/\/img06.en25.com r2eu01.visualwebsiteoptimizer.com https:\/\/dc.services.visualstudio.com https:\/\/t.svtrd.com https:\/\/businessspecificapimanglobal.azure-api.ne https:\/\/googleads.g.doubleclick.net https:\/\/*.www.google.nl\/pagead https:\/\/*.www.google.de\/pagead https:\/\/cep-api.vattenfall.com https:\/\/td.doubleclick.net https:\/\/googleadservices.com https:\/\/*.cdn-0.d41.co https:\/\/*.w9shetvlr6.d41.co https:\/\/*.bing.com https:\/\/*.bing.net https:\/\/*.lt45.net https:\/\/snap.licdn.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.google.com https:\/\/*.google.co.uk https:\/\/*.googleapis.com https:\/\/www.googletagmanager.com https:\/\/www.googletagmanager.com\/* https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.gstatic.com https:\/\/dl.episerver.net https:\/\/pingvp.com https:\/\/*.pingvp.com https:\/\/*.openstreetmap.org https:\/\/*.mopinion.com data:; font-src 'self' https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.googlesyndication.com https:\/\/*.vattenfall.nl https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/dl.episerver.net https:\/\/pingvp.com https:\/\/*.pingvp.com https:\/\/*.mopinion.com data:; frame-ancestors 'self' https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.vattenfall.nl https:\/\/pingvp.com https:\/\/*.pingvp.com; worker-src 'self' data: https:\/\/*.svc.dynamics.com https:\/\/*.mkt.dynamics.com https:\/\/*.azureedge.net https:\/\/*.googlesyndication.com https:\/\/*.vattenfall.nl https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.change.inc\/ https:\/\/nrcwebwinkel.nl https:\/\/dl.episerver.net https:\/\/*.spotify.com https:\/\/www.google-analytics.com\/* blob:; block-all-mixed-content","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self'; img-src 'self' data: https:\/\/www.lexisnexis.com https:\/\/tr-rc.lfeeder.com https:\/\/www.facebook.com https:\/\/data.pendo.lexisnexis.com https:\/\/secure.adnxs.com https:\/\/tr.lfeeder.com https:\/\/px.ads.linkedin.com https:\/\/cdn.cookielaw.org https:\/\/ssl.google-analytics.com https:\/\/www.google.com.ph https:\/\/www.google.fr https:\/\/lexisnexis.widen.net; font-src 'self' https:\/\/www.lexisnexis.com https:\/\/fonts.gstatic.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/sc.lfeeder.com https:\/\/webanalytics.lexisnexis.com https:\/\/content.pendo.lexisnexis.com https:\/\/try.abtasty.com https:\/\/snap.licdn.com https:\/\/cdn.cookielaw.org https:\/\/cdn.decibelinsight.net https:\/\/cert-webanalytics.lexisnexis.com https:\/\/ssl.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/img.en25.com https:\/\/ssl.p.jwpcdn.com https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/www.gstatic.com; connect-src 'self' https:\/\/px.ads.linkedin.com https:\/\/ariane.abtasty.com https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/webanalytics.lexisnexis.com https:\/\/data.pendo.lexisnexis.com https:\/\/analytics.google.com https:\/\/www.google.com https:\/\/cdn.cookielaw.org https:\/\/dcinfos-cache.abtasty.com https:\/\/edge.fullstory.com; worker-src 'self'; media-src 'self' https:\/\/lexisnexis.widen.net; frame-src 'none' https:\/\/www.google.com; child-src 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri \/backend\/csp-reports\/report","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/s0.wp.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com data:; frame-src 'self' data: blob: https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/wp-themes.com; img-src * data:; media-src * data:; style-src 'self' https:\/\/fonts.googleapis.com data: 'unsafe-inline'; script-src https:\/\/wp-themes.com 'self' data: 'unsafe-inline' 'unsafe-eval'; worker-src 'self'; frame-ancestors 'self' https:\/\/hub.libraesva.com; report-uri https:\/\/sentry.libraesva.com\/api\/16\/security\/?sentry_key=ec35ea3e850202bb70633fcd5d55c698","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/*.gstatic.com *.googleapis.com data: *.sodatech.com *.sodatech.net cdn.livechatinc.com mediacdn.espssl.com viewer.byondxr.com use.fontawesome.com 'self' data: https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com api.bazaarvoice.com stg.api.bazaarvoice.com pal-test.adyen.com www.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com bid.g.doubleclick.net www.googletagmanager.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.adyen.com *.sharethis.com *.certcapture.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.ehappify.com www.xtento.com *.vimeo.com *.jsctool.com *.pinterest.com *.mmcagentur.at *.doubleclick.net *.facebook.com *.facebook.net *.demdex.net *.authorize.net *.googletagmanager.com *.xtento.com *.app-wallee.com *.waltpixel.com *.equitystory.com offer.slgnt.us vars.hotjar.com *.pepperjamnetwork.com services.listrak.com *.serverdata.net *.livechatinc.com *.lindtusa.com *.russellstover.com *.ghirardelli.com https:\/\/*.ordergroove.com *.weltpixel.com https:\/\/app-wallee.com www.jsctool.com static.ogmystyle.com static2.ogmystyle.com www.mystyleplatform.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.trustpilot.com geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com https:\/\/www.paypalobjects.com https:\/\/lindtusa.rlvs.co.uk https:\/\/ghirardelli.slgnt.us https:\/\/byondxr-viewer.byondxr.com\/launcher\/1.0.58\/package\/index.js tinyurl.com\/LINDT-LAUNCHER https:\/\/optmize.google.com nytrng.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * https:\/\/*.gstatic.com *.adyen.com *.sharethis.com *.googleapis.com *.certcapture.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.cloudfront.net *.amazonaws.com *.regalify.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.xtento.com cdn.xtento.com blob: lindt.test *.lindt.test maps.googleapis.com *.pinterest.com *.postcodeanywhere.co.uk *.klarna.com *.invibes.com *.b26net.com https:\/\/www.google-analytics.com *.googletagmanager.com *.teads.tv *.videostep.com *.facebook.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.taboola.com *.doubleclick.net *.outbrain.com *.adobedtm.com *.omtrdc.net *.demdex.net *.everesttech.net *.magentocommerce.com *.sodatech.com *.sodatech.net api.official-deals.co.uk api.official-coupons.com *.adsymptotic.com cdn.livechat-files.com cp.official-coupons.com cookie-cdn.cookiepro.com cp.official-deals.co.uk site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us *.blob.core.windows.net s.pinimg.com snap.licdn.com mediacdn.espssl.com *.clarity.ms *.bing.com *.serverdata.net lindtna.test *.lindtna.test *.livechatinc.com mageside.com https:\/\/app-wallee.com d.ratepay.com viewer.byondxr.com s3.us-west-2.amazonaws.com showroom-media.byondxr.com media-optimization-service.byondxr.com *.byondxr.com *.listrakbi.com www.mystyleplatform.com static.mystyleplatform.com static2.mystyleplatform.com static2.ogmystyle.com mystyleplatform.s3.us-west-2.amazonaws.com https:\/\/www.unifaunonline.se https:\/\/*.tile.openstreetmap.org\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/redchamps.com *.hsforms.net *.hsforms.com 'self' data: geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com https:\/\/mediacdn.espssl.com\/2824\/Shared\/Modal\/chocolate.png https:\/\/www.linkedin.com https:\/\/*.linkedin.com\/ https:\/\/px.ads.linkedin.com https:\/\/mcstaging.russellstover.com https:\/\/mcstaging.lindtusa.com https:\/\/mcstaging.ghirardelli.com https:\/\/mcprod.lindtusa.com *.googleadservices.com *.yieldify.com https:\/\/www.google-anaytics.com https:\/\/www.googletagmanager.com https:\/\/optimize.google.com https:\/\/cdn.livechat-static.com *.bazaarvoice.com https:\/\/shopper.shop.pe i.liadm.com v2assets.zopim.io *.cloudfunctions.net partner.mediawallahscript.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/rum.hlx.page *.sharethis.com *.googleapis.com *.attn.tv events.attentivemobile.com *.certcapture.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.xtento.com cdn.xtento.com *.pcapredict.com lindt.slgnt.eu maps.googleapis.com *.pinterest.com *.postcodeanywhere.co.uk *.cloudflare.com *.teads.tv *.r66net.com *.facebook.net *.googleadservices.com *.doubleclick.net *.cookiepro.com *.cloudfront.net *.videostep.com *.mfgroup.ch *.taboola.com *.outbrain.com *.adobedtm.com *.authorize.net *.unpkg.com *.fontawesome.com *.sodatech.net *.sodatech.com www.clarity.ms bat.bing.com *.b2c.com bt.fraud0.com container.pepperjam.com www.googleoptimize.com *.hotjar.com *.pepperjamnetwork.com *.revlifter.io site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us *.blob.core.windows.net s.pinimg.com snap.licdn.com acsbapp.com cdn.noibu.com www.youtube.com *.upsellit.com *.livechatinc.com *.serverdata.net *.tiktok.com *.ordergroove.com https:\/\/app-wallee.com https:\/\/gmtech.mfgroup.ch https:\/\/assets.secure.checkout.visa.com https:\/\/www.googletagmanager.com tagmanager.google.com d.ratepay.com www.jsctool.com byondxr-viewer.byondxr.com web-apps.byondxr.com *.listrakbi.com *.listrak.com mystyleplatform.com www.mystyleplatform.com static.ogmystyle.com static2.ogmystyle.com d203yb14zlmxwn.cloudfront.net cdnjs.cloudflare.com cdn.jsdelivr.net use.fontawesome.com *.mczbf.com https:\/\/api.unifaun.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com *.trustpilot.com geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com https:\/\/www.youtube.com https:\/\/acsbapp.com\/apps\/app\/dist\/js\/app.js https:\/\/cdn.noibu.com\/collect.js https:\/\/byondxr-viewer.byondxr.com\/launcher\/1.0.58\/package\/index.js tinyurl.com\/LINDT-LAUNCHER *.yieldify.com *.fraud0.com https:\/\/www.googleanalytics.com https:\/\/www.google-analytics.com https:\/\/www.googleoptimize.com 'unsafe-inline' https:\/\/optimize.google.com 'unsafe-inline' https:\/\/cdn.attn.tv https:\/\/www.lindt-spruengli.com\/* https:\/\/www.lindt-spruengli.com\/media\/target\/VAPI.min.js https:\/\/www.lindt-spruengli.com\/media\/target\/at.js shop.pe *.shop.pe d3rr3d0n31t48m.cloudfront.net addshoppers.s3.amazonaws.com .traversedlp.com .voltn.com *.addshoppers.com static.traversedlp.com static.zdassets.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.cash.app https:\/\/fonts.googleapis.com\/ *.sharethis.com *.googleapis.com *.certcapture.com display.ugc.bazaarvoice.com *.amazonaws.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com *.fonts.net *.postcodeanywhere.co.uk *.cloudfront.net *.cloudflare.com *.sodatech.com *.sodatech.net *.getfirebug.com cloud.typography.com *.serverdata.net *.myfonts.net *.russellstover.com https:\/\/app-wallee.com tagmanager.google.com d.ratepay.com *.listrakbi.com *.listrak.com use.fontawesome.com www.mystyleplatform.com static.ogmystyle.com static2.ogmystyle.com assets.braintreegateway.com *.gstatic.com *.trustpilot.com geowidget.inpost.pl widget.packeta.com https:\/\/cloud.typography.com https:\/\/byondxr-viewer.byondxr.com\/launcher\/1.0.58\/package\/index.js 'unsafe-inline' https:\/\/optimize.google.com https:\/\/fonts.googleapis.com 'unsafe-inline' cookie-cdn.cookiepro.com https:\/\/cookie-cdn.cookiepro.com https:\/\/cdn.cookiepro.com\/scripttemplates\/*\/assets 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cloudfront.net *.serverdata.net *.livechatinc.com *.listrakbi.com static.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net vimeo.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net api.magento.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * *.adyen.com *.sharethis.com *.googleapis.com *.attn.tv events.attentivemobile.com *.certcapture.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.postcodeanywhere.co.uk *.ratepay.com *.luckyorange.net *.cookiepro.com *.mfgroup.ch *.doubleclick.net *.visitors.live wss:\/\/in.visitors.live wss:\/\/visitors.live wss:\/\/in.visitors.live\/ wss:\/\/visitors.live\/ visitors.live *.taboola.com *.demdex.net *.omtrdc.net *.magento.com *.adobe.net *.adobedtm.com *.adobedc.net *.typekit.net *.magedevteam.com *.sodatech.com *.sodatech.net *.teads.tv www.sjwoe.com input.noibu.com wss:\/\/input.noibu.com\/pv_part in.hotjar.com www.facebook.com *.b2c.com bt.fraud0.com *.revlifter.com *.pepperjamnetwork.com *.revlifter.io site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us s.pinimg.com snap.licdn.com *.acsbapp.com cdn.noibu.com https:\/\/maps.googleapis.com *.clarity.ms *.facebook.com *.serverdata.net *.livechatinc.com api.addressy.com *.listrakbi.com *.mczbf.com *.tiktok.com *.ordergroove.com https:\/\/app-wallee.com https:\/\/assets.secure.checkout.visa.com https:\/\/www.google-analytics.com d.ratepay.com www.jsctool.com *.byondxr.com api.byondxr.com s3.us-west-2.amazonaws.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com https:\/\/vc.hotjar.io https:\/\/cdn.linkedin.oribi.io https:\/\/byondxr-viewer.byondxr.com\/launcher\/1.0.58\/package\/index.js *.fraud0.com *.lindtusa.com *.yieldify.com https:\/\/content.hotjar.io wss:\/\/ws.hotjar.com https:\/\/metrics.hotjar.io https:\/\/lindt-us.attn.tv https:\/\/events.attentivemobile.com lindt.attn.tv cookie-cdn.cookiepro.com https:\/\/geolocation.onetrust.com https:\/\/bat.bing.com shop.pe *.shop.pe  ekr.zdassets.com lindtusa.zendesk.com wss:\/\/widget-mediator.zopim.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.byondxr.com *.googleapis.com https:\/\/viewer.byondxr.com https:\/\/web-apps.byondxr.com https:\/\/app.byondxr.com https:\/\/byondxr-viewer.byondxr.com https:\/\/app.byondvr.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src *; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.ownerrez.com https:\/\/*.orez.io https:\/\/ajax.googleapis.com https:\/\/assets.calendly.com https:\/\/code.jquery.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/www.redditstatic.com https:\/\/connect.facebook.net; worker-src * blob:; style-src * 'unsafe-inline'; report-uri https:\/\/o4511310048526336.ingest.us.sentry.io\/api\/4511337721888768\/security\/?sentry_key=4c6441f207b3ceaba29ab9c5d08f76dc","count":2},{"content-security-policy-report-only":" default-src 'self' data:; script-src 'self' https:\/\/webtools.europa.eu *.webanalytics.europa.eu 'unsafe-eval' https:\/\/cdn.jsdelivr.net https:\/\/europa.eu\/ https:\/\/cdn.ckeditor.com\/ckeditor5\/ https:\/\/webanalytics.europa.eu https:\/\/op.europa.eu https:\/\/*.webtools.europa.eu; object-src 'none'; style-src 'self' https:\/\/webtools.europa.eu 'unsafe-inline' https:\/\/op.europa.eu\/; img-src 'self' https:\/\/webtools.europa.eu *.webanalytics.europa.eu data: https:\/\/webanalytics.europa.eu https:\/\/op.europa.eu; frame-src https:\/\/w.soundcloud.com https:\/\/www.youtube.com\/ https:\/\/*.ec.europa.eu\/ https:\/\/www.dailymotion.com\/ https:\/\/vimeo.com\/ 'self' https:\/\/webtools.europa.eu https:\/\/europa.eu\/ https:\/\/op.europa.eu; child-src https:\/\/w.soundcloud.com https:\/\/www.youtube.com\/ https:\/\/*.ec.europa.eu\/ https:\/\/www.dailymotion.com\/ https:\/\/vimeo.com\/ 'self' https:\/\/webtools.europa.eu https:\/\/europa.eu\/ https:\/\/op.europa.eu; connect-src 'self' https:\/\/webtools.europa.eu *.webanalytics.europa.eu https:\/\/webanalytics.europa.eu https:\/\/europa.eu\/webtools\/rest\/etrans\/translate https:\/\/op.europa.eu https:\/\/*.webtools.europa.eu; report-uri \/report-csp-violation","count":2},{"content-security-policy-report-only":" default-src 'self'; connect-src *; img-src * data:; script-src 'self' cdn.bizible.com; style-src 'self' 'unsafe-inline' https:\/\/404-tpa-276.mktoweb.com\/ https:\/\/*.qualified.com; font-src 'self' kit.fontawesome.com ka-p.fontawesome.com https:\/\/fast.wistia.com\/ https:\/\/fast.wistia.net\/ data:; form-action 'self'; object-src 'none'; media-src 'self' blob: mediastream: https:\/\/*.qualified.com; frame-src https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net\/ https:\/\/gtm.8am.com\/ https:\/\/insight.adsrvr.org\/ https:\/\/app.netlify.com\/ https:\/\/404-tpa-276.mktoweb.com\/ https:\/\/*.qualified.com; child-src https:\/\/*.qualified.com; frame-ancestors demo.affinipay.com ka-p.fontawesome.com https:\/\/app.contentful.com; upgrade-insecure-requests; block-all-mixed-content","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.cit.com;           script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.cit.com https:\/\/snap.licdn.com https:\/\/munchkin.marketo.net https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/static.ads-twitter.com https:\/\/s.yimg.com https:\/\/bat.bing.com https:\/\/connect.facebook.net https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/utt.impactcdn.com https:\/\/cdn.cookielaw.org https:\/\/www.fdic.gov https:\/\/assets.adobedtm.com https:\/\/siteintercept.qualtrics.com https:\/\/siteimproveanalytics.com https:\/\/www.everestjs.net https:\/\/zn780vxspp4zyl7dr-citcx.siteintercept.qualtrics.com https:\/\/citgroup.demdex.net https:\/\/pixel.everesttech.net https:\/\/sp.analytics.yahoo.com https:\/\/g.3gl.net https:\/\/cg-7ce3a684-2bed-464c-8d1c-1a0e4cba69c6.s3.us-gov-west-1.amazonaws.com https:\/\/s.go-mpulse.net https:\/\/launchpad.privacymanager.io https:\/\/ats-wrapper.privacymanager.io;           connect-src 'self' https:\/\/*.cit.com https:\/\/graphql.contentful.com https:\/\/cms-images.cit.com https:\/\/cdn.cookielaw.org https:\/\/privacyportal.onetrust.com https:\/\/geolocation.onetrust.com https:\/\/dpm.demdex.net https:\/\/edge.adobedc.net https:\/\/bat.bing.com https:\/\/lib-us-2.brilliantcollector.com https:\/\/stats.g.doubleclick.net https:\/\/analytics.google.com https:\/\/www.google.com https:\/\/lasteventf-tm.everesttech.net https:\/\/s.yimg.com https:\/\/px.ads.linkedin.com https:\/\/siteintercept.qualtrics.com https:\/\/151-fhs-046.mktoresp.com https:\/\/894-itd-344.mktoresp.com https:\/\/284-lbb-572.mktoresp.com https:\/\/022-ygl-099151-fhs-046284-lbb-572.mktoresp.com https:\/\/c.go-mpulse.net https:\/\/citbank.sjv.io;           worker-src 'self';           style-src 'self' 'unsafe-inline' https:\/\/*.cit.com https:\/\/cdn.cookielaw.org;           style-src-elem 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.cookielaw.org;           img-src 'self' data: https:\/\/*.cit.com https:\/\/cms-images.cit.com https:\/\/2884.global.siteimproveanalytics.io https:\/\/dpm.demdex.net https:\/\/cdn.cookielaw.org https:\/\/px.ads.linkedin.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/bat.bing.com https:\/\/sp.analytics.yahoo.com https:\/\/cm.everesttech.net https:\/\/www.linkedin.com;           frame-src 'self' https:\/\/*.cit.com https:\/\/citbankapp.cit.com https:\/\/uat-oao.cit.com https:\/\/stage-oao.cit.com https:\/\/sape-oao.cit.com https:\/\/pl-oao.cit.com https:\/\/qa-oao.cit.com https:\/\/www.googletagmanager.com https:\/\/fast.wistia.net https:\/\/citgroup.demdex.net;           frame-ancestors 'self' https:\/\/citbankapp.cit.com https:\/\/uat-oao.cit.com https:\/\/stage-oao.cit.com https:\/\/sape-oao.cit.com https:\/\/pl-oao.cit.com https:\/\/qa-oao.cit.com https:\/\/customerfinancing.directcapital2.com https:\/\/www.customerfinancing.com https:\/\/customerfinancing.directcapital-test1.com https:\/\/customerfinancing.directcapital-test2.com https:\/\/customerfinancing.directcapital-test3.com https:\/\/customerfinancing.directcapital-test4.com onlineapps-conv.readiness.ibanking-services.com onlineapps.ibanking-services.com ibanking-services.com https:\/\/*.fisglobal.com https:\/\/*.citbank.com https:\/\/citcom-dev.ase1-dev.citnet.cit.com https:\/\/*.firstcitizens.com;           media-src 'self' blob: *.wistia.com *.wistia.net;           font-src 'self' data: *.wistia.com *.onetrust.com *.wistia.net *.gstatic.com;           ","count":2},{"content-security-policy-report-only":" font-src 'self' data:;","count":2},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval';","count":2},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.goldcoastbulletin.com.au\/csp-reports","count":2},{"content-security-policy-report-only":" base-uri 'self'; default-src 'self' https:\/\/*.google-analytics.com *.google-analytics.com https:\/\/*.analytics.google.com *.analytics.google.com https:\/\/stats.g.doubleclick.com stats.g.doubleclick.com https:\/\/*.googleapis.com *.googleapis.com https:\/\/*.cookielaw.com *.cookielaw.com https:\/\/*.cookielaw.org *.cookielaw.org https:\/\/*.cloudapi.de *.cloudapi.de https:\/\/*.onetrust.com *.onetrust.com 'unsafe-inline' 'unsafe-eval'; child-src; connect-src 'self' https:\/\/cdn.cookielaw.org cdn.cookielaw.org https:\/\/privacyportal-eu.onetrust.com privacyportal-eu.onetrust.com https:\/\/api.userway.org api.userway.org https:\/\/pagead2.googlesyndication.com pagead2.googlesyndication.com https:\/\/*.google.com *.google.com https:\/\/cdn.userway.org cdn.userway.org https:\/\/*.api.userway.org *.api.userway.org https:\/\/sessions.bugsnag.com sessions.bugsnag.com https:\/\/px.ads.linkedin.com px.ads.linkedin.com https:\/\/*.facebook.com *.facebook.com https:\/\/region1.google-analytics.com region1.google-analytics.com https:\/\/geolocation.onetrust.com geolocation.onetrust.com; font-src 'self' https:\/\/privacyportal-eu-cdn.onetrust.com privacyportal-eu-cdn.onetrust.com https:\/\/cdn.userway.org cdn.userway.org data:; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https:\/\/sidebar.bugherd.com sidebar.bugherd.com https:\/\/*.googletagmanager.com *.googletagmanager.com https:\/\/challenges.cloudflare.com challenges.cloudflare.com https:\/\/cdn.userway.org cdn.userway.org; img-src 'self' https:\/\/*.google-analytics.com *.google-analytics.com https:\/\/*.analytics.google.com *.analytics.google.com https:\/\/*.googletagmanager.com *.googletagmanager.com https:\/\/googleads.g.doubleclick.net googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.com stats.g.doubleclick.com https:\/\/stats.g.doubleclick.net stats.g.doubleclick.net https:\/\/*.google.com *.google.com https:\/\/*.google.co.uk *.google.co.uk https:\/\/*.cookielaw.org *.cookielaw.org https:\/\/px.ads.linkedin.com px.ads.linkedin.com https:\/\/*.linkedin.com *.linkedin.com https:\/\/*.facebook.com *.facebook.com https:\/\/cdn.userway.org cdn.userway.org https:\/\/d2iiunr5ws5ch1.cloudfront.net d2iiunr5ws5ch1.cloudfront.net blob: data:; media-src https:\/\/youtube.com youtube.com https:\/\/ddo8pjvnj55tt.cloudfront.net ddo8pjvnj55tt.cloudfront.net; object-src 'none'; manifest-src 'self'; script-src 'self' https:\/\/*.licdn.com *.licdn.com https:\/\/*.googleapis.com *.googleapis.com https:\/\/*.google.com *.google.com https:\/\/*.googletagmanager.com *.googletagmanager.com https:\/\/*.google-analytics.com *.google-analytics.com https:\/\/*.analytics.google.com *.analytics.google.com https:\/\/pagead2.googlesyndication.com pagead2.googlesyndication.com https:\/\/*.cookielaw.com *.cookielaw.com https:\/\/*.cookielaw.org *.cookielaw.org https:\/\/*.onetrust.com *.onetrust.com https:\/\/connect.facebook.net connect.facebook.net https:\/\/sidebar.bugherd.com sidebar.bugherd.com https:\/\/cdn.userway.org cdn.userway.org https:\/\/*.bugherd.com *.bugherd.com https:\/\/static.cloudflareinsights.com static.cloudflareinsights.com https:\/\/challenges.cloudflare.com challenges.cloudflare.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https:\/\/cdn.userway.org cdn.userway.org 'unsafe-inline'; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/api-sogecommerce.societegenerale.eu\/static\/ *.fontawesome.com *.googleapis.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.zopim.com *.zopim.io *.bushboard.co.uk *.cookiebot.com *.chatbeacon.io *.jquery.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/api-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ *.authorize.net *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.twitter.com *.wilsonart.com 'self' 'unsafe-inline'; frame-ancestors *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ *.authorize.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/www.youtube.com http:\/\/www.sandbox.paypal.com *.twitter.com *.wilsonart.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/sogecommerce.societegenerale.eu\/static\/latest\/images\/type-carte\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/maps.gstatic.com\/ *.cloudflare.com *.google.com *.twitter.com *.twimg.com *.google.co.in *.ytimg.com *.googleadservices.com *.fontawesome.com *.mastercard.com *.bushboard.co.uk *.cookiebot.com *.chatbeacon.io *.hotjar.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com https:\/\/api-sogecommerce.societegenerale.eu\/api-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ https:\/\/static-sogecommerce.societegenerale.eu\/static\/ *.fontawesome.com *.googleapis.com *.gstatic.com *.authorize.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/maps.googleapis.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.bing.com *.zopim.com *.zdassets.com *.bushboard.co.uk *.cookiebot.com *.chatbeacon.io *.jquery.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/api-sogecommerce.societegenerale.eu\/static\/ https:\/\/static-sogecommerce.societegenerale.eu\/static\/ *.fontawesome.com assets.braintreegateway.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.bing.com *.bushboard.co.uk *.cookiebot.com *.chatbeacon.io *.jquery.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zopim.com *.zopim.io *.wilsonart.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/api-payment\/ *.authorize.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com https:\/\/maps.googleapis.com www.google-analytics.com *.cloudflare.com *.twitter.com *.twimg.com *.zdassets.com *.zopim.com *.zopim.io wss:\/\/widget-mediator.zopim.com *.g.doubleclick.net *.bushboard.co.uk *.cookiebot.com *.chatbeacon.io *.jquery.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/api-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" img-src 'self' data: https:\/\/cdn-ildfakh.nitrocdn.com  https:\/\/www.facebook.com  https:\/\/cc.swiftype.com  https:\/\/px.ads.linkedin.com  https:\/\/imgsct.cookiebot.com  https:\/\/img.youtube.com  https:\/\/www.google-analytics.com  https:\/\/resources.bamboohr.com  https:\/\/www.google.ch  https:\/\/www.googletagmanager.com  https:\/\/www.google.ie  https:\/\/www.google.si  https:\/\/www.google.co.in  https:\/\/pagead2.googlesyndication.com  https:\/\/www.google.com.vn  https:\/\/www.google.co.id  https:\/\/www.google.co.uk  https:\/\/www.google.de  https:\/\/www.google.ro  https:\/\/www.google.fr  https:\/\/www.google.co.th  https:\/\/www.google.co.cr  https:\/\/www.google.co.ke  https:\/\/www.google.be  https:\/\/www.google.iq  https:\/\/www.google.com.sa  blob:  https:\/\/www.google.nl  https:\/\/www.google.com.eg  https:\/\/www.google.gr  https:\/\/i.ytimg.com  https:\/\/www.google.co.nz  https:\/\/www.google.hu  https:\/\/www.google.com.tw  https:\/\/www.google.com.ph  https:\/\/www.google.ae  https:\/\/www.google.cz  https:\/\/www.google.dk  https:\/\/googleads.g.doubleclick.net  https:\/\/www.google.ca  https:\/\/www.google.co.jp  https:\/\/www.google.it  https:\/\/www.google.es  https:\/\/www.google.co.ug  https:\/\/fonts.gstatic.com  https:\/\/stats.g.doubleclick.net  https:\/\/www.google.is  https:\/\/plugin-updates.wpengine.com  https:\/\/www.google.hr  https:\/\/www.google.com.au  https:\/\/www.google.com.tr  https:\/\/www.google.pt  https:\/\/www.google.ge  https:\/\/www.google.co.za  https:\/\/www.google.com.mx  https:\/\/www.google.je  https:\/\/www.google.com.co  https:\/\/www.google.com.sg  https:\/\/www.google.co.kr  https:\/\/www.google.cl  https:\/\/www.google.at  https:\/\/www.google.com.mt  https:\/\/www.google.mk  https:\/\/www.google.sk  https:\/\/www.google.com.hk  https:\/\/www.google.com.ua  https:\/\/www.google.pl  https:\/\/log-papago.naver.com  https:\/\/www.google.rs  https:\/\/www.google.com.np  https:\/\/www.google.com.ar  https:\/\/www.google.lt  https:\/\/www.google.com.pk  https:\/\/www.google.co.il  https:\/\/www.google.com.mm  https:\/\/www.google.bg  https:\/\/translate.google.com  https:\/\/www.google.com.bd  https:\/\/wpengine.com  https:\/\/www.google.cd  https:\/\/www.google.se  https:\/\/www.google.com.br  https:\/\/www.crossiety.ch  https:\/\/www.google.com.et  https:\/\/yt3.ggpht.com  https:\/\/connect.advancedcustomfields.com  https:\/\/really-simple-ssl.com  https:\/\/www.open-systems.com  https:\/\/www.google.ru  https:\/\/www.google.dz  https:\/\/www.google.com.pg  https:\/\/www.googleadservices.com  https:\/\/www.google.com.my  https:\/\/www.google.com.ng  https:\/\/www.google.sn  https:\/\/www.google.com.ly  https:\/\/www.google.by  https:\/\/www.google.lu  https:\/\/www.google.fi  https:\/\/burst-statistics.com  https:\/\/www.google.no  https:\/\/www.google.com.pe  https:\/\/www.google.com.gh  https:\/\/www.google.com.af  https:\/\/www.google.co.tz  https:\/\/www.google.com.om  https:\/\/www.google.co.ao  https:\/\/www.google.kz  https:\/\/www.google.al  https:\/\/www.google.co.ve  https:\/\/www.google.jo  https:\/\/www.google.com.ni  https:\/\/www.google.com.pr  https:\/\/www.google.com.py  https:\/\/www.google.com.lb  https:\/\/www.google.tn  https:\/\/www.google.am  https:\/\/cdn.honey.io  https:\/\/www.google.co.bw  https:\/\/www.google.lk  https:\/\/www.google.co.zm  https:\/\/yoa.st  https:\/\/connect.facebook.net  https:\/\/www.gartner.com  https:\/\/www.google.ci  https:\/\/www.google.com.pa  https:\/\/www.google.tt  https:\/\/www.google.ba  https:\/\/www.google.com.cy  https:\/\/www.google.com.kh  https:\/\/secure.gravatar.com https:\/\/ts.w.org https:\/\/s.w.org https:\/\/ps.w.org; default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/js.adsrvr.org  https:\/\/munchkin.marketo.net  https:\/\/www.gartner.com  https:\/\/scout-cdn.salesloft.com  https:\/\/js.zi-scripts.com  https:\/\/nitroscripts.com  https:\/\/www.googletagmanager.com  https:\/\/s.swiftypecdn.com  https:\/\/opench.bamboohr.com  https:\/\/consent.cookiebot.com  https:\/\/cdn-ildfakh.nitrocdn.com  https:\/\/snap.licdn.com  blob:  https:\/\/yoast.com  https:\/\/consentcdn.cookiebot.com  https:\/\/connect.facebook.net  https:\/\/www.google-analytics.com  https:\/\/googleads.g.doubleclick.net  https:\/\/beacon-v2.helpscout.net  https:\/\/www.youtube.com  https:\/\/api.pirsch.io  https:\/\/www.googleadservices.com  https:\/\/pagead2.googlesyndication.com  https:\/\/www.google.com  https:\/\/ws-assets.zoominfo.com  https:\/\/retagro.com  https:\/\/gc.kis.v2.scr.kaspersky-labs.com  https:\/\/apis.google.com  https:\/\/cdnjs.cloudflare.com  https:\/\/api.wire.threatspike.com  https:\/\/3001.scriptcdn.net  https:\/\/data1.sabuf.com  https:\/\/go.open-systems.com  https:\/\/www.open-systems.com  http:\/\/go.open-systems.com  https:\/\/gc.kes.v2.scr.kaspersky-labs.com  https:\/\/cdn.gtranslate.net  http:\/\/munchkin.marketo.net  http:\/\/s.swiftypecdn.com  https:\/\/platform.linkedin.com  https:\/\/www.linkedin.com  https:\/\/dragonflyenergycorporation.widget.insent.ai  https:\/\/amazingrefresh.com  https:\/\/www.gstatic.com  'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https:\/\/js.adsrvr.org  https:\/\/munchkin.marketo.net  https:\/\/www.gartner.com  https:\/\/scout-cdn.salesloft.com  https:\/\/js.zi-scripts.com  https:\/\/nitroscripts.com  https:\/\/www.googletagmanager.com  https:\/\/s.swiftypecdn.com  https:\/\/opench.bamboohr.com  https:\/\/consent.cookiebot.com  https:\/\/cdn-ildfakh.nitrocdn.com  https:\/\/snap.licdn.com  blob:  https:\/\/yoast.com  https:\/\/consentcdn.cookiebot.com  https:\/\/connect.facebook.net  https:\/\/www.google-analytics.com  https:\/\/googleads.g.doubleclick.net  https:\/\/beacon-v2.helpscout.net  https:\/\/www.youtube.com  https:\/\/api.pirsch.io  https:\/\/www.googleadservices.com  https:\/\/pagead2.googlesyndication.com  https:\/\/www.google.com  https:\/\/ws-assets.zoominfo.com  https:\/\/retagro.com  https:\/\/gc.kis.v2.scr.kaspersky-labs.com  https:\/\/apis.google.com  https:\/\/cdnjs.cloudflare.com  https:\/\/api.wire.threatspike.com  https:\/\/3001.scriptcdn.net  https:\/\/data1.sabuf.com  https:\/\/go.open-systems.com  https:\/\/www.open-systems.com  http:\/\/go.open-systems.com  https:\/\/gc.kes.v2.scr.kaspersky-labs.com  https:\/\/cdn.gtranslate.net  http:\/\/munchkin.marketo.net  http:\/\/s.swiftypecdn.com  https:\/\/platform.linkedin.com  https:\/\/www.linkedin.com  https:\/\/dragonflyenergycorporation.widget.insent.ai  https:\/\/amazingrefresh.com  https:\/\/www.gstatic.com ; style-src 'self' 'unsafe-inline' https:\/\/s.swiftypecdn.com  https:\/\/cdn-ildfakh.nitrocdn.com  https:\/\/fonts.googleapis.com  https:\/\/adblockers.opera-mini.net  https:\/\/www.gstatic.com  https:\/\/gc.kis.v2.scr.kaspersky-labs.com  https:\/\/me.kis.v2.scr.kaspersky-labs.com  https:\/\/ff.kis.v2.scr.kaspersky-labs.com  https:\/\/www.open-systems.com  https:\/\/www.gartner.com  https:\/\/go.open-systems.com  https:\/\/www.googletagmanager.com  https:\/\/cdn.honey.io ; style-src-elem 'self' 'unsafe-inline' https:\/\/s.swiftypecdn.com  https:\/\/cdn-ildfakh.nitrocdn.com  https:\/\/fonts.googleapis.com  https:\/\/adblockers.opera-mini.net  https:\/\/www.gstatic.com  https:\/\/gc.kis.v2.scr.kaspersky-labs.com  https:\/\/me.kis.v2.scr.kaspersky-labs.com  https:\/\/ff.kis.v2.scr.kaspersky-labs.com  https:\/\/www.open-systems.com  https:\/\/www.gartner.com  https:\/\/go.open-systems.com  https:\/\/www.googletagmanager.com  https:\/\/cdn.honey.io ; font-src 'self' https:\/\/cdn-ildfakh.nitrocdn.com  https:\/\/fonts.gstatic.com  https:\/\/www.open-systems.com  https:\/\/cdn.fontshare.com  https:\/\/use.typekit.net  https:\/\/www.gartner.com  https:\/\/r2cdn.perplexity.ai  https:\/\/cdn.scite.ai  https:\/\/pouch-global-font-assets.s3.eu-central-1.amazonaws.com  https:\/\/frontend-cdn.perplexity.ai  data:; frame-src 'self' https:\/\/www.youtube.com  https:\/\/www.googletagmanager.com  https:\/\/consentcdn.cookiebot.com  https:\/\/td.doubleclick.net  https:\/\/match.adsrvr.org  data:  https:\/\/www.gartner.com  https:\/\/www.youtube-nocookie.com  https:\/\/app.stylar.com  https:\/\/support.google.com  https:\/\/insight.adsrvr.org.x.53a1087a04f89043e70b1950e8116089eded.9270f457.id.opendns.com  https:\/\/connect.useparagon.com  https:\/\/safeframe.googlesyndication.com  https:\/\/static.prod.cloudcall.com  https:\/\/gateway.zscalertwo.net  https:\/\/aisdr-extension.yess.ai  https:\/\/www.linkedin.com  https:\/\/go.open-systems.com  https:\/\/safe.menlosecurity.com  http:\/\/denied.schoolsbroadband.net  https:\/\/www.google.com  blob:; connect-src 'self' https:\/\/www.google-analytics.com  https:\/\/analytics.google.com  https:\/\/px.ads.linkedin.com  https:\/\/514-zbl-151.mktoresp.com  https:\/\/region1.analytics.google.com  https:\/\/cdn-ildfakh.nitrocdn.com  https:\/\/to.getnitropack.com  https:\/\/pagead2.googlesyndication.com  https:\/\/consentcdn.cookiebot.com  https:\/\/s.swiftypecdn.com  https:\/\/my.yoast.com  https:\/\/region1.google-analytics.com  https:\/\/stats.g.doubleclick.net  https:\/\/514-zbl-151.mktoutil.com  https:\/\/www.facebook.com  https:\/\/opench.bamboohr.com  https:\/\/www.google.ie  https:\/\/www.google.ro  https:\/\/www.google.fr  https:\/\/www.google.kz  https:\/\/www.google.co.in  https:\/\/search-api.swiftype.com  https:\/\/www.google.co.id  https:\/\/www.google.co.nz  https:\/\/www.google.cz  https:\/\/www.google.de  https:\/\/www.google.ch  https:\/\/www.google.je  https:\/\/js.zi-scripts.com  https:\/\/consent.cookiebot.com  https:\/\/www.google.dk  https:\/\/www.google.nl  https:\/\/www.google.com.sa  https:\/\/ws.zoominfo.com  https:\/\/yoast.com  https:\/\/www.google.co.uk  https:\/\/www.google.co.th  https:\/\/www.google.co.za  https:\/\/www.google.ca  https:\/\/www.google.co.ug  https:\/\/www.google.com.sg  https:\/\/www.google.at  https:\/\/www.google.co.il  https:\/\/www.google.com.au  https:\/\/www.google.is  https:\/\/www.google.se  https:\/\/scout.salesloft.com  https:\/\/infragrid.v.network  https:\/\/www.google.com.ec  https:\/\/www.google.ru  https:\/\/www.google.com.mx  https:\/\/www.google.com.co  https:\/\/controlbar.eblocker.org  https:\/\/www.google.it  https:\/\/www.google.co.kr  https:\/\/www.google.com.ph  https:\/\/www.google.lt  https:\/\/www.google.com.mm  https:\/\/www.google.pl  https:\/\/translate.googleapis.com  https:\/\/www.google.es  https:\/\/www.google.com.hk  https:\/\/www.google.com.bd  https:\/\/www.google.co.jp  https:\/\/www.googletagmanager.com  https:\/\/www.google.be  https:\/\/js.adsrvr.org  https:\/\/insight.adsrvr.org  https:\/\/www.google.com.pk  https:\/\/www.google.com.pe  https:\/\/www.google.lv  https:\/\/www.google.sk  https:\/\/www.google.tn  https:\/\/www.google.rs  https:\/\/www.google.hu  https:\/\/www.google.pt  https:\/\/www.google.gr  https:\/\/overbridgenet.com  https:\/\/www.google.no  https:\/\/ws-assets.zoominfo.com  https:\/\/www.google.com.vn  https:\/\/nitropack.io  https:\/\/www.google.com.tw  https:\/\/www.google.si  https:\/\/www.google.com.br  https:\/\/www.google.vu  https:\/\/www.googleadservices.com  https:\/\/go.open-systems.com  https:\/\/localhost  https:\/\/www.google.co.ke  https:\/\/www.google.com.my  https:\/\/www.google.mk  https:\/\/www.google.fi  https:\/\/www.open-systems.com  https:\/\/www.google.co.zw  data:  https:\/\/www.google.bg  https:\/\/googleads.g.doubleclick.net  https:\/\/www.google.co.uz  https:\/\/www.google.co.ma  https:\/\/www.google.ae  https:\/\/www.google.lu  https:\/\/www.google.al  https:\/\/gjtrack.ucweb.com  https:\/\/www.google.com.tr  https:\/\/imgsct.cookiebot.com  https:\/\/api.redirect.li  https:\/\/www.google.dz  https:\/\/www.google.com.ua  https:\/\/www.google.com.ar  https:\/\/www.google.li  https:\/\/www.google.co.tz  https:\/\/www.google.co.ve  https:\/\/www.google.hr  https:\/\/www.google.lk  https:\/\/d3hb14vkzrxvla.cloudfront.net  https:\/\/detector.scamsniffer.io  https:\/\/www.google.com.pa  https:\/\/www.google.com.eg  https:\/\/www.google.tt  https:\/\/plugin.ucads.ucweb.com  https:\/\/www.google.cl;  media-src 'self' data:  https:\/\/d4qgj78fzsl5j.cloudfront.net  https:\/\/fonts.ninja;  child-src 'self' blob:;  worker-src 'self' blob:  data:;  report-uri https:\/\/www.open-systems.com\/wp-json\/really-simple-security\/v1\/csp?rsssl_apitoken=530964519;","count":2},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; form-action 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' blob: https:; frame-ancestors 'self'; report-uri \/csp-report","count":2},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' blob: data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' http:\/\/*.quantserve.com https: https:\/\/*.doubleclick.net https:\/\/*.teads.tv; worker-src 'self' blob:; connect-src 'self' https: wss:; img-src 'self' https:; frame-src 'self' http:\/\/*.trendmicro.com https:; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" script-src-elem *.crazyegg.com; style-src-elem *.stackadapt.com; font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com *.googleapis.com *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com d1cwup7r903a1d.cloudfront.net *.mypurecloud.com *.cloudflare.com *.adnxs.com *.thecpapshop.com *.paypalobjects.com *.doubleclick.net *.adacado.com *.authorize.net *.oxygenconcentratorsupplies.com *.adapthealthmarketplace.com *.espssl.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.authorize.net *.facebook.com *.mypurecloud.com *.cloudflare.com *.adnxs.com *.thecpapshop.com *.paypalobjects.com *.doubleclick.net *.adacado.com *.oxygenconcentratorsupplies.com *.adapthealthmarketplace.com 'self' 'unsafe-inline'; frame-ancestors *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.getbread.com *.breadpayments.com *.rbcpayplan.com *.authorize.net *.visualwebsiteoptimizer.com https:\/\/cryptnsend.com *.cryptnsend.net *.bbb.org *.lpsnmedia.net *.salecycle.com *.facebook.com *.adsrvr.org *.mypurecloud.com *.cloudflare.com *.adnxs.com *.thecpapshop.com *.paypalobjects.com *.doubleclick.net *.adacado.com *.oxygenconcentratorsupplies.com *.adapthealthmarketplace.com *.webeyez.com storage.googleapis.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com widgets.automizely.com widgets.automizely.io *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.getbread.com *.breadpayments.com *.rbcpayplan.com https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com www.google-analytics.com *.ftcdn.net *.behance.net https:\/\/images.unsplash.com blob: *.alothemes.com *.magepow.com *.google.com *.googleadservices.com *.googletagmanager.com *.reddit.com *.visualwebsiteoptimizer.com *.listrakbi.com *.bing.com *.facebook.com *.lpsnmedia.net *.amazonaws.com *.routeapp.io *.mypurecloud.com *.adnxs.com *.cloudflare.com *.thecpapshop.com *.paypalobjects.com *.doubleclick.net *.adacado.com *.authorize.net *.oxygenconcentratorsupplies.com *.adapthealthmarketplace.com *.adsrvr.org data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page ajax.googleapis.com fonts.googleapis.com widgets.automizely.com widgets.automizely.io *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.getbread.com *.breadpayments.com *.rbcpayplan.com https:\/\/maps.googleapis.com\/maps\/api\/ https:\/\/places.googleapis.com\/ https:\/\/examplecdn.com https:\/\/maps.googleapis.com https:\/\/maps.googleapis.com\/maps-api-v3\/ https:\/\/places.googleapis.com *.alothemes.com *.magepow.com connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.authorize.net cdn.routeapp.io *.amplitude.com cdn.jsdelivr.net protect-quote-q.route.com protection-widget.route.com stage-protection-widget.route.com protect-lightning-bolt-widget.route.com d3od5si8vgcekb.cloudfront.net ddbmicszvqxcg.cloudfront.net unpkg.com wobs.route.com *.stackadapt.com\/events.js *.crazyegg.com *.redditstatic.com *.listrak.com *.listrakbi.com *.liveperson.net *.lpsnmedia.net *.tiqcdn.com *.bing.com *.cybba.solutions *.cloudfront.net *.adsrvr.org *.facebook.net *.pepperjam.com *.rtb123.com *.routeapp.io *.route.com *.mypurecloud.com https:\/\/sentry.io *.cloudflare.com *.adnxs.com *.paypalobjects.com *.doubleclick.net *.adacado.com *.thecpapshop.com *.oxygenconcentratorsupplies.com *.adapthealthmarketplace.com *.webeyez.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com widgets.automizely.com widgets.automizely.io *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com d1cwup7r903a1d.cloudfront.net *.listrak.com *.listrakbi.com *.googleapis.com *.mypurecloud.com *.cloudflare.com *.adnxs.com *.thecpapshop.com *.paypalobjects.com *.doubleclick.net *.adacado.com *.authorize.net *.oxygenconcentratorsupplies.com *.adapthealthmarketplace.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com api.automizely.com api.automizely.io *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.getbread.com *.breadpayments.com *.rbcpayplan.com *.breadgateway.net https:\/\/maps.googleapis.com https:\/\/places.googleapis.com *.alothemes.com *.magepow.com *.googletagmanager.com stats.g.doubleclick.net *.authorize.net api.route.com *.amplitude.com cdn.jsdelivr.net protect-quote-q.route.com protection-widget.route.com stage-protection-widget.route.com d3od5si8vgcekb.cloudfront.net protect-lightning-bolt-widget.route.com ddbmicszvqxcg.cloudfront.net unpkg.com wobs.route.com *.stackadapt.com *.redditstatic.com *.reddit.com *.crazyegg.com *.visualwebsiteoptimizer.com *.listrak.com *.listrakbi.com *.sandbox.paypal.com *.googleadservices.com *.doubleclick.net *.salescycle.com wss:\/\/ws.salescycle.com *.salecycle.com wss:\/\/ws.salecycle.com *.facebook.com https:\/\/www.facebook.com *.route.com *.adnxs.com *.mypurecloud.com wss:\/\/webmessaging.mypurecloud.com *.cloudflare.com *.thecpapshop.com *.paypalobjects.com *.adacado.com *.oxygenconcentratorsupplies.com *.adapthealthmarketplace.com *.pro.ip-api.com *.ip-api.com *.amazonaws.com *.bing.com *.webeyez.com storage.googleapis.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/smartsolutions.report-uri.com\/r\/d\/csp\/reportOnly; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com kit.fontawesome.com connect.facebook.net cdn.polyfill.io code.jquery.com www.google-analytics.com ssl.google-analytics.com www.googleoptimize.com script.crazyegg.com cdn.syndication.twimg.com speedtest.bestbroadbanddeals.co.uk cdnjs.cloudflare.com maxcdn.bootstrapcdn.com widget.trustpilot.com s3.amazonaws.com cable.us4.list-manage.com admin.bestbroadbanddeals.co.uk services.xg4ken.com unpkg.com script.hotjar.com static.hotjar.com c5.adalyser.com plausible.io consent.cookiebot.com consentcdn.cookiebot.com e.infogram.com localhost:3000; connect-src 'self' consentcdn.cookiebot.com *.fontawesome.com api.addressy.com wss:\/\/ws.hotjar.com *.hotjar.com content.hotjar.io cable.us4.list-manage.com admin.bestbroadbanddeals.co.uk stats.g.doubleclick.net plausible.io localhost:3000; img-src 'self' data: *.bestbroadbanddeals.co.uk www.google.com www.googletagmanager.com www.google.co.uk www.google-analytics.com s1.2mdn.net ad.doubleclick.net stats.g.doubleclick.net gtrk.s3.amazonaws.com pbs.twimg.com code.jquery.com 19.xg4ken.com s3-eu-west-1.amazonaws.com pcf.tdscd.com c5.adalyser.com v2.crocdn.com 540k006f.tinifycdn.com imgsct.cookiebot.com; style-src 'self' 'unsafe-inline' code.jquery.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com admin.bestbroadbanddeals.co.uk pro.fontawesome.com localhost:3000; font-src 'self' *.fontawesome.com maxcdn.bootstrapcdn.com admin.bestbroadbanddeals.co.uk data: localhost:3000; object-src 'self' api.ookla.com fpdownload.adobe.com; frame-src 'self' widget.trustpilot.com vars.hotjar.com googleads.g.doubleclick.net consentcdn.cookiebot.com e.infogram.com data:; child-src 'self' blob:; report-uri \/csp-violation-report\/","count":2},{"content-security-policy-report-only":" default-src 'self';  script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/consent.ory.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/distillery.wistia.com https:\/\/js.hsforms.net;  script-src-elem blob: 'self' 'unsafe-inline' https:\/\/vercel.live https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/js.hsforms.net https:\/\/static.hsappstatic.net https:\/\/js-eu1.hs-banner.com https:\/\/js-eu1.hs-analytics.net https:\/\/js-eu1.hsadspixel.net https:\/\/js-eu1.usemessages.com https:\/\/googleads.g.doubleclick.net https:\/\/js.zi-scripts.com https:\/\/*.hs-scripts.com https:\/\/script.crazyegg.com https:\/\/www.googletagmanager.com https:\/\/sqa-web.ory.com https:\/\/static.reo.dev https:\/\/s.ory.com https:\/\/consent.ory.com https:\/\/www.redditstatic.com https:\/\/core.sanity-cdn.com https:\/\/cdn.jsdelivr.net https:\/\/browser.sentry-cdn.com;  style-src 'self' 'unsafe-inline';  style-src-elem 'self' 'unsafe-inline' https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/js.hsforms.net https:\/\/static.hsappstatic.net https:\/\/cdn.jsdelivr.net;  img-src 'self' data: blob: https:;  connect-src 'self' https:\/\/stats.g.doubleclick.net https:\/\/ws.zoominfo.com https:\/\/*.hubapi.com https:\/\/*.hubspot.com https:\/\/static.hsappstatic.net https:\/\/analytics.google.com https:\/\/js.zi-scripts.com https:\/\/script.crazyegg.com https:\/\/conversions-config.reddit.com https:\/\/www.redditstatic.com https:\/\/pixel-config.reddit.com https:\/\/www.google.com https:\/\/api.reo.dev https:\/\/project.console.ory.sh https:\/\/api.console.ory.sh https:\/\/sqa-web.ory.com https:\/\/consent.ory.com https:\/\/fast.wistia.net https:\/\/fast.wistia.com https:\/\/distillery.wistia.com https:\/\/embed-cloudfront.wistia.com https:\/\/forms.hsforms.com https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/forms-eu1.hsforms.com https:\/\/33xluxe1.api.sanity.io https:\/\/33xluxe1.apicdn.sanity.io https:\/\/cdn.sanity.io https:\/\/cdn.jsdelivr.net wss:\/\/33xluxe1.api.sanity.io https:\/\/pipedream.wistia.com https:\/\/fg8vvsvnieiv3ej16jby.litix.io https:\/\/raw.githubusercontent.com https:\/\/api.github.com https:\/\/www.googleadservices.com;  font-src 'self' data: https:\/\/fast.wistia.net https:\/\/cdn.jsdelivr.net;  worker-src blob: 'self';  media-src 'self' https:\/\/embed-ssl.wistia.com blob:;  frame-src 'self' https:\/\/*.hubspot.com https:\/\/vercel.live https:\/\/app-eu1.hubspot.com https:\/\/www.googletagmanager.com https:\/\/consent.ory.com https:\/\/sqa-web.ory.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/embed-ssl.wistia.com https:\/\/www.youtube.com;  object-src 'none';  base-uri 'self';  form-action 'self';  frame-ancestors 'self' https:\/\/app-eu1.hubspot.com https:\/\/www.googletagmanager.com https:\/\/www.einpresswire.com https:\/\/*.vercel.app;  upgrade-insecure-requests;  report-uri https:\/\/o481709.ingest.us.sentry.io\/api\/4510205854482432\/security\/?sentry_key=62382f4c47aefd04c9afd518f417b97a;  report-to csp-endpoint;","count":2},{"content-security-policy-report-only":" connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.affirm.com *.affirm.ca *.sharethis.com https:\/\/ipapi.co https:\/\/ajax.googleapis.com *.skynettechnologies.com *.skynettechnologies.us https:\/\/vlibras.gov.br https:\/\/dicionario2.vlibras.gov.br https:\/\/acessos.vlibras.gov.br *.meetanshi.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.yotpo.com https:\/\/resupply.aeroflowurology.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de www.mczbf.com pipedream.wistia.com us-autocomplete-pro.api.smarty.com lootly.io https:\/\/get.geojs.io *.avada.io adservice.google.com *.aeroflowapi.org doctor-lookup.aeroflow.ninja warranties-prod-warrantyuploads3bucket-pwksm63i2jcr.s3.amazonaws.com analytics.tiktok.com api.motifmedical.com\/api\/fullmotiflookuptool app.launchdarkly.com *.bing.com sdk.iad-02.braze.com bt.signifyd.com:11103 cdn.acsbapp.com *.osano.com www.cloudflare.com\/cdn-cgi\/trace data.stbuttons.click *.elfsight.com *.elfsightcdn.com www.facebook.com *.five9.net *.five9.com www.google.com *.doubleclick.net maps.googleapis.com *.googlesyndication.com graph.instagram.com *.klaviyo.com l.sharethis.com\/pview *.lactationlink.com *.motifmedical.com motifmedical.zendesk.com *.noibu.com wss:\/\/*.noibu.com ct.pinterest.com prompts.maze.co req.easywebinar.com s.yimg.com *.snapchat.com dev.visualwebsiteoptimizer.com wss:\/\/widget-mediator.zopim.com *.zdassets.com *.ads.linkedin.com pixel-config.reddit.com www.redditstatic.com www.pinterest.com trail.grin.co *.adtrafficquality.google *.gstatic.com sentry.io *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat aeroflowdirect.com aeroflowbreastpumps.com aeroflowurology.com aeroflowsleep.com cpapsupplies.com *.cheapcpapsupplies.com motifmedical.com pumpingessentials.com lactationlink.com aeroflowdiabetes.com *.aeroflowdirect.com *.aeroflowbreastpumps.com *.aeroflowurology.com *.aeroflowsleep.com *.cpapsupplies.com *.pumpingessentials.com *.aeroflowdiabetes.com shop.aeroflowinc.com gtm.aeroflowbreastpumps.com gtm.aeroflowdiabetes.com www.babylist.com cdnapisec.kaltura.com cfvod.kaltura.com browser-intake-datadoghq.com aeroflow-experiments.com *.aeroflow-experiments.com *.authorize.net *.google-analytics.com https:\/\/imgs.signifyd.com https:\/\/*.kameleoon.com https:\/\/*.kameleoon.io https:\/\/*.kameleoon.eu https:\/\/*.kameleoon.net https:\/\/aeroflow-experiments.com https:\/\/*.aeroflow-experiments.com portal.aeroflow.online https: 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.affirm.com *.aeroflow.io *.aeroflow.org *.doubleclick.net *.googlesyndication.com aeroflowdirect.com aeroflowbreastpumps.com aeroflowurology.com aeroflowsleep.com cpapsupplies.com *.cheapcpapsupplies.com motifmedical.com pumpingessentials.com lactationlink.com aeroflowdiabetes.com *.aeroflowdirect.com *.aeroflowbreastpumps.com *.aeroflowurology.com *.aeroflowsleep.com *.cpapsupplies.com *.motifmedical.com *.pumpingessentials.com *.lactationlink.com *.aeroflowdiabetes.com shop.aeroflowinc.com https:\/\/*.kameleoon.com https:\/\/*.kameleoon.io https:\/\/*.kameleoon.eu https:\/\/*.kameleoon.net https:\/\/aeroflow-experiments.com https:\/\/*.aeroflow-experiments.com portal.aeroflow.online https: 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'   *.cloudflare.com   *.bing.com   *.rfihub.net   *.boomtrain.com   *.cookielaw.org   *.facebook.net   *.doubleclick.net   *.derbysoftsec.com   *.rezync.com   *.cdn.digitaloceanspaces.com   *.azds.com   *.sojern.com   *.quantcount.com   *.crazyegg.com   *.quantserve.com   *.cloudflareinsights.com   *.stackadapt.com   *.google-analytics.com   *.googletagmanager.com   *.tiqcdn.com   *.stripe.com   *.googleapis.com   *.gstatic.com   *.google.com   *.callrail.com   *.googleadservices.com   *.yimg.com   *.simpli.fi   *.matomo.cloud   plausible.io   *.umami.is   *.posthog.com   *.threatspike.com   *.qvdt3feo.com   *.montage.com;  script-src-elem 'self' 'unsafe-inline'   *.cloudflare.com   *.bing.com   *.rfihub.net   *.boomtrain.com   *.cookielaw.org   *.facebook.net   *.doubleclick.net   *.derbysoftsec.com   *.rezync.com   *.cdn.digitaloceanspaces.com   *.azds.com   *.sojern.com   *.quantcount.com   *.crazyegg.com   *.quantserve.com   *.cloudflareinsights.com   *.stackadapt.com   *.google-analytics.com   *.googletagmanager.com   *.tiqcdn.com   *.stripe.com   *.googleapis.com   *.gstatic.com   *.google.com   *.callrail.com   *.googleadservices.com   *.yimg.com   *.simpli.fi   *.montage.com   *.storage.googleapis.com   plausible.io   *.matomo.cloud   *.sc-static.net   *.posthog.com   *.threatspike.com   *.umami.is   *.infird.com   *.hotjar.com   *.upsellit.com   *.redditstatic.com   blob:;  connect-src 'self'   *.azds.com   *.boomtrain.com   *.callrail.com   *.cookielaw.org   *.crazyegg.com   *.doubleclick.net   *.facebook.com   *.g.doubleclick.net   *.google-analytics.com   google.com   *.google.com.mx   *.google.com   *.google.de   *.googleadservices.com   *.googletagmanager.com   *.googleapis.com   *.google.co.uk   *.onetrust.com   *.sojern.com   *.stackadapt.com   *.tiqcdn.com   *.myhotelshop.de   *.awsapprunner.com   *.run.app   *.letsway.com   *.bing.com   *.bing.net   *.googlesyndication.com   *.matomo.cloud   *.umami.dev   *.yimg.com   plausible.io   *.pendry.com   *.posthog.com   *.yoast.com   *.launchdarkly.com   *.geoedge.com   *.adsrvr.org   *.yoast.com   *.cloudfront.net   *.adform.net   *.adnxs.com   *.tiktokw.us   *.tiktok.com   *.browsekeeper.com   *.redditstatic.com   *.reddit.com   *.overbridgenet.com   *.montage.com   data:;  frame-src 'self'   *.doubleclick.net   *.facebook.com   *.googletagmanager.com   *.google.com   *.pcibooking.net   *.rfihub.net   *.rfihub.com   *.sojern.com   *.stripe.com   *.azds.com   *.zscalerthree.net   *.truetour.app   truetour.app   visitingmedia.com   *.vimeo.com   *.formcrafts.com   *.ibotta.com   *.contextall.com   *.canyonsdistrict.org   *.ggusd.us   *.menlosecurity.com   *.zscaler.net   *.snapchat.com   *.montage.com   blob:;  style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * 'self' data:; manifest-src * 'self'; worker-src 'self' blob:; child-src 'self' blob:;  report-uri https:\/\/cfe87652b26de6b69f71ed43bef9cf37.report-uri.com\/r\/d\/csp\/reportOnly;","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.googleadservices.com https:\/\/*.g.doubleclick.net https:\/\/*.gstatic.com https:\/\/*.hs-scripts.com https:\/\/js-na2.hs-analytics.net https:\/\/js-na2.hs-banner.com https:\/\/*.hscollectedforms.net https:\/\/snap.licdn.com https:\/\/bat.bing.com https:\/\/sc.lfeeder.com https:\/\/plugins.flockler.com https:\/\/apibeta.iamgaia.com https:\/\/cdn.cookielaw.org https:\/\/cdn.onthe.io https:\/\/cdn.zingchart.com https:\/\/darkvisitors.com https:\/\/c.sproutvideo.com https:\/\/knownagents.com; connect-src 'self' data: https:\/\/www.googletagmanager.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.googleadservices.com https:\/\/*.g.doubleclick.net https:\/\/*.hscollectedforms.net https:\/\/px.ads.linkedin.com https:\/\/tt.onthe.io https:\/\/listgrowth.ctctcdn.com https:\/\/apibeta.iamgaia.com https:\/\/privacyportal.onetrust.com https:\/\/geolocation.onetrust.com https:\/\/cdn.cookielaw.org https:\/\/api.flockler.app https:\/\/media-api.flockler.com https:\/\/stats-api.flockler.app https:\/\/darkvisitors.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/*.algolia.io https:\/\/www.googleadservices.com https:\/\/knownagents.com https:\/\/translate.googleapis.com; img-src 'self' https: data: blob: https:\/\/forms-na2.hsforms.com; media-src 'self' blob: data: https:\/\/videos.sproutvideo.com https:\/\/dms.licdn.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.cookielaw.org https:\/\/static.ctctcdn.com https:\/\/www.gstatic.com https:\/\/fonts.googleapis.com; style-src-elem 'self' 'unsafe-inline' https:\/\/www.gstatic.com https:\/\/static.ctctcdn.com https:\/\/fonts.googleapis.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/s0.wp.com https:\/\/assets.merci-app.com https:\/\/appdown.pstatic.net https:\/\/at.alicdn.com https:\/\/cdn.yiban.io; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/open.spotify.com https:\/\/player.vimeo.com https:\/\/videos.sproutvideo.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/challenges.cloudflare.com; worker-src 'self' blob:; report-uri https:\/\/cspreport.kla.com\/api\/reports\/csp;","count":2},{"content-security-policy-report-only":" font-src maxcdn.bootstrapcdn.com data: https:\/\/*.cloudflare.com *.typekit.net *.googleapis.com https:\/\/*.authorize.net https:\/\/*.cardinalcommerce.com https:\/\/*.trustedshops.com https:\/\/*.tawk.to https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/embed.productlead.me https:\/\/*.stage.xpertbeauty.bg https:\/\/xpertbeauty.local https:\/\/*.xpertbeauty.ro 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net https:\/\/www.facebook.com\/ https:\/\/ct.pinterest.com\/ https:\/\/*.stage.xpertbeauty.bg https:\/\/xpertbeauty.local https:\/\/*.xpertbeauty.ro 'self' 'unsafe-inline'; frame-ancestors data: 'self'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net js.stripe.com www.google.com https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/www.google.ro https:\/\/www.google.bg https:\/\/www.facebook.com\/ https:\/\/*.cardinalcommerce.com https:\/\/*.authorize.net https:\/\/*.paypal.com https:\/\/*.sandbox.paypal.com https:\/\/*.hotjar.com https:\/\/*.pinterest.com https:\/\/*.googlesyndication.com https:\/\/googleads.g.doubleclick.net https:\/\/*.stage.xpertbeauty.bg https:\/\/xpertbeauty.local https:\/\/*.xpertbeauty.ro https:\/\/*.tawk.to https:\/\/s7.addthis.com *.xpertbeauty.ro *.xpertbeauty.bg *.xpertbeauty.hu *.xpertbeauty.com *.datareshape.net 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com *.vimeocdn.com s.ytimg.com www.apptrian.com www.facebook.com ct.pinterest.com data: https:\/\/*.cloudflare.com https:\/\/cdn.klarna.com https:\/\/www.magecomp.com https:\/\/*.paypal.com www.paypalobjects.com https:\/\/*.sandbox.paypal.com https:\/\/*.g.doubleclick.net https:\/\/*.vimeocdn.com https:\/\/s.ytimg.com https:\/\/*.usercentrics.eu https:\/\/*.magentocommerce.com https:\/\/www.google.ro https:\/\/www.google.com https:\/\/*.tawk.to https:\/\/cdn.jsdelivr.net https:\/\/*.cdninstagram.com  https:\/\/*.xx.fbcdn.net www.instagram.com https:\/\/instagram.fcnd1-1.fna.fbcdn.net http:\/\/seal.alphassl.com\/ https:\/\/secure.trust-provider.com https:\/\/ssl.comodo.com https:\/\/feedback.trusted.ro https:\/\/*.stage.xpertbeauty.bg https:\/\/xpertbeauty.local https:\/\/*.xpertbeauty.ro https:\/\/ct.pinterest.com maps.gstatic.com maps.google.com https:\/\/*.themarketer.com *.xpertbeauty.ro *.xpertbeauty.bg *.xpertbeauty.hu *.xpertbeauty.com *.datareshape.net https:\/\/*.google.com https:\/\/sslseal.certum.pl\/ *.collect.igodigital.com flagpedia.net cdn1.themarketer.com 'self' 'unsafe-inline'; script-src https:\/\/*.adobedtm.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com secure.authorize.net test.authorize.net s.ytimg.com video.google.com https:\/\/*.vimeo.com www.vimeo.com js.authorize.net jstest.authorize.net cdn-scripts.signifyd.com www.youtube.com js.stripe.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.apptrian.com www.facebook.com connect.facebook.net graph.facebook.com www.pinterest.com s.pinimg.com https:\/\/*.cloudflare.com https:\/\/*.google.com *.gstatic.com https:\/\/www.googletagmanager.com https:\/\/*.googlesyndication.com maps.googleapis.com https:\/\/*.trustedshops.com https:\/\/*.usercentrics.eu https:\/\/*.cardinalcommerce.com https:\/\/*.googleadservices.com https:\/\/googleadservices.com https:\/\/*.authorize.net https:\/\/*.paypalobjects.com https:\/\/*.ytimg.com *.braintreegateway.com *.signifyd.com https:\/\/connect.facebook.net https:\/\/embed.productlead.me https:\/\/chimpstatic.com https:\/\/*.tawk.to https:\/\/*.hotjar.com https:\/\/*.getsitecontrol.com https:\/\/*.g.doubleclick.net https:\/\/js-agent.newrelic.com\/ https:\/\/bam.eu01.nr-data.net\/ http:\/\/seal.alphassl.com\/ https:\/\/secure.trust-provider.com https:\/\/cdn.jsdelivr.net https:\/\/s.pinimg.com https:\/\/*.pinterest.com https:\/\/*.paypal.com https:\/\/*.sandbox.paypal.com https:\/\/*.stage.xpertbeauty.bg https:\/\/xpertbeauty.local https:\/\/*.xpertbeauty.ro https:\/\/*.themarketer.com https:\/\/*.tiktok.com *.xpertbeauty.ro *.xpertbeauty.bg *.xpertbeauty.hu *.xpertbeauty.com *.datareshape.net *.collect.igodigital.com *.avada.io cdn1.themarketer.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com maxcdn.bootstrapcdn.com https:\/\/*.cloudflare.com https:\/\/*.trustedshops.com https:\/\/*.usercentrics.eu https:\/\/maxcdn.bootstrapcdn.com https:\/\/embed.productlead.me https:\/\/*.tawk.to https:\/\/cdn.jsdelivr.net https:\/\/*.googleapis.com https:\/\/*.stage.xpertbeauty.bg https:\/\/xpertbeauty.local https:\/\/*.xpertbeauty.ro https:\/\/static.xpertbeauty.ro https:\/\/*.themarketer.com *.xpertbeauty.ro *.xpertbeauty.bg *.xpertbeauty.hu *.xpertbeauty.com *.datareshape.net *.gstatic.com cdn1.themarketer.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src www.apptrian.com www.facebook.com ct.pinterest.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.apptrian.com connect.facebook.net graph.facebook.com ct.pinterest.com https:\/\/*.cloudflare.com https:\/\/*.paypal.com https:\/\/*.cardinalcommerce.com www.facebook.com *.google-analytics.com https:\/\/*.tawk.to wss:\/\/*.tawk.to https:\/\/*.productlead.me wss:\/\/*.productlead.me www.instagram.com https:\/\/instagram.fcnd1-1.fna.fbcdn.net https:\/\/stats.g.doubleclick.net https:\/\/bam.eu01.nr-data.net https:\/\/*.stage.xpertbeauty.bg https:\/\/xpertbeauty.local https:\/\/*.xpertbeauty.ro https:\/\/ct.pinterest.com https:\/\/s7.addthis.com https:\/\/api-public.addthis.com https:\/\/in.hotjar.com https:\/\/vc.hotjar.io maps.googleapis.com https:\/\/*.themarketer.com https:\/\/*.tiktok.com *.xpertbeauty.ro *.xpertbeauty.bg *.xpertbeauty.hu *.xpertbeauty.com *.datareshape.net https:\/\/www.google.com www.gstatic.com cdn1.themarketer.com 'self' 'unsafe-inline'; child-src 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/*.xpertbeauty.ro\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/branchapp.in https:\/\/branch.co https:\/\/branch.co.ke https:\/\/branch.com.ng https:\/\/branch.co.tz https:\/\/d2c5ectx2y1vm9.cloudfront.net; script-src 'self' https:\/\/d2c5ectx2y1vm9.cloudfront.net https:\/\/code.jquery.com https:\/\/ga.jspm.io https:\/\/connect.facebook.net https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com\/ https:\/\/cdnjs.cloudflare.com 'unsafe-inline' blob: https:\/\/www.recaptcha.net https:\/\/sdk.cashfree.com https:\/\/public.releases.juspay.in https:\/\/*.google-analytics.com https:\/\/*.google.com; style-src 'self' https:\/\/d2c5ectx2y1vm9.cloudfront.net https:\/\/cdnjs.cloudflare.com 'unsafe-inline'; font-src 'self' https:\/\/d2c5ectx2y1vm9.cloudfront.net https:\/\/fonts.gstatic.com data:; img-src 'self' https:\/\/d2c5ectx2y1vm9.cloudfront.net https:\/\/www.facebook.com data: blob: https:\/\/branch-in-production.s3.ap-south-1.amazonaws.com https:\/\/fonts.gstatic.com https:\/\/graph.facebook.com https:\/\/branch-in-public.s3.amazonaws.com; object-src 'self' blob:; connect-src 'self' https:\/\/accounts.google.com https:\/\/browser-intake-datadoghq.com https:\/\/ga.jspm.io https:\/\/d2c5ectx2y1vm9.cloudfront.net https:\/\/branch-in-production-temp.s3.ap-south-1.amazonaws.com https:\/\/www.recaptcha.net https:\/\/*.google-analytics.com https:\/\/*.google.com; frame-src https:\/\/www.recaptcha.net https:\/\/sdk.cashfree.com https:\/\/www.googletagmanager.com https:\/\/branch-in-production.s3.ap-south-1.amazonaws.com; media-src https:\/\/d2c5ectx2y1vm9.cloudfront.net; report-uri \/csp-violation-report-endpoint","count":2},{"content-security-policy-report-only":" default-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri \/csp-report","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.solidgate.com *.cdn-apple.com *.stackadapt.com *.cookielaw.org *.tiktok.com *.snapchat.com *.googletagmanager.com *.connect.facebook.net *.sc-static.net *.bing.com *.taboola.com https:\/\/s.axon.ai https:\/\/c.albss.com *.impactcdn.com *.rtbrain.app https:\/\/fast.ssqt.io *.applovin.com *.google.com *.paypal.com *.doubleclick.net *.googleadservices.com *.forter.com *.cloudfront.net; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' *.gstatic.com *.cdn-apple.com; img-src 'self' data: blob: https:; frame-src 'self' *.solidgate.com *.cdn-apple.com *.google.com *.paypal.com *.snapchat.com *.rtbrain.app; connect-src 'self' *.solidgate.com *.solidgate-dev.com *.stackadapt.com *.tiktok.com *.tiktokw.us *.snapchat.com *.amazonaws.com *.applovin.com *.eppo.cloud *.sentry.io *.onetrust.com *.cookielaw.org *.googleapis.com *.rtbrain.app *.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.facebook.com *.bing.com *.taboola.com *.paypal.com *.google.com *.asqq.io *.sjv.io *.pxf.io *.impactcdn.com *.impct.site *.browser-intake-datadoghq.com *.forter.com wss:\/\/*.forter.com *.cloudfront.net https:\/\/1.1.1.1 *.siteperformancetest.net https:\/\/siteperformancetest.net; worker-src 'self' blob:; object-src 'none'; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub693ad1773743e9192bc387fd4c7cb969&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Awellfunnel%2Cenv%3Aprod","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.cloudfront.net *.podigee-cdn.net 'self' data: d3c2yqbxx52o4l.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * d3c2yqbxx52o4l.cloudfront.net 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com js.mollie.com https:\/\/www.googletagmanager.com\/ *.facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.office365.com schoeffel-lowa.de *.podigee-cdn.net komoot.com d3c2yqbxx52o4l.cloudfront.net www.komoot.com d3ms8mre5rhtvu.cloudfront.net dwin1.com awin1.com zenaps.com the.sciencebehindecommerce.com wepowerconnections.com lantern.roeyecdn.com lantern.roeye.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/www.mollie.com maps.googleapis.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.cdninstagram.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.usercentrics.eu *.hubspot.com *.podigee-cdn.net *.hsforms.net *.hsforms.com 'self' data: maps.gstatic.com d3c2yqbxx52o4l.cloudfront.net dwin1.com awin1.com zenaps.com the.sciencebehindecommerce.com wepowerconnections.com lantern.roeyecdn.com lantern.roeye.com *.facebook.com *.google.pl *.google.de data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.mollie.com maps.googleapis.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ player.vimeo.com connect.facebook.net cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleadservices.com *.usercentrics.eu *.googleapis.com *.hs-scripts.com *.hs-banner.com *.hs-analytics.net *.podigee-cdn.net *.hsforms.net *.hsforms.com *.gstatic.com d3c2yqbxx52o4l.cloudfront.net pagead2.googlesyndication.com *.dwin1.com dwin1.com *.awin1.com awin1.com *.zenaps.com zenaps.com the.sciencebehindecommerce.com wepowerconnections.com lantern.roeyecdn.com lantern.roeye.com *.hsadspixel.net *.digiaccess.org 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com *.podigee-cdn.net *.googleapis.com *.gstatic.com d3c2yqbxx52o4l.cloudfront.net *.googletagmanager.com www.google.pl 'self' 'unsafe-inline'; object-src d3c2yqbxx52o4l.cloudfront.net 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ *.cloudfront.net d3c2yqbxx52o4l.cloudfront.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com maps.googleapis.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.usercentrics.eu *.googleapis.com *.googlesyndication.com t.elasticsuite.io *.hsforms.net *.hsforms.com d3c2yqbxx52o4l.cloudfront.net www.google-analytics.com analytics.google.com paypal.com *.paypalobjects.com dwin1.com awin1.com zenaps.com the.sciencebehindecommerce.com wepowerconnections.com lantern.roeyecdn.com lantern.roeye.com *.digiaccess.org *.hubapi.com *.lowa.com *.hsappstatic.net googleads.g.doubleclick.net www.google.pl 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com d3c2yqbxx52o4l.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/plumrocket.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.dotdigital-pages.com *.dotdigital.com https:\/\/plumrocket.com *.iubenda.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com js.mollie.com https:\/\/accounts.google.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: track.goggles4u.info https:\/\/track.goggles4u.info www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.trackedlink.net https:\/\/images.unsplash.com *.iubenda.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/www.mollie.com www.google.com.ua www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal https:\/\/maps.googleapis.com *.iubenda.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com js.mollie.com https:\/\/accounts.google.com https:\/\/www.gstatic.com * www.xtento.com cdn.xtento.com goggles4u.com https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/accounts.google.com https:\/\/www.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/checkout.iwdagency.com *.iubenda.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/accounts.google.com * goggles4u.com https: 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/trusted-scripts.example.com;style-src 'self';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net cdn.jsdelivr.net cdn.almapay.com *.googleapis.com https:\/\/www.gstatic.com data: fonts.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/fonts.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.paypal.com *.getalma.eu *.almapay.com\/ www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/www.googletagmanager.com\/ *.google.com\/ https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com https:\/\/www.youtube.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com https:\/\/*.gstatic.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.bird.eu *.openstreetmap.org maps.googleapis.com maps.gstatic.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/www.magezon.com https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com cdn.jsdelivr.net *.almapay.com *.googleapis.com https:\/\/*.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/cdnjs.cloudflare.com https:\/\/polyfill-fastly.io https:\/\/browser.sentry-cdn.com sentry.bird.eu *.google.com\/ https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com cdn.jsdelivr.net *.almapay.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.adyen.com *.google.com https:\/\/*.google.com payments-eu.amazon.com *.paypal.com *.getalma.eu *.almapay.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com maps.googleapis.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/*.ingest.sentry.io sentry.bird.eu https:\/\/ipinfo.io https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net maxcdn.bootstrapcdn.com *.fontawesome.com https:\/\/widgets.trustedshops.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.baktotaal.nl *.baktotaal.de *.baktotaal.com baktotaal.nl baktotaal.de baktotaal.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.multisafepay.com https:\/\/pay.google.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com challenges.cloudflare.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.typeform.com *.criteo.com consentcdn.cookiebot.eu consentcdn.cookiebot.com *.facebook.com www.googletagmanager.com td.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io magefan.com cm.magefan.com *.multisafepay.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com *.disqus.com https:\/\/firebasestorage.googleapis.com maps.gstatic.com ts.tradetracker.net www.magmodules.eu *.gstatic.com *.facebook.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com *.baktotaal.nl *.baktotaal.de *.baktotaal.com *.cloudfront.net www.google.nl permalink.psinfoodservice.com www.facebook.com *.linkedin.com *.squeezely.tech *.bing.net *.criteo.com *.usercentrics.eu *.cookiebot.com *.bing.com *.etrusted.com *.clarity.ms pagead2.googlesyndication.com google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.multisafepay.com https:\/\/pay.google.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com https:\/\/cdnjs.cloudflare.com cdnjs.cloudflare.com *.disqus.com *.avada.io *.shopify.com challenges.cloudflare.com maps.googleapis.com www.gstatic.com tm.tradetracker.net *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net *.typeform.com *.criteo.com *.criteo.net squeezely.tech instant.page *.licdn.com *.bing.com *.bing-int.com consent.cookiebot.com consent.cookiebot.eu consentcdn.cookiebot.com consentcdn.cookiebot.eu cdn.jsdelivr.net *.hotjar.com connect.facebook.net *.clarity.ms *.varify.io d5yoctgpv4cpx.cloudfront.net www.google.com pagead2.googlesyndication.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.fontawesome.com *.multisafepay.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/cdnjs.cloudflare.com cdnjs.cloudflare.com https:\/\/fonts.bunny.net www.gstatic.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com *.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.baktotaal.nl *.baktotaal.de *.baktotaal.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.multisafepay.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/get.geojs.io *.avada.io *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app *.typeform.com *.baktotaal.nl *.baktotaal.de *.baktotaal.com *.criteo.com consentcdn.cookiebot.com consentcdn.cookiebot.eu *.bing.net *.bing.com *.varify.io *.clarity.ms www.facebook.com p2iqhncxyh.execute-api.eu-central-1.amazonaws.com pagead2.googlesyndication.com www.google.com google.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' *.helsana.ch fonts.googleapis.com translate.googleapis.com;style-src-elem 'self' 'unsafe-inline' *.helsana.ch fonts.googleapis.com translate.googleapis.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com d3dc1lgancj6l0.cloudfront.net interaktiv.contilla.de use.fontawesome.com;img-src 'self' data: *.helsana.ch *.pinterest.com s0.2mdn.net bat.bing.com www.facebook.com connect.facebook.net cm.everesttech.net dpm.demdex.net apple-resources.s3.amazonaws.com  *.applemediaservices.com *.googlesyndication.com *.gstatic.com maps.googleapis.com www.googleadservices.com www.googletagmanager.com www.google-analytics.com *.doubleclick.net  t.co *.linkedin.com *.google.com *.google.ch *.google.de *.google.fr *.google.li *.google.it *.google.ad *.google.ae *.google.al *.google.at *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.cn *.google.cz *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.ga *.google.gr *.google.ht *.google.hr *.google.hu *.google.ie *.google.iq *.google.jo *.google.lk *.google.lt *.google.lu *.google.lv *.google.me *.google.mg *.google.ml *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.rw *.google.sc *.google.se *.google.si *.google.sk *.google.sn *.google.tg *.google.tn *.google.tt *.google.vg *.google.co.ao *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ma *.google.co.th *.google.co.uk *.google.co.za *.google.com.af *.google.com.ar *.google.com.au *.google.com.bh *.google.com.bo *.google.com.br *.google.com.co *.google.com.cy *.google.com.ec *.google.com.eg *.google.com.gh *.google.com.hk *.google.com.kh *.google.com.lb *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ni *.google.com.pe *.google.com.pk *.google.com.py *.google.com.sa *.google.com.sg *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.vn userlike-cdn-operators.s3-eu-west-1.amazonaws.com d3upe020n1uosc.cloudfront.net www.userlike.com userlike-store-media-files.s3.amazonaws.com i.ytimg.com interaktiv.contilla.de;font-src 'self' data: *.gstatic.com d3dc1lgancj6l0.cloudfront.net use.fontawesome.com *.helsana.ch;media-src 'self' data: blob: *.helsana.ch d3dc1lgancj6l0.cloudfront.net userlike-store-media-files.s3.amazonaws.com www.userlike.com;object-src 'none';worker-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.helsana.ch cdn.cookielaw.org static.ads-twitter.com analytics.twitter.com *.pinterest.com s.pinimg.com *.gstatic.com api.microsofttranslator.com bat.bing.com www.google.ch www.google.com www.google.de www.google.fr *.googlesyndication.com *.doubleclick.net www.googletagservices.com consentcdn.cookiebot.com analytics.twitter.com snap.licdn.com www.googleadservices.com www.google-analytics.com connect.facebook.net consent.cookiebot.com cdn.tt.omtrdc.net  maps.googleapis.com www.googletagmanager.com  assets.adobedtm.com api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com d3dc1lgancj6l0.cloudfront.net;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' blob: *.helsana.ch cdn.cookielaw.org static.ads-twitter.com snap.licdn.com analytics.twitter.com *.pinterest.com s.pinimg.com *.gstatic.com api.microsofttranslator.com bat.bing.com  www.google.ch www.google.com www.google.de www.google.fr *.googlesyndication.com *.doubleclick.net www.googletagservices.com consentcdn.cookiebot.com www.googleadservices.com www.google-analytics.com connect.facebook.net consent.cookiebot.com cdn.tt.omtrdc.net maps.googleapis.com www.googletagmanager.com cdnjs.cloudflare.com assets.adobedtm.com api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com d3dc1lgancj6l0.cloudfront.net interaktiv.contilla.de analytics.tiktok.com;connect-src 'self' wss:\/\/*.helsana.ch *.helsana.ch maps.googleapis.com privacyportal-eu.onetrust.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com *.cookielaw.org api.sitesearch360.com *.ads-twitter.com *.linkedin.com *.pinterest.com api.openweathermap.org  www.facebook.com www.bing.com bat.bing.com *.googlesyndication.com  *.google.com *.doubleclick.net www.google-analytics.com  tt.omtrdc.net dpm.demdex.net wss:\/\/umd.userlike.com umd.userlike.com api.userlike.com d3upe020n1uosc.cloudfront.net www.userlike.com api.friendlycaptcha.com eu-api.friendlycaptcha.eu interaktiv.contilla.de;frame-src 'self' *.helsana.ch *.pinterest.ch *.pinterest.com *.google.com *.googlesyndication.com bid.g.doubleclick.net  consentcdn.cookiebot.com www.youtube.com fls.doubleclick.net assets.adobedtm.com  www.facebook.com api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com d3dc1lgancj6l0.cloudfront.net www.youtube.com player.vimeo.com *.undpartner.digital;frame-ancestors 'self' *.helsana.ch;report-uri https:\/\/helsana.report-uri.com\/r\/d\/csp\/wizard;report-to wizard;","count":2},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'report-sample' cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/polyfill-fastly.io https:\/\/unpkg.com maps.google.com; style-src 'self' 'report-sample' https:\/\/cdn.jsdelivr.net https:\/\/unpkg.com; webrtc 'block'; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; report-uri https:\/\/www.electronics.org\/log-report-uri\/reportOnly","count":2},{"content-security-policy-report-only":" default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval'             *.googleapis.com fonts.gstatic.com *.fontawesome.com *.aspnetcdn.com *.jsdelivr.net *.googletagmanager.com              *.googleadservices.com s.adroll.com wss:\/\/*.hotjar.com\/api\/v2\/client\/ws *.jquery.com;              img-src data: *;              frame-ancestors 'self';              object-src 'none';              form-action 'self';              base-uri 'self';              media-src s3.amazonaws.com;              report-uri \/csp\/;","count":2},{"content-security-policy-report-only":" font-src *.typekit.net data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/www.facebook.com https:\/\/www.googletagmanager.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com www.novaturas.lt dev-lt-novaturas.readymage.com * 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com www.novaturas.lt  https:\/\/track.adform.net https:\/\/www.googletagmanager.com https:\/\/www.google.com *.doubleclick.net https:\/\/www.facebook.com *.pinterest.com https:\/\/master.d28zlv4dg2b2g7.amplifyapp.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com validator.swagger.io https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/img.youtube.com 'self' https:\/\/localhost https:\/\/novaturas-gwe-1661146907.readymage.com https:\/\/novaturas-gwe-1661146907.readymage-media.com https:\/\/prod-lt-novaturas.readymage.com https:\/\/www.google.com https:\/\/hatscripts.github.io https:\/\/www.google-analytics.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ s7.addthis.com 'unsafe-inline' 'unsafe-eval' https:\/\/static.hotjar.com https:\/\/googleads.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/www.google.com https:\/\/s2.adform.net  https:\/\/track.adform.net https:\/\/cdn.mxapis.com\/service-worker.js https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/svht.tradedoubler.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com *.googletagmanager.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/static.klaviyo.com 'unsafe-inline' 'unsafe-eval' *.typekit.net unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ ekr.zdassets.com\/ 'self' https:\/\/bam.eu01.nr-data.net https:\/\/staging.nov.indvp.com https:\/\/pim.novatours.eu https:\/\/development.nov.indvp.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com ws: api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' https:\/\/dev-lt-novaturas.readymage.com https:\/\/stage-lt-novaturas.readymage.com https:\/\/staging.nov.indvp.com https:\/\/pim.novatours.eu https:\/\/development.nov.indvp.com https:\/\/novaturas-gwe-1661146907.readymage-media.com https:\/\/use.typekit.net https:\/\/www.googletagmanager.com https:\/\/localhost 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.sagepay.com *.opayo.eu.elavon.com *.fontawesome.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.usablenet.com *.udev1a.net *.narvar.com *.narvar.qa *.tawk.to data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.sagepay.com *.opayo.eu.elavon.com *.arcot.com *.rsa3dsauth.co.uk *.rsa3dsauth.com *.boc.cn *.afs.com.bh *.enfuce.com *.cardcenter.ch *.nexigroup.com *.pluscard.de *.qiib.com.qa *.paylife.at *.redsys.es *.3dsecure.no *.modirum.com *.edb.com *.viseca.ch *.apata.io *.capitalone.com *.dnp-cdms.jp *.revolut.com *.bankserv.co.za *.swisscard.ch *.six-group.com *.marqeta.com *.cardinalcommerce.com *.wlp-acs.com *.imbank.com *.tsys.co.uk *.sia.eu *.garanti.com.tr *.commerzbank.de *.cmbchina.com *.alahli.com *.mycardsecure.com *.gps.com.bh *.citibank.com *.wibmo.com *.dkb.de *.monzo.com *.alinma.com *.nccc.com.tw *.starlingbank.com *.danskebank.com *.pekao24.pl *.lloydsbank.co.uk\/ *.lloydsbank.com\/ *.lloydsbankinggroup.com\/ *.channel-cards-auth-api.lloydsbankinggroup.com\/ *.sparebank1.no *.rabobank.nl *.s-id-check-sparkassen.de *.sparkassen-kreditkarten.de *.mbank.pl *.secure2gw.ro *.btrl.ro *.cafis-paynet.jp *.borica.bg *.fibank.bg *.cic.fr *.zaba.hr *.citibank.co.in *.centrum24.pl *.bankmillennium.pl *.icps.mu *.egolomt.mn *.lcl.fr *.ctbcbank.com *.qiwi.com *.postfinance.ch *.citadele.lv *.kib.com.kw *.cathaybk.com.tw *.pkobp.pl *.acdcproc.com *.abanca.com *.n26.com *.klikbca.com *.psa.at *.sumup.com *.eglobal.com.mx *.pl.ing.com *.qnb.com *.rpc-raiffeisen.com *.sebkort.com *.ocbc.com *.tapngo.com.hk *.stcpay.com.sa *.creditmutuel.fr *.luottokunta.fi *.swedbank.se *.unibank.am *.estcard.ee *.hyundaicard.com *.privatbank.ua *.fssnet.co.in *.kbcard.com *.luminorgroup.com *.mashreq.com *.mercurypaymentservices.it *.moneta.cz *.sensebank.com.ua *.sibs.pt *.stripeauthentications.com *.dskbank.bg *.otpbank.hu *.techcombank.com.vn *.touch.tech *.asseco-see.hr *.3dsecure-csas.cz *.cyris.com *.secureacs.com *.acb.com.vn https:\/\/logistics-stage.ecpay.com.tw\/Express\/map https:\/\/logistics.ecpay.com.tw\/Express\/map https:\/\/logistics-stage.ecpay.com.tw\/helper\/printTradeDocument https:\/\/logistics.ecpay.com.tw\/helper\/printTradeDocument *.twitter.com *.usablenet.com *.udev1a.net https:\/\/plumrocket.com *.authorize.net *.tawk.to 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.affirm.com *.affirm.ca *.certcapture.com *.sagepay.com *.opayo.eu.elavon.com *.arcot.com *.rsa3dsauth.co.uk *.rsa3dsauth.com *.boc.cn *.afs.com.bh *.enfuce.com *.cardcenter.ch *.pluscard.de *.qiib.com.qa *.nexigroup.com *.paylife.at *.redsys.es *.3dsecure.no *.modirum.com *.edb.com *.viseca.ch *.apata.io *.capitalone.com *.dnp-cdms.jp *.revolut.com *.bankserv.co.za *.swisscard.ch *.six-group.com *.marqeta.com *.cardinalcommerce.com *.wlp-acs.com *.imbank.com *.tsys.co.uk *.sia.eu *.garanti.com.tr *.commerzbank.de *.cmbchina.com *.alahli.com *.mycardsecure.com *.gps.com.bh *.citibank.com *.wibmo.com *.dkb.de *.monzo.com *.alinma.com *.nccc.com.tw *.starlingbank.com *.danskebank.com *.pekao24.pl *.lloydsbank.co.uk\/ *.lloydsbank.com\/ *.lloydsbankinggroup.com\/ *.channel-cards-auth-api.lloydsbankinggroup.com\/ *.sparebank1.no *.rabobank.nl *.s-id-check-sparkassen.de *.sparkassen-kreditkarten.de *.mbank.pl *.secure2gw.ro *.btrl.ro *.cafis-paynet.jp *.borica.bg *.fibank.bg *.cic.fr *.zaba.hr *.citibank.co.in *.centrum24.pl *.bankmillennium.pl *.icps.mu *.egolomt.mn *.lcl.fr *.ctbcbank.com *.qiwi.com *.postfinance.ch *.citadele.lv *.kib.com.kw *.cathaybk.com.tw *.pkobp.pl *.acdcproc.com *.abanca.com *.n26.com *.klikbca.com *.psa.at *.sumup.com *.eglobal.com.mx *.pl.ing.com *.qnb.com *.rpc-raiffeisen.com *.sebkort.com *.ocbc.com *.tapngo.com.hk *.stcpay.com.sa *.creditmutuel.fr *.luottokunta.fi *.swedbank.se *.unibank.am *.estcard.ee *.hyundaicard.com *.privatbank.ua *.fssnet.co.in *.kbcard.com *.luminorgroup.com *.mashreq.com *.mercurypaymentservices.it *.moneta.cz *.sensebank.com.ua *.sibs.pt *.stripeauthentications.com *.dskbank.bg *.otpbank.hu *.techcombank.com.vn *.touch.tech *.asseco-see.hr *.3dsecure-csas.cz *.cyris.com *.secureacs.com *.acb.com.vn landofcoder.com maps.googleapis.com chart.googleapis.com *.twitter.com *.usablenet.com *.udev1a.net https:\/\/plumrocket.com *.authorize.net https:\/\/accounts.google.com *.tawk.to 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.affirm.com *.affirm.ca *.certcapture.com *.sagepay.com *.opayo.eu.elavon.com ebizmarts-website.s3.amazonaws.com magefan.com cm.magefan.com *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.usablenet.com *.udev1a.net *.clarity.ms *.bing.com *.nofraud.com *.googletagmanager.com *.doubleclick.net *.facebook.net *.facebook.com *.facebook.com\/tr\/ *.tiktok.com *.googlesyndication.com *.google.com *.criteo.com *.google.co.za *.google.co.uk *.google.co.jp *.narvar.com *.narvar.qa hexagon-analytics.com *.tawk.to cdn.jsdelivr.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.affirm.com *.affirm.ca *.certcapture.com *.sagepay.com *.opayo.eu.elavon.com landofcoder.com maps.googleapis.com chart.googleapis.com *.mookie1.com 'self' *.paypal.com *.sandbox.paypal.com *.googletagmanager.com *.plumrocket.com *.tawk.to *.bam-cell.nr-data.net *.gstatic.com *.usablenet.com *.udev1a.net *.nofraud.com *.clarity.ms *.mmapiws.com *.googleadservices.com *.doubleclick.net *.google-analytics.com *.facebook.net *.facebook.com *.facebook.com\/tr\/ *.tiktok.com *.criteo.com *.bing.com cdn.sift.com api3.veritrans.co.jp *.authorize.net https:\/\/accounts.google.com https:\/\/www.gstatic.com cdn.jsdelivr.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com *.sagepay.com *.opayo.eu.elavon.com *.fontawesome.com self *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.usablenet.com *.udev1a.net *.bing.com *.criteo.com https:\/\/accounts.google.com https:\/\/www.gstatic.com *.tawk.to cdn.jsdelivr.net 'self' 'unsafe-inline'; object-src landofcoder.com maps.googleapis.com chart.googleapis.com 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.narvar.com *.narvar.qa 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.affirm.com *.affirm.ca *.certcapture.com *.sagepay.com *.opayo.eu.elavon.com landofcoder.com maps.googleapis.com chart.googleapis.com self *.cloudflare.com *.twitter.com *.twimg.com *.usablenet.com *.udev1a.net *.nofraud.com *.clarity.ms *.mmapiws.com *.googletagmanager.com *.googleadservices.com *.doubleclick.net *.google-analytics.com *.facebook.net *.facebook.com *.facebook.com\/tr\/ *.tiktok.com *.criteo.com api3.veritrans.co.jp *.authorize.net https:\/\/accounts.google.com *.tawk.to wss:\/\/*.tawk.to 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/mcstaging.mikimoto.com\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src 'none'; connect-src 'self' www.google.com https:\/\/cdncache-a.akamaihd.net wss wss:\/\/generatorhostels.com ws1.hotjar.com ws2.hotjar.com ws3.hotjar.com ws4.hotjar.com ws5.hotjar.com graylog.hotjar.com cdnjs.cloudflare.com ajax.googleapis.com www.google-analytics.com stats.g.doubleclick.net wss:\/\/ws2.hotjar.com wss:\/\/ws3.hotjar.com wss:\/\/ws4.hotjar.com insights.hotjar.com generatorweb.sihot.com; font-src data null generatorweb.sihot.com maxcdn.bootstrapcdn.com fonts.gstatic.com 'self'; manifest-src 'self' generatorhostels.com; object-src 'self' generatorhostels.com; frame-src 'self' service.securesrv12.com secure.liveshoppersmac.com 3dsecure.klikbca.com geschuetzteinkaufen.commerzbank.de acs.sia.eu vcas1.visa.com www.securesuite.net acs1.edb.com secure5.arcot.com aacsw.3ds.verifiedbyvisa.com tpc.googlesyndication.com sas.redsys.es cdncache-a.akamaihd.net mastercardsecurecode.secureacs.com acs1.swedbank.se analytics-google.net https:\/\/acs2-3dsecure.cic.fr https:\/\/braip.com.br www.securesuite.co.uk secure.edb.com tsys.arcot.com secure7.arcot.com www.googletagmanager.com mozbar.moz.com www.facebook.com acs.airplus.com connect.facebook.net saferpay.com www.saferpay.com generatorweb.sihot.com generatorhostels.com bid.g.doubleclick.net staticxx.facebook.com vars.hotjar.com www.google.com www.instagram.com www.youtube.com w.soundcloud.com; img-src googleads.g.doubleclick.net butstrap.space https:\/\/spedcheck.space www.gstatic.com www.google.ge www.google.pl www.google.ru www.google.cm www.google.com.eg www.google.co.kr www.google.com.np www.google.co.th www.google.dz www.google.no www.google.com.hk www.google.com.mm www.google.co.il www.google.az www.google.sk www.google.ie www.google.com.pe lh3.ggpht.com www.google.de www.google.cz www.google.co.za www.google.se www.google.dk www.google.gr www.google.lv www.google.com.tw https:\/\/gateway.zscalertwo.net www.google.com.ph www.google.com.uy www.google.fi www.google.com.ua www.google.com.cy www.google.com.jm www.google.im www.google.co.ve www.google.com.sg www.google.ca www.google.es www.google.kg www.google.be www.google.at www.google.pt www.google.fr www.google.it www.google.com.br www.google.com.ar https:\/\/gallery.mailchimp.com www.google.ch www.google.me www.google.com.ec www.google.ro www.google.kg www.google.nl www.google.com.mx https:\/\/canvaspl-a.akamaihd.net https:\/\/cdnstats-a.akamaihd.net www.google.com.lb www.google.com.co www.google.com.tr www.google.cl www.google.dk www.google.co.in www.google.hr www.gstatic.com generatorweb.sihot.com generatorstorage.blob.core.windows.net generatorhostels.com cbks0.googleapis.com csi.gstatic.com data: geo0.ggpht.com geo1.ggpht.com geo2.ggpht.com geo3.ggpht.com img.youtube.com khms0.googleapis.com khms1.googleapis.com maps.googleapis.com maps.gstatic.com 'self' generator.azureedge.net ssl.google-analytics.com stats.g.doubleclick.net web.facebook.com www.facebook.com www.google.co.uk www.google.com www.google-analytics.com ajax.googleapis.com; media-src 'self' data:; script-src 'self' data blob about asset tpc.googlesyndication.com cdnjs.cloudflare.com cdn.jsdelivr.net www.thehotelsnetwork.com cdn.scarabresearch.com fdz.octapi.net data1.iti-maps.fr data1.itineraire.info asset about spedcheck.space rules.similardeals.net tags.clickintext.net lb.apicit.net butstrap.space https:\/\/cdncache-a.akamaihd.net secure.liveshoppersmac.com generatorweb.sihot.com maxcdn.bootstrapcdn.com ajax.googleapis.com api.instagram.com connect.facebook.net eval: googleads.g.doubleclick.net inline: maps.googleapis.com platform.instagram.com s.ytimg.com script.hotjar.com 'self' ssl.google-analytics.com static.hotjar.com 'unsafe-eval' 'unsafe-inline' www.googleadservices.com www.google-analytics.com www.googletagmanager.com www.instagram.com www.youtube.com; style-src ajax.googleapis.com fonts.googleapis.com inline: 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com generatorweb.sihot.com; report-uri https:\/\/crafted.report-uri.com\/r\/d\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.google.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.avada.io *.shopify.com *.google.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/www.googletagmanager.com\/ https:\/\/*.doubleclick.net\/ https:\/\/static.hotjar.com\/ https:\/\/cdn.cookielaw.org\/ https:\/\/imasdk.googleapis.com\/ https:\/\/*.hotjar.io\/ https:\/\/connect.facebook.net\/ https:\/\/*.facebook.com\/ https:\/\/*.facebook.net\/ https:\/\/analytics.tiktok.com\/ https:\/\/galt.hit.gemius.pl\/ https:\/\/cdn.ampproject.org\/ https:\/\/*.googlesyndication.com\/ https:\/\/*.adtrafficquality.google\/ https:\/\/*.2mdn.net\/ https:\/\/*.hotjar.com\/ https:\/\/connect.facebook.net\/ https:\/\/analytics.tiktok.com\/ https:\/\/cdn.cookielaw.org\/ https:\/\/www.googletagmanager.com\/ https:\/\/*.hotjar.io\/; style-src 'self' 'unsafe-inline' https:\/\/cdn.cookielaw.org\/ https:\/\/fonts.googleapis.com\/ https:\/\/www.biathlonworld.com\/embedded-player.css https:\/\/www.atletiek.nl\/build\/css\/css-ebu.build.css; img-src 'self' data: https:\/\/imageservice.evsports.opentv.com\/images\/v1\/image\/Sport\/ https:\/\/cabi.evsports.sports.opentv.com\/ https:\/\/*.sports.opentv.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/static.hotjar.com\/ https:\/\/cdn.cookielaw.org\/logos\/ https:\/\/www.google.com\/ https:\/\/www.google.co.uk\/ https:\/\/www.facebook.com\/ https:\/\/*.g.doubleclick.net\/ https:\/\/*.adtrafficquality.google\/pagead\/ https:\/\/*.googlesyndication.com\/ https:\/\/www.ebu.ch\/files\/live\/sites\/ebu\/files\/images\/ https:\/\/*.cloudfront.net\/EBU\/; font-src 'self' data: https:\/\/fonts.gstatic.com\/; connect-src 'self' https:\/\/cdn.cookielaw.org\/ https:\/\/api.evsports.opentv.com\/metadata\/delivery\/ https:\/\/www.google.com\/pagead\/form-data\/ https:\/\/www.google.com\/ccm\/ https:\/\/www.google.com\/rmkt\/collect\/ https:\/\/*.sports.opentv.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/*.googlesyndication.com\/ https:\/\/*.gstatic.com\/ https:\/\/*.adtrafficquality.google\/getconfig\/sodar https:\/\/securepubads.g.doubleclick.net\/ https:\/\/analytics.tiktok.com\/ https:\/\/www.facebook.com\/ https:\/\/*.tiktokw.us\/ https:\/\/*.hotjar.com\/ https:\/\/galt.hit.gemius.pl\/ https:\/\/firebase.googleapis.com\/ https:\/\/firebaseremoteconfig.googleapis.com\/v1\/projects\/eurovision-sport-prod-772510\/ https:\/\/firebaseinstallations.googleapis.com\/v1\/projects\/eurovision-sport-prod-772510\/ https:\/\/firebaseremoteconfig.googleapis.com\/v1\/projects\/eurovision-sport-dev-511366\/ https:\/\/firebaseinstallations.googleapis.com\/v1\/projects\/eurovision-sport-dev-511366\/ https:\/\/*.facebook.com\/ https:\/\/*.fbcdn.net\/ https:\/\/*.facebook.net\/ https:\/\/*.google-analytics.com\/ https:\/\/*.onetrust.com\/ https:\/\/*.hotjar.io\/ wss:\/\/ws.hotjar.com\/ https:\/\/*.akamaized.net\/ https:\/\/*.anycast.nagra.com\/ https:\/\/evs-dtvsports-vod-secure2.akamaized.net\/ https:\/\/*.ampproject.org\/ https:\/\/api.evsports.opentv.com\/ https:\/\/api.evsports.opentv.com\/useractivityvault\/v1\/useractivity\/; frame-src https:\/\/ads.eurovisionsport.com https:\/\/files.eurovisionsport.com\/ https:\/\/www.google.com\/ https:\/\/*.adtrafficquality.google\/ https:\/\/www.googletagmanager.com\/ https:\/\/*.g.doubleclick.net\/ https:\/\/*.safeframe.googlesyndication.com\/ http:\/\/imasdk.googleapis.com\/ https:\/\/www.googleadservices.com\/ http:\/\/console.googletagservices.com\/ https:\/\/www.ebu.ch\/ https:\/\/eurovisionsport.com\/ http:\/\/ls.hit.gemius.pl\/ https:\/\/pagead2.googlesyndication.com\/; media-src blob: https:; object-src 'none'; base-uri 'self'; form-action 'self'; report-uri \/api\/csp-report; report-to csp-endpoint;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/components-bnpl-pe-bbva-moprestamo-com.s3.amazonaws.com data: *.fontawesome.com fonts.googleapis.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com static.zdassets.com www.gstatic.com script.hotjar.com static.hotjar.com googleadservices.com maps.googleapis.com\/ webpay3g.transbank.cl webpay3gint.transbank.cl *.google.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com static.zdassets.com www.gstatic.com static.hotjar.com script.hotjar.com googleadservices.com maps.googleapis.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.moprestamo.com cdn.dnky.co amc.demdex.net www.google.com www.facebook.com youtube.com https:\/\/accounts.google.com *.izipay.pe *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com vars.hotjar.com *.doubleclick.net *.pinterest.com *.tryadviser.com *.webviewer.appar.io *.paperless.com.pe *.extranetrosen.cl static-content.vnforapps.com 'self' 'unsafe-inline'; img-src *.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: *.moprestamo.com maps.gstatic.com maps.googleapis.com accounts.google.com www.facebook.com magefan.com cm.magefan.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com connect.facebook.net graph.facebook.com business.facebook.com www.extranetrosen.cl *.hsforms.com track.hubspot.com mercadopago.cl www.mercadopago.cl www.google.com.pe static.zdassets.com www.gstatic.com static.hotjar.com script.hotjar.com *.pinterest.com *.sendtric.com *.tryadviser.com *.adnxs.com *.linkedin.com *.doubleclick.net *.rosen.cl *.rosen.com.pe *.sonataplatform.com *.googleadservices.com *.google-analytics.com cdn.ckeditor.com google.com.ar https:\/\/www.mercadopago.com.pe https:\/\/www.google.com.ar https:\/\/www.google.es data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.dpm.demdex.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.magento-datasolutions.com *.moprestamo.com cdn.dnky.co r1-t.trackedlink.net www.gstatic.com js-agent.newrelic.com bam.nr-data.net maps.googleapis.com connect.facebook.net player.vimeo.com *.izipay.pe *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com graph.facebook.com business.facebook.com https:\/\/maps.googleapis.com www.extranetrosen.cl static.zdassets.com js.hs-scripts.com js.hs-analytics.net js.hscollectedforms.net js.hs-banner.com www.googleoptimize.com static.hotjar.com *.google.cl script.hotjar.com js.hsleadflows.net *.pinimg.com www.youtube.com *.tryadviser.com *.adnxs.com *.hsadspixel.net *.verificado.ai api.verificado.ai snap.licdn.com *.google-analytics.com *.commerce.adobe.net *.magento.com *.hscollectedforms.net *.doubleclick.net *.omtrdc.net *.googletagmanager.com *.rosen.cl *.rosen.com.pe *.sonataplatform.com *.mouseflow.com *.hubspot.com *.vnforapps.com rum.hlx.page dev.visualwebsiteoptimizer.com data.appar.io *.pinterest.com *.gstatic.com cdn.ckeditor.com\/ pinterest.com https:\/\/www.googletagmanager.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.moprestamo.com cdn.dnky.co https:\/\/accounts.google.com *.fontawesome.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.rosen.cl *.rosen.com.pe www.extranetrosen.cl *.tryadviser.com *.googleapis.com *.gstatic.com fonts.googleapis.com\/ cdn.ckeditor.com\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.magento-datasolutions.com *.magento-ds.com maps.googleapis.com api.comapi.com bam.nr-data.net https:\/\/accounts.google.com *.izipay.pe *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com static.zdassets.com v2.zopim.com ekr.zdassets.com rollbar-eu.zendesk.com wa.me *.hubspot.com stats.g.doubleclick.net rosen.zendesk.com wss:\/\/widget-mediator.zopim.com *.hotjar.com vc.hotjar.io www.facebook.com public.delivery.janisqa.in public.delivery.janis.in *.google.cl *.pinterest.com wss:\/\/*.hotjar.com *.hscollectedforms.net *.hubapi.com *.amazonaws.com *.amazon.com *.zendesk.com *.linkedin.com ad.doubleclick.net dev.visualwebsiteoptimizer.com *.google-analytics.com maps.googleapis.com\/ *.visualwebsiteoptimizer.com http:\/\/localhost:12387 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/js.qualified.com https:\/\/js.chilipiper.com https:\/\/js-eu1.hsforms.net https:\/\/js-eu1.hs-scripts.com https:\/\/unpkg.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https:\/\/api.qualified.com https:\/\/js.qualified.com https:\/\/api.chilipiper.com https:\/\/*.hubspot.com https:\/\/*.hubapi.com; img-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; frame-src https:\/\/*.hubspot.com https:\/\/js.chilipiper.com;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com https:\/\/*.gstatic.com data: 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com https:\/\/widgets.trustedshops.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.sendcloud.sc *.jsdelivr.net js.mollie.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.googleapis.com https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com https:\/\/belco-prod.s3-eu-central-1.amazonaws.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.sooqr.com *.spotlersearch.com www.magmodules.eu *.squeezely.tech *.amazonaws.com https:\/\/firebasestorage.googleapis.com https:\/\/www.mollie.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.googlesyndication.com *.jsdelivr.net https:\/\/cdn.belco.io https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.sooqr.com *.spotlersearch.com spotlersearchanalytics.com squeezely.tech www.squeezely.tech *.squeezely.tech *.sendcloud.sc *.avada.io *.shopify.com js.mollie.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com https:\/\/*.googleapis.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com assets.braintreegateway.com *.sooqr.com *.spotlersearch.com *.sendcloud.sc *.jsdelivr.net *.fontawesome.com https:\/\/fonts.bunny.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com wss:\/\/chat.belco.io https:\/\/cdn.belco.io *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.sooqr.com *.spotlersearch.com squeezely.tech *.squeezely.tech *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com https:\/\/get.geojs.io *.avada.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' l.getsitecontrol.com www.googletagmanager.com region1.google-analytics.com www.google-analytics.com static.ads-twitter.com www.loom.com youtube.com www.youtube.com *.semaphoreci.com *.semaphore.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: secure.gravatar.com s.w.org www.google-analytics.com www.googletagmanager.com static.ads-twitter.com t.co analytics.twitter.com img.youtube.com *.semaphoreci.com *.semaphore.io; font-src 'self' fonts.gstatic.com data:; frame-src youtube.com www.youtube.com www.loom.com calendar.google.com www.googletagmanager.com; media-src audio.buzzsprout.com; connect-src 'self' https:\/\/region1.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/l.getsitecontrol.com; report-uri https:\/\/sentry.io\/api\/4509293704970240\/security\/?sentry_key=de4512f268813ed97e73abec15d22aab","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com https:\/\/fonts.bunny.net *.spotify.com https:\/\/dimedic.eu https:\/\/*.dimedic.eu https:\/\/geowidget.easypack24.net 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com sandbox.przelewy24.pl secure.przelewy24.pl 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com pay.google.com apm.przelewy24.pl *.spotify.com https:\/\/aptekaradicula.pl *.googletagmanager.com https:\/\/dimedic.eu https:\/\/*.dimedic.eu https:\/\/geowidget-app.inpost.pl\/ https:\/\/sandbox-easy-geowidget.easypack24.net\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/images.unsplash.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com magefan.com cm.magefan.com *.disqus.com tile.openstreetmap.org mapa.orlenpaczka.pl ruch-osm.sysadvisors.pl https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com static.przelewy24.pl gstatic.com *.spotify.com media.recepta.pl https:\/\/dimedic.eu https:\/\/*.dimedic.eu https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.googletagmanager.com tagmanager.google.com *.disqus.com https:\/\/cdn.jsdelivr.net mapa.orlenpaczka.pl *.avada.io *.shopify.com sandbox.przelewy24.pl secure.przelewy24.pl pay.google.com apm.przelewy24.pl *.spotify.com *.cookiefirst.com static.recepta.pl mailing.pgf.com.pl an.gr-wcon.com us-an.gr-cdn.com svht.tradedoubler.com swrap.tradedoubler.com bat.bing.com connect.facebook.net https:\/\/dimedic.eu https:\/\/*.dimedic.eu https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org *.hsforms.net *.hsforms.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com tagmanager.google.com fonts.google.com https:\/\/cdn.jsdelivr.net *.fontawesome.com https:\/\/fonts.bunny.net *.spotify.com *.googleapis.com *.google.com static.recepta.pl https:\/\/dimedic.eu https:\/\/*.dimedic.eu https:\/\/geowidget.easypack24.net https:\/\/geowidget.inpost.pl *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/geowidget.easypack24.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com nominatim.openstreetmap.org https:\/\/get.geojs.io *.avada.io sandbox.przelewy24.pl secure.przelewy24.pl wss:\/\/sandbox-ws.przelewy24.pl wss:\/\/secure-ws.przelewy24.pl apple-pay-gateway.apple.com apm.przelewy24.pl *.spotify.com ga2.getresponse.com stats.g.doubleclick.net *.cookiefirst.com https:\/\/dimedic.eu https:\/\/*.dimedic.eu *.easypack24.net *.inpost.pl *.openstreetmap.org t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/code.jquery.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.userecho.com https:\/\/yandex.ru\/ https:\/\/*.yandex.ru https:\/\/*.maps.yandex.net https:\/\/yastatic.net; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com; img-src 'self' data: https:\/\/*.starline.ru https:\/\/*.maps.yandex.net https:\/\/*.google.com https:\/\/enterprise.api-maps.yandex.ru https:\/\/cdn.userecho.com https:\/\/*.openstreetmap.org http:\/\/yandex.st\/ https:\/\/yandex.st\/ https:\/\/mc.yandex.ru https:\/\/yastatic.net; connect-src 'self' ws:\/\/*.starline.ru wss:\/\/rpl.starline-online.ru https:\/\/mc.yandex.ru https:\/\/geocode.starline.ru; frame-src 'self' https:\/\/*.google.com https:\/\/mc.yandex.ru\/ https:\/\/arkan.ru;","count":2},{"content-security-policy-report-only":" img-src https:\/\/higherlogicdownload.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/img.youtube.com\/vi\/ https:\/\/static.filestackapi.com\/picker\/ https:\/\/d2x5ku95bkycr3.cloudfront.net https:\/\/higherlogiclongterm.s3.amazonaws.com\/CONSERVATIONUS\/ blob: https:\/\/d132x6oi8ychic.cloudfront.net 'self'; style-src https:\/\/d132x6oi8ychic.cloudfront.net 'unsafe-inline' https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/ajax.googleapis.com\/ajax\/libs\/jqueryui\/ https:\/\/use.fortawesome.com\/ https:\/\/cdn.higherlogic.com\/ai-assistant https:\/\/static.filestackapi.com\/picker\/ https:\/\/fonts.googleapis.com\/ https:\/\/d3uf7shreuzboy.cloudfront.net\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/higherlogiclongterm.s3.amazonaws.com\/CONSERVATIONUS\/ 'self'; font-src https:\/\/fonts.googleapis.com\/ https:\/\/fonts.gstatic.com\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/higherlogicdownload.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/CONSERVATIONUS\/ 'self' https:\/\/higherlogiclongterm.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/maxcdn.bootstrapcdn.com\/font-awesome\/ https:\/\/d2x5ku95bkycr3.cloudfront.net https:\/\/d132x6oi8ychic.cloudfront.net data:; script-src-elem https:\/\/www.google.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-ui-1.13.3.min.js https:\/\/d3uf7shreuzboy.cloudfront.net\/ https:\/\/static.filestackapi.com\/picker\/ https:\/\/cdn.higherlogic.com\/ai-assistant https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-3.7.1.min.js https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/static.filestackapi.com\/filestack-js\/ 'self' https:\/\/ajax.aspnetcdn.com\/ajax\/ 'unsafe-eval' 'unsafe-inline'; media-src https:\/\/higherlogiclongterm.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/higherlogicstream.s3.amazonaws.com\/CONSERVATIONUS\/ 'self' https:\/\/d132x6oi8ychic.cloudfront.net; script-src https:\/\/higherlogiclongterm.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/ajax.aspnetcdn.com\/ajax\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-ui-1.13.3.min.js https:\/\/d132x6oi8ychic.cloudfront.net https:\/\/cdn.informz.net 'unsafe-eval' https:\/\/use.fortawesome.com\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/CONSERVATIONUS\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ 'unsafe-inline' https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/static.filestackapi.com https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-3.7.1.min.js https:\/\/d3uf7shreuzboy.cloudfront.net\/ 'self'; frame-src https:\/\/www.google.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/api.connectedcommunity.org\/ 'self' https:\/\/www.youtube.com\/embed\/; connect-src https:\/\/upload.filestackapi.com https:\/\/static.filestackapi.com https:\/\/cloud.filestackapi.com\/folder\/list\/ 'self' https:\/\/hl-managedservices.informz.net https:\/\/d3uf7shreuzboy.cloudfront.net\/ blob:; worker-src 'self'; default-src 'self'; base-uri 'self'; frame-ancestors https:\/\/*.connectedcommunity.org\/ 'self'; object-src 'none'; manifest-src 'self';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klevu.com *.ksearchnet.com *.cloudflare.com *.googleapis.com *.zopim.com *.tawk.to *.jsdelivr.net media.flixfacts.com 'unsafe-inline' data: *.yotpo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com *.facebook.com webchat.jdg.co.za *.jdg.co.za *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.hana.ondemand.com 'self'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com maps.googleapis.com chart.googleapis.com oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com *.nosto.com *.issuu.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.criteo.net *.criteo.com *.addthis.com *.facebook.com webchat.jdg.co.za *.jdg.co.za *.yotpo.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com 'unsafe-inline' data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.trackedlink.net *.klevu.com *.ksearchnet.com oppwa.com *.oppwa.com *.peachpayments.com *.eu-west-1.amazonaws.com mrpg.scene7.com cdn.media.amplience.net *.cloudflare.com *.google.com *.google.lv *.google.co.za *.google.com.na *.google.na *.zopim.com *.nosto.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.zopim.io *.sfdr.co sfdr.co *.tawk.to tawk.link *.tawk.link *.addthis.com *.jsdelivr.net *.facebook.com *.azurewebsites.net maps.googleapis.com app.mobicredwidget.co.za amcglobal.sc.omtrdc.net media.flixcar.com rt.flix360.com assets.secure.checkout.visa.com *.yotpo.com data: 'self' 'unsafe-inline'; script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com js.klevu.com *.ksearchnet.com maps.googleapis.com chart.googleapis.com *.oppwa.com oppwa.com *.peachpayments.com *.zopim.com *.videoly.co sfdr.co *.cnetcontent.com *.cloudfront.net *.klevu.com *.google.lv *.google.co.za *.google.com.na *.google.na *.cloudflare.com *.cloudflareinsights.com *.nosto.com *.hotjar.com *.googletagmanager.com *.criteo.net *.criteo.com *.sfdr.co *.tawk.to *.tawk.link *.jsdelivr.net *.addthis.com *.addthisedge.com *.moatads.com *.mouseflow.com *.facebook.com *.what3words.com commerce.adobedtm.com magento-recs-sdk.adobe.net static.zdassets.com app.mobicredwidget.co.za www.gstatic.com connect.facebook.net bam.nr-data.net js.testfreaks.com media.flixfacts.com media.flixcar.com security-hub.vaimo.network *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com webchat.dotdigital.com webchat.staging.dotdigital.com *.klevu.com *.ksearchnet.com oppwa.com *.oppwa.com *.peachpayments.com *.cloudflare.com *.googleapis.com *.jsdelivr.net www.gstatic.com media.flixcar.com 'unsafe-inline' data: *.yotpo.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src maps.googleapis.com chart.googleapis.com 'self' 'unsafe-inline'; media-src *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.klevu.com *.ksearchnet.com maps.googleapis.com chart.googleapis.com oppwa.com *.oppwa.com *.peachpayments.com *.testfreaks.com *.nosto.com *.hotjar.io *.hotjar.com *.doubleclick.net *.zendesk.com *.tawk.to wss:\/\/*.tawk.to *.tawk.link *.addthis.com *.addthisedge.com *.what3words.com *.googleapis.com vsb111.tawk.to ekr.zdassets.com api.magento.com commerce.adobedc.net app.mobicredwidget.co.za wss:\/\/widget-mediator.zopim.com bam.nr-data.net *.googletagmanager.com security-hub.vaimo.network 'unsafe-eval' data: *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/security-hub.vaimo.network\/public\/api\/content-security-policy.php; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/www.googletagmanager.com *.googleapis.com *.bootstrapcdn.com *.cloudflare.com 'self' data: *.hotjar.com *.hotjar.io data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * www.facebook.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com 'self' connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.doubleclick.net *.googlesyndication.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com 'self' data: *.googleapis.com *.openstreetmap.org *.googlesyndication.com *.google.com *.google.rs *.google.hr *.google.ba *.google.si *.google.bg *.google.me *.google.mk *.google.nl *.google.de *.google.be *.google.fr *.googleadservices.com www.facebook.com trengo.s3.eu-central-1.amazonaws.com ecom-stage.iutecredit.mk ecom.iutecredit.mk ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com magefan.com cm.magefan.com *.disqus.com connect.facebook.net graph.facebook.com business.facebook.com *.cmi.co.ma *.iprom.net iprom.net yandex.com yandex.md *.yandex.md *.yandex.com yandex.ru *.yandex.ru *.yads.tech yads.tech *.yango.com *.doubleclick.net t.adx.opera.com *.pandorashop.si *.pandorashop.hr *.pandorashop.ba *.pandorashop.rs *.pandorashop.mk *.pandorashop.me *.pandorashop-sa.com *.pandorashop.ma *.pandorashop.mt *.pandorashop-ks.com *.pandorashop.md data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com tagmanager.google.com https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com https:\/\/widget-cdn.boxnow.hr *.googlesyndication.com *.googleadservices.com *.google.com *.google.rs *.google.hr *.google.ba *.google.si *.google.bg *.google.me *.google.mk www.facebook.com *.widget.trengo.eu map.gls-croatia.com map.gls-czech.com map.gls-hungary.com map.gls-romania.com map.gls-slovenia.com map.gls-slovakia.com map.gls-serbia.com *.openstreetmap.org ecom-stage.iutecredit.mk ecom.iutecredit.mk chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com *.jquery.com *.oppwa.com oppwa.com *.mastercard.com *.visa.com *.iesnare.com *.requirejs.org *.disqus.com connect.facebook.net graph.facebook.com business.facebook.com *.hotjar.com *.hotjar.io onesignal.com *.onesignal.com *.criteo.com *.adsmurai.com gateway.bankart.si yandex.com yandex.md *.yandex.md *.yandex.com yandex.ru *.yandex.ru *.yads.tech yads.tech *.yango.com *.doubleclick.net t.adx.opera.com *.iprom.net iprom.net static.cloudflareinsights.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com *.bootstrapcdn.com ecom-stage.iutecredit.mk ecom.iutecredit.mk downloads.mailchimp.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com onesignal.com *.onesignal.com *.iprom.net iprom.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.widget.trengo.eu *.pandorashop.si *.pandorashop.hr *.pandorashop.ba *.pandorashop.rs *.pandorashop.mk *.pandorashop.me *.pandorashop-sa.com *.pandorashop.ma *.pandorashop.mt *.pandorashop-ks.com *.pandorashop.md 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com *.googleapis.com https:\/\/widget-cdn.boxnow.hr *.openstreetmap.org *.google.com *.google.rs *.google.hr *.google.ba *.google.si *.google.bg *.google.me *.google.mk *.google.nl *.google.de *.google.be *.google.fr *.googlesyndication.com *.doubleclick.net www.facebook.com *.trengo.eu map.gls-croatia.com map.gls-czech.com map.gls-hungary.com map.gls-romania.com map.gls-slovenia.com map.gls-slovakia.com map.gls-serbia.com ecom-stage.iutecredit.mk ecom.iutecredit.mk form-assets.mailchimp.com *.intuit.com *.amazonaws.com *.oppwa.com oppwa.com *.mastercard.com *.iesnare.com *.requirejs.org *.visa.com connect.facebook.net graph.facebook.com business.facebook.com wss:\/\/ws.hotjar.com *.hotjar.io yandex.com *.yandex.md *.yandex.com yandex.ru *.yandex.ru *.yads.tech *.yango.com cm.g.doubleclick.net t.adx.opera.com *.pandorashop.si *.pandorashop.hr *.pandorashop.ba *.pandorashop.rs *.pandorashop.mk *.pandorashop.me *.pandorashop-sa.com *.pandorashop.ma *.pandorashop.mt *.pandorashop-ks.com *.pandorashop.md 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src yandex.com yandex.md *.yandex.md *.yandex.com yandex.ru *.yandex.ru *.yads.tech yads.tech *.yango.com *.doubleclick.net t.adx.opera.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" report-uri https:\/\/d1aosrekaw7sk8.cloudfront.net\/reports; upgrade-insecure-requests; default-src 'self' 'unsafe-eval' 'unsafe-inline' ws: blob: data: tagging.dupixent.com ad.doubleclick.net iron-wsa01 ironport 8188202.fls.doubleclick.net ad.doubleclick.net adservice.google.com aim-tag.hcn.health ajax.googleapis.com analytics.google.com analytics.tiktok.com ap.lijit.com apis.google.com apps.healthgrades.com bat.bing.com bcbolt446c5271-a.akamaihd.net bcp.crwdcntrl.net bh.contextweb.com c.clarity.ms cdn.cookielaw.org cdn.di-capt.com cdn.jsdelivr.net cdnjs.cloudflare.com clientstream.launchdarkly.com cm.g.doubleclick.net code.jquery.com connect.facebook.net content.hotjar.io contextual.media.net d1lkfzu2puirk6.cloudfront.net di.rlcdn.com dpm.demdex.net eb2.3lift.com edge.api.brightcove.com fast.fonts.net feedback-pa.clients6.google.com fonts.cdnfonts.com fonts.googleapis.com fonts.googleapis.com fonts.gstatic.com form.typeform.com geolocation.onetrust.com googleads.g.doubleclick.net gum.criteo.com i.liadm.com i6.liadm.com ib.adnxs.com insight.adsrvr.org insights.algolia.io integrations.eu-de.assistant.watson.appdomain.cloud js.adsrvr.org manzanasjuegosco-a.akamaihd.net maps.googleapis.com maps.gstatic.com match.adsrvr.org match.deepintent.com match.sharethrough.com metrics.brightcove.com metrics.hotjar.io ms-cookie-sync.presage.io pixel.rubiconproject.com player.vimeo.com players.brightcove.net players.brightcove.net privacyportal-eu.onetrust.com px.ads.linkedin.com px4.ads.linkedin.com region1.analytics.google.com region1.google-analytics.com rialto-gms.s3.amazonaws.com rtb-csync.smartadserver.com rtb.gumgum.com sc-static.net script.hotjar.com security-eu.mimecast.com snap.licdn.com spoppe-b.azureedge.net ssum-sec.casalemedia.com staging-apps.healthgrades.com static.hotjar.com stats.g.doubleclick.net sync.1rx.io sync.crwdcntrl.net tags.bluekai.com td.doubleclick.net td.doubleclick.net thrtle.com token.rubiconproject.com translate-pa.googleapis.com translate.googleapis.com trc.lhmos.com trotjidayo-1.algolianet.com trotjidayo-2.algolianet.com trotjidayo-3.algolianet.com trotjidayo-dsn.algolia.net uipglob.semasio.net unpkg.com use.fontawesome.com vc.hotjar.io vjs.zencdn.net web-chat.global.assistant.watson.appdomain.cloud www.clarity.ms www.dupixent.com www.facebook.com www.google-analytics.com www.google-analytics.com www.google.com www.google.com.au www.googletagmanager.com fresnel-events.vimeocdn.com vod-adaptive-ak.vimeocdn.com player-telemetry.vimeo.com fresnel.vimeocdn.com www.medtargetsystem.com z.clarity.ms ws.hotjar.com secure.adnxs.com www.gstatic.com www.eventmgmtportal.com sanofi-privacy.my.onetrust.com trotjidayo-1.algolianet.com trotjidayo-3.algolianet.com trotjidayo-2.algolianet.com trotjidayo-dsn.algolia.net lpopeventportal-2-0-2.sanofigenzyme.intouch-preview.com som.healthgrades.com sanofi-japan-dev.eval.janraincapture.com sanofi-japan-staging.eval.janraincapture.com sanofi-japan.us.janraincapture.com sanofi-dev.us-dev.janraincapture.com sanofi-staging.us-dev.janraincapture.com sanofi.us.janraincapture.com sanofi-dev.eu-dev.janraincapture.com sanofi-staging.eu-dev.janraincapture.com sanofi.eu.janraincapture.com vod-adaptive-ak.vimeocdn.com player-telemetry.vimeo.com fresnel.vimeocdn.com fresnel-events.vimeocdn.com photos.healthgrades.com use.typekit.net p.typekit.net;","count":2},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' blob: https:\/\/prod-bk-web.es.rbi.tools\/en\/static\/js\/vendor.04584129.js https:\/\/prod-bk-web.es.rbi.tools\/en\/static\/js\/main.02240a06.js https:\/\/prod-bk-web.es.rbi.tools\/en\/static\/js\/runtime.3de3dcfe.js https:\/\/*.mparticle.com https:\/\/cdn.cookielaw.org https:\/\/www.googletagmanager.com https:\/\/*.onetrust.com https:\/\/static.ads-twitter.com https:\/\/platform.twitter.com https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/secure.quantserve.com https:\/\/dynamic.criteo.com https:\/\/rules.quantcount.com https:\/\/cdn.branch.io https:\/\/app.link https:\/\/*.cdn4.forter.com https:\/\/dlthst9q2beh8.cloudfront.net https:\/\/sslwidget.criteo.com https:\/\/widget.eu.criteo.com https:\/\/pagead2.googlesyndication.com https:\/\/cdn.amplitude.com https:\/\/accounts.google.com https:\/\/appleid.cdn-apple.com https:\/\/analytics.tiktok.com https:\/\/c.amazon-adsystem.com https:\/\/js.adsrvr.org https:\/\/maps.googleapis.com https:\/\/googleads.g.doubleclick.net https:\/\/static.zdassets.com https:\/\/bat.bing.com https:\/\/cdn-st.adsmurai.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/prod-bk-web.es.rbi.tools\/en\/static\/js\/vendor.b8cbca45.js https:\/\/prod-bk-web.es.rbi.tools\/en\/static\/js\/main.125b887a.js https:\/\/prod-bk-web.es.rbi.tools\/en\/static\/js\/runtime.8f4560f9.js; object-src 'none'; base-uri 'none'; worker-src 'self' blob:; report-uri https:\/\/intl-csp-service.rbictg.com\/report","count":2},{"content-security-policy-report-only":" font-src *.easypack24.net *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com 'self' data: https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.wesupply.xyz https:\/\/wesupplylabs.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.google.pl *.easypack24.net *.inpost.pl https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.safemage.com *.hsforms.net *.hsforms.com 'self' data: maps.gstatic.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.gstatic.com *.cdninstagram.com *.fbcdn.net maps.googleapis.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.cloudflare.com *.cloudflareinsights.com *.hotjar.com *.easypack24.net *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/cdnjs.cloudflare.com *.hsforms.net *.hsforms.com *.google.com *.gstatic.com maps.googleapis.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com ajax.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.instagram.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cloudflare.com *.easypack24.net *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com https:\/\/cdnjs.cloudflare.com *.googleapis.com *.gstatic.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com fonts.googleapis.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googlesyndication.com *.hotjar.io *.easypack24.net https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com https:\/\/www.google-analytics.com *.instagram.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com *.googleapis.com https:\/\/fonts.bunny.net *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com https:\/\/use.typekit.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.stripe.com stripe.com *.link.com *.amazon.com https:\/\/mcstaging.booktrump.com https:\/\/mcstaging.trumphotels.com https:\/\/integration-5ojmyuq-r7ma66w2vxzgu.us-5.magentosite.cloud https:\/\/integration2-hohc4oi-r7ma66w2vxzgu.us-5.magentosite.cloud 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.certcapture.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com https:\/\/mcstagingdoral.booktrump.com https:\/\/mcstagingireland.booktrump.com https:\/\/mcstaging.booktrump.com https:\/\/mcstaging.trumphotels.com https:\/\/integration-5ojmyuq-r7ma66w2vxzgu.us-5.magentosite.cloud https:\/\/integration2-hohc4oi-r7ma66w2vxzgu.us-5.magentosite.cloud 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.facebook.com https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/bat.bing.com https:\/\/*.bing.com https:\/\/*.synxis.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.googletagmanager.com *.facebook.net www.termsfeed.com *.fontawesome.com *.googleapis.com *.gstatic.com *.avada.io *.shopify.com *.sharethis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com https:\/\/backend.alia-cloudflare.com https:\/\/capture.celopay.com https:\/\/api.cartstack.com https:\/\/*.cartstack.com https:\/\/script.hotjar.com https:\/\/www.thehotelsnetwork.com https:\/\/*.thehotelsnetwork.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com https:\/\/static.klaviyo.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com *.stripe.network *.stripecdn.com *.amazon.com https:\/\/use.typekit.net https:\/\/p.typekit.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com https:\/\/player.vimeo.com https:\/\/download-video.akamaized.net 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.google-analytics.com https:\/\/get.geojs.io *.avada.io *.sharethis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com https:\/\/capture.celopay.com https:\/\/api.cartstack.com https:\/\/*.cartstack.com https:\/\/bat.bing.com https:\/\/*.bing.com https:\/\/www.thehotelsnetwork.com https:\/\/*.thehotelsnetwork.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' 'unsafe-eval' 'unsafe-inline' essentialed.com *.essentialed.com passged.com *.passged.com d2lpurk2qe2oc.cloudfront.net d3ebkza70oew6x.cloudfront.net dpg0n9q1lsnov.cloudfront.net d37nqy2yusfq54.cloudfront.net d2pfk5on3dtp5q.cloudfront.net js-agent.newrelic.com bam.nr-data.net *.typekit.net *.google.com *.google.ca *.google.com.mx *.google.co.uk *.google.de *.googletagmanager.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.googlesyndication.com *.gstatic.com *.wistia.com *.wistia.net *.litix.io *.credly.com *.hubspot.com *.hs-banner.com *.hs-analytics.net *.hs-analytics.com *.hs-scripts.com *.hsforms.com *.hsforms.net *.hscollectedforms.net *.plyr.io *.crazyegg.com *.hotjar.com *.hotjar.io analytics.tiktok.com *.bing.com hiset.org *.clarity.ms *.jquery.com *.fontawesome.com *.cloudflare.com *.bootstrapcdn.com *.paypal.com *.paypalobjects.com js.stripe.com *.facebook.com *.facebook.net widget.trustpilot.com unpkg.com data: ws: wss: about: blob:; frame-ancestors 'self' essentialed.com *.essentialed.com passged.com *.passged.com","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com maxcdn.bootstrapcdn.com 'self' data: data: *.tiktok.com *.ttcdn-row.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com cdn.dnky.co amc.demdex.net www.google.com youtube.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.ftcdn.net *.behance.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' data: maps.gstatic.com maps.googleapis.com accounts.google.com *.tiktok.com *.ttcdn-row.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/www.google.com *.gstatic.com cdn.dnky.co r1-t.trackedlink.net www.gstatic.com js-agent.newrelic.com bam.nr-data.net maps.googleapis.com player.vimeo.com https:\/\/maps.googleapis.com *.tiktok.com *.ttcdn-row.com *.bytedance.com analytics.tiktok.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.fontawesome.com maxcdn.bootstrapcdn.com *.googleapis.com *.gstatic.com cdn.dnky.co *.googletagmanager.com *.cookielaw.org *.tiktok.com *.ttcdn-row.com 'self' 'unsafe-inline'; object-src *.tiktok.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.magento.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.google-analytics.com maps.googleapis.com api.comapi.com bam.nr-data.net *.cookielaw.org analytics.tiktok.com business-api.tiktok.com *.ttcdn-row.com *.bytedance.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.bglobale.com *.global-e.com *.googleapis.com *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com https:\/\/*.gstatic.com *.narvar.com *.narvar.qa *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com script.hotjar.com fonts.googleapis.com fonts.gstatic.com *.inside-graph.com integration-cdn.toshi.co acsbapp.com shopping.qantas.com appdown.pstatic.net data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de *.facebook.com *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com *.cardinalcommerce.com www.facebook.com *.kaptcha.com bid.g.doubleclick.net ct.pinterest.com www.rsa3dsauth.co.uk www.securesuite.co.uk *.americanexpress.com 3dsecure-vrp.de 'self' 'unsafe-inline'; frame-ancestors *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com au-tracker.inside-graph.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.adyen.com pay.google.com *.paypal.com *.bglobale.com *.global-e.com *.google.com *.doubleclick.net *.facebook.com *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com *.pinterest.com *.sharethis.com *.hotjar.co vimeo.com acsbapp.com *.kaptcha.com player.smartzer.com www.google.com www.facebook.com accounts.accessibe.com dashboard.accessibe.com cestream.me 3ds.sia.eu acs2.3dsecure.no www.houzz.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com *.bglobale.com *.global-e.com *.googleapis.com *.gstatic.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com https:\/\/*.gstatic.com *.narvar.com *.narvar.qa *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com adservice.google.com script.hotjar.com www.google.sa www.google.ca *.bing.com *.clarity.ms data:* web1.acsbapp.com integration-sandbox-cdn.toshi.co www.google.bg www.google.be www.google.co.uk www.google.nl www.gstatic.com translate.google.com idsync.rlcdn.com consent.linksynergy.com au-live.inside-graph.com bam-cell.nr-data.net integration-cdn.toshi.co bat.bing.com www.google.com.au google.com.au *.searchspring.io *.media.tumblr.com s.ytimg.com maps.googleapis.com maps.gstatic.com au-cdn.inside-graph.com www.google.co.in d3cgm8py10hi0z.cloudfront.net track.linksynergy.com *.sharethis.com *.micpn.com *.pinterest.com zimmermann.com www.google.tn www.google.com.hk www.google.com.et www.google.com.eg www.google.co.tz www.google.ci www.google.co.ke www.google.cm www.google.lk www.google.com.ng www.google.ne www.google.com.mm www.google.co.mz www.google.co.id www.google.bi www.google.com.kh www.google.co.ve www.google.cd www.google.com.gh www.google.so www.google.com.af www.google.ht www.google.com.ni www.google.la www.google.cg www.google.bf www.google.sn www.google.com.ly www.google.mg www.google.com.sb www.google.com.pg www.google.com.np sync.sharethis.com www.google.com.py www.google.ml www.google.com.sl www.google.co.ls www.google.to www.google.gm www.google.rw www.google.com.vn www.google.com.sv www.google.co.kr www.google.com.bo www.google.com.sg www.google.mw www.google.si www.google.tl www.google.sc www.google.co.zm www.google.tg www.google.com.pk 4mrr1kwk.micpn.com www.google.ge www.google.com.fj www.google.com.na www.google.td www.google.ee www.google.mk www.google.bj www.google.mn www.google.bt www.google.co.bw www.google.fi www.google.com.uy www.google.co.th www.google.com.pe www.google.cv www.google.co.zw www.google.ga www.google.by www.google.iq www.google.com.ec www.google.co.jp www.google.com.pa www.google.dz www.google.ws analytics.tiktok.com www.google.gy www.google.de sdk.privacy-center.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.bglobale.com *.global-e.com https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com https:\/\/cdn.searchspring.net\/intellisuggest\/is.min.js *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com analytics.tiktok.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com *.searchspring.net *.acsbapp.com au-tracker.inside-graph.com cdn.scarabresearch.com intljs.rmtag.com *.inside-graph.co js-agent.newrelic.com *.inside-graph.com acsbapp.com tag.lexer.io *.toshi.co *.bugsnag.com *.sharethis.com script.crazyegg.com *.clarity.ms www.fullstory.com songbirdstag.cardinalcommerce.com www.gstatic.com vimeocdn.com youtube.com googletagmanager.com maps.googleapis.com fullstory.com bat.bing.com 4mrr1kwk.micpn.com s.pinimg.com tag.rmp.rakuten.com *.hotjar.com ut.rd.linksynergy.com ct.pinterest.com unsafe-inline sdk.privacy-center.org www.onelink-edge.com 'unsafe-inline' 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.bglobale.com *.global-e.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com https:\/\/fonts.googleapis.com\/ *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com *.inside-graph.com *.searchspring.net webchat.dotdigital.com cdn.honey.io *.aptrinsic.com 'unsafe-inline' 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.narvar.com *.narvar.qa *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com au-cdn.inside-graph.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adyen.com *.google.com payments-eu.amazon.com *.paypal.com *.googleapis.com *.google-analytics.com *.facebook.com *.facebook.net https:\/\/beacon.searchspring.io\/beacon wss:\/\/*.optimizely.com *.optimizely.com optimizely.s3.amazonaws.com logx.optimizely.com analytics.tiktok.com data.stbuttons.click www.google.com.au translate.googleapis.com *.searchspring.io *.acsbapp.co cdn.acsbapp.com au-live.inside-graph.com bam.nr-data.net uat.tryzens-analytics.com:12280 *.scarabresearch.com wss:\/\/au-live.inside-graph.com  *.bugsnag.com *.postcodeanywhere.co.uk *.sharethis.com script.crazyegg.com stats.g.doubleclick.net *.pinterest.com track.lexer.io www.tryzens-analytics.com:12280 www.google.co.ke www.google.bi pagestates-tracking.crazyegg.com www.google.com.sl www.google.co.ao www.google.cm www.google.com.np www.google.cd www.google.co.ve www.google.lk www.google.co.tz www.google.com.ng www.google.so www.google.ne www.google.co.id www.google.co.ls www.google.tn assets-tracking.crazyegg.com www.google.ht www.google.co.mz acsbapp.com www.google.com.co cp.crwdcntrl.net www.google.ci tracking.crazyegg.com www.google.co.za www.google.tl www.google.com.pk www.google.com.sv www.google.com.ly www.google.mg www.google.tg www.google.gm www.google.com.eg www.google.co.kr www.google.bf www.google.sn www.google.ga www.google.bj ad.doubleclick.net www.google.cg www.google.com.ar www.google.co.ma www.google.com.et www.google.fr www.google.com.na www.google.co.uk www.google.nl www.google.ml www.google.rw www.google.com.uy www.google.com.bo www.google.com.ni www.google.ki www.google.ee www.google.com.gt www.google.com.py www.google.com.gh www.google.com.kh www.google.com.vn www.google.ru www.google.cv www.google.com.mm www.google.co.zm www.google.vu www.google.com.ec www.google.es www.google.at bat.bing.com vc.hotjar.io www.google.de ws.hotjar.com content.hotjar.io metrics.hotjar.io www.google.ca www.tryzens-analytics.com ct.pinterest.com www.google.com.pe www.google.co.in www.google.ge googleads.g.doubleclick.net fresnel.vimeocdn.com api.privacy-center.org pagead2.googlesyndication.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/zmn-csp.tryzens-analytics.com; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" font-src fonts.googleapis.com x.klarnacdn.net cdn.elev.io maxcdn.bootstrapcdn.com *.fontawesome.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.ditur.dk *.ditur.no *.ditur.se *.ditur.de *.ditur.fi *.ditur.com *.ditur.fr *.ditur.pl *.avile.dk policy.app.cookieinformation.com ct.pinterest.com td.doubleclick.net tr.snapchat.com tr6.snapchat.com messenger-edge.dixa.io messenger.dixa.io www.googletagmanager.com facebook.com *.facebook.com *.klarna.com *.trustpilot.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com *.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.google.com *.google.dk *.facebook.com bat.bing.com bat.bing.net stats.g.doubleclick.net *.sleeknote.com parametre.online *.ditur.dk *.ditur.no *.ditur.se *.ditur.de *.ditur.fi *.ditur.com *.ditur.fr *.ditur.at *.ditur.co.uk *.ditur.ie *.ditur.be *.ditur.nl *.ditur.is *.ditur.it *.ditur.es *.ditur.pt *.klockia.se *.klockia.dk *.klockia.no *.avile.dk ditur.dk ditur.no ditur.se ditur.de ditur.fi ditur.com ditur.fr ditur.at ditur.co.uk ditur.ie ditur.be ditur.nl ditur.is ditur.it ditur.es ditur.pt klockia.se klockia.dk klockia.no avile.dk tr.snapchat.com tr6.snapchat.com *.etrusted.com *.trustedshops.com https:\/\/images.unsplash.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/www.magezon.com https:\/\/redchamps.com *.klarna.com *.klarnaevt.com *.klarnacdn.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com *.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.reaktion.com policy.app.cookieinformation.com policy.cookieinformation.com *.facebook.net script.parametre.online ct.pinterest.com s.pinimg.com bat.bing.com *.tiktok.com *.sleeknote.com *.getdrip.com *.cloudfront.net *.kameleoon.eu *.kameleoon.io *.fontawesome.com *.ditur.dk *.ditur.se *.ditur.no *.ditur.de *.ditur.fi *.ditur.com *.ditur.fr *.ditur.pl messenger.dixa.io sc-static.net tr.snapchat.com cdn.elev.io *.clarity.ms checkout.reepay.com static.cloudflareinsights.com *.trustedshops.com *.etrusted.com *.getzowie.com *.heylink.com *.posthog.com *.tangiblee.com *.impactcdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.klarnacdn.net *.klarna.com *.profitmetrics.io *.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com static.products.kameleoon.com x.klarnacdn.net fonts.googleapis.com *.etrusted.com https:\/\/static.klaviyo.com maxcdn.bootstrapcdn.com *.fontawesome.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.reaktion.com *.cookieinformation.com google.com *.google.com googleads.g.doubleclick.net *.pinterest.com *.tiktok.com *.ditur.dk *.ditur.no *.ditur.se *.ditur.de *.ditur.fi *.ditur.com *.ditur.fr *.ditur.pl *.avile.dk api.products.kameleoon.com *.kameleoon.eu data.kameleoon.io *.fontawesome.com bat.bing.com bat.bing.net invitejs.trustpilot.com tr.snapchat.com tr6.snapchat.com messenger-edge.dixa.io region1.google-analytics.com cdn.elev.io ipa.elev.io events.elev.io *.clarity.ms pagead2.googlesyndication.com *.etrusted.com *.getzowie.com analytics.sleeknote.com\/ *.posthog.com *.tangiblee.com *.impactcdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io *.klarnacdn.net *.klarna.com *.klarnaevt.com *.profitmetrics.io 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" report-uri \/_\/csp-reports","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'nonce-KjlwR0pVUGk3YkR1dFRBV2ZmIUo=' 'self' 'unsafe-eval' https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/cdnjs.cloudflare.com; script-src-elem 'nonce-MTo4MDY2MDoxNjE3MDQ5ODExOjE3MzQ5NTc2NzU=' 'nonce-MTo4MDY2MzoxNjQ4Nzg0NDUxOjE3MzQ5NTc4NTQ=' 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.google.com https:\/\/connect.facebook.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/*.kaspersky-labs.com https:\/\/api.mailxpert.ch; script-src-attr 'self' 'unsafe-inline' https:\/\/*.googletagmanager.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/www.google.com https:\/\/*.kaspersky-labs.com https:\/\/cdnjs.cloudflare.com; object-src 'self'; base-uri 'self'; connect-src 'self' https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/*.g.doubleclick.net https:\/\/api.friendlycaptcha.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/cdnjs.cloudflare.com; frame-src 'self' https:\/\/ige.prospective.ch https:\/\/td.doubleclick.net https:\/\/nl.mailxpert.ch https:\/\/www.youtube-nocookie.com; img-src 'self' data: blob: https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.g.doubleclick.net https:\/\/i.ytimg.com; manifest-src 'self'; media-src 'self' data:; worker-src blob:; report-uri \/CspReportLogger.php","count":2},{"content-security-policy-report-only":" font-src storage.googleapis.com\/rtux-rtux-data-integration-rti\/ *.cloudflare.com fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action test.saferpay.com www.saferpay.com saferpay.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ bid.g.doubleclick.net www.google.com *.prismic.io *.google.com *.criteo.com *.criteo.net *.doubleclick.net *.pinterest.com *.facebook.com *.livechatinc.com *.sovendus-connect.com *.googletagmanager.com *.weltpixel.com test.saferpay.com www.saferpay.com saferpay.com www.xtento.com *.typeform.com 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com *.vimeocdn.com i.ytimg.com *.youtube.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com https:\/\/images.unsplash.com *.prism.app-us1.com *.prismic.io *.bing.com *.google.ch *.trackjs.com *.google.com *.twiago.com *.doubleclick.net *.bidswitch.net *.adnxs.com *.smartadserver.com *.taboola.com *.adform.net *.omnitagjs.com *.lehner-versand.ch *.casalemedia.com *.criteo.com id5-sync.com *.360yield.com *.ivitrack.com *.media.net *.mediavine.com *.postrelease.com *.outbrain.com *.pubmatic.com *.rubiconproject.com *.sharethrough.com *.teads.tv *.tremorhub.com *.3lift.com *.yieldlab.net *.yieldmo.com *.emxdgt.com *.demdex.net *.livechat-files.com *.dmxleo.com *.profity.ch *.googleapis.com *.1rx.io *.typewise.app *.files-text.com *.livechatinc.com *.livechat-static.com test.saferpay.com www.saferpay.com saferpay.com www.xtento.com cdn.xtento.com *.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.googletagmanager.com data: 'self' 'unsafe-inline'; script-src *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ bx-cdn.com\/static\/bav2.min.js track.bx-cloud.com\/static\/bav2.min.js r-st.bx-cloud.com\/static\/bav2.min.js r-st.bx-cloud.com\/static\/rti.min.js track.bx-cloud.com\/static\/rti.min.js bx-cdn.com\/static\/rti.min.js storage.googleapis.com\/rtux-rtux-data-integration-rti\/ *.prism.app-us1.com *.prismic.io *.trackjs.com *.gstatic.com *.livechatinc.com *.cdn.prismic.io *.google.com *.criteo.com *.pinimg.com *.bing.com *.adt313.net htm1.ch *.pinterest.com profity.ch *.profity.ch\/clients\/main.js *.getback.ch *.sovendus.com *.sovendus-connect.com *.googleapis.com storage.googleapis.com\/*_rtux-data* *.wi-platform-cloud.com *.bx-cdn.com *.googletagmanager.com *.bx-cloud.com *.doubleclick.net *.typewise.app *.ct0.ch *.livechat-static.com test.saferpay.com www.saferpay.com saferpay.com www.xtento.com cdn.xtento.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com unpkg.com *.typeform.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.getback.ch *.cloudflare.com *.googleapis.com storage.googleapis.com\/*_rtux-data* *.livechatinc.com *.tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typeform.com 'self' 'unsafe-inline'; object-src *.livechatinc.com 'self' 'unsafe-inline'; media-src storage.googleapis.com\/rtux-rtux-data-integration-rti\/ *.googleapis.com storage.googleapis.com\/*_rtux-data* *.livechatinc.com *.livechat-static.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.newrelic.com *.nr-data.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com track.bx-cloud.com main.bx-cloud.com track-gw1.bx-cloud.com bx-cloud.com main.wi-platform-cloud.com r-st.bx-cloud.com track.bx-cloud.com\/track\/v2 storage.googleapis.com\/rtux-rtux-data-integration-rti\/ *.prism.app-us1.com *.prismic.io htm1.ch *.pinterest.com *.lehner-versand.ch *.criteo.com *.google.com *.getback.ch *.doubleclick.net *.wi-platform-cloud.com *.trackjs.com *.livechatinc.com *.sovendus.com *.googleapis.com storage.googleapis.com\/*_rtux-data* *.bing.com *.typewise.app *.text.com test.saferpay.com www.saferpay.com saferpay.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.net *.klaviyo.com *.clarity.ms *.pinimg.com sc-static.net *.snapchat.com *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src *.livechatinc.com http: https: blob: 'self' 'unsafe-inline'; default-src test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.adnxs.com https:\/\/*.avanser.com https:\/\/*.hubapi.com https:\/\/*.algolia.com https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/*.readspeaker.com https:\/\/*.cloudflare.com https:\/\/*.facebook.net https:\/\/*.cdnfonts.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.hs-analytics.net https:\/\/*.hs-banner.com https:\/\/*.hsforms.net https:\/\/*.hs-scripts.com https:\/\/*.hsleadflows.net https:\/\/*.hsadspixel.net https:\/\/*.hsform.com https:\/\/*.hubspot.com https:\/\/*.google.com.au https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.clarity.ms https:\/\/*.doubleclick.net https:\/\/*.cdninstagram.com https:\/\/*.myhealthforlife.com.au https:\/\/*.myhealthforlife.org.au https:\/\/*.newrelic.com https:\/\/*.vimeo.com https:\/\/*.raisely.com https:\/\/*.siteimproveanalytics.com https:\/\/*.hotjar.com https:\/\/*.licdn.com https:\/\/*.ewaypayments.com https:\/\/*.linkedin.com https:\/\/*.google.com https:\/\/*.doubleclick.net https:\/\/*.yimg.com https:\/\/*.youtube.com; object-src 'none'; img-src * data:; script-src 'self' https:\/\/*.adnxs.com https:\/\/*.avanser.com https:\/\/*.hubapi.com https:\/\/*.algolia.com https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/*.readspeaker.com https:\/\/*.cloudflare.com https:\/\/*.facebook.net https:\/\/*.cdnfonts.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.hs-analytics.net https:\/\/*.hs-banner.com https:\/\/*.hsforms.net https:\/\/*.hs-scripts.com https:\/\/*.hsleadflows.net https:\/\/*.hsadspixel.net https:\/\/*.hsform.com https:\/\/*.hubspot.com https:\/\/*.google.com.au https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.clarity.ms https:\/\/*.doubleclick.net https:\/\/*.cdninstagram.com https:\/\/*.myhealthforlife.com.au https:\/\/*.myhealthforlife.org.au https:\/\/*.newrelic.com https:\/\/*.vimeo.com https:\/\/*.raisely.com https:\/\/*.siteimproveanalytics.com https:\/\/*.hotjar.com https:\/\/*.licdn.com https:\/\/*.ewaypayments.com https:\/\/*.linkedin.com https:\/\/*.google.com https:\/\/*.doubleclick.net https:\/\/*.yimg.com https:\/\/*.youtube.com; style-src 'self' * 'unsafe-inline'; font-src * data:; media-src *; frame-src *.vimeo.com *.googletagmanager.com *.doubleclick.net *.youtube.com;","count":2},{"content-security-policy-report-only":" connect-src 'self' 'unsafe-inline' 'unsafe-eval' *.authorized.by *.bewakingscamera.nl *.bing.com *.bing.net *.doubleclick.net *.googleadservices.com *.google-analytics.com *.googleapis.com www.google.at www.google.be www.google.ch www.google.com.au www.google.com.bd www.google.com.br www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.gh www.google.com.hk www.google.com.kh www.google.com.mm www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.np www.google.com.pe www.google.com.ph www.google.com.pk www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.vn www.google.co.uk www.google.cz www.google.de www.google.dk www.google.es www.google.fr www.google.it www.google.nl www.google.pl www.google.pt www.google.ru *.google.com google.com *.googletagmanager.com *.gstatic.com *.mouseflow.com *.multisafepay.com *.newrelic.com *.nr-data.net *.returnless.com *.smartlook.com *.storyblok.com vercel.live api.marker.io ssr.marker.io s3.eu-west-1.amazonaws.com\/marker.sessions.prod; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.authorized.by *.bing.com *.bing.net *.doubleclick.net *.googleadservices.com *.googleapis.com www.google.at www.google.be www.google.ch www.google.co.uk www.google.de www.google.fr www.google.nl *.google.com *.googletagmanager.com *.gstatic.com *.mouseflow.com *.smartlook.com *.storyblok.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' *.authorized.by *.bing.com *.bing.net *.doubleclick.net *.googleadservices.com *.google-analytics.com *.googleapis.com www.google.at www.google.be www.google.ch www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.br www.google.com.co www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.gh www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.pa www.google.com.pe www.google.com.ph www.google.com.pk www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.vn www.google.co.uk www.google.cz www.google.de www.google.dk www.google.es www.google.fr www.google.it www.google.nl www.google.pl www.google.pt www.google.ru *.google.com *.googletagmanager.com *.gstatic.com *.multisafepay.com *.storyblok.com blob: data: media.marker.io app.marker.io edge.marker.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bewakingscamera.nl *.bing.com *.doubleclick.net *.googleapis.com *.google.com *.googletagmanager.com *.mouseflow.com *.multisafepay.com *.newrelic.com *.returnless.com *.smartlook.com *.storyblok.com vercel.live edge.marker.io app.marker.io; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.googletagmanager.com *.gstatic.com *.multisafepay.com; frame-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.multisafepay.com *.returnless.com vercel.live app.marker.io; font-src 'self' 'unsafe-inline' 'unsafe-eval' *.gstatic.com app.marker.io edge.marker.io; media-src 'self' 'unsafe-inline' 'unsafe-eval' *.storyblok.com media.marker.io app.marker.io edge.marker.io; child-src 'self' 'unsafe-inline' 'unsafe-eval'  app.marker.io; form-action 'self' 'unsafe-inline' 'unsafe-eval' app.marker.io api.marker.io; report-uri https:\/\/14edc0c0-b3cc-497c-8aa2-2e84efa49370.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/seo.mageplaza.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/plumrocket.com test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * https:\/\/plumrocket.com test.saferpay.com www.saferpay.com saferpay.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com test.saferpay.com www.saferpay.com saferpay.com https:\/\/cdn.eye-able.com https:\/\/trc.josefsteiner.at https:\/\/trc.josefsteiner.de https:\/\/elfsight.com https:\/\/phosphor.utils.elfsightcdn.com https:\/\/www.google.at https:\/\/www.google.de https:\/\/region1.analytics.google.com https:\/\/*.doubleclick.net https:\/\/public-prod-dspcookiematching.dmxleo.com https:\/\/www.facebook.com https:\/\/dis.criteo.com https:\/\/gum.criteo.com https:\/\/aa.agkn.com https:\/\/sync.1rx.io https:\/\/ad.yieldlab.net https:\/\/a.twiago.com https:\/\/criteo-partners.tremorhub.com https:\/\/eb2.3lift.com https:\/\/sync-t1.taboola.com https:\/\/simage2.pubmatic.com https:\/\/simage4.pubmatic.com https:\/\/criteo-sync.teads.tv https:\/\/rtb-csync.smartadserver.com https:\/\/sync.outbrain.com https:\/\/jadserve.postrelease.com https:\/\/ad.360yield.com https:\/\/x.bidswitch.net https:\/\/cs.media.net https:\/\/r.casalemedia.com https:\/\/id5-sync.com https:\/\/eu.i.posthog.com *.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/cdn.jsdelivr.net *.avada.io *.shopify.com player.vimeo.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googletagmanager.com test.saferpay.com www.saferpay.com saferpay.com https:\/\/cdn.eye-able.com https:\/\/cdn.findologic.com https:\/\/static.criteo.net https:\/\/sslwidget.criteo.com https:\/\/universe-static.elfsightcdn.com https:\/\/elfsightcdn.com https:\/\/static.elfsight.com https:\/\/capi-automation.s3.us-east-2.amazonaws.com https:\/\/trc.josefsteiner.at https:\/\/trc.josefsteiner.de https:\/\/connect.facebook.net https:\/\/eu.i.posthog.com https:\/\/eu-assets.i.posthog.com maps.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.fontawesome.com https:\/\/fonts.bunny.net 'unsafe-inline' assets.braintreegateway.com https:\/\/cdn.eye-able.com https:\/\/cdn.findologic.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com test.saferpay.com www.saferpay.com saferpay.com https:\/\/service.findologic.com https:\/\/pagead2.googlesyndication.com https:\/\/static.elfsight.com https:\/\/service-reviews-ultimate.elfsight.com https:\/\/core.service.elfsight.com https:\/\/universe-static.elfsightcdn.com https:\/\/maplibre.utils.elfsightcdn.com https:\/\/tiles.stadiamaps.com https:\/\/trc.josefsteiner.at https:\/\/trc.josefsteiner.de https:\/\/www.facebook.com https:\/\/*.ecs.us-east-2.on.aws https:\/\/eu.i.posthog.com https:\/\/eu-assets.i.posthog.com places.googleapis.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" worker-src * blob:; font-src *.typekit.net *.gstatic.com fonts.gstatic.com use.typekit.net *.fontawesome.com *.zdassets.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.mb-app.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.hcaptcha.com hcaptcha.com cdn.jsdelivr.net *.cloudflare.com *.twitter.com *.google.co.in *.facebook.com *.googleadservices.com *.google-analytics.com *.gstatic.com *.usercentrics.eu *.fontawesome.com connect.facebook.net *.paypalobjects.com *.googletagmanager.com *.trustpilot.com *.cookiebot.com *.doubleclick.net *.stripe.com *.zendesk.com *.zdassets.com *.googleapis.com *.atlantic.fr *.azurewebsites.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com p.typekit.net validator.swagger.io groupe-mb.scene7.com *.cloudflare.com *.google.com *.google.co.in www.facebook.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.connect.facebook.net *.doubleclick.net *.google.fr *.trustpilot.com * *.stripe.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.commerce-payment-services.com *.typekit.net google.com *.google.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.hcaptcha.com hcaptcha.com maps.googleapis.com cdn.jsdelivr.net *.cloudflare.com *.twitter.com *.google.co.in *.facebook.com *.googleadservices.com *.google-analytics.com *.gstatic.com *.usercentrics.eu *.fontawesome.com connect.facebook.net *.paypalobjects.com *.paypal.com *.googletagmanager.com *.trustpilot.com *.cookiebot.com *.doubleclick.net *.stripe.com *.licdn.com *.bing.com *.zendesk.com *.zdassets.com *.clarity.ms *.sparkow.net t4.my-probance.one *.contentsquare.net *.googleapis.com bam.nr-data.net bam.eu01.nr-data.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.gstatic.com *.zoovu.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.adobe.io performance.typekit.net *.sentry.io *.hcaptcha.com hcaptcha.com cdn.jsdelivr.net *.cloudflare.com *.twitter.com *.google.co.in *.facebook.com *.googleadservices.com *.google-analytics.com *.gstatic.com *.usercentrics.eu *.fontawesome.com connect.facebook.net *.paypalobjects.com *.googletagmanager.com *.youtube.com *.trustpilot.com *.cookiebot.com *.doubleclick.net *.stripe.com *.clarity.ms *.scandit.com *.zendesk.com tereva.zendesk.com mabeo.zendesk.com tereva.zendesk.com\/frontendevents mabeo.zendesk.com\/frontendevents *.zdassets.com *.bing.com *.sparkow.net *.contentsquare.net bam.nr-data.net bam.eu01.nr-data.net *.googleapis.com *.linkedin.com px.ads.linkedin.com\/wa\/ *.zoovu.com *.cloudfront.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/checkoutshopper-live.adyen.com https:\/\/checkoutshopper-test.cdn.adyen.com https:\/\/homologation-payment.cdn.payline.com https:\/\/payment.cdn.payline.com https:\/\/static.addtoany.com https:\/\/uberall.com https:\/\/unpkg.com https:\/\/www.google.com https:\/\/www.youtube.com; script-src-attr 'self'; style-src 'self' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/checkoutshopper-live.adyen.com https:\/\/checkoutshopper-test.cdn.adyen.com https:\/\/homologation-payment.cdn.payline.com https:\/\/payment.cdn.payline.com https:\/\/unpkg.com; style-src-attr 'self'; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" script-src 'unsafe-eval' 'unsafe-inline' data: 'self' blob: www.google-analytics.com www.googletagmanager.com ajax.googleapis.com www.google.com js.klevu.com www.gstatic.com *.cloudmaestro.com www.googleadservices.com googleads.g.doubleclick.net r2-t.trackedlink.net static.hotjar.com wchat.freshchat.com staticw2.yotpo.com browser-update.org script.hotjar.com dev.visualwebsiteoptimizer.com js-agent.newrelic.com bam-cell.nr-data.net *.freshchat.com maps.googleapis.com assets.adobedtm.com www.googleoptimize.com h.online-metrix.net *.cardinalcommerce.com html5.dcatalog.com unpkg.com commerce.adobedtm.com cdnjs.cloudflare.com web-sdk.aptrinsic.com commerce.adobe.net fonts.googleapis.com magento-recs-sdk.adobe.net static.trackedweb.net tags.srv.stackadapt.com snap.licdn.com tags.srv.stackadapt.com bat.bing.com e.performancehealth.com f.vimeocdn.com tags.srv.stackadapt.com bam.nr-data.net services-connector-ui.magento-ds.com r2.dotdigital-pages.com *.punchout2go.com *.tradecentric.com *.pinterest.com *.facebook.net *.facebook.com *.licdn.com *.userway.org cdn.optimizely.com optimizely.com performancehealth.freshchat.com cnstrc.com *.cookie-script.com; style-src 'self' 'unsafe-inline' wchat.freshchat.com fonts.googleapis.com js.klevu.com tags.srv.stackadapt.com staticw2.yotpo.com; report-uri \/.webscale\/csp-report","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.gstatic.com data: fonts.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com 'self' data: *.typekit.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/plumrocket.com 'self' 'unsafe-inline'; frame-ancestors *.magerocket.com *.gocuotas.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com cdn.dnky.co amc.demdex.net www.google.com www.facebook.com youtube.com *.oca.com.ar *.magerocket.com https:\/\/mobbex.com *.gocuotas.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/plumrocket.com https:\/\/accounts.google.com assets.braintreegateway.com *.mobbex.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net maps.gstatic.com maps.googleapis.com accounts.google.com *.google.com www.facebook.com *.oca.com.ar *.magerocket.com *.mobbex.com *.gocuotas.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com analytics.google.com googleads.g.doubleclick.net www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ *.google.com *.typekit.net google.com *.cdn-apple.com *.magento-datasolutions.com www.google-analytics.com cdn.dnky.co r1-t.trackedlink.net www.gstatic.com js-agent.newrelic.com bam.nr-data.net maps.googleapis.com connect.facebook.net player.vimeo.com *.oca.com.ar *.magerocket.com *.mobbex.com *.gocuotas.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/accounts.google.com https:\/\/www.google.com *.gstatic.com https:\/\/maps.googleapis.com songbirdstag.cardinalcommerce.com pay.google.com *.paypal.com c.paypal.com js.braintreegateway.com assets.braintreegateway.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com http2.mlstatic.com secure.mlstatic.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com cdn.dnky.co *.googletagmanager.com *.cookielaw.org *.fontawesome.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com maxcdn.bootstrapcdn.com https:\/\/accounts.google.com *.googleapis.com *.gstatic.com use.typekit.net *.typekit.net fonts.gstatic.com *.magerocket.com *.mobbex.com https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.magento-datasolutions.com *.magento-ds.com maps.googleapis.com api.comapi.com bam.nr-data.net *.oca.com.ar *.magerocket.com *.cookielaw.org *.mobbex.com *.gocuotas.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/accounts.google.com assets.adobedtm.com js.magento-datasolutions.com *.adobe.com api.braintreegateway.com api.sandbox.braintreegateway.com *.commerce-payment-services.com analytics.google.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' *.audioeye.com akstat.io *.akstat.io cookielaw.org cdn.cookielaw.org *.google-analytics.com *.quantummetric.com quantummetric.com *.typekit.net www.googletagmanager.com tapestry.com *.tapestry.com tapestry.support *.licdn.com *.jwplatform.com *.jwpcdn.com cdn.jwplayer.com prd.jwpltx.com *.jwpsrv.com jsdelivr.net *.jsdelivr.net *.newrelic.com *-tapestry-news.pantheonsite.io cdnjs.cloudflare.com fonts.googleapis.com secure.gravatar.com px.ads.linkedin.com cdn.linkedin.oribi.io p.adsymptotic.com tapestry.gcs-web.com opensupplyhub.org *.akamaihd.net go-mpulse.net *.go-mpulse.net geolocation.onetrust.com stats.g.doubleclick.net fonts.gstatic.com data: blob:;","count":2},{"content-security-policy-report-only":" font-src *.gstatic.com mcstaging.iochile.cl mcstaging.magriffe.cl mcstaging.ashchile.cl www.iochile.cl www.magriffe.cl www.ashchile.cl *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.transbank.cl *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.newrelic.com *.herokuapp.com *.doubleclick.net\/ *.googleapis.com mcstaging.iochile.cl mcstaging.magriffe.cl mcstaging.ashchile.cl www.iochile.cl www.magriffe.cl www.ashchile.cl *.weltpixel.com *.google.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.google.com.ar *.instagram.com *.cdninstagram.com *.gstatic.com *.facebook.com *.newrelic.com *.clarity.ms *.bing.com *.googleapis.com mcstaging.iochile.cl mcstaging.magriffe.cl mcstaging.ashchile.cl www.iochile.cl www.magriffe.cl www.ashchile.cl https:\/\/www.magezon.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com https:\/\/*.woowup.com *.herokuapp.com *.instagram.com *.facebook.net *.newrelic.com *.nr-data.net *.clarity.ms mcstaging.iochile.cl mcstaging.magriffe.cl mcstaging.ashchile.cl www.iochile.cl www.magriffe.cl www.ashchile.cl *.google.com\/ onesignal.com *.onesignal.com *.avada.io player.vimeo.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/www.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.herokuapp.com *.newrelic.com mcstaging.iochile.cl mcstaging.magriffe.cl mcstaging.ashchile.cl www.iochile.cl www.magriffe.cl www.ashchile.cl *.fontawesome.com unsafe-inline assets.braintreegateway.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com *.google.com.ar *.doubleclick.com *.doubleclick.net *.newrelic.com *.nr-data.net *.clarity.ms mcstaging.iochile.cl mcstaging.magriffe.cl mcstaging.ashchile.cl www.iochile.cl www.magriffe.cl www.ashchile.cl https:\/\/get.geojs.io *.avada.io https:\/\/*.woowup.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.google-analytics.com *.facebook.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src mcstaging.iochile.cl mcstaging.magriffe.cl mcstaging.ashchile.cl www.iochile.cl www.magriffe.cl www.ashchile.cl 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" script-src-elem payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com data: 'self'; font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com 'self' data: *.doubleclick.net *.facebook.com payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com static.runconverge.com *.facebook.net *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.google.com *.pinimg.com ssl.gstatic.com www.gstatic.com *.cloudflare.com *.trustedshops.com *.googleapis.com *.klaviyo.com maxcdn.bootstrapcdn.com cdn1.stamped.io stamped.io *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.runconverge.com *.facebook.net *.facebook.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.google.com *.pinimg.com ssl.gstatic.com www.gstatic.com services.paytrail.com paytrail.com *.paytrail.com epmt.nordea.fi *.nordea.com verkkopankki.danskebank.fi online.s-pankki.fi verkkomaksu.poppankki.fi verkkomaksu.omasp.fi auth.aktia.fi verkkomaksu.handelsbanken.fi verkkomaksu.saastopankki.fi online.alandsbanken.fi maksu.pivo.fi qa-maksu.pivo.fi v1-hub-staging.sph-test-solinor.com v1.api.paymenthighway.io *.paymenthighway.io *.mobilepay.fi *.twitter.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.doubleclick.net *.facebook.com *.runconverge.com *.facebook.net *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.pinimg.com ssl.gstatic.com www.gstatic.com *.freshchat.com *.twitter.com *.pinterest.com *.trustpilot.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com 'self' 'unsafe-inline'; img-src 'self' data: widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * https:\/\/images.unsplash.com *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com static.runconverge.com *.pinimg.com ssl.gstatic.com www.gstatic.com cdn2.hubspot.net resources.paytrail.com *.cloudfront.net\/ *.criteo.net *.stamped.io *.freshchat.com\/ *.cloudflare.com *.ytimg.com *.bing.com\/ *.clarity.ms\/ *.google.al\/ *.google.am\/ *.google.at\/ *.google.az\/ *.google.ba\/ *.google.be\/ *.google.bg\/ *.google.by\/ *.google.ch\/ *.google.cz\/ *.google.de\/ *.google.dk\/ *.google.ee\/ *.google.es\/ *.google.fi\/ *.google.fr\/ *.google.ge\/ *.google.gr\/ *.google.hr\/ *.google.hu\/ *.google.ie\/ *.google.is\/ *.google.it\/ *.google.kz\/ *.google.li\/ *.google.lt\/ *.google.lu\/ *.google.lv\/ *.google.md\/ *.google.me\/ *.google.mk\/ *.google.mt\/ *.google.nl\/ *.google.no\/ *.google.pl\/ *.google.pt\/ *.google.ro\/ *.google.rs\/ *.google.ru\/ *.google.se\/ *.google.si\/ *.google.sk\/ *.google.sm\/ *.google.tr\/ *.google.ua\/ *.google.uk\/ *.google.com.ua\/ *.google.com.tr\/ *.google.com.gr\/ *.google.com.pt\/ *.google.com.pl\/ https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ magefan.com cm.magefan.com https:\/\/img.youtube.com *.unifaun.com\/ openstreetmap.org *.openstreetmap.org cdn1.stamped.io stamped.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https:\/\/maps.googleapis.com polyfill.io *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com *.runconverge.com *.analytics.google.com *.pinimg.com ssl.gstatic.com www.gstatic.com services.paytrail.com *.kk-resources.com\/ *.shopalike.fi\/ *.chatbotize.com\/ qanuk-stage.vercel.app *.tradedoubler.com *.criteo.com *.cookiefirst.com *.omappapi.com *.googleoptimize.com *.klaviyo.com reviewsonmywebsite.com 'self' data: *.fontawesome.com *.videoly.co\/ *.freshchat.com cdnjs.cloudflare.com\/ *.googleapis.com\/ *.noibu.com\/ *.pinimg.com\/ *.bing.com\/ *.tiktok.com\/ *.pinterest.com\/ *.intercom.io\/ *.intercomcdn.com\/ *.clarity.ms\/ polyfill-fastly.io\/ https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ unpkg.com\/ cdn1.stamped.io stamped.io *.trustpilot.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com s7.addthis.com https:\/\/cdn.jsdelivr.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.cash.app *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com static.runconverge.com *.facebook.net *.google-analytics.com *.analytics.google.com *.google.com *.pinimg.com ssl.gstatic.com www.gstatic.com *.cookiefirst.com *.omappapi.com reviewsonmywebsite.com *.typekit.net *.freshchat.com\/ *.cloudflare.com\/ *.klaviyo.com\/ https:\/\/static.klaviyo.com maxcdn.bootstrapcdn.com unpkg.com\/ cdn1.stamped.io stamped.io *.trustpilot.com assets.braintreegateway.com https:\/\/cdn.jsdelivr.net *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src cdn1.stamped.io stamped.io 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.algolia.net *.algolia.com\/ *.algolianet.com *.facebook.com *.facebook.net *.google.com\/ payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com *.runconverge.com *.googletagmanager.com *.pinimg.com ssl.gstatic.com www.gstatic.com *.paytrail.com *.criteo.com *.kelkoogroup.net\/ *.chatbotize.com *.doubleclick.net *.qanuk.app *.cookiefirst.com *.omappapi.com *.googlesyndication.com reviewsonmywebsite.com *.cloudflare.com *.pinterest.com *.tiktok.com\/ *.clarity.ms\/ *.noibu.com\/ wss:\/\/input.noibu.com\/ wss:\/\/nexus-websocket-a.intercom.io\/ *.intercom.io\/ *.bing.com\/ *.algolia.io\/ https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ cdn1.stamped.io stamped.io *.trustpilot.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com ekr.zdassets.com\/ 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.cloudflare.com *.trustedshops.com *.fontawesome.com https:\/\/fonts.bunny.net *.petomar.cz *.zahradnejazierka.sk data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/plumrocket.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com youtu.be *.vimeo.com *.addthis.com *.google.com\/ *.packeta.com *.apps.ladesk.com petomar.ladesk.com *.mapy.cz https:\/\/plumrocket.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.cloudflare.com https:\/\/cdn.klarna.com https:\/\/s.ytimg.com *.usercentrics.eu blob: magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com *.koongo.com im9.cz www.google.sk *.petomar.cz *.zahradnejazierka.sk *.mapy.cz api.mapy.com *.googleapis.com maps.gstatic.com *.facebook.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.cloudflare.com *.google-analytics.com *.gstatic.com *.googleadservices.com *.googleapis.com *.trustedshops.com *.usercentrics.eu *.addthis.com *.addthisedge.com *.moatads.com *.disqus.com *.avada.io *.google.com\/ cdnjs.cloudflare.com\/ajax\/libs\/highlight.js\/9.3.0\/highlight.min.js *.packeta.com *.ladesk.com *.petomar.cz *.zahradnejazierka.sk js-agent.newrelic.com static.cloudflareinsights.com unpkg.com *.mapy.cz maps.googleapis.com *.googletagmanager.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cloudflare.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com https:\/\/fonts.bunny.net cdnjs.cloudflare.com\/ajax\/libs\/highlight.js\/9.3.0\/styles\/darkula.min.css *.googleapis.com *.petomar.cz *.zahradnejazierka.sk unpkg.com *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/ipinfo.io *.cloudflare.com *.googleapis.com https:\/\/get.geojs.io *.avada.io *.koongo.com *.packeta.com www.google.com www.google.sk *.petomar.cz *.zahradnejazierka.sk *.mapy.cz api.mapy.com maps.googleapis.com places.googleapis.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' https: wss:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' 'unsafe-inline' https:;object-src 'none';base-uri 'self';form-action 'self';frame-ancestors 'none';","count":2},{"content-security-policy-report-only":" default-src 'self' blob: data:; connect-src 'self' https:\/\/*.analytics.google.com https:\/\/graphql.landsbankinn.is https:\/\/www.google-analytics.com cdn.landsbankinn.is https:\/\/log.landsbankinn.is https:\/\/www.google.com https:\/\/landsbankinn.boost.ai\/ https:\/\/googleads.g.doubleclick.net https:\/\/region1.google-analytics.com\/ https:\/\/stats.g.doubleclick.net\/ events.mapbox.com https:\/\/landsbankinn.cdn.prismic.io\/ api.mapbox.com https:\/\/a.landsbankinn.is\/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/connect.facebook.net\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.google-analytics.com\/ https:\/\/landsbankinn.boost.ai https:\/\/www.google.com https:\/\/www.gstatic.com cdn.landsbankinn.is https:\/\/static.cdn.prismic.io blob: data: https:\/\/td.doubleclick.net https:\/\/graphql.landsbankinn.is https:\/\/e.infogram.com\/ https:\/\/prismic.io\/ https:\/\/*.jotform.com https:\/\/a.landsbankinn.is\/; style-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/www.gstatic.com; img-src 'self' blob: data: images.prismic.io https:\/\/prismic-io.s3.amazonaws.com\/ www.gstatic.com www.google-analytics.com\/ api.mapbox.com cdn.landsbankinn.is https:\/\/landsbankinn.is\/ https:\/\/www.googletagmanager.com https:\/\/www.facebook.com\/tr\/ https:\/\/www.facebook.com\/ https:\/\/boost-files-general-eu-west-1-prod.s3-eu-west-1.amazonaws.com\/files\/LANDSBANKINN\/ https:\/\/www.google.is\/ https:\/\/www.google.com\/ https:\/\/landsbankinn.cdn.prismic.io\/; font-src 'self' cdn.landsbankinn.is fonts.gstatic.com https:\/\/unpkg.com blob: data:; object-src 'self' https:\/\/graphql.landsbankinn.is; base-uri 'self'; form-action 'self' https:\/\/graphql.landsbankinn.is; frame-ancestors 'self' cdn.landsbankinn.is; frame-src 'self' https:\/\/www.googletagmanager.com\/ https:\/\/landsbankinn.prismic.io\/ cdn.landsbankinn.is https:\/\/td.doubleclick.net\/ https:\/\/landsbankinn.boost.ai https:\/\/www.google.com\/ https:\/\/www.google.is\/ https:\/\/e.infogram.com\/ https:\/\/*.jotform.com; style-src-elem https:\/\/fonts.googleapis.com 'self' https:\/\/unpkg.com 'unsafe-eval' 'unsafe-inline' https:\/\/a.landsbankinn.is\/; media-src 'self' blob: https:\/\/prismic-io.s3.amazonaws.com\/landsbankinn\/ cdn.landsbankinn.is https:\/\/landsbankinn.cdn.prismic.io\/; worker-src 'self' blob:; child-src 'self' blob:; script-src-elem 'self' 'unsafe-inline' https:\/\/connect.facebook.net\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.google-analytics.com\/ https:\/\/landsbankinn.boost.ai https:\/\/www.google.com https:\/\/www.gstatic.com cdn.landsbankinn.is https:\/\/static.cdn.prismic.io https:\/\/td.doubleclick.net https:\/\/graphql.landsbankinn.is https:\/\/e.infogram.com\/ https:\/\/prismic.io\/ https:\/\/*.jotform.com https:\/\/a.landsbankinn.is\/ https:\/\/cdnjs.cloudflare.com\/polyfill\/v3\/polyfill.js https:\/\/*.ci.landsbankinn.is; manifest-src 'self'; report-to name-of-endpoint; report-uri https:\/\/log.landsbankinn.is\/api\/20\/security\/?sentry_key=5619b3ff53a764b525920b31d3e32e4a;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com maxcdn.bootstrapcdn.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/mobbex.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/accounts.google.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/mobbex.com *.weltpixel.com *.getblue.io *.doubleclick.net *.criteo.com *.groovinads.com www.tfaforms.com https:\/\/mercadopago.com.ar https:\/\/www.mercadopago.com.ar https:\/\/*.tiktok.com https:\/\/pixel.servicesadmedia.com\/ https:\/\/s.pinimg.com\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mobbex.com https:\/\/res.sugaway.io *.visualwebsiteoptimizer.com https:\/\/*.g.doubleclick.net *.clarity.ms *.bing.com mcstaging.sommiercenter.com *.groovinads.com *.criteo.com https:\/\/facebook.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/www.gstatic.com https:\/\/ssl.gstatic.com https:\/\/ad.doubleclick.net https:\/\/ade.googlesyndication.com https:\/\/www.mercadopago.com.ar https:\/\/m.facebook.com https:\/\/maps.googleapis.com https:\/\/www.afip.gob.ar https:\/\/www.google.com.ar data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page https:\/\/live.decidir.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mobbex.com https:\/\/www.google.com https:\/\/maps.googleapis.com api.wcx.cloud f.wcentrix.com https:\/\/www.googletagmanager.com tagmanager.google.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ *.hotjar.com *.cardinalcommerce.com *.embluemail.com *.navdmp.com *.zdassets.com *.visualwebsiteoptimizer.com *.getblue.io *.zopim.com *.clarity.ms *.groovinads.com *.criteo.net *.criteo.com *.decidir.com https:\/\/*.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https\/\/static.zdassets.com https:\/\/v2.zopim.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com https:\/\/accounts.google.com https:\/\/static.klaviyo.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com maxcdn.bootstrapcdn.com tagmanager.google.com https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ *.embluemail.com https:\/\/fonts.googleapis.com https:\/\/*.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com bedtime.com.ar *.bedtime.com.ar 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com https:\/\/developers.decidir.com\/ https:\/\/accounts.google.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mobbex.com https:\/\/www.google-analytics.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ wss:\/\/widget-mediator.zopim.com *.braindw.com *.clarity.ms *.zdassets.com *.zendesk.com *.embluemail.com *.visualwebsiteoptimizer.com *.criteo.com *.decidir.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/maps.googleapis.com https:\/\/www.google.com.ar https:\/\/analytics.google.com\/g\/collect https:\/\/www.google.com.ar\/ads https:\/\/ad.doubleclick.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https:; connect-src 'self' https:; frame-ancestors 'none'; object-src 'none'; report-to csp-endpoint; report-uri https:\/\/www.marken.com\/api\/csp-report","count":2},{"content-security-policy-report-only":" font-src *.bglobale.com *.global-e.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/cdnjs.cloudflare.com *.maisonkitsune.com *.maisonkitsune.test maisonkitsune.com preprod-m2.maisonkitsune.com maisonkitsune.test vestiaire.maisonkitsune.com preprod-vest.maisonkitsune.com vestiaire.test data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com accounts.google.com www.facebook.com api.twitter.com www.linkedin.com api.instagram.com *.amazon.com *.twitch.tv login.microsoftonline.com https:\/\/pinterest.com https:\/\/www.pinterest.com appleid.apple.com www.apptrian.com facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.bglobale.com *.global-e.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com https:\/\/www.googletagmanager.com\/ ssmkt.maisonkitsune.com\/ *.kleep.ai *.cookieinformation.com https:\/\/open.spotify.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.bglobale.com *.global-e.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.maisonkitsune.com *.maisonkitsune.test maisonkitsune.com preprod-m2.maisonkitsune.com maisonkitsune.test vestiaire.maisonkitsune.com preprod-vest.maisonkitsune.com vestiaire.test *.line.me *.bing.com https:\/\/bat.bing.net https:\/\/cdn.cookielaw.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.bglobale.com *.global-e.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.avada.io https:\/\/cdnjs.cloudflare.com *.maisonkitsune.com *.maisonkitsune.test maisonkitsune.com preprod-m2.maisonkitsune.com maisonkitsune.test vestiaire.maisonkitsune.com preprod-vest.maisonkitsune.com vestiaire.test *.kleep.ai *.cookieinformation.com *.bing.com *.line-scdn.net *.jsdelivr.net *.zdassets.com https:\/\/cdn.cookielaw.org wss:\/\/widget-mediator.zopim.com https:\/\/ssmkt.maisonkitsune.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.bglobale.com *.global-e.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.fontawesome.com https:\/\/cdnjs.cloudflare.com *.maisonkitsune.com *.maisonkitsune.test maisonkitsune.com preprod-m2.maisonkitsune.com maisonkitsune.test vestiaire.maisonkitsune.com preprod-vest.maisonkitsune.com vestiaire.test *.kleep.ai 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ *.zdassets.com https:\/\/cdn.cookielaw.org 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/get.geojs.io *.avada.io *.maisonkitsune.com *.maisonkitsune.test maisonkitsune.com preprod-m2.maisonkitsune.com maisonkitsune.test vestiaire.maisonkitsune.com preprod-vest.maisonkitsune.com vestiaire.test *.kleep.ai https:\/\/bat.bing.net *.googlesyndication.com *.cookieinformation.com *.zendesk.com *.zdassets.com wss:\/\/widget-mediator.zopim.com https:\/\/cdn.cookielaw.org *.onetrust.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" frame-ancestors www.gstatic.com https:\/\/devmi1.alb.com.co https:\/\/dev.alb.com.co *.paypal.com *.movilpt.co; font-src fonts.googleapis.com fonts.gstatic.com *.fontawesome.com https:\/\/app.alb.com.co *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.paypal.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com https:\/\/www.facebook.com *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com www.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadolibre.com https:\/\/www.googletagmanager.com https:\/\/api.retargetly.com https:\/\/*.hotjar.com https:\/\/*.doubleclick.net https:\/\/www.facebook.com https:\/\/resources-rt.idx.lat\/ *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com maps.googleapis.com maps.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar *.mercadolivre.com https:\/\/*.bing.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.com.mx https:\/\/*.clarity.ms https:\/\/www.google.com.co https:\/\/analytics.twitter.com https:\/\/app.alb.com.co https:\/\/dev.placetopay.com https:\/\/t.co https:\/\/checkout-co.placetopay.dev *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com maps.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ maps.gstatic.com fonts.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mlstatic.com *.mercadopago.com https:\/\/widget.manychat.com https:\/\/www.google.com https:\/\/api.retargetly.com https:\/\/*.clarity.ms https:\/\/connect.facebook.net https:\/\/bat.bing.com https:\/\/analytics.tiktok.com https:\/\/d12zyq17vm1xwx.cloudfront.net https:\/\/*.hotjar.com https:\/\/static.ads-twitter.com https:\/\/script.crazyegg.com https:\/\/resources-rt.idx.lat *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline fonts.googleapis.com *.fontawesome.com https:\/\/app.alb.com.co *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.paypal.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline'; object-src *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.paypal.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline'; media-src *.adobe.com *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.paypal.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline'; manifest-src *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.paypal.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolibre.com https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/notifications-icommkt.com https:\/\/track-icommkt.com https:\/\/analytics.tiktok.com https:\/\/*.clarity.ms https:\/\/analytics.google.com https:\/\/script.crazyegg.com https:\/\/rt.idx.lat *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org http: https: blob: 'self' 'unsafe-inline'; default-src https:\/\/*.api.comapi.com https:\/\/wom-co.convertia.com *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.paypal.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.amazonaws.com *.addi.com *.yieldmo.com *.casalemedia.com *.newrelic.com *.newrelic.co *.nr-data.net *.aralego.net *.aralego.com *.mediavine.com *.stickyadstv.com *.adgrx.com *.bluekai.com *.revcontent.com *.pubmatic.com *.outbrain.com *.postrelease.com *.liadm.com *.bidswitch.net *.emxdgt.com *.crcom.gov.co *.omappapi.com *.googlesyndication.com *.getblue.io *.pangle-ads.com *.yahoo.net *.movilpt.co https:\/\/devmi1.alb.com.co *.criteo.com *.clmbtech.com *.decidata.tv *.gfl85trk.com *.pingdom.net *.tremorhub.com *.smaato.net *.sharethrough.com *.360yield.com *.omnitagjs.com *.yahoo.com *.3lift.com *.teads.tv *.taboola.com *.smartadserver.com *.rubiconproject.com *.media.net *.adnxs.com *.paypal.com *.doubleclick.net *.192.168.232.4:7105 *.avantel.co *.openstreetmap.org 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: ws: wss: https:; report-uri https:\/\/l.iplsc.com\/logger\/","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klevu.com *.ksearchnet.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.certcapture.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com * *.googleapis.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.certcapture.com www.gstatic.com *.trackedlink.net *.klevu.com *.ksearchnet.com magefan.com cm.magefan.com *.disqus.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com maps.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.magento-datasolutions.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.certcapture.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com js.klevu.com *.ksearchnet.com *.disqus.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com maps.googleapis.com *.googleapis.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com webchat.dotdigital.com webchat.staging.dotdigital.com *.klevu.com *.ksearchnet.com assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.klevu.com *.ksearchnet.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com maps.googleapis.com *.googleapis.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; frame-src secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googletagmanager.com *.retailrocket.net landofcoder.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net data: www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com www.apptrian.com www.facebook.com assets.fintoc.com https:\/\/assets.fintoc.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com *.google.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.youtube.com www.googletagmanager.com www.apptrian.com www.facebook.com connect.facebook.net graph.facebook.com *.retailrocket.net landofcoder.com *.googleapis.com *.google.com *.gstatic.com *.avada.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com *.retailrocket.net *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src *.retailrocket.net landofcoder.com 'self' 'unsafe-inline'; media-src www.apptrian.com www.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.apptrian.com connect.facebook.net graph.facebook.com *.retailrocket.net landofcoder.com http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/get.geojs.io *.avada.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com stats.g.doubleclick.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" frame-ancestors *.vee24.com","count":2},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.xtento.com *.awin1.com *.zenaps.com *.fls.doubleclick.net js.mollie.com *.weltpixel.com *.addthis.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * www.googletagmanager.com js.stripe.com m.stripe.network www.facebook.com www.google.com tally.so 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.xtento.com cdn.xtento.com https:\/\/images.unsplash.com *.awin1.com *.zenaps.com *.wepowerconnections.com *.bird.eu https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/www.mollie.com *.disqus.com https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com maps.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.gstatic.com *.facebook.com www.burdastyle.fr www.facebook.com bat.bing.com *.burdastyle.fr *.burdastyle.com *.abo-online.fr *.burdastyle.es *.burdastyle.pt *.burdastyle.uk *.burdastyle.nl *.burdastyle.dk *.burdastyle.se *.burdastyle.pl *.faitmain-magazine.fr maps.googleapis.com www.google.fr data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.xtento.com cdn.xtento.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.mollie.com *.disqus.com *.addthis.com https:\/\/z.moatads.com https:\/\/v1.addthisedge.com https:\/\/cdn.jsdelivr.net *.avada.io https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com maps.googleapis.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net unpkg.com static.klaviyo.com connect.facebook.net *.googletagmanager.com bat.bing.com js.stripe.com m.stripe.network analytics.tiktok.com static.cloudflareinsights.com static-tracking.klaviyo.com www.google.com www.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/static.klaviyo.com https:\/\/cdn.jsdelivr.net *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com unsafe-inline assets.braintreegateway.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com maps.googleapis.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.google-analytics.com *.facebook.net *.a.klaviyo.com static-forms.klaviyo.com bat.bing.com m.stripe.com www.google.com www.google.fr region1.analytics.google.co 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.squarecdn.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' 'unsafe-inline' 'unsafe-eval'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com widgets.sandbox.afterpay.com *.cash.app https:\/\/www.facebook.com *.criteo.com\/ *.sandbox.paypal.com *.paypalobjects.com *.sandbox.clearpay.co.uk *.clearpay.co.uk *.afterpay.com *.sandbox.afterpay.com *.payway.com.au *.afterpay-beta.com *.weltpixel.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.afterpay.com\/ *.cash.app *.jbmetro.com.au *.jbmetro-sc-act.com.au *.jbmetroadelaide.com.au *.jbmetro-sa-nt.com.au *.google.co.in *.google.com *.bing.com *.pinterest.com *.criteo.com magefan.com cm.magefan.com *.disqus.com https:\/\/firebasestorage.googleapis.com *.facebook.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com commerce.adobe.net *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net *.youtube.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.magento-datasolutions.com https:\/\/portal.sandbox.afterpay.com https:\/\/portal.afterpay.com https:\/\/static.afterpay.com *.squarecdn.com https:\/\/hbiq.net *.cash.app *.gstatic.com *.facebook.com *.criteo.com *.criteo.net https:\/\/www.google.com\/recaptcha\/api2\/webworker.js *.jbmetro.com.au *.jbmetro-sc-act.com.au *.jbmetroadelaide.com.au *.jbmetro-sa-nt.com.au *.hotjar.com https:\/\/static.hotjar.com *.googleapis.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.vimeo.com https:\/\/www.googletagmanager.com *.smartlook.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com *.sandbox.clearpay.co.uk *.clearpay.co.uk *.afterpay.com *.sandbox.afterpay.com *.payway.com.au *.afterpay-beta.com *.google.co.in *.www.google.co.in *.disqus.com *.avada.io tagmanager.google.com *.facebook.net unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com static.afterpay.com\/ *.squarecdn.com *.cash.app *.coolzcloud.com *.amazonaws.com *.fontawesome.com https:\/\/fonts.bunny.net tagmanager.google.com 'self' 'unsafe-inline'; object-src *.jbmetro.com.au *.jbmetro-sc-act.com.au *.jbmetroadelaide.com.au *.jbmetro-sa-nt.com.au *.paypal.com *.sandbox.paypal.com *.paypalobjects.com *.sandbox.clearpay.co.uk *.clearpay.co.uk *.afterpay.com *.sandbox.afterpay.com *.payway.com.au *.afterpay-beta.com 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.jbmetro.com.au *.jbmetro-sc-act.com.au *.jbmetroadelaide.com.au *.jbmetro-sa-nt.com.au 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.magento-datasolutions.com *.magento-ds.com *.afterpay.com *.squarecdn.com https:\/\/hbiq.net https:\/\/iq.afterpay-beta.com https:\/\/iq.afterpay.com *.cash.app api.lab.amplitude.com *.doubleclick.net https:\/\/www.facebook.com *.googleapis.com *.criteo.com *.pinterest.com *.facebook.net *.hotjar.com *.hotjar.io wss:\/\/ws.hotjar.com *.sandbox.paypal.com *.paypalobjects.com *.sandbox.clearpay.co.uk *.clearpay.co.uk *.sandbox.afterpay.com *.payway.com.au *.afterpay-beta.com *.google.co.in *.www.google.co.in https:\/\/get.geojs.io *.avada.io *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.klevu.com *.ksearchnet.com checkout.getbread.com *.paypal.com *.google-analytics.com *.mmapiws.com *.doubleclick.net *.searchspring.io *.turnto.com bat.bing.com datalayer.jumpfly.com *.mouseflow.com *.nr-data.net *.newrelic.com *.google.com *.clarity.ms analytics.google.com tgscript.s3.amazonaws.com *.cloudflare.com *.twitter.com *.google.co.in *.facebook.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com *.bootstrapcdn.com js.klevu.com data: *.shopperapproved.com use.fontawesome.com maxcdn.bootstrapcdn.com fonts.gstatic.com *.iadvize.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com hpp-sandbox.worldpay.com payments-test.worldpay.com payments.worldpay.com https:\/\/www.shopperapproved.com *.authorize.net *.twitter.com *.facebook.com connect.facebook.net yotpo.com *.yotpo.com swellrewards.com *.swellrewards.com hpp.worldpay.com 'self' 'unsafe-inline'; frame-ancestors *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ hpp-sandbox.worldpay.com payments-test.worldpay.com payments.worldpay.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com *.authorize.net *.liveperson.net checkout.getbread.com *.doubleclick.net *.lpsnmedia.net *.google.com *.googletagmanager.com *.facebook.com platform.twitter.com td.doubleclick.net *.twitter.com *.google.co.in www.xtento.com photos.pixlee.co *.weltpixel.com yotpo.com *.yotpo.com swellrewards.com *.swellrewards.com *.paypalobjects.com airtable.com *.lightingwarehouse.com e.sprinklerwarehouse.com hpp.worldpay.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io widgets.automizely.com widgets.automizely.io https:\/\/www.shopperapproved.com *.trackedlink.net *.klevu.com *.ksearchnet.com https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com *.ftcdn.net *.behance.net https:\/\/images.unsplash.com *.googleadservices.com blob: https:\/\/meetanshi.com\/media\/logo.png *.cloudflare.com *.gstatic.com *.google.com *.google.co.in *.facebook.com *.klarna.com *.google-analytics.com *.paypal.com * *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.connect.facebook.net stats.g.doubleclick.net d.adroll.com pixel.advertising.com pixel.rubiconproject.com simage2.pubmatic.com dsum-sec.casalemedia.com ads.yahoo.com eb2.3lift.com sync.outbrain.com trc.taboola.com x.bidswitch.net\/sync ib.adnxs.com idsync.rlcdn.com us-u.openx.net ups.analytics.yahoo.com segments.company-target.com sync.tidaltv.com *.trustgaurd.com content.sprinklerwarehouse.com bat.bing.com www.xtento.com cdn.xtento.com wac.edgecastcdn.net yotpo.com *.yotpo.com swellrewards.com *.swellrewards.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ ajax.googleapis.com fonts.googleapis.com widgets.automizely.com widgets.automizely.io hpp-sandbox.worldpay.com payments-test.worldpay.com payments.worldpay.com https:\/\/www.shopperapproved.com https:\/\/direct.shopperapproved.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com widget.freshworks.com m2epro.freshdesk.com *.klevu.com *.ksearchnet.com https:\/\/maps.googleapis.com\/maps\/api\/ https:\/\/maps.googleapis.com\/ *.authorize.net *.liveperson.net *.lpsnmedia.net cdn.searchspring.net checkout.getbread.com *.googleadservices.com *.googletagmanager.com *.google-analytics.com *.google.com www.gstatic.com bat.bing.com *.mouseflow.com services.nofraud.com *.doubleclick.net widgets.turnto.com js.klevu.com stats.g.doubleclick.net static.trackedweb.net tgscript.s3.amazonaws.com *.clarity.ms platform.twitter.com connect.facebook.net cdn-ws.turnto.com *.cloudflare.com *.twitter.com *.google.co.in *.facebook.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.paypalobjects.com *.paypal.com chimpstatic.com s.adroll.com d.adroll.com d.adroll.mgr.consensu.org *.bootstrapcdn.com player.vimeo.com content.sprinklerwarehouse.com www.xtento.com cdn.xtento.com *.turnto.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net unpkg.com yotpo.com *.yotpo.com swellrewards.com *.swellrewards.com googletagmanager.com *.lightingwarehouse.com code.jquery.com *.sprinklerwarehouse.com *.vimeo.com *.shopperapproved.com *.breadpayments.com *.gstatic.com accdn.lpsnmedia.net lpcdn.lpsnmedia.net static.elfsight.com halc.iadvize.com cdn.brcdn.com *.iadvize.com elfsightcdn.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com widgets.automizely.com widgets.automizely.io webchat.dotdigital.com webchat.staging.dotdigital.com widget.freshworks.com m2epro.freshdesk.com *.klevu.com *.ksearchnet.com *.cloudflare.com *.googleapis.com *.twitter.com *.google.com *.google.co.in *.facebook.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.youtube.com cdn.searchspring.net widgets.turnto.com js.klevu.com tgscript.s3.amazonaws.com *.bootstrapcdn.com *.turnto.com tagmanager.google.com yotpo.com *.yotpo.com swellrewards.com *.swellrewards.com maxcdn.bootstrapcdn.com  *.bootstrapcdn.com cdn.dnky.co *.yotpo.complete content.sprinklerwarehouse.com *.lightingwarehouse.com *.nr-data.net *.iadvize.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.lpsnmedia.net data: *.trustguard.com content.sprinklerwarehouse.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.automizely.com api.automizely.io hpp-sandbox.worldpay.com payments-test.worldpay.com payments.worldpay.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com widget.freshworks.com m2epro.freshdesk.com *.klevu.com *.ksearchnet.com https:\/\/maps.googleapis.com *.authorize.net *.lpsnmedia.net data: *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com *.google.com *.google.co.in *.facebook.com checkout.getbread.com *.mmapiws.com *.doubleclick.net *.searchspring.io *.turnto.com bat.bing.com datalayer.jumpfly.com *.mouseflow.com *.clarity.ms tgscript.s3.amazonaws.com content.sprinklerwarehouse.com *.facebook.net yotpo.com *.yotpo.com swellrewards.com *.swellrewards.com *.lightingwarehouse.com adservice.google.com fonts.googleapis.com core.service.elfsight.com maps.googleapis.com *.fontawesome.com halc.iadvize.com api.iadvize.com cdn.brcdn.com services.nofraud.com learn.sprinklerwarehouse.com p.brsrvr.com *.iadvize.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src checkout.getbread.com *.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net cash-f.squarecdn.com https:\/\/client.crisp.chat https:\/\/plugin-magento-ui.glopalservice.com https:\/\/applepay.cdn-apple.com *.fontawesome.com https:\/\/fonts.bunny.net *.cloudflare.com fonts.gstatic.com\/ maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com applepay.cdn-apple.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * p.monetico-services.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ * *.payplug.com *.dalenys.com https:\/\/applepay.cdn-apple.com ct.pinterest.com api-qa.payplug.com secure-qa.payplug.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io * https:\/\/images.unsplash.com https:\/\/image.crisp.chat https:\/\/cdn-redirector.glopal.com https:\/\/plugin-magento-ui.glopalservice.com https:\/\/secure-magenta.dalenys.com *.google.com *.google.fr *.google.ie *.jardindupicvert.com *.jardindupicvert.com.localhost *.promessedefleurs.com *.promessedefleurs.com.localhost cl.avis-verifies.com ct.pinterest.com bat.bing.com www.google.com.vn https:\/\/firebasestorage.googleapis.com https:\/\/redchamps.com *.openstreetmap.fr *.openstreetmap.org unpkg.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/client.crisp.chat https:\/\/cdn-redirector.glopal.com https:\/\/plugin-magento-ui.glopalservice.com cdn-renderer.glopalstore.com https:\/\/secure-magenta.dalenys.com https:\/\/applepay.cdn-apple.com api-qa.payplug.com cdn-qa.payplug.com cdn.payplug.com *.google.com *.google.fr *.google.ie *.googletagmanager.com *.googleadservices.com cl.avis-verifies.com bat.bing.com s.pinimg.com *.avada.io *.shopify.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.payplug.com https:\/\/cdn-qa.payplug.com https:\/\/unpkg.com\/pwacompat 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app https:\/\/client.crisp.chat https:\/\/cdn-redirector.glopal.com https:\/\/plugin-magento-ui.glopalservice.com https:\/\/secure-magenta.dalenys.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com unpkg.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io * https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/client.crisp.chat wss:\/\/client.relay.crisp.chat https:\/\/plugins.crisp.chat https:\/\/api-plugin-facade.glopalservice.com https:\/\/cognito-idp.eu-west-1.amazonaws.com api.glopaltranslator.com *.doubleclick.net *.jardindupicvert.com *.jardindupicvert.com.localhost *.promessedefleurs.com *.promessedefleurs.com.localhost ct.pinterest.com https:\/\/get.geojs.io *.avada.io *.openstreetmap.org *.arcgis.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src cl.avis-verifies.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action *.paypal.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src *.youtube.com *.youtube-nocookie.com player.vimeo.com bid.g.doubleclick.net *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com https:\/\/www.googletagmanager.com *.doubleclick.net *.facebook.com *.cookiebot.com *.multisafepay.com https:\/\/pay.google.com 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.paypal.com *.typekit.net *.gstatic.com 'self' data: https:\/\/maps.googleapis.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.cookiebot.com *.adnxs.com *.openstreetmap.org *.multisafepay.com data: 'self' 'unsafe-inline'; script-src *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.cookiebot.com static.buckaroo.nl static.hotjar.com *.multisafepay.com https:\/\/pay.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.bootstrapcdn.com *.multisafepay.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.facebook.com *.facebook.net https:\/\/maps.googleapis.com\/maps\/api\/geocode\/json *.googlesyndication.com *.postcode-checkout.nl https:\/\/consent.cookiebot.com static.buckaroo.nl *.hotjar.com https:\/\/maps.googleapis.com *.openstreetmap.org *.multisafepay.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' data: gap: *.klarna.com *.freshchat.com *.vimeo.com *.youtube.com *.whittard.co.uk *.whittard.com mention-me.com *.zenaps.com *.sub2tech.com *.gstatic.com *.facebook.com *.bglobale.com *.global-e.com *.onetrust.com *.windows.net *.whittardofchelsea.freshdesk.com *.tvsquared.com; img-src data: blob: *.demandware.net *.commercecloud.salesforce.com *.ads.linkedin.com *.demdex.net *.amazonaws.com *.ometria.com *.googletagmanager.com *.facebook.net *.facebook.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.gstatic.com *.doubleclick.net *.googleapis.com *.google-analytics.com *.googleadservices.com *.google.com *.whittard.co.uk *.whittard.com *.postcodeanywhere.co.uk *.pcapredict.com *.yotpo.com *.tokywoky.com img.tokywoky.com *.klarnaservices.com *.klarnacdn.net *.mention-me.com *.awin1.com *.dwin1.com bda.bookatable.com i.ytimg.com *.contentsquare.net *.contentsquare.com *.sub2tech.com *.cloudfront.net *.youtube.com *.vimeo.com bat.bing.com *.zenaps.com *.msgfocus.com *.fbsbx.com *.fbcdn.net graph.facebook.com *.zscloud.net *.googleusercontent.com *.klarnaevt.com i.vimeocdn.com *.surveymonkey.com *.kaltura.com *.gocertify.me *.bglobale.com *.global-e.com *.bc0a.com *.b0e8.com *.onetrust.com *.windows.net *.particularaudience.com *.p-a.io *.googleanalytics.com *.google-analytics.com *.googleoptimize.com *.tvsquared.com analytics.whittard.com analytics.whittard.co.uk ade.googlesyndication.com *.abtasty.com *.roeyecdn.com *.roeye.com *.linkedin.com *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com; child-src 'self' blob: *.abtasty.com *.studentbeans.com *.google.com *.doubleclick.net *.facebook.com *.tokywoky.com *.freshchat.com mention-me.com *.mention-me.com *.klarna.com *.klarnaservices.com bda.bookatable.com *.sub2tech.com *.youtube.com *.vimeo.com *.zenaps.com *.googlesyndication.com *.online-metrix.net *.pagetiger.com *.googletagmanager.com connect.studentbeans.com *.googleapis.com *.surveymonkey.com *.paperform.co paperform.co *.ordergroove.com *.worldpay.com *.cardinalcommerce.com *.gocertify.me *.bglobale.com *.global-e.com whittardofchelsea.freshdesk.com *.pinterest.com *.whittard.co.uk *.whittard.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.postcodeanywhere.co.uk *.pcapredict.com *.bootstrapcdn.com *.myfonts.net cdnjs.cloudflare.com *.yotpo.com *.freshchat.com *.mention-me.com *.sub2tech.com bda.bookatable.com *.klarnacdn.net *.whittard.co.uk *.whittard.com *.ordergroove.com *.particularaudience.com *.p-a.io *.google.com *.amazonaws.com *.abtasty.com *.gstatic.com *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com; font-src 'self' data: *.gstatic.com *.g.doubleclick.net *.bootstrapcdn.com *.yotpo.com *.bookatable.com *.alicdn.com *.klarnacdn.net *.whittard.co.uk *.whittard.com *.ordergroove.com *.fontawesome.com *.bglobale.com *.global-e.com *.abtasty.com *.googleapis.com use.typekit.net *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com; media-src 'self' data: *.facebook.com *.youtube.com *.vimeo.com *.paypal.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' snap.licdn.com code.jquery.com *.pinimg.com *.cquotient.com *.ometria.com *.tryzens-analytics.com:12443 *.tvsquared.com *.facebook.net cdnjs.cloudflare.com cdn.cquotient.com *.googletagmanager.com www.googletagmanager.com *.g.doubleclick.net *.googleapis.com *.google-analytics.com *.googleadservices.com *.google.com *.gstatic.com *.dwin1.com *.postcodeanywhere.co.uk *.pcapredict.com *.z-analytics.net *.yotpo.com *.tokywoky.com *.msecnd.net *.freshchat.com *.klarnaservices.com *.klarna.com *.klarnaevt.com *.klarnacdn.net *.mention-me.com *.worldpay.com *.cardinalcommerce.com bda.bookatable.com bat.bing.com *.contentsquare.net *.contentsquare.com *.sub2tech.com *.yottaa.com *.cloudfront.net *.freshworksapi.com *.zenaps.com *.paypal.com *.paypalobjects.com *.awin1.com *.dwin1.com *.sessioncam.com *.whittard.co.uk *.whittard.com *.bootstrapcdn.com *.googlesyndication.com www.google.com *.studentbeans.com onlineerp.solution.quebec widget.surveymonkey.com *.paperform.co paperform.co *.ordergroove.com cdnapisec.kaltura.com *.gocertify.me *.bglobale.com *.global-e.com *.b0e8.com *.vimeo.com *.onetrust.com *.windows.net *.particularaudience.com *.p-a.io *.googleanalytics.com *.googleoptimize.com analytics.whittard.com analytics.whittard.co.uk *.amazonaws.com *.abtasty.com *.roeyecdn.com *.roeye.com *.pinterest.com *.zi-scripts.com *.roeye.com *.payments-amazon.com *.tryzens-analytics.com unpkg.com cdn.cookielaw.org *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com; connect-src 'self' *.ads.linkedin.com snap.licdn.com *.rapid.yottaa-network.net pagead2.googlesyndication.com *.google-analytics.com *.googleadservices.com *.g.doubleclick.net *.tryzens-analytics.com:12280 *.ometria.com *.postcodeanywhere.co.uk *.pcapredict.com *.yotpo.com *.tokywoky.com *.klarnauserservices.com *.klarnaservices.com *.klarna.com *.klarnaevt.com *.klarnacdn.net *.mention-me.com mention-me.com bda.bookatable.com *.z-analytics.net *.contentsquare.net *.contentsquare.com *.sub2tech.com *.cloudfront.net *.awin1.com *.dwin1.com *.yottaa.net *.sessioncam.com bat.bing.com *.facebook.com *.google.com *.facebook.net *.googleapis.com widget.surveymonkey.com *.s3.amazonaws.com *.ordergroove.com *.worldpay.com *.cardinalcommerce.com *.gocertify.me *.bglobale.com *.global-e.com *.vimeo.com *.onetrust.com *.windows.net *.particularaudience.com *.p-a.io *.gstatic.com *.abtasty.com analytics.whittard.com analytics.whittard.co.uk ade.googlesyndication.com *.whittard.com *.whittard.co.uk *.amazonaws.com *.pinterest.com *.zi-scripts.com *.zoominfo.com *.tryzens-analytics.com unpkg.com cdn.cookielaw.org *.google.co.uk *.bing.net payments-eu.amazon.com *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com; manifest-src 'self'; ; report-uri https:\/\/whtd-csp.tryzens-analytics.com;","count":2},{"content-security-policy-report-only":" frame-src 'self' *.house.gov congress.gov www.congress.gov *.congressnewsletter.net www.google.com www.instagram.com www.facebook.com platform.twitter.com video.teleforumonline.com vekeo.com syndication.twitter.com pixel-sync.sitescout.com www.googletagmanager.com www.youtube.com syndicatedsearch.goog m.facebook.com ws.sharethis.com web.facebook.com pixel.sitescout.com www.youtube-nocookie.com video.ibm.com www.ustream.tv creators.spotify.com podcasters.spotify.com anchor.fm www.c-span.org www.census.gov http:\/\/www.youtube.com www.washingtonpost.com maps.google.com house.us1.list-manage.com house.us21.list-manage.com http:\/\/www.youtube-nocookie.com googleads.g.doubleclick.net authenticate.ibotta.com sts1.auth.ecuf.deas.mil safe.menlosecurity.com cdn.flipsnack.com www.canva.com vastcdn.outbrain.com tpc.googlesyndication.com *.safeframe.googlesyndication.com imasdk.googleapis.com denied.schoolsbroadband.net docs.google.com w.soundcloud.com lookerstudio.google.com storify.com rumble.com uw-media.app.com interactive.tegna-media.com disqus.com embed.podcasts.apple.com; report-uri https:\/\/api.web.fireside21.app\/csp-report","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/api-maps.yandex.ru https:\/\/www.google.com https:\/\/www.gstatic.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:\/\/api-maps.yandex.ru https:\/\/www.gstatic.com; font-src 'self'; connect-src 'self' https:\/\/www.google.com https:\/\/www.gstatic.com; frame-src https:\/\/www.google.com; child-src https:\/\/www.google.com;","count":2},{"content-security-policy-report-only":" font-src sw-assets.ekomiapps.de *.contentbird-convert.com static-v2.unzer.com www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/static.unzer.com https:\/\/applepay.cdn-apple.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/geowidget.easypack24.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src *.usercentrics.eu td.doubleclick.net *.pinterest.com *.criteo.com www.sovendus-connect.com static.experimentation.dev static-cc.unzer.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.awin1.com *.zenaps.com *.fls.doubleclick.net https:\/\/www.googletagmanager.com\/ https:\/\/payment.unzer.com https:\/\/payment.heidelpay.com https:\/\/sbx-payment.heidelpay.com https:\/\/sbx-payment.unzer.com https:\/\/static-cc.test.unzer.com https:\/\/h.online-metrix.net https:\/\/google.com\/pay https:\/\/pay.google.com\/ https:\/\/test-heidelpay.hpcgw.net\/ https:\/\/sbx-api.heidelpay.com\/ https:\/\/sandbox.clicktopay.auth.visa.com https:\/\/clicktopay.visa.com https:\/\/sandbox.secure.checkout.visa.com https:\/\/secure.checkout.visa.com https:\/\/www.google.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com https:\/\/geowidget-app.inpost.pl\/ 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com *.josera.de *.foodforplanet.de *.trbo.com sw-assets.ekomiapps.de *.usercentrics.eu www.google.de *.analytics.google.com bat.bing.com *.g.doubleclick.net ib.adnxs.com region1.google-analytics.com rtb-csync.smartadserver.com a.twiago.com sync-t1.taboola.com pixel.quantserve.com ad.360yield.com sync.1rx.io *.criteo.com sync.targeting.unrulymedia.com *.wepowerconnections.com lantern.roeye.com static.experimentation.dev *.contilla.de *.contentbird-convert.com static-v2.unzer.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.awin1.com *.zenaps.com https:\/\/ssl.ceneo.pl http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/static.unzer.com *.online-metrix.net https:\/\/www.gstatic.com magefan.com cm.magefan.com *.disqus.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com https:\/\/firebasestorage.googleapis.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org data: 'self' 'unsafe-inline'; script-src 'unsafe-inline' foodf11123.pcapredict.com *.trbo.com *.usercentrics.eu cdn.jsdelivr.net tierspuren.online *.upsellit.com *.cptrack.de lantern.roeyecdn.com *.brandswap.com brandswaptag.azureedge.net api.contester.net sw-assets.ekomiapps.de s.pinimg.com bat.bing.com *.facebook.net *.criteo.com *.criteo.net googleads.g.doubleclick.net www.clarity.ms secure.quantserve.com ad4m.at *.pinterest.com rules.quantcount.com *.sovendus.com static.experimentation.dev *.kameleoon.io *.contilla.de *.contentbird-convert.com static-v2.unzer.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com https:\/\/ssl.ceneo.pl widget.freshworks.com m2epro.freshdesk.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.amplifyapp.com https:\/\/static.unzer.com https:\/\/applepay.cdn-apple.com https:\/\/pay.google.com https:\/\/code.jquery.com https:\/\/h.online-metrix.net https:\/\/h64.online-metrix.net https:\/\/static-v2.unzer.com\/v2\/ui-components\/ https:\/\/www.google.com https:\/\/www.gstatic.com *.disqus.com *.snrbox.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.avada.io *.shopify.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org 'self' 'unsafe-inline' 'unsafe-eval'; style-src sw-assets.ekomiapps.de static.experimentation.dev *.contentbird-convert.com static-v2.unzer.com fonts.googleapis.com widget.freshworks.com m2epro.freshdesk.com https:\/\/sandbox.src.mastercard.com https:\/\/static-v2.unzer.com\/v2\/ui-components\/ *.snrcdn.net https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/geowidget.easypack24.net https:\/\/geowidget.inpost.pl 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/geowidget.easypack24.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.josera.de tierspuren.online region1.google-analytics.com tagapi.brandswap.com sw-assets.ekomiapps.de *.usercentrics.eu www.google.com *.analytics.google.com *.googlesyndication.com googleads.g.doubleclick.net *.pinterest.com *.criteo.com *.clarity.ms *.sovendus.com *.googletagmanager.com bat.bing.com www.google.de static.experimentation.dev sdk-config.experimentation.dev eu-data.experimentation.dev *.contentbird-convert.com api.unzer.com static-cc.unzer.com *.google-analytics.com www.googleadservices.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com widget.freshworks.com m2epro.freshdesk.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/api.unzer.com https:\/\/api.heidelpay.com https:\/\/sbx-api.heidelpay.com https:\/\/sbx-api.unzer.com https:\/\/payment.unzer.com https:\/\/payment.heidelpay.com https:\/\/sbx-payment.heidelpay.com https:\/\/sbx-payment.unzer.com https:\/\/h.online-metrix.net https:\/\/h64.online-metrix.net https:\/\/google.com\/pay https:\/\/www.google.com\/pay https:\/\/pay.google.com https:\/\/test-heidelpay.hpcgw.net\/ https:\/\/sbx-api.heidelpay.com\/ https:\/\/static-cc.test.unzer.com https:\/\/static-v2.unzer.com\/v2\/ui-components\/ *.snrbox.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com api.addressy.com https:\/\/get.geojs.io *.avada.io *.easypack24.net *.inpost.pl *.openstreetmap.org 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com data: *.fontawesome.com https:\/\/fonts.bunny.net *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.yotpo.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.xtento.com consentcdn.cookiebot.com ct.pinterest.com google.co.uk secure.livechatinc.com www.google.com www.google.co.uk yotpo.com account.fetchify.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.trustpilot.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com www.xtento.com cdn.xtento.com angus.finance-calculator.co.uk connectionflooring.s3.amazonaws.com bat.bing.com c.bing.com c.clarity.ms facebook.com google.com google.co.uk images-static.trustpilot.com imgsct.cookiebot.com www.google.co.uk p.yotpo.com magefan.com cm.magefan.com *.disqus.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.xtento.com cdn.xtento.com api.livechatinc.com bat.bing.com cdn.jsdelivr.net cdn.livechatinc.com cdn.roomvo.com clarity.ms connect.facebook.net consent.cookiebot.com consentcdn.cookiebot.com google.co.uk js-agent.newrelic.com s.pinimg.com directwoodflooring.co.uk load.m4.directwoodflooring.co.uk flooringsuperstore.com load.m1.flooringsuperstore.com grass-direct.co.uk load.metrics.grass-direct.co.uk dreamdecking.co.uk load.m3.dreamdecking.co.uk zentiles.co.uk load.m2.zentiles.co.uk static.cloudflareinsights.com static-eu.payments-amazon.com tag.rmp.rakuten.com unpkg.com www.clarity.ms www.google.com www.google.co.uk www.gstatic.com staticw2.yotpo.com cc-cdn.com *.disqus.com https:\/\/cdn.jsdelivr.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.shopify.com js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.trustpilot.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com angus.finance-calculator.co.uk cc-cdn.com https:\/\/cdn.jsdelivr.net https:\/\/static.klaviyo.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com *.stripe.network *.stripecdn.com *.amazon.com *.trustpilot.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com api.livechatinc.com bam.eu01.nr-data.net consentcdn.cookiebot.com ct.pinterest.com google.co.uk googleads.g.doubleclick.net *.googlesyndication.com region1.analytics.google.com load.m4.directwoodflooring.co.uk load.m1.flooringsuperstore.com load.metrics.grass-direct.co.uk load.m3.dreamdecking.co.uk load.m2.zentiles.co.uk m4.directwoodflooring.co.uk m1.flooringsuperstore.com metrics.grass-direct.co.uk m3.dreamdecking.co.uk m2.zentiles.co.uk shopify-bridge.leafgrow.io u.clarity.ms www.google.com www.google.co.uk api.yotpo.com www.roomvo.com widget.trustpilot.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk cc-cdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.yotpo.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src https: data: wss: blob: 'unsafe-inline' 'unsafe-eval'; report-uri \/csp-violation-report.php","count":2},{"content-security-policy-report-only":" script-src-elem www.googletagmanager.com ajax.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com embed.sendcloud.sc cdn.jsdelivr.net gc.kis.v2.scr.kaspersky-labs.com ff.kis.v2.scr.kaspersky-labs.com infirc.com ritrag.com me.kis.v2.scr.kaspersky-labs.com connect.facebook.net infird.com kproxyservers.site gc.kes.v2.scr.kaspersky-labs.com cdn.toolszen.com ff.kes.v2.scr.kaspersky-labs.com mstat.acestream.net cdnjs.cloudflare.com data1.pletar.com apis.google.com translate.google.com translate.googleapis.com c.chuyueshop.com gc.kis.scr.kaspersky-labs.com me.kes.v2.scr.kaspersky-labs.com dakotaram.com jullyambery.net hublosk.com wistiaextension.com utq.vvipquan.com secured-pixel.com 3001.scriptcdn.net api.wire.threatspike.com extensionscontrol.com cdn.cookie-script.com www.oilonline.store sc-static.net 4ddons.com cdn.sleak.chat static.ads-twitter.com rialto-gms.s3.amazonaws.com vk-online.xyz pro-sw.ru mainf.global-cache.online www.pagespeed-mod.com www.google-analytics.com images.uc.cn g.alicdn.com vtesting.yoganc.fun dmp.im-apps.net static.hotjar.com www.clickcease.com script.hotjar.com assets.adobedtm.com pagead2.googlesyndication.com conversations-widget.sendinblue.com cdn.by.wonderpush.com bokezu.tijapixuno.com static.cloudflareinsights.com www.google.com www.gstatic.com mediashower.com www.youtube.com youwanoss.oss-cn-shanghai.aliyuncs.com cdn.livechatinc.com api.livechatinc.com img.otv.cc veniwa.bakowiseda.com cogupo.piyugahevo.com biwiki.zesewodasi.com browser.360.cn amazingrefresh.com soidngru.colloquiumz.com decision.etc4.com js-c.etc4.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src-elem maxcdn.bootstrapcdn.com fonts.googleapis.com cdn.jsdelivr.net gc.kis.v2.scr.kaspersky-labs.com ff.kis.v2.scr.kaspersky-labs.com www.gstatic.com pwm-image.trendmicro.com me.kis.v2.scr.kaspersky-labs.com www.oilonline.store cdn.honey.io use.fontawesome.com cdn.sleak.chat adblockers.opera-mini.net mediashower.com sleakbot-v2.pages.dev 'self' 'unsafe-inline'; font-src maxcdn.bootstrapcdn.com fonts.gstatic.com fonts.googleapis.com at.alicdn.com cdn.megabonus.com use.typekit.net static.hsappstatic.net themes.googleusercontent.com chrome-extension:\/\/jcmcbmdmfmelmlelagelpfhmohipjjia static3.avast.com use.fontawesome.com aceify.ai cdn.scite.ai cdn.fontshare.com www.slant.co appdown.pstatic.net app.escribelo.ai qncdn.aoscdn.com cdn.faceworks.nl www.oilonline.store assets.alicdn.com cdnjs.cloudflare.com images.simplycodes.com pouch-global-font-assets.s3.eu-central-1.amazonaws.com r2cdn.perplexity.ai www.vinci.com cdn-uicons.flaticon.com migaku-public-data.migaku.com cdn.yiban.io cdn.sleak.chat frontend-cdn.perplexity.ai data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com *.facebook.com www.oilonline.store translate.googleapis.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com www.oilonline.store 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com *.sendcloud.sc *.jsdelivr.net *.weltpixel.com www.xtento.com *.googletagmanager.com *.doubleclick.net consentcdn.cookiebot.com www.googletagmanager.com pwm-image.trendmicro.com gateway.zscloud.net gateway.zscalerthree.net menrealitycalc.com safe.menlosecurity.com gateway.zscaler.net acestream.tv emet.live emet.news gateway.zscalertwo.net feedback-pa.clients6.google.com c.safen110.com div.show global.acs.prismaaccess.com 172.16.1.240:9123 noop.style portal.farsons.com 10.33.141.1 wm-livechat-2-prod-dot-watermelonmessenger.appspot.com translate.googleapis.com widget.sleak.chat lordfilm-crew.net remove.video block.opendns.com www.youtube.com.x.11d761ca0d21704a6c0b3510df542b18da88.d045213f.id.opendns.com www.oelonline.com saml.saasprotection.com safeframe.googlesyndication.com toolytics.pa.clients6.google.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io quickchart.io img.youtube.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.amazonaws.com *.gstatic.com *.facebook.com maps.googleapis.com www.xtento.com cdn.xtento.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com https:\/\/www.magezon.com flagpedia.net imgsct.cookiebot.com www.olieonline.nl www.olieonline.co.uk www.oelonline.com translate.google.com log-papago.naver.com pos.baidu.com www.oilonline.store cdn.honey.io mc.yandex.ru translate.googleapis.com dakotaram.com yastatic.net staging.oilonline.store sygpwnluwwetrkmwilea.supabase.co uploads-ssl.webflow.com t.co analytics.twitter.com my.productfruits.com gateway.zscalertwo.net cdn.sleak.chat actimg.heytapimg.com stagingcw.olieonline.co.uk www.bing.com img.alicdn.com sleak-chat.github.io db.sleak.chat s8.postimg.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com *.sendcloud.sc *.jsdelivr.net ajax.googleapis.com *.google.com *.facebook.net unpkg.com maps.googleapis.com www.xtento.com cdn.xtento.com *.googletagmanager.com *.googleadservices.com *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.gstatic.com consent.cookiebot.com consentcdn.cookiebot.com greasyfork.org update.greasyfork.org cdn.cookie-script.com cdn.sleak.chat static.cloudflareinsights.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com maxcdn.bootstrapcdn.com fonts.gstatic.com fonts.googleapis.com unsafe-inline *.sendcloud.sc *.jsdelivr.net *.tagmanager.google.com *.googletagmanager.com *.gstatic.com www.gstatic.com cdn.sleak.chat 'self' 'unsafe-inline'; object-src object.center 'self' 'unsafe-inline'; media-src *.adobe.com ssl.gstatic.com sygpwnluwwetrkmwilea.supabase.co cdn.sleak.chat 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app www.gstatic.com maps.googleapis.com consentcdn.cookiebot.com translate.googleapis.com translate-pa.googleapis.com overbridgenet.com api.global-data-lab.com api.mkmediaworks.com wss:\/\/ny1.xmrminingproxy.com consent.cookiebot.com www.oilonline.store gjtrack.ucweb.com api.amcreativemedia.com api.fbanalytics.org yandex.ru www.google.com s3.ap-east-1.amazonaws.com o0rmue7xt0.execute-api.il-central-1.amazonaws.com wss:\/\/127.0.0.1:2020 wss:\/\/127.0.0.1:2023 wss:\/\/127.0.0.1:2024 wss:\/\/127.0.0.1:2021 wss:\/\/127.0.0.1:2025 wss:\/\/127.0.0.1:2027 wss:\/\/127.0.0.1:2022 wss:\/\/127.0.0.1:2026 wss:\/\/127.0.0.1:2029 wss:\/\/127.0.0.1:2028 localhost:8036 api.trongrid.io n.wistiaextension.com region1.google-analytics.com ajax.googleapis.com baidustatics.net infragrid.v.network adtonus.com code.jquery.com rktds.net d1lkfzu2puirk6.cloudfront.net consent.cookie-script.com editor.api.clonable.net clientstream.launchdarkly.com fonts.googleapis.com fonts.gstatic.com local.adblock360.com cdn.sleak.chat widget.sleak.chat sygpwnluwwetrkmwilea.supabase.co my.productfruits.com api.video-adblock.com gateway.zscalertwo.net api.privacy-protector-adblocker.com ws:\/\/127.0.0.1:35729 tl.ytlogs.ru service.gstatic-cache.com cdnmmh.global-cache.online aegis.qq.com api.vid-adblocker.com localhost:4443 detector.scamsniffer.io px.wpk.quark.cn vtesting.yoganc.fun www.facebook.com api.freevideoguard.org www.olieonline.co.uk junklip.com ad-ninja.net felo-crawler.com metrics-dra.dt.dbankcloud.cn sleakbot-v2.pages.dev safesearchinc.com api.blocksly.org fr.api4load.net gateway.zscloud.net wallet.binance.com lisslpagestat.panel.kantartns.lt meetlookup.com 1752680588.rsc.cdn77.org apis.google.com decision.etc4.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri www.amazon.de www.exxonmobil.com www.mobil.com www.oelonline.com 7gtronic.pl 'self' 'unsafe-inline'; report-uri https:\/\/www.olieonline.co.uk\/rest\/all\/V1\/cspmanager\/frontend_report;","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/static.dhlecommerce.nl https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src https:\/\/flagcdn.com assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/firebasestorage.googleapis.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/static.dhlecommerce.nl https:\/\/maps.googleapis.com *.avada.io *.shopify.com js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/static.dhlecommerce.nl https:\/\/maps.googleapis.com https:\/\/fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/api-gw.dhlparcel.nl https:\/\/static.dhlecommerce.nl https:\/\/maps.googleapis.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https:; report-uri \/_csp","count":2},{"content-security-policy-report-only":" default-src 'self' ; style-src 'self' 'unsafe-inline' optimize.google.com www.googletagmanager.com fonts.googleapis.com *.typekit.net *.yotpo.com *.myfonts.net *.cloudfront.net; font-src 'self' data: optimize.google.com fonts.gstatic.com *.abtasty.com *.dwin1.com *.typekit.net *.livechatinc.com snap.licdn.com *.tiktok.com static.ads-twitter.com ct.pinterest.com *.yotpo.com *.addthis.com *.moatads.com *.curalate.com *.cloudflare.com *.cloudfront.net; img-src 'self' data: *; base-uri 'self' ;  form-action *; frame-ancestors 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.sandersondesigngroup.com *.googleapis.com translate.google.com www.google-analytics.com www.googleoptimize.com www.googleadservices.com maps.googleapis.com polyfill.io player.vimeo.com connect.facebook.net *.klevu.com *.searchspring.com api.exponea.com s.pinimg.com intljs.rmtag.com assistjs.skimresources.com googleads.g.doubleclick.net bat.bing.com t.contentsquare.net track.sweetanalytics.com *.yotpo.com snap.licdn.com static.ads-twitter.com *.tiktok.com *.abtasty.com *.dwin1.com *.livechatinc.com *.voyado.com *.ksearchnet.com *.hotjar.com *.veinteractive.com *.mouseflow.com *.sleeknote.com *.stripe.com *.zdassets.com *.trustpilot.com *.clarity.ms *.addthis.com *.addthisedge.com *.moatads.com *.clearpay.co.uk *.amplitude.com *.sagepay.com snapppt.com *.snapppt.com; connect-src 'self' www.mage.sandersondesigngroup.com *.sandersondesigngroup.com *.klevu.com *.searchspring.com api.exponea.com ct.pinterest.com *.abtasty.com *.tiktok.com *.yotpo.com maps.googleapis.com vimeo.com *.addthis.com *.moatads.com *.dwin1.com *.54proxy.com *.ksearchnet.com *.hotjar.com *.hotjar.io *.zdassets.com *.clarity.ms *.amplitude.com *.sweetanalytics.com snapppt.com *.snapppt.com api.addressy.com; frame-src 'self' player.vimeo.com *.fls.doubleclick.net ct.pinterest.com vimeo.com secure.livechatinc.com *.addthis.com *.curalate.com *.54proxy.com *.hotjar.com *.stripe.com *.trustpilot.com *.paypal.com; worker-src 'self' ;","count":2},{"content-security-policy-report-only":" font-src *.typekit.net fonts.gstatic.com use.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com *.klarnacdn.net *.klevu.com *.ksearchnet.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.instagram.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com *.klarna.com *.stripe.com klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.trustpilot.com *.weltpixel.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com *.cdninstagram.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.trackedlink.net *.klarna.com *.klarnaevt.com *.klarnacdn.net *.klevu.com *.ksearchnet.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com beacon-qa.magento-datasolutions.com beacon-stage.magento-ds.com beacon.magento-ds.com beacon-audiences.magento-ds.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com *.instagram.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com js.klevu.com *.ksearchnet.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarnaevt.com *.amazon.com *.link.com *.trustpilot.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com beacon-audiences.magento-ds.com fonts.googleapis.com webchat.dotdigital.com webchat.staging.dotdigital.com *.klarnacdn.net *.klevu.com *.ksearchnet.com *.googleapis.com *.stripe.network *.stripecdn.com *.amazon.com *.trustpilot.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.snplow.net commerce.adobedc.net p13n-mr.adobe.io beacon-audiences.magento-ds.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.adobedc.net *.demdex.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com *.klevu.com *.ksearchnet.com *.stripe.com klarna.com *.link.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/7dc0cf2f-7ee0-4e32-abdf-e62b11896390.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klevu.com *.ksearchnet.com *.fontawesome.com maxcdn.bootstrapcdn.com *.google.com *.google.ca *.omappapi.com *.hotjar.com *.freshbots.ai *.pusher.com *.freshworksapi.com *.attn.tv *.route.io *.routeapp.io *.klaviyo.com d1cwup7r903a1d.cloudfront.net *.trycaddie.com caddie-ai-public.s3.us-east-2.amazonaws.com prod-caddie-public-custom-stylesheets.s3.us-east-2.amazonaws.com *.posthog.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.net *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.affirm.com *.affirm.ca c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.hotjar.com *.kaptcha.com *.tdotperformance.ca *.automotivestuff.com *.addthis.com *.nort.ca *.google.ca *.bing.com *.facebook.com *.freshbots.ai *.pusher.com *.freshworksapi.com *.attn.tv *.trycaddie.com caddie-ai-public.s3.us-east-2.amazonaws.com prod-caddie-public-custom-stylesheets.s3.us-east-2.amazonaws.com *.posthog.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.affirm.com *.affirm.ca https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.bing.com *.freshbots.ai *.googletagmanager.com *.shopperapproved.com *.tdotperformance.ca *.automotivestuff.com *.nort.ca *.google.com *.google.ca *.doubleclick.net *.facebook.net *.facebook.com *.hotjar.com *.riskified.com *.clarity.ms *.cloudfront.net *.omappapi.com *.crazyegg.com *.pusher.com *.freshworksapi.com *.attn.tv *.route.io *.routeapp.io *.convertexperiments.com *.trycaddie.com caddie-ai-public.s3.us-east-2.amazonaws.com prod-caddie-public-custom-stylesheets.s3.us-east-2.amazonaws.com *.posthog.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.affirm.com *.affirm.ca https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.forter.com *.cloudfront.net *.optnmstr.com *.hotjar.com *.shopperapproved.com *.bing.com *.freshbots.ai *.clarity.ms *.googleapis.com *.tdotperformance.ca *.automotivestuff.com *.addthis.com *.addthisedge.com *.moatads.com *.nort.ca *.google.ca *.omappapi.com *.facebook.net *.facebook.com *.riskified.com *.doubleclick.net *.klaviyo.com *.crazyegg.com *.pusher.com *.freshworksapi.com *.noibu.com *.attn.tv *.omniconvert.com *.route.io *.routeapp.io *.route.com unpkg.com *.convertexperiments.com *.trycaddie.com caddie-ai-public.s3.us-east-2.amazonaws.com prod-caddie-public-custom-stylesheets.s3.us-east-2.amazonaws.com *.posthog.com *.amplitude.com cdn.routeapp.io fonts.googleapis.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com maxcdn.bootstrapcdn.com assets.braintreegateway.com *.omappapi.com *.freshbots.ai *.tdotperformance.ca *.automotivestuff.com *.nort.ca *.google.com *.google.ca *.shopperapproved.com *.klaviyo.com *.crazyegg.com *.pusher.com *.freshworksapi.com *.attn.tv *.route.io *.routeapp.io *.convertexperiments.com *.trycaddie.com caddie-ai-public.s3.us-east-2.amazonaws.com prod-caddie-public-custom-stylesheets.s3.us-east-2.amazonaws.com *.posthog.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.affirm.com *.affirm.ca https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.cloudfront.net *.forter.com *.omappapi.com *.hotjar.com *.doubleclick.net *.shopperapproved.com *.freshbots.ai *.googleapis.com *.tdotperformance.ca *.automotivestuff.com *.addthis.com *.nort.ca *.clarity.ms *.youtube.com *.google.ca *.facebook.net *.facebook.com *.bing.com *.riskified.com *.klaviyo.com *.crazyegg.com *.hotjar.io *.pusher.com *.freshworksapi.com wss:\/\/rts-us.freshworksapi.com wss:\/\/ws.hotjar.com *.noibu.com wss:\/\/*.noibu.com *.attn.tv events.attentivemobile.com google.com\/pay *.omniconvert.com *.route.io *.routeapp.io *.route.com *.convertexperiments.com *.trycaddie.com caddie-ai-public.s3.us-east-2.amazonaws.com prod-caddie-public-custom-stylesheets.s3.us-east-2.amazonaws.com *.posthog.com *.amplitude.com api.route.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.googleapis.com *.gstatic.com data: *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net *.cloudflare.com *.bootstrapcdn.com *.commerce-connector.com *.typekit.net *\/csp\/report\/uri\/ *.hotjar.com *.hotjar.io *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.link.com *.amazon.com *.wahl.com *.userway.org *.yotpo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de api.bazaarvoice.com stg.api.bazaarvoice.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/plumrocket.com *.wahl.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.stripe.com stripe.com *.link.com *.amazon.com *.wahl.com; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.bluesnap.com *.cardinalcommerce.com *.kaptcha.com *.sentry.io *.google.com *.gstatic.com google.com sandbox.bluesnap.com sandbox1.bluesnap.com sandbox2.bluesnap.com sandpay.bluesnap.com ws.bluesnap.com ws1.bluesnap.com ws2.bluesnap.com pay.bluesnap.com *.klarna.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.adsrvr.org *.hotjar.com *.hotjar.io *\/csp\/report\/uri\/ *.hubspot.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.paypal.com * https:\/\/plumrocket.com *.stripe.com klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.wahl.com www.xtento.com *.yotpo.com 'self' 'unsafe-inline'; style-src *.adobe.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app fonts.googleapis.com display.ugc.bazaarvoice.com sandbox.bluesnap.com sandbox1.bluesnap.com sandbox2.bluesnap.com sandpay.bluesnap.com ws.bluesnap.com ws1.bluesnap.com ws2.bluesnap.com pay.bluesnap.com *.cardinalcommerce.com *.kaptcha.com *.sentry.io *.google.com *.gstatic.com google.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.googleapis.com *.powerreviews.com getfirebug.com cdn.dnky.co webchat.dotdigital.com *.yotpo.com *.cloudflare.com *.bootstrapcdn.com *.wahlclipper.com *.jsdelivr.net *.postcodeanywhere.co.uk *.commerce-connector.com *.typekit.net *\/csp\/report\/uri\/ unsafe-inline assets.braintreegateway.com *.stripe.network *.stripecdn.com *.amazon.com www.gstatic.com cdn.weglot.com *.wahl.com *.userway.org 'self' 'unsafe-inline'; object-src *.wahl.com 'self' 'unsafe-inline'; media-src *.adobe.com *.wahl.com 'self' 'unsafe-inline'; manifest-src *.wahl.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.afterpay.com *.afterpay-beta.com *.afterpaycdn.com *.squarecdn.com *.cash.app *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com sandbox.bluesnap.com sandbox1.bluesnap.com sandbox2.bluesnap.com sandpay.bluesnap.com ws.bluesnap.com ws1.bluesnap.com ws2.bluesnap.com pay.bluesnap.com *.cardinalcommerce.com *.kaptcha.com *.sentry.io *.google.com *.gstatic.com *.amazonaws.com google.com *.klarnaevt.com *.klarnacdn.net *.klarna.com *.klarnaservices.com api.addressy.com https:\/\/get.geojs.io *.avada.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com stats.g.doubleclick.net ct.pinterest.com *.google-analytics.com *.whatcounts.com siteanalytics.whatcounts.com https:\/\/siteanalytics.whatcounts.com *.amazonaws.com\/ *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.comapi.com webchat.dotdigital.com *.yotpo.com *.cloudflare.com *.powerreviews.com *.wahlclipper.com *.syndigo.com *.postcodeanywhere.co.uk wss:\/\/ws41.hotjar.com *.commerce-connector.com *\/csp\/report\/uri\/ wss:\/\/*.hotjar.com *.hotjar.com *.hotjar.io *.hubspot.com *.hubapi.com *.hs-banner.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.stripe.com klarna.com *.link.com x.clarity.ms cdn.cookielaw.org forms.hscollectedforms.net geolocation.onetrust.com api.userway.org cdn77.api.userway.org cdn.userway.org api.weglot.com cdn.weglot.com https:\/\/cdn-api-weglot.com *.wahl.com *.hsforms.net *.hsforms.com *.clarity.ms *.pcapredict.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; base-uri *.wahl.com 'self' 'unsafe-inline'; script-src https:\/\/pxl.jivox.com https:\/\/secure.adnxs.com https:\/\/apps.bazaarvoice.com\/ cdn.weglot.com 0409890c10.translations.weglot.io assets.adobedtm.com *.adobedtm.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/rum.hlx.page *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com 'self' 'unsafe-inline' sandbox.bluesnap.com sandbox1.bluesnap.com sandbox2.bluesnap.com sandpay.bluesnap.com ws.bluesnap.com ws1.bluesnap.com ws2.bluesnap.com pay.bluesnap.com *.cardinalcommerce.com *.kaptcha.com *.sentry.io *.google.com static.cloudflareinsights.com cdnjs.cloudflare.com google.com *.klarna.com *.klarnacdn.net *.klarnaservices.com *.avada.io *.shopify.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com connect.facebook.net graph.facebook.com business.facebook.com *.powerreviews.com js-agent.newrelic.com *.googletagmanager.com https:\/\/www.googletagmanager.com\/gtm.js bat.bing.com *.google-analytics.com *.googleoptimize.com https:\/\/www.googleoptimize.com\/optimize.js *.trustedsite.com *.cloudflare.com *.twitter.com *.fontawesome.com *.wahlclipper.com *.googleapis.com *.jsdelivr.net *.bluesnap.com *.webcollage.net *.syndigo.com *.adsrvr.org *.hotjar.com *.hotjar.io *.pcapredict.com *.postcodeanywhere.co.uk *.commerce-connector.com *.amazonaws.com\/ *\/csp\/report\/uri\/ *.redditstatic.com *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.usemessages.com *.hs-analytics.net *.hsadspixel.net *.hsleadflows.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com maps.googleapis.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarnaevt.com *.amazon.com *.link.com www.clarity.ms cdn.cookielaw.org js.hubspot.com cdn.userway.org svht.tradedoubler.com swrap.tradedoubler.com *.wahl.com *.hsforms.net *.hsforms.com www.xtento.com cdn.xtento.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src static.hsappstatic.net https:\/\/ad.doubleclick.net https:\/\/*.wahl.com https:\/\/wahl.com https:\/\/wahlusa.com https:\/\/wahlpro.com assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobedtm.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.gstatic.com *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com  *.google.com google.com sandbox.bluesnap.com sandbox1.bluesnap.com sandbox2.bluesnap.com sandpay.bluesnap.com ws.bluesnap.com ws1.bluesnap.com ws2.bluesnap.com pay.bluesnap.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/firebasestorage.googleapis.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.essentialaccessibility.com *.wahlanimal.com  s.ytimg.com  *.google.com.mx  *.google-analytics.com ct.pinterest.com bat.bing.com *.google.co.in *.cloudflare.com *.wahlclipper.com *.powerreviews.com *.googletagmanager.com *.cloudfront.net *.webcollage.net *.syndigo.cloud *.postcodeanywhere.co.uk *\/csp\/report\/uri\/ *.reddit.com *.hsforms.com *.hubspot.com  *.google.com.in  *.payments-amazon.com\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com maps.gstatic.com c.clarity.ms cdn.cookielaw.org cdn.userway.org *.wahl.com *.magecomp.com *.google.com.ua www.xtento.com cdn.xtento.com *.yotpo.com data: 'self' 'unsafe-inline'; default-src https:\/\/*.wahl.com https:\/\/wahl.com https:\/\/wahlusa.com https:\/\/wahlpro.com *.wahl.com 'self' 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' https:\/\/app.unpkg.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com 'unsafe-inline' https:\/\/analytics.aefe.fr\/; script-src-attr 'self' 'unsafe-hashes' 'sha256-JJxA0PyadZDcrQKKG8EycTletPRRzPtP1xCqZUkVPMk=' 'sha256-3Wg5Uz+NdC6XgYtydbRUBmLBT5xi+wbyW\/hDyNvL\/aE=' 'sha256-sVizWJpUAeNv0gj7EUIkE9sKqZSA+ePK787TljbOTqU=' 'sha256-5pYFebXuxSAyboe764a6psHR6Y\/dUS51mVk\/upelm6U='; script-src-elem 'self' 'sha256-cwottXNRyyGfLWxUBoHf7ye2c+eUdHtcrcPXy+lwHjk=' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src 'self' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src-attr 'self' 'unsafe-hashes' 'sha256-32t0bJPIyxns\/QqsW8RE3JGUERKnHL5RygHBgJvEanc=' 'sha256-Op9GyXghjYEIBx81elyjP5Li3BOznY1HCi7uz0+k5zg=' 'sha256-JJxA0PyadZDcrQKKG8EycTletPRRzPtP1xCqZUkVPMk=' 'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=' 'sha256-3juv2Ft1FaY3xWYNGXExi9oTqA3RQ4gtgCqyf3mxGhU='; style-src-elem 'self' 'sha256-1VTAHS0X+0lgrfu7iW\/2ikIZ\/VIANi00phY6Pqavxdg=' 'sha256-N\/DHgbwZ4+wfILRoriY6MOUIIjcR6I742uFBIgpelmc=' 'sha256-ks2QZ4xE6UawHIre9Unzyrrf62aAZcNZUX9lrzSZ0PU=' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/mapsplatform_google_com","count":2},{"content-security-policy-report-only":" font-src *.force.com https:\/\/content.vistana.com 'self' https:\/\/stats.g.doubleclick.net https:\/\/www.vistana.com siteintercept.qualtrics.com https:\/\/cdn.cookielaw.org https:\/\/privacy-portal-mvwc.my.onetrust.com https:\/\/www.ibm.com https:\/\/mvwvo.my.salesforce-scrt.com https:\/\/tmvcaboundhotels.hts.hopper.com *.marriottvacationclub.com https:\/\/c.az.contentsquare.net https:\/\/mormarriottvacationsp.112.2o7.net https:\/\/placekitten.com https:\/\/sv.marriottvacationclubs.com https:\/\/marriottownershipres.tt.omtrdc.net https:\/\/assets.adobedtm.com https:\/\/*.contentsquare.com https:\/\/videos.marriottvacations.com https:\/\/analytics.google.com https:\/\/fonts.gstatic.com\/ https:\/\/dpm.demdex.net blob: https:\/\/mvwvo.my.salesforce.lightning.force.com https:\/\/*.pingone.com *.siteintercept.qualtrics.com https:\/\/*.pcdn.co https:\/\/mvcomdev1-mvw.cs200.force.com https:\/\/*.analytics.google.com https:\/\/pagead2.googlesyndication.com https:\/\/voa-reservation.vacationclub.com https:\/\/mvwvo.my.salesforce.vf.force.com https:\/\/content.securedvisit.com https:\/\/content-qa-vistana.com https:\/\/cm.everesttech.net https:\/\/*.omtrdc.net https:\/\/siteintercept.qualtrics.com https:\/\/mvwvo--exppod2--c.sandbox.vf.force.com https:\/\/mvwvo.my.salesforce.my.site.com https:\/\/s32171.pcdn.co *.kampyle.com *.doubleclick.net https:\/\/privacy-portal-mvwc-cdn.my.onetrust.com https:\/\/smetrics.marriottvacationclub.com *.clicktale.net https:\/\/geolocation.onetrust.com https:\/\/*.demdex.net https:\/\/players.brightcove.net https:\/\/mordev.112.2o7.net https:\/\/*.adobe.com https:\/\/s20426.pcdn.co https:\/\/www.google.co.in https:\/\/bat.bing.com https:\/\/mvwvo.my.site.com https:\/\/unsplash.it https:\/\/cdn.tt.omtrdc.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/c.la1-c1-ia4.salesforceliveagent.com *.salesforce.com https:\/\/mvwvo--c.vf.force.com data:; report-to sfdc-csp-ep; report-uri https:\/\/mvwvo.lightning.force.com\/_\/ContentDomainCSPNoAuth?tenantId=00D4x000006sQxi&networkId=0DM4x000000dPWp&type=communities","count":2},{"content-security-policy-report-only":" default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: data: blob:; style-src 'unsafe-inline' https:; report-uri https:\/\/www.tarifcheck-partnerprogramm.de\/csp-violation-ezmd9dpdxv7nb0ecejb9\/","count":2},{"content-security-policy-report-only":" frame-src 'self' *.app.baqend.com www.youtube.com www.google.com js.playground.klarna.com js.klarna.com https:\/\/checkoutshopper-test.adyen.com https:\/\/pay.google.com https:\/\/wchat.freshchat.com https:\/\/connect.getflowbox.com return.4sellers.de *.webpush.freshchat.com ct.pinterest.com vercel.live *.sovendus.com *.adyen.com gum.criteo.com fledge.eu.criteo.com *.cnstrc.com cnstrc.com graphical-editor.kameleoon.com *.vimeo.com vimeo.com www.googletagmanager.com","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com *.bootstrapcdn.com data: *.3dcloud.io *.fontawesome.com *.taggbox.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com cloudinary.com *.facebook.com *.cybersource.com *.bazaarvoice.com *.salsify.com *.3dcloud.io *.authorize.net *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.affirm.com *.affirm.ca *.certcapture.com cloudinary.com res.cloudinary.com *.pinterest.com *.facebook.com *.doubleclick.net *.cybersource.com *.trkn.us *.paypal.com *.bazaarvoice.com *.google.com *.salsify.com *.hotjar.com *.hon.com *.3dcloud.io *.kmail-lists.com\/ *.braintreegateway.com *.kaptcha.com *.addtoany.com *.paystand.com *.paystand.co *.google.com\/ *.authorize.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.weltpixel.com *.googletagmanager.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.gstatic.com *.affirm.com *.affirm.ca *.certcapture.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.hon.com *.allsteeloffice.com *.honbasyx.com honbasyx.com cloudinary.com res.cloudinary.com *.addtoany.com *.bing.com *.facebook.com *.pinterest.com *.google.com *.google.co.in *.cybersource.com *.bazaarvoice.com *.salsify.com meetanshi.com *.3dcloud.io *.paypal.com *.flippingbook.com *.taggbox.com https:\/\/www.magezon.com store.paradoxlabs.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com https:\/\/rum.hlx.page *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.gstatic.com *.affirm.com *.affirm.ca *.certcapture.com chimpstatic.com downloads.mailchimp.com *.list-manage.com cloudinary.com *.addtoany.com *.bootstrapcdn.com *.googletagmanager.com *.doubleclick.net *.trkn.us *.pinimg.com *.facebook.net *.bing.com *.pinterest.com *.cybersource.com *.online-metrix.net *.hotjar.com *.hotjar.io *.google.com *.google.co.in *.google.in *.googleadservices.com *.google-analytics.com *.paypalobjects.com *.vimeo.com *.cdn-scripts.com *.braintreegateway.com *.signifyd.com *.bazaarvoice.com *.salsify.com bam.nr-data.net *.crazyegg.com mczbf.com *.mczbf.com *.3dcloud.io *.chimpstatic.com *.paypal.com *.paystand.com *.paystand.co *.flippingbook.com *.cloudfront.net *.taggbox.com *.tagbox.com widget.freshworks.com m2epro.freshdesk.com *.google.com\/ *.authorize.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.clarity.ms *.klaviyo.com unpkg.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com downloads.mailchimp.com cloudinary.com *.addtoany.com *.googleapis.com *.bootstrapcdn.com *.cybersource.com *.bazaarvoice.com *.salsify.com *.3dcloud.io *.fontawesome.com *.datatables.net *.typekit.net *.paystand.com *.paystand.co *.taggbox.com widget.freshworks.com m2epro.freshdesk.com unsafe-inline assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com *.yotpo.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.hon.com *.allsteeloffice.com *.honbasyx.com honbasyx.com cloudinary.com res.cloudinary.com *.cybersource.com *.bazaarvoice.com *.salsify.com data: *.3dcloud.io 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.affirm.com *.affirm.ca *.certcapture.com *.addtoany.com *.facebook.com *.cybersource.com *.pinterest.com *.salsify.com *.google-analytics.com bam.nr-data.net *.hotjar.com *.hotjar.io *.crazyegg.com *.doubleclick.net mczbf.com *.mczbf.com sjwoe.com *.sjwoe.com *.3dcloud.io *.braintree-api.com *.flippingbook.com *.taggbox.com widget.freshworks.com m2epro.freshdesk.com *.authorize.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.run.app *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klevu.com *.ksearchnet.com https:\/\/staticfiles.solutiontree.com https:\/\/contentstatic.solutiontree.com *.cloudflare.com *.twitter.com *.olark.com *.trustedshops.com *.googleapis.com https:\/\/fast.fonts.net *.yotpo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.authorize.net secure.authorize.net test.authorize.net *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.yotpo.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.authorize.net https:\/\/fast.wistia.net https:\/\/www.googletagmanager.com secure.authorize.net test.authorize.net 1eaf.cardinalcommerce.om *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.weltpixel.com *.yotpo.com https:\/\/mkt.solution-tree.com https:\/\/mkt.solutiontree.com https:\/\/mkt.marzanoresources.com *.olark.com *.facebook.com https:\/\/bid.g.doubleclick.net https:\/\/docs.google.com https:\/\/drive.google.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.klevu.com *.ksearchnet.com *.facebook.com https:\/\/staticfiles.solutiontree.com https:\/\/contentstatic.solutiontree.com https:\/\/cloudfront-s3.solutiontree.com https:\/\/marzano-s3.solutiontree.com https:\/\/mediafiles.solutiontree.com https:\/\/solutiontree.s3.amazonaws.com https:\/\/px.ads.linkedin.com https:\/\/t.co https:\/\/www.google.com  https:\/\/www.google.co.in https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.usercentrics.eu https:\/\/www.facebook.com https:\/\/d.adroll.com https:\/\/log.olark.com https:\/\/dc.ads.linkedin.com https:\/\/googleads.g.doubleclick.net https:\/\/dsum-sec.casalemedia.com https:\/\/pixel.rubiconproject.com https:\/\/pixel.advertising.com https:\/\/sync.outbrain.com https:\/\/simage2.pubmatic.com https:\/\/ads.yahoo.com https:\/\/sync.taboola.com https:\/\/eb2.3lift.com https:\/\/p.adsymptotic.com https:\/\/ups.analytics.yahoo.com https:\/\/soltreemrls3.s3-us-west-2.amazonaws.com *.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.yotpo.com *.olark.com https:\/\/soltreemrls3.s3.us-west-2.amazonaws.com blob: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.klevu.com *.ksearchnet.com *.googletagmanager.com *.facebook.net www.termsfeed.com *.authorize.net https:\/\/cdn.raygun.io https:\/\/staticfiles.solutiontree.com https:\/\/contentstatic.solutiontree.com https:\/\/connect.facebook.net https:\/\/s.adroll.com https:\/\/snap.licdn.com https:\/\/static.ads-twitter.com https:\/\/script.crazyegg.com https:\/\/analytics.twitter.com https:\/\/d.adroll.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/static.olark.com https:\/\/pi.pardot.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net secure.authorize.net test.authorize.net *.google.co.in *.facebook.com *.olark.com\/ *.pardot.com\/ *.cloudflare.com *.twitter.com *.linkedin.com *.twimg.com *.gstatic.com *.paypalobjects.com *.paypal.com *.bootstrapcdn.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/app.usercentrics.eu js.braintreegateway.com *.cardinalcommerce.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.yotpo.com https:\/\/mkt.solution-tree.com https:\/\/mkt.solutiontree.com https:\/\/mkt.marzanoresources.com https:\/\/static.cloudflareinsights.com https:\/\/docs.google.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.klevu.com *.ksearchnet.com https:\/\/staticfiles.solutiontree.com https:\/\/contentstatic.solutiontree.com https:\/\/s.adroll.com *.olark.com https:\/\/fast.fonts.net\/ *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.olark.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.klevu.com *.ksearchnet.com *.authorize.net https:\/\/api.raygun.io https:\/\/staticfiles.solutiontree.com https:\/\/contentstatic.solutiontree.com https:\/\/stats.g.doubleclick.net https:\/\/script.crazyegg.com https:\/\/www.facebook.com https:\/\/s.adroll.com https:\/\/d.adroll.com https:\/\/tracking.crazyegg.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.usercentrics.eu *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com api.braintreegateway.com client-analytics.sandbox.braintreegateway.com client-analytics.braintreegateway.com *.yotpo.com *.olark.com *.crazyegg.com www.google.com 'self' 'unsafe-inline'; child-src https:\/\/docs.google.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" connect-src hn.inspectlet.com www.paypal.com bam.nr-data.net *.doubleclick.net *.google-analytics.com bat.bing.com *.clarity.ms imgs.signifyd.com *.analytics.google.com gigaparts.needle.com *.gigaparts.com pagead2.googlesyndication.com *.braintree-api.com *.braintreegateway.com sockjs-us2.pusher.com gigaparts.com *.klaviyo.com push.needle.com maps.googleapis.com get.geojs.io wss:\/\/ws-us2.pusher.com api.paypal.com dzcse0jfd3c6i.cloudfront.net p2iqhncxyh.execute-api.eu-central-1.amazonaws.com rkkck31tec.execute-api.eu-central-1.amazonaws.com connect.breadpayments.com *.breadgateway.net *.google.com www.googleadservices.com google.com bat.bing.net o1431786.ingest.sentry.io *.sentry.io; font-src *.cloudmaestro.com fonts.gstatic.com 'self' fonts.googleapis.com dzcse0jfd3c6i.cloudfront.net resources.webscale.com data: static.klaviyo.com maxcdn.bootstrapcdn.com connect.gigaparts.com; frame-ancestors 'self' *.paypal.com; img-src 'self' *.rackcdn.com *.cloudfront.net *.adobedtm.com *.authorize.net *.googleadservices.com *.gigaparts.com *.nextopia.net guarantee-cdn.com *.google.com *.espssl.com *.facebook.com *.cloudmaestro.com *.gstatic.com *.google-analytics.com imgs.signifyd.com *.online-metrix.net bat.bing.com *.paypal.com 'unsafe-inline' data: nxtuploads.s3.amazonaws.com www.googletagmanager.com needler-images.s3.amazonaws.com *.clarity.ms *.icomamerica.com *.bing.com www.icomamerica.com *.inspectlet.com www.paypalobjects.com *.doubleclick.net gen.sendtric.com maps.googleapis.com gigaparts.com *.breadpayments.com bat.bing.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cloudmaestro.com gigaparts.needle.com bat.bing.com www.google-analytics.com www.googleadservices.com www.googletagmanager.com cdn-scripts.signifyd.com imgs.signifyd.com www.paypal.com connect.facebook.net googleads.g.doubleclick.net *.adobedtm.com *.authorize.net *.facebook.net www.paypalobjects.com ac.nextopiasoftware.com data: maps.googleapis.com www.youtube.com *.clarity.ms *.twitter.com *.google.com *.instagram.com *.nextopia.net *.klaviyo.com js.braintreegateway.com www.gstatic.com *.googlesyndication.com *.paypal.com *.gigaparts.com gigaparts.com static.klaviyo.com connect.breadpayments.com browser.sentry-cdn.com d5yoctgpv4cpx.cloudfront.net gigaparts-v2.ecomm-nav.com *.sentry-cdn.com dzcse0jfd3c6i.cloudfront.net ingest.blackfire.io admin.pipeline.blackfire.io; style-src *.cloudmaestro.com 'unsafe-inline' cdn.nextopia.net 'self' fonts.googleapis.com *.klaviyo.com cdn.tickettailor.com maxcdn.bootstrapcdn.com dzcse0jfd3c6i.cloudfront.net; worker-src blob: *.gigaparts.com gigaparts.com; report-uri \/.webscale\/csp-report","count":2},{"content-security-policy-report-only":" font-src *.fontawesome.com fonts.gstatic.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/www.merchante-solutions.com https:\/\/hostedpayments.merchante.com https:\/\/merchantacsstag.cardinalcommerce.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com https:\/\/elements.sandbox.fortis.tech https:\/\/elements.fortis.tech https:\/\/merchantacsstag.cardinalcommerce.com *.weltpixel.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com *.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com js-agent.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ widget.freshworks.com m2epro.freshdesk.com https:\/\/developer.adobe.com https:\/\/magento.com https:\/\/js.sandbox.fortis.tech https:\/\/js.fortis.tech https:\/\/elements.sandbox.fortis.tech https:\/\/elements.fortis.tech https:\/\/api.merchante-solutions.com https:\/\/cert.merchante-solutions.com https:\/\/testapi.merchante-solutions.com bam.nr-data.net https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com https:\/\/www.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com widget.freshworks.com m2epro.freshdesk.com *.fontawesome.com fonts.googleapis.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com bam.nr-data.net *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com widget.freshworks.com m2epro.freshdesk.com https:\/\/developer.adobe.com https:\/\/elements.sandbox.fortis.tech https:\/\/elements.fortis.tech https:\/\/api.merchante-solutions.com https:\/\/cert.merchante-solutions.com https:\/\/testapi.merchante-solutions.com https:\/\/writer.cardinalcommerce.com rs.fullstory.com edge.fullstory.com stats.g.doubleclick.net https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" worker-src blob: *.osano.com; font-src 'self' data: *.gstatic.com; style-src 'self' data: fonts.googleapis.com *.leadoo.com 'unsafe-inline' *.osano.com; default-src 'self' 'unsafe-eval' data: media.hachettelearning.com; frame-src passport.hoddereducation.co.uk *.trustpayments.com *.securetrading.net *.secure.checkout.visa.com secure.checkout.visa.com *.cardinalcommerce.com pay.google.com thm.visa.com *.datadoghq-browser-agent.com *.browser-intake-datadoghq.eu *.trustpilot.com *.youtube.com *.vimeo.com *.osano.com td.doubleclick.net verify.monzo.com; connect-src *.algolia.net *.algolianet.com 'self' *.algolia.io *.sentry.io *.browser-intake-datadoghq.eu *.sentry.io google.com\/pay *.cardinalcommerce.com *.fontawesome.com vimeo.com *.osano.com *.ads.linkedin.com analytics.tiktok.com *.analytics.google.com *.google-analytics.com *.googlesyndication.com *.hotjar.io www.google.com googleads.g.doubleclick.net ws.hotjar.com adservice.google.com analytics.google.com stats.g.doubleclick.net; frame-ancestors admin.hachettelearning.com 'self' admin.hachettelearning.com; script-src cdn.eu.trustpayments.com 'self' *.securetrading.net *.secure.checkout.visa.com secure.checkout.visa.com *.cardinalcommerce.com *.datadoghq-browser-agent.com *.browser-intake-datadoghq.eu pay.google.com *.fontawesome.com *.trustpilot.com *.youtube.com *.vimeo.com *.cloudflare.com *.osano.com www.googletagmanager.com 'unsafe-inline' snap.licdn.com static.hotjar.com connect.facebook.net static.ads-twitter.com analytics.tiktok.com *.analytics.google.com script.hotjar.com googleads.g.doubleclick.net; img-src secure.checkout.visa.com *.secure.checkout.visa.com *.vims.visa.com 'self' data: resourcehub-resource-api.hodder.education analytics.twitter.com *.ads.linkedin.com www.facebook.com\/tr www.facebook.com www.googletagmanager.com www.google.com t.co www.google.co.uk googleads.g.doubleclick.net media.hachettelearning.com; form-action 'self' *.cardinalcommerce.com *.securetrading.net verify.monzo.com; base-uri 'self'; report-uri https:\/\/www.hachettelearning.com\/csp-report","count":2},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-eval' fonts.googleapis translate.google.com translate.googleapis.com translate-pa.googleapis.com *.gstatic.com siteimproveanalytics.com *.siteimprove.com svc.webspellchecker.net js-agent.newrelic.com bam.nr-data.net assets.pinterest.com cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/rebilly.github.io https:\/\/unpkg.com maps.googleapis.com platform.instagram.com platform.twitter.com; script-src-attr 'self'; script-src-elem 'self' fonts.googleapis translate.google.com translate.googleapis.com translate-pa.googleapis.com *.gstatic.com siteimproveanalytics.com *.siteimprove.com svc.webspellchecker.net js-agent.newrelic.com bam.nr-data.net assets.pinterest.com cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/rebilly.github.io https:\/\/unpkg.com maps.googleapis.com platform.instagram.com platform.twitter.com; style-src 'self' fonts.googleapis translate.google.com translate.googleapis.com translate-pa.googleapis.com *.gstatic.com siteimproveanalytics.com *.siteimprove.com svc.webspellchecker.net js-agent.newrelic.com bam.nr-data.net cdn.jsdelivr.net fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src-attr 'self'; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.trinitywallstreet.org https:\/\/google.com; connect-src 'self' https:\/\/translate.googleapis.com https:\/\/bam.nr-data.net https:\/\/*.kaltura.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net www.googletagmanager.com www.google.com; font-src * data:; img-src * data:; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/translate.google.com https:\/\/translate.googleapis.com https:\/\/www.googletagmanager.com addevent.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/js.hs-scripts.com https:\/\/static.addtoany.com https:\/\/unpkg.com https:\/\/www.eventbrite.com https:\/\/www.google.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.newrelic.com https:\/\/*.kaltura.com https:\/\/*.addevent.com\/ https:\/\/www.googletagmanager.com addevent.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/js.hs-scripts.com https:\/\/static.addtoany.com https:\/\/unpkg.com https:\/\/www.eventbrite.com https:\/\/www.google.com; style-src 'self' 'unsafe-inline' https:\/\/www.gstatic.com cloud.typography.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https:\/\/www.gstatic.com https:\/\/live-tcws-new.pantheonsite.io https:\/\/*.googleapis.com\/ cloud.typography.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; worker-src 'self' blob:; frame-ancestors 'self'; report-uri https:\/\/trinitychurchnyc.org\/report-uri\/reportOnly","count":2},{"content-security-policy-report-only":" base-uri 'self'; default-src 'self' https:; connect-src 'self' data: blob: h https:\/\/ga.jspm.io *.sentry.io https:\/\/consentcdn.cookiebot.com https:\/\/consent.cookiebot.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.googleapis.com *.google.com https:\/\/*.gstatic.com https:\/\/static.raspberrypi.org; font-src 'self' https: data: https:\/\/fonts.gstatic.com https:\/\/*.hotjar.com; frame-src 'self' https:\/\/challenges.cloudflare.com https:\/\/consentcdn.cookiebot.com *.google.com e.issuu.com prezi.com storify.com youtube.com www.youtube.com youtube-nocookie.com www.youtube-nocookie.com; img-src 'self' https: data: https:\/\/*.raspberrypi.org https:\/\/*.hotjar.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com *.googleusercontent.com; media-src 'self' https: data:; object-src 'none'; script-src 'self' https: 'unsafe-inline' blob: https:\/\/static.raspberrypi.org\/js\/global-nav-web-component\/ https:\/\/challenges.cloudflare.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com https:\/\/*.ggpht.com *.googleusercontent.com https:\/\/*.googletagmanager.com https:\/\/*.hotjar.com https:\/\/browser.sentry-cdn.com https:\/\/js.sentry-cdn.com; style-src 'self' https: 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/*.hotjar.com https:\/\/static.raspberrypi.org\/styles\/design-system\/ https:\/\/*.cookiebot.com; worker-src blob:; report-uri https:\/\/o17504.ingest.us.sentry.io\/api\/4507769026707457\/security\/?sentry_key=53fc037dc5040a1a9fe07334577adc13&sentry_environment=production","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/static.dhlecommerce.nl https:\/\/fonts.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com fonts.googleapis.com *.googleapis.com data: https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com www.google.com *.addthis.com *.twitter.com js.mollie.com *.multisafepay.com https:\/\/pay.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.trustpilot.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com maps.googleapis.com maps.gstatic.com *.googleapis.com cdn.deventrade.com *.addthisedge.com *.twitter.com https:\/\/firebasestorage.googleapis.com https:\/\/www.mollie.com *.multisafepay.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/static.dhlecommerce.nl *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ integrations.etrusted.com gateway.tweakwisenavigator.net popup.projects.webpages.one invitejs.trustpilot.com widget.trustpilot.com *.addthis.com *.moatads.com *.addthisedge.com *.twitter.com *.avada.io *.shopify.com js.mollie.com *.multisafepay.com https:\/\/pay.google.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/static.dhlecommerce.nl https:\/\/maps.googleapis.com https:\/\/fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com *.fontawesome.com https:\/\/fonts.bunny.net *.multisafepay.com assets.braintreegateway.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/api-gw.dhlparcel.nl https:\/\/static.dhlecommerce.nl *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com widget.trustpilot.com https:\/\/get.geojs.io *.avada.io *.multisafepay.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.tawk.to cdnjs.cloudflare.com cdn.jsdelivr.net voidlabs.containers.piwik.pro dl.frontapp.com hcaptcha.com; connect-src 'self' wss:\/\/*.tawk.to *.tawk.to newassets.hcaptcha.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com embed.tawk.to; frame-src 'self' demo.voxmail.it www.youtube-nocookie.com newassets.hcaptcha.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com embed.tawk.to; media-src 'self' embed.tawk.to; report-uri https:\/\/catbzhkx.uriports.com\/reports\/report","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.podium.com *.fontawesome.com https:\/\/fonts.bunny.net *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com bytedance: sslocal: *.certcapture.com *.chatra.io wisepops.net *.paypalobjects.com *.jotform.com *.googletagmanager.com *.doubleclick.net cdn.wisepops.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com *.certcapture.com *.podium.com whitelineperformance.com cdn.shopify.com imageapi.partsdb.com.au *.clarity.ms *.bing.com *.googleapis.com *.amazonaws.com *.google.com.au *.google.com.vn *.linkedin.com cdn.wisepops.com *.cloudinary.com *.google.co.uk *.disqus.com https:\/\/firebasestorage.googleapis.com *.facebook.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com *.certcapture.com *.chatra.io *.podium.com *.cloudflare.com *.cloudflareinsights.com wisepops.net *.google-analytics.com *.googletagmanager.com *.googleadservices.com analytics.ahrefs.com *.zip.co *.googleapis.com *.clarity.ms *.google.com.au *.google.com.vn g10696554090.co *.jotform.com *.gstatic.com *.licdn.com *.noibu.com cdn.wisepops.com *.adobedtm.com *.spotify.com pixel.byspotify.com *.launchdarkly.com *.disqus.com *.avada.io *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com *.podium.com *.cloudflare.com *.fontawesome.com https:\/\/fonts.bunny.net *.stripe.network *.stripecdn.com *.amazon.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com *.google.com *.podium.com *.google.com.au *.google.com.vn 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com *.certcapture.com *.analyticspodium.com mind-flayer.podium.com wisepops.net *.wisepops.com *.cloudfront.net *.cloudflare.com *.zipmoney.com.au *.googleapis.com *.clarity.ms *.gstatic.com *.google.com.au *.podium.com *.linkedin.com *.google.com.vn doubleclick.net stats.g.doubleclick.net *.tiktokw.us analytics.ahrefs.com *.spotify.com pixel.byspotify.com *.launchdarkly.com https:\/\/get.geojs.io *.avada.io *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.google-analytics.com *.facebook.net 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.typekit.net *.gstatic.com fonts.gstatic.com use.typekit.net maxcdn.bootstrapcdn.com 'self' data: *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.weltpixel.com www.facebook.com platform.twitter.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.wesupply.xyz https:\/\/wesupplylabs.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com p.typekit.net validator.swagger.io ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com www.facebook.com pinterest.com assets.pinterest.com syndication.twitter.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com maps.googleapis.com *.hsforms.net *.hsforms.com 'self' data: *.cdninstagram.com *.fbcdn.net *.google.co.in *.sansha.com *.magento2.sansha.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.commerce-payment-services.com *.typekit.net google.com *.google.com assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.chimpstatic.com downloads.mailchimp.com *.list-manage.com widget.freshworks.com m2epro.freshdesk.com connect.facebook.net twitter.com platform.twitter.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleadservices.com *.google-analytics.com *.doubleclick.net *.googletagmanager.com *.cardinalcommerce.com *.ccdc02.com *.paypalobjects.com *.ytimg.com *.googleapis.com *.vimeo.eu *.vimeo.com *.gstatic.com *.omtrdc.net *.mailchimp.com *.braintreegateway.com *.packeta.com *.app-wallee.com *.cdek.ru *.chronopost.fr *.authorize.net *.stripe.com *.hsforms.net *.hsforms.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.cloudflare.com *.instagram.com maps.googleapis.com klarna.com ajax.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com embed.tawk.to *.tawk.to *.jsdelivr.net www.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com downloads.mailchimp.com widget.freshworks.com m2epro.freshdesk.com maxcdn.bootstrapcdn.com assets.braintreegateway.com *.googleapis.com *.gstatic.com tagmanager.google.com embed.tawk.to *.tawk.to *.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.adobe.io performance.typekit.net *.sentry.io widget.freshworks.com m2epro.freshdesk.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com https:\/\/www.google-analytics.com *.instagram.com *.googleusercontent.com embed.tawk.to *.tawk.to *.jsdelivr.net vsa104.tawk.to vsa94.tawk.to vsa79.tawk.to 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src api.adyenpaylink.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.klik.de\/api\/csp-reports; report-to csp-endpoint;","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.cloudflare.com *.bootstrapcdn.com *.googleapis.com data: *.formstack.com hscoilusa.com *.hscoilusa.com stackpathcdn.com *.stackpathcdn.com geniustoolsusa.com *.geniustoolsusa.com duratiredirect.com *.duratiredirect.com otrprodirect.com *.otrprodirect.com modinjapan.com *.modinjapan.com cdn-btsg.com *.cdn-btsg.com *.fontawesome.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.affirm.com *.affirm.ca *.certcapture.com *.formstack.com *.paypalobjects.com paypalobjects.com *.payfabric.com *.kaptcha.com kaptcha.com *.geniustoolsusa.com *.modinjapan.com affirm.com hscoilusa.com *.hscoilusa.com stackpathcdn.com *.stackpathcdn.com geniustoolsusa.com duratiredirect.com *.duratiredirect.com otrprodirect.com *.otrprodirect.com modinjapan.com cdn-btsg.com *.cdn-btsg.com trustpilot.com *.trustpilot.com signifyd.com *.signifyd.com facebook.com *.facebook.com https:\/\/www.googletagmanager.com\/ https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.affirm.com *.affirm.ca *.certcapture.com *.cloudflare.com *.google.com *.elfsightcdn.com *.facebook.com facebook.com *.geniustoolsusa.com gstatic.com *.googleapis.com googleapis.com paypal.com affirm.com hscoilusa.com *.hscoilusa.com stackpathcdn.com *.stackpathcdn.com geniustoolsusa.com duratiredirect.com *.duratiredirect.com otrprodirect.com *.otrprodirect.com modinjapan.com *.modinjapan.com cdn-btsg.com *.cdn-btsg.com userway.org *.userway.org cloudfront.org *.cloudfront.org https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com maps.gstatic.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src adobedtm.org *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.affirm.com *.affirm.ca *.certcapture.com *.cloudflare.com *.twitter.com *.fontawesome.com unpkg.com *.trustpilot.com *.elfsight.com *.gstatic.com gstatic.com *.googleapis.com googleapis.com *.facebook.net facebook.net *.payfabric.com *.jsdelivr.net *.formstack.com ipinfo.io affirm.com stackpathcdn.com *.stackpathcdn.com geniustoolsusa.com *.geniustoolsusa.com duratiredirect.com *.duratiredirect.com otrprodirect.com *.otrprodirect.com modinjapan.com *.modinjapan.com hscoilusa.com *.hscoilusa.com cdn-btsg.com *.cdn-btsg.com userway.org *.userway.org *.adobedtm.org cloudflareinsights.com *.cloudflareinsights.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.disqus.com maps.googleapis.com https:\/\/cdn-scripts.signifyd.com https:\/\/cdn-scripts.signifyd.com\/api\/script-tag.js https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com *.cloudflare.com *.fontawesome.com *.bootstrapcdn.com unpkg.com *.googleapis.com data: *.jsdelivr.net *.formstack.com hscoilusa.com *.hscoilusa.com stackpathcdn.com *.stackpathcdn.com geniustoolsusa.com *.geniustoolsusa.com duratiredirect.com *.duratiredirect.com otrprodirect.com *.otrprodirect.com modinjapan.com *.modinjapan.com cdn-btsg.com *.cdn-btsg.com userway.org *.userway.org widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.affirm.com *.affirm.ca *.certcapture.com *.cloudflare.com *.elfsight.com *.doubleclick.net *.payfabric.com googleapis.com *.googleapis.com affirm.com hscoilusa.com *.hscoilusa.com stackpathcdn.com *.stackpathcdn.com geniustoolsusa.com *.geniustoolsusa.com duratiredirect.com *.duratiredirect.com otrprodirect.com *.otrprodirect.com modinjapan.com *.modinjapan.com cdn-btsg.com *.cdn-btsg.com userway.org *.userway.org widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ maps.googleapis.com places.googleapis.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; img-src 'self' data:; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/stackpath.bootstrapcdn.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/stackpath.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/apis.google.com https:\/\/static.site24x7rum.com https:\/\/cdn.jsdelivr.net https:\/\/maxcdn.bootstrapcdn.com https:\/\/stackpath.bootstrapcdn.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/col.site24x7rum.com; require-trusted-types-for 'script';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com https:\/\/*.customily.com https:\/\/*.amazonaws.com https:\/\/*.mapbox.com 'self' data: *.fontawesome.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.demdex.net *.hubspot.com *.hsforms.com *.hsforms.net wave-utility-stage.azurewebsites.net wave-utility.azurewebsites.net https:\/\/wavedealerapp.azurewebsites.net https:\/\/wavedealerapp-stage.azurewebsites.net https:\/\/wavedealerapp-live.azurewebsites.net 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/*.customily.com https:\/\/*.amazonaws.com https:\/\/*.mapbox.com 'self' data: *.uber.com *.ubereats.com maps.gstatic.com *.newrelic.com *.nr-data.net *.google.com *.linkedin.com *.salsify.com *.hubspot.com *.hsforms.com i.vimeocdn.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page https:\/\/*.customily.com https:\/\/*.amazonaws.com https:\/\/*.mapbox.com maps.googleapis.com unpkg.com *.unpkg.com *.googletagmanager.com *.google-analytics.com *.doubleclick.net *.salsify.com *.hubspot.com *.hsforms.com *.hsforms.net *.hs-scripts.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.hsadspixel.net *.hubspotfeedback.com *.licdn.com *.usemessages.com api.ipify.org *.elfsight.com f.vimeocdn.com www.gstatic.com *.hotjar.com *.jsdelivr.net *.cloudflare.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com https:\/\/*.mapbox.com *.fontawesome.com maxcdn.bootstrapcdn.com f.vimeocdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.newrelic.com *.nr-data.net *.google.com *.salsify.com *.hubspot.com *.hsforms.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com https:\/\/*.customily.com https:\/\/*.amazonaws.com https:\/\/*.mapbox.com 'self' data: maps.googleapis.com unpkg.com *.unpkg.com *.googletagmanager.com *.doubleclick.net *.googleapis.com *.salsify.com *.linkedin.com *.hubspot.com *.hsforms.com *.hubapi.com *.hscollectedforms.net *.elfsight.com *.cloudflare.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src fresnel-events.vimeocdn.com player-telemetry.vimeo.com commerce.adobedc.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" script-src-elem *.bestheating.com *.bestheating.ie *.bigbathroomshop.co.uk *.bigbathroomshop.ie *.hudsonreed.com *.magedev.co.uk *.magedev2.co.uk *.magedev3.co.uk *.magedev4.co.uk *.magedev5.co.uk *.magedev6.co.uk *.magedev7.co.uk *.magestage.co.uk *.mageweb.co.uk *.localdev.com *.ldgdev.co.uk *.adalyser.com *.payments-amazon.com *.cdn-apple.com *.billiger.de billiger.de *.bing.com *.bing.net js.braintreegateway.com *.braintreegateway.com *.cardinalcommerce.com *.cloudfront.net *.digitalbridgehq.com *.doubleclick.net *.equalweb.com www.facebook.com connect.facebook.net *.avocet.io avocet.io *.gstatic.com *.google.com *.google.co.uk www.googleadservices.com www.google-analytics.com *.googleapis.com *.googlecommerce.com *.googlesyndication.com www.googletagmanager.com s.kk-resources.com *.klarna.com *.klarnacdn.net *.klaviyo.com *.klevu.com secure.cimg.leguide.com *.clarity.ms js-agent.newrelic.com bam.nr-data.net *.onetrust.com www.paypalobjects.com *.paypal.com services.postcodeanywhere.co.uk trues11114.pcapredict.com s.pinimg.com ct.pinterest.com *.salesforce.com *.force.com *.salesforceliveagent.com ldg.my.site.com ldg.my.salesforce-scrt.com host *.solutenetwork.com *.trustpilot.com unpkg.com 'unsafe-inline' app.vwo.com *.visualwebsiteoptimizer.com *.jsdelivr.net *.fabric-analytics.com *.growthbook.io *.gb-ingest.com *.appzi.io *.webgains.io *.webgains.com; font-src *.klarnacdn.net *.klevu.com *.ksearchnet.com *.bestheating.com *.bestheating.ie *.bigbathroomshop.co.uk *.bigbathroomshop.ie *.hudsonreed.com *.magedev.co.uk *.magedev2.co.uk *.magedev3.co.uk *.magedev4.co.uk *.magedev5.co.uk *.magedev6.co.uk *.magedev7.co.uk *.magestage.co.uk *.mageweb.co.uk *.localdev.com *.ldgdev.co.uk w.appzi.io *.equalweb.com *.googleusercontent.com *.typekit.net fonts.gstatic.com *.sirv.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/hpp.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/secure-test.worldpay.com\/shopper\/3ds\/ddc.html https:\/\/secure.worldpay.com\/shopper\/3ds\/ddc.html https:\/\/payments-test.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/payments-live.hpp.apps.eu-west-1-7z55k.dev.msp.worldpay.io\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/payments.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate 'self' 'unsafe-inline'; frame-ancestors https:\/\/pay.google.com\/ 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.klarna.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.bestheating.com *.bestheating.ie *.bigbathroomshop.co.uk *.bigbathroomshop.ie *.hudsonreed.com *.magedev.co.uk *.magedev2.co.uk *.magedev3.co.uk *.magedev4.co.uk *.magedev5.co.uk *.magedev6.co.uk *.magedev7.co.uk *.magestage.co.uk *.mageweb.co.uk *.localdev.com *.ldgdev.co.uk *.equalweb.com *.google.com *.google.co.uk *.googlecommerce.com *.salesforce.com *.force.com *.salesforceliveagent.com ldg.my.site.com ldg.my.salesforce-scrt.com *.visualwebsiteoptimizer.com app.vwo.com https:\/\/payments-test.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/payments.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/payments-live.hpp.apps.eu-west-1-7z55k.dev.msp.worldpay.io\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/pay.google.com https:\/\/secure-test.worldpay.com https:\/\/hpp.worldpay.com\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com osm.klarnaservices.com *.klarnaevt.com *.klarnacdn.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.bestheating.com *.bestheating.ie *.bigbathroomshop.co.uk *.bigbathroomshop.ie *.hudsonreed.com *.magedev.co.uk *.magedev2.co.uk *.magedev3.co.uk *.magedev4.co.uk *.magedev5.co.uk *.magedev6.co.uk *.magedev7.co.uk *.magestage.co.uk *.mageweb.co.uk *.localdev.com *.ldgdev.co.uk *.adalyser.com *.s3.eu-west-1.amazonaws.com *.bing.com *.bing.net *.cloudfront.net *.doubleclick.net *.equalweb.com www.facebook.com connect.facebook.net *.google.com *.google.co.uk www.google.es www.google.it www.google.fr www.google.de www.google.nl www.google.be www.google.at www.google.ie *.googlesyndication.com *.googleusercontent.com *.gstatic.com *.clarity.ms *.onetrust.com www.paypalobjects.com *.paypal.com services.postcodeanywhere.co.uk s.pinimg.com ct.pinterest.com *.salesforce.com *.force.com *.salesforceliveagent.com ldg.my.site.com ldg.my.salesforce-scrt.com *.sirv.com *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io *.jsdelivr.net *.fabric-analytics.com *.growthbook.io *.gb-ingest.com *.appzi.io *.cloudflare.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.klarna.com *.klarnacdn.net *.klarnacdn.net *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.bestheating.com *.bestheating.ie *.bigbathroomshop.co.uk *.bigbathroomshop.ie *.hudsonreed.com *.magedev.co.uk *.magedev2.co.uk *.magedev3.co.uk *.magedev4.co.uk *.magedev5.co.uk *.magedev6.co.uk *.magedev7.co.uk *.magestage.co.uk *.mageweb.co.uk *.localdev.com *.ldgdev.co.uk *.adalyser.com *.cdn-apple.com *.billiger.de billiger.de *.bing.com *.bing.net *.braintreegateway.com *.cardinalcommerce.com *.cloudfront.net *.digitalbridgehq.com *.doubleclick.net *.equalweb.com www.facebook.com connect.facebook.net *.avocet.io avocet.io *.google.com *.google.co.uk *.googleapis.com *.googlecommerce.com *.googlesyndication.com *.gstatic.com s.kk-resources.com *.klaviyo.com *.klevu.com secure.cimg.leguide.com *.clarity.ms js-agent.newrelic.com bam.nr-data.net *.onetrust.com www.paypalobjects.com *.paypal.com services.postcodeanywhere.co.uk trues11114.pcapredict.com s.pinimg.com ct.pinterest.com *.salesforce.com *.force.com *.salesforceliveagent.com ldg.my.site.com ldg.my.salesforce-scrt.com *.solutenetwork.com *.trustpilot.com unpkg.com app.vwo.com *.visualwebsiteoptimizer.com *.jsdelivr.net *.fabric-analytics.com *.growthbook.io *.gb-ingest.com *.appzi.io *.webgains.io *.webgains.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/api.js *.cloudflare.com https:\/\/pay.google.com\/gp\/p\/js\/pay.js https:\/\/applepay.cdn-apple.com\/jsapi\/v1\/apple-pay-sdk.js https:\/\/payments.worldpay.com\/resources\/cse\/js\/worldpay-cse-1.0.2.min.js https:\/\/payments.worldpay.com\/resources\/hpp\/integrations\/embedded\/js\/hpp-embedded-integration-library.js https:\/\/d35p4vvdul393k.cloudfront.net\/sdk_library\/us\/stg\/ops\/pc_gsmpi_web_sdk.js https:\/\/d16i99j5zwwv51.cloudfront.net\/sdk_library\/us\/prd\/ops\/pc_gsmpi_web_sdk.js *.sirv.com https:\/\/js.klevu.com https:\/\/service.force.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.klarnacdn.net https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com unsafe-inline assets.braintreegateway.com *.bestheating.com *.bestheating.ie *.bigbathroomshop.co.uk *.bigbathroomshop.ie *.hudsonreed.com *.magedev.co.uk *.magedev2.co.uk *.magedev3.co.uk *.magedev4.co.uk *.magedev5.co.uk *.magedev6.co.uk *.magedev7.co.uk *.magestage.co.uk *.mageweb.co.uk *.localdev.com *.ldgdev.co.uk *.equalweb.com fonts.googleapis.com www.googletagmanager.com *.gstatic.com *.klaviyo.com services.postcodeanywhere.co.uk *.salesforce.com *.force.com *.salesforceliveagent.com ldg.my.site.com ldg.my.salesforce-scrt.com *.typekit.net *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io *.jsdelivr.net *.fabric-analytics.com *.growthbook.io *.gb-ingest.com *.appzi.io *.cloudflare.com https:\/\/fonts.googleapis.com\/css *.sirv.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.bestheating.com *.bestheating.ie *.bigbathroomshop.co.uk *.bigbathroomshop.ie *.hudsonreed.com *.magedev.co.uk *.magedev2.co.uk *.magedev3.co.uk *.magedev4.co.uk *.magedev5.co.uk *.magedev6.co.uk *.magedev7.co.uk *.magestage.co.uk *.mageweb.co.uk *.localdev.com *.ldgdev.co.uk *.bing.com *.bing.net *.equalweb.com *.gstatic.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.klarnaevt.com *.klarnacdn.net *.klarna.com *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.bestheating.com *.bestheating.ie *.bigbathroomshop.co.uk *.bigbathroomshop.ie *.hudsonreed.com *.magedev.co.uk *.magedev2.co.uk *.magedev3.co.uk *.magedev4.co.uk *.magedev5.co.uk *.magedev6.co.uk *.magedev7.co.uk *.magestage.co.uk *.mageweb.co.uk *.localdev.com *.ldgdev.co.uk payments-eu.amazon.com *.s3.eu-west-1.amazonaws.com *.bing.com *.bing.net payments.braintree-api.com *.datadome.co *.digitalbridgehq.com eu.prd.impact.fixtuur.com *.fixtuur.io *.doubleclick.net *.equalweb.com *.facebook.com *.google.com *.google.co.uk www.google.es www.google.it www.google.fr www.google.de www.google.nl www.google.be www.google.at www.google.ie *.googleapis.com *.googlesyndication.com *.clarity.ms js-agent.newrelic.com bam.nr-data.net *.onetrust.com www.paypalobjects.com *.paypal.com s.pinimg.com ct.pinterest.com www.pinterest.com services.postcodeanywhere.co.uk region1.google-analytics.com *.salesforce.com *.force.com *.salesforceliveagent.com ldg.my.site.com ldg.my.salesforce-scrt.com *.samsung.com *.typekit.net *.webgains.io *.visualwebsiteoptimizer.com app.vwo.com *.jsdelivr.net *.fabric-analytics.com *.growthbook.io *.gb-ingest.com *.appzi.io https:\/\/www.google.com\/pay https:\/\/pay.google.com\/gp\/p\/web_manifest.json https:\/\/pay.google.com\/gp\/p\/payment_method_manifest.json https:\/\/pay.google.com\/ https:\/\/google.com\/pay *.worldpay.com https:\/\/hpp.worldpay.com\/app\/hpp\/135-0\/telemetry https:\/\/hpp.worldpay.com\/app\/hpp\/135-0\/payment\/paypalsmartbutton\/continue https:\/\/payments.worldpay.com\/app\/hpp\/135-0\/telemetry\/iframe *.sirv.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.onetrust.com 'self' 'unsafe-inline'; report-uri https:\/\/f4ea971e-20d9-420f-b92f-973abc905556.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com data: *.cookiebot.com static.klaviyo.com *.newrelic.com *.queue-it.net *.yotpo.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.cookiebot.com *.adsrvr.org *.smct.io *.newrelic.com *.doubleclick.net *.cloudfront.net *.queue-it.net *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.trustpilot.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com *.google.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.cookiebot.com *.bing.com *.newrelic.com *.clarity.ms cdn.noibu.com *.cloudfront.net x.klarnacdn.net *.queue-it.net www.google.co.uk alb.reddit.com www.facebook.com *.yotpo.com ads-twitter.com *.ads-twitter.com *.twitter.com t.co https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/firebasestorage.googleapis.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.cookiebot.com *.hotjar.com *.bing.com *.webgains.io *.clarity.ms *.tiktok.com *.adsrvr.org *.stackadapt.com *.smct.co smct.co *.smct.io *.noibu.com *.upsellit.com *.scriptcdn.net *.redditstatic.com *.queue-it.net rum.hlx.page *.abtasty.com *.yotpo.com ads-twitter.com *.ads-twitter.com *.twitter.com *.googleusercontent.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.shopify.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com maps.googleapis.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.trustpilot.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.cookiebot.com *.newrelic.com static.klaviyo.com static-tracking.klaviyo.com *.noibu.com *.queue-it.net *.yotpo.com *.fontawesome.com https:\/\/static.klaviyo.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.stripe.network *.stripecdn.com *.amazon.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com https:\/\/instagram.fdel27-5.fna.fbcdn.net https:\/\/instagram.fdel27-4.fna.fbcdn.net https:\/\/instagram.fdel27-3.fna.fbcdn.net https:\/\/instagram.fdel27-2.fna.fbcdn.net https:\/\/instagram.fdel27-1.fna.fbcdn.net https:\/\/scontent-lcy1-1.cdninstagram.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.googleapis.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com stats.g.doubleclick.net *.cookiebot.com *.clarity.ms *.tiktok.com *.googlesyndication.com *.amazonaws.com cdn.noibu.com wss:\/\/*.noibu.com input.noibu.com *.tiktokw.us *.reddit.com *.redditstatic.com *.bing.com *.queue-it.net widget.trustpilot.com *.smct.io rum.hlx.page *.datadome.co adsmeasurement.com www.facebook.com *.abtasty.com *.yotpo.com ads-twitter.com *.ads-twitter.com *.twitter.com *.googleusercontent.com *.ideal-postcodes.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com places.googleapis.com www.googleapis.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/d3js.org https:\/\/www.gstatic.com https:\/\/cse.google.com https:\/\/www.googleadservices.com cdn.jsdelivr.net https:\/\/cdn.ckeditor.com https:\/\/cdn.datatables.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/www.google.com https:\/\/www.lbtu.lv; script-src-elem 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/d3js.org https:\/\/www.gstatic.com https:\/\/cse.google.com https:\/\/www.googleadservices.com cdn.jsdelivr.net https:\/\/cdn.ckeditor.com https:\/\/cdn.datatables.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/www.google.com https:\/\/www.lbtu.lv; style-src 'self' 'report-sample' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.datatables.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/unpkg.com; style-src-elem 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.datatables.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/unpkg.com; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paymentexpress.com *.windcave.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.xtento.com *.paymentexpress.com *.windcave.com *.yotpo.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.xtento.com cdn.xtento.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com *.files-text.com *.livechatinc.com *.livechat-files.com *.livechat-static.com https:\/\/firebasestorage.googleapis.com flagpedia.net *.yotpo.com data: 'self' 'unsafe-inline'; script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.xtento.com cdn.xtento.com https:\/\/rum.hlx.page chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com https:\/\/browser.sentry-cdn.com *.livechatinc.com *.livechat-static.com *.avada.io *.shopify.com *.gstatic.com maps.googleapis.com *.yotpo.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src downloads.mailchimp.com *.livechatinc.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src *.livechatinc.com 'self' 'unsafe-inline'; media-src *.livechatinc.com *.livechat-static.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com https:\/\/*.ingest.sentry.io *.livechatinc.com *.text.com https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com *.yotpo.com 'self' 'unsafe-inline'; child-src *.livechatinc.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self';                    script-src 'report-sample' 'self' 'unsafe-inline' https:\/\/acsbapp.com\/ https:\/\/browser.sentry-cdn.com\/ https:\/\/cdn.cookielaw.org\/ https:\/\/cdn.jsdelivr.net\/ https:\/\/cdn.tailwindcss.com\/ https:\/\/code.jquery.com\/ https:\/\/fast.wistia.com\/ https:\/\/js.monitor.azure.com\/ https:\/\/kit.fontawesome.com\/ https:\/\/www.google.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.gstatic.com\/;                    style-src 'report-sample' 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/fonts.googleapis.com;                    img-src *;                    font-src * data:;                    frame-src 'self' https:\/\/privacyportal.onetrust.com https:\/\/www.google.com;                    frame-ancestors 'self' *.globalmedicalresponse.corpweb *.globalmedicalresponse.com;                    connect-src 'self' https:\/\/*.litix.io https:\/\/cdn.acsbapp.com https:\/\/cdn.cookielaw.org https:\/\/centralus-2.in.applicationinsights.azure.com https:\/\/dc.services.visualstudio.com https:\/\/distillery.wistia.com https:\/\/embed-cloudfront.wistia.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/geolocation.onetrust.com https:\/\/ka-p.fontawesome.com https:\/\/pipedream.wistia.com https:\/\/privacyportal.onetrust.com https:\/\/www.google-analytics.com;                    object-src 'none';                    base-uri 'self';                    manifest-src 'self';                    media-src 'self' blob:;                   worker-src 'none';                    report-uri https:\/\/68654b2b841f0014a4c0d0f7.endpoint.csper.io?v=1;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com data: 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com maxcdn.bootstrapcdn.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com *.googlesyndication.com *.tiktok.com *.twitter.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.multisafepay.com https:\/\/pay.google.com *.twitter.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.googleapis.com *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com flagpedia.net *.multisafepay.com *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cloudfront.net app.youshouldask.ai interface.mailcampaigns.nl data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com maps.googleapis.com *.multisafepay.com https:\/\/pay.google.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com ka-p.fontawesome.com app.youshouldask.ai static.cloudflareinsights.com interface.mailcampaigns.nl static.usizy.es app.aiden.cx 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com *.fontawesome.com maxcdn.bootstrapcdn.com *.multisafepay.com *.cloudflare.com *.twitter.com *.twimg.com *.typekit.net *.trustedshops.com *.usercentrics.eu app.youshouldask.ai 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.googleapis.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com www.gstatic.com maps.googleapis.com *.multisafepay.com *.cloudflare.com *.twitter.com *.twimg.com ka-p.fontawesome.com app.youshouldask.ai usizy.com app.aiden.cx 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' data: 'unsafe-inline' data: 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri http:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src 'self' *.zdassets.com *.zopim.com *.zendesk.com wss:\/\/*.zendesk.com wss:\/\/*.zopim.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' d1qmrxg9gbf226.cloudfront.net api-accent.bloomreach.co *.qantasloyalty.com api.smooch.io applepay.cdn-apple.com *.googleadservices.com assets.braintreegateway.com\/web *.bazaarvoice.com *.doubleclick.net storage.googleapis.com\/workbox-cdn www.google.com\/pagead *.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ cfjump.platypusshoes.com.au cfjump.platypusshoes.co.nz *.fullstory.com www.googletagmanager.com analytics.tiktok.com cdn.unidays.world *.truefitcorp.com www.paypalobjects.com\/api\/checkout.min.js *.klaviyo.com t.cfjump.com *.zdassets.com connect.facebook.net maps.googleapis.com js-agent.newrelic.com js.datadome.co ct.captcha-delivery.com *.adobedtm.com *.afterpay.com *.demdex.net *.forter.com dlthst9q2beh8.cloudfront.net d2nww8zpyj5pk0.cloudfront.net *.google-analytics.com *.paypal.com afterpay.com foursixty.com *.useinsider.com *.roymorgan.com s.pinimg.com lantern.roeyecdn.com ct.pinterest.com js-sandbox.squarecdn.com js.squarecdn.com ; style-src 'self' 'unsafe-inline' display.ugc.bazaarvoice.com maxcdn.bootstrapcdn.com\/font-awesome *.typekit.net fonts.googleapis.com assets.braintreegateway.com *.adobetm.com foursixty.com assets.api.useinsider.com *.adobemc.com ; img-src data: 'self' api-accent.bloomreach.co *.zendesk.com dpm.demdex.net www.googleadservices.com\/ccm www.magentocommerce.com\/products\/media *.platypusshoes.co.nz *.platypusshoes.com.au googleads.g.doubleclick.net ad.doubleclick.net www.google.com\/ccm www.paypalobjects.com www.google.com www.google.com.au www.google.co.nz www.google.com.vn maps.gstatic.com\/mapfiles scontent.cdninstagram.com *.afterpay.com *.accentgra.com www.googletagmanager.com www.facebook.com *.bazaarvoice.com t.paypal.com duuytoqss3gu4.cloudfront.net df45ay5pw60dy.cloudfront.net d3nocrch4qti4v.cloudfront.net *.google-analytics.com *.pinterest.com *.twilio.com *.tiktok.com *.useinsider.com maps.googleapis.com\/maps developers.google.com *.zopim.io *.zdassets.com amcglobal.sc.omtrdc.net adservice.google.com lantern.roeye.com accentgroupxpdev.112.2o7.net\/b\/ss\/accentgroup-xpdev i.vimeocdn.com\/video ; object-src 'none' ; base-uri 'self' ; child-src 'self' blob: ; connect-src 'self' api-accent.bloomreach.co *.qantasloyalty.com analytics.google.com\/g\/collect iq.afterpay.com\/us\/v1 iq.afterpay-beta.com\/us\/v1 *.my.sentry.io wss:\/\/api.smooch.io *.accentgra.com www.facebook.com\/tr google.com www.google.com collect-ap2.attraqt.io smetrics.platypusshoes.co.nz *.fullstory.com *.klaviyo.com smetrics.platypusshoes.com.au api-js.datadome.co *.adobedc.net *.afterpay.com *.bazaarvoice.com *.braintree-api.com *.braintreegateway.com *.demdex.net *.forter.com *.foursixty.com google.com\/ccm www.google.com\/ccm *.google-analytics.com *.googleapis.com www.google.com.au\/ads\/ga-audiences *.nr-data.net *.paypal.com *.truefitcorp.com *.zdassets.com *.zendesk.com *.zopim.com accentgroupxpdev.112.2o7.net afterpay.com analytics.tiktok.com facebook.com *.roymorgan.com foursixty.com kleber.datatoolscloud.net.au sentry.io vimeo.com wss:\/\/*.twilio.com wss:\/\/widget-mediator.zopim.com d2o5idwacg3gyw.cloudfront.net dz8rit8v72mig.cloudfront.net d2lxqodqbpy7c2.cloudfront.net d6rak4b14t5gp.cloudfront.net d3k4bt74u9esq1.cloudfront.net wss:\/\/cdn0.forter.com api.myunidays.com ct.pinterest.com stats.g.doubleclick.net *.useinsider.com ; font-src data: 'self' maxcdn.bootstrapcdn.com\/font-awesome fonts.gstatic.com *.truefitcorp.com *.useinsider.com static.klaviyo.com use.typekit.net shopping.qantas.com ; frame-src 'self' api-accent.bloomreach.co *.qlstg.qantas.com www.googletagmanager.com geo.captcha-delivery.com *.formstack.com *.afterpay.com *.bazaarvoice.com *.demdex.net *.doubleclick.net *.facebook.com *.myunidays.com *.omniparcelreturns.com *.paypal.com *.paypalobjects.com *.truefitcorp.com *.useinsider.com *.vimeo.com *.youtu.be *.youtube.com afterpay.com assets.braintreegateway.com facebook.com foursixty.com google.com www.google.com vimeo.com ct.pinterest.com ; worker-src 'self' blob: *.accentgra.com *.platypusshoes.co.nz *.platypusshoes.com.au;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com https:\/\/fonts.bunny.net *.lndo.site *.weprovide.shop script.hotjar.com unpkg.com *.triggerbee.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com https:\/\/www.paypal.com https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io landofcoder.com maps.googleapis.com chart.googleapis.com https:\/\/www.googletagmanager.com\/ *.trustpilot.com *.lndo.site *.weprovide.shop dtm.cando.eu vars.hotjar.com ct.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com https:\/\/banners.helloretailcdn.com 'self' data: www.google.nl *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com https:\/\/portal.payconiq.com https:\/\/static.buckaroo.nl https:\/\/www.paypalobjects.com cdn.flbx.io *.cloudfront.net 'self' blob: data http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com *.lndo.site *.weprovide.shop maps.google.com maps.googleapis.com mailing.deli-home.nl *.clarity.ms *.omappapi.com ct.pinterest.com cdn.cookielaw.org *.cando.eu skantrae.com *.weekampdeuren.nl dev.visualwebsiteoptimizer.com *.triggerbee.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/core.helloretail.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com cdn.jsdelivr.net *.tiktok.com https:\/\/static.buckaroo.nl https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/buckaroo.nl https:\/\/www.paypal.com https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io *.getflowbox.com landofcoder.com maps.googleapis.com chart.googleapis.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.avada.io *.shopify.com *.trustpilot.com *.lndo.site *.weprovide.shop cdnjs.cloudflare.com code.jquery.com optanon.blob.core.windows.net geolocation.onetrust.com *.omappapi.com bam.nr-data.net cdn.cookielaw.org js-agent.newrelic.com s.pinimg.com *.hotjar.com *.clarity.ms cdn.leadinfo.net ct.pinterest.com dev.visualwebsiteoptimizer.com *.triggerbee.com *.myvisitors.se *.jotform.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl *.fontawesome.com https:\/\/fonts.bunny.net *.trustpilot.com *.lndo.site *.weprovide.shop optanon.blob.core.windows.net a.omappapi.com cdn.cookielaw.org p.typekit.net skantrae.com 'self' 'unsafe-inline'; object-src landofcoder.com maps.googleapis.com chart.googleapis.com 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/core.helloretail.com https:\/\/helloretailcdn.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com wss:\/\/websocketservice-externalapi.prod.buckaroo.io https:\/\/static.buckaroo.nl wss:\/\/websockets.buckaroo.io\/ https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io https:\/\/applepay.buckaroo.io https:\/\/www.paypal.com *.getflowbox.com *.googleapis.com landofcoder.com maps.googleapis.com chart.googleapis.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/get.geojs.io *.avada.io *.lndo.site *.weprovide.shop *.cando.eu bam.nr-data.net *.clarity.ms *.omappapi.com ct.pinterest.com sp.spheremall.com *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com cdn.cookielaw.org geolocation.onetrust.com dev.visualwebsiteoptimizer.com *.triggerbee.com gethatch.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com wsv3cdn.audioeye.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * bid.g.doubleclick.net\/ ssl.kaptcha.com tst.kaptcha.com wsv3cdn.audioeye.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https: https:\/\/meetanshi.com\/media\/logo.png data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de chimpstatic.com downloads.mailchimp.com *.list-manage.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com buttons-config.sharethis.com platform-api.sharethis.com t.sharethis.com www.redditstatic.com www.mczbf.com connect.facebook.net wsmcdn.audioeye.com wsv3cdn.audioeye.com cmp.osano.com appleid.cdn-apple.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com downloads.mailchimp.com unsafe-inline assets.braintreegateway.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com s3.amazonaws.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com googleads.g.doubleclick.net stats.g.doubleclick.net l.sharethis.com platform-api.sharethis.com *.braintreegateway.com *.sandbox.paypal.com www.mczbf.com analytics.audioeye.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.fontawesome.com 'self' data: https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com *.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.cleverreach.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com secure.pay1.de payments.amazon.de jsctool.com www.jsctool.com js.playground.klarna.com *.hotjar.com secure.pay1.de\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.googleapis.com *.cloudfront.net ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/api.mapbox.com cdn.pay1.de x.klarnacdn.net m.media-amazon.com static-eu.payments-amazon.com *.hsforms.net *.hsforms.com 'self' data: https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com widgets.trustedshops.com mcstagingmedia.carou.com mcprodmedia.carou.com *.google.com www.google.com.ua ct.pinterest.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com widget.freshworks.com m2epro.freshdesk.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com secure.pay1.de d.ratepay.com static-eu.payments-amazon.com x.klarnacdn.net cdn.klarna.com jsctool.com d.payla.io *.hotjar.com unsafe-inline *.hsforms.net *.hsforms.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com widgets.trustedshops.com bam.nr-data.net js-agent.newrelic *.ratepay.com js-agent.newrelic.com s.pinimg.com analytics.tiktok.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com downloads.mailchimp.com widget.freshworks.com m2epro.freshdesk.com *.fontawesome.com d.ratepay.com d.payla.io dr.payla.io maxcdn.bootstrapcdn.com *.googleapis.com *.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com *.bootstrapcdn.com maxcdn.bootstrapcdn.com\/ *.ratepay.com\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.googleapis.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com widget.freshworks.com m2epro.freshdesk.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com payments.amazon.de payments-eu.amazon.com d.ratepay.com jsctool.com eu.playground.klarnaevt.com autocomplete2.postdirekt.de t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com *.trustedshops.com *.etrusted.com *.hotjar.com wss:\/\/*.hotjar.com\/ bam.nr-data.net www.carou.com stats.g.doubleclick.net vc.hotjar.io ct.pinterest.com analytics.tiktok.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com fonts.gstatic.com fonts.googleapis.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net www.googletagmanager.com www.google.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.vimeocdn.com s.ytimg.com bam.eu01.nr-data.net 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.googletagmanager.com www.youtube.com maps.googleapis.com https:\/\/cdn.polyfill.io https:\/\/browser.sentry-cdn.com *.googleapis.com *.google.com *.gstatic.com *.avada.io www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ js-agent.newrelic.com bam.eu01.nr-data.net connect.facebook.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com fonts.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net https:\/\/*.ingest.sentry.io http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/get.geojs.io *.avada.io bam.eu01.nr-data.net region1.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/youtube-marketing\/artists_youtube","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com *.googleapis.com data: *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/plumrocket.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.certcapture.com https:\/\/plumrocket.com *.affirm.com *.affirm.ca www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/www.google.com www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.certcapture.com *.hubspot.com *.hsforms.com static.hsappstatic.net bat.bing.com *.googleusercontent.com obs.withflowersea.com aorta.clickagy.com *.affirm.com *.affirm.ca *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com maps.gstatic.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.certcapture.com js.usemessages.com js.hs-banner.com *.hubspot.com js.hs-analytics.net js.hs-scripts.com js.hsadspixel.net js-agent.newrelic.com ob.withflowersea.com obs.withflowersea.com script.crazyegg.com bat.bing.com www.clarity.ms amplify.outbrain.com wave.outbrain.com bigsur.ai ws-assets.zoominfo.com js.zi-scripts.com tags.clickagy.com js.adsrvr.org js.callrail.com cdn.callrail.com https:\/\/rum.hlx.page *.affirm.com *.affirm.ca *.googleapis.com *.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/www.googletagmanager.com tagmanager.google.com https:\/\/www.googleadservices.com *.avada.io *.shopify.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/apis.google.com maps.googleapis.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com *.hubspot.com api.hubapi.com bam.nr-data.net tr.outbrain.com amplify.outbrain.com paid.outbrain.com obs.withflowersea.com js.callrail.com script.crazyegg.com api.prod.bigsur.ai v.clarity.ms js.zi-scripts.com ws.zoominfo.com aorta.clickagy.com hemsync.clickagy.com *.affirm.com *.affirm.ca *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; object-src 'none';","count":2},{"content-security-policy-report-only":" default-src https:\/\/www.oreilly.com\/Yl0xpTG67Iif\/0dLC04yT65\/5N\/6rS7G2YwNOau\/NTJ8bzkhJAE\/CzUGf\/CRFTlkt https:\/\/www.oreilly.com\/Yl0xpTG67Iif\/0dLC04yT65\/5N\/6rS7G2YwNOau\/NTJ8bzkhJAE\/CzUGf\/CRFTlkt  https:\/\/www.oreilly.com\/Yl0xpTG67Iif\/0dLC04yT65\/5N\/aQS7G2pJmD8cSGh5t1\/E0B3bzkhJAE\/NxEdb\/k5eVVoB  https:\/\/www.oreilly.com  * 'unsafe-inline' 'unsafe-eval' data: blob: android-webview-video-poster: moz-extension: ms-browser-extension: chrome-extension: ios-log:; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubb898c25826db9d251f99fdcece943792&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service:wordpress-prod-cluster;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/cdn.checkout.com data: checkout.tabby.ai widgets.tabby.ai cdn.tabby.ai fonts.googleapis.com storage.googleapis.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.fontawesome.com *.alothemes.com *.magepow.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.ccavenue.ae 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/js.checkout.com *.klarna.com *.ccavenue.ae checkout.tabby.ai https:\/\/c.sharethis.mgr.consensu.org https:\/\/secure.ccavenue.ae 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.ccavenue.ae cdn.jsdelivr.net data: checkout.tabby.ai widgets.tabby.ai cdn.tabby.ai fonts.googleapis.com storage.googleapis.com *.magentocommerce.com *.cloudfront.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu https:\/\/events.getxeno.com https:\/\/l.sharethis.com https:\/\/sharethis.com https:\/\/platform-cdn.sharethis.com *.facebook.com *.alothemes.com *.magepow.com *.tamara.co data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.magento-datasolutions.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/cdn.checkout.com *.klarnacdn.net *.ccavenue.ae *.moengage.com sc-static.net *.snapchat.com *.spotii.me apigoswirl.com cdn.jsdelivr.net checkout.tabby.ai widgets.tabby.ai cdn.segment.com cdn.sift.com score.jcsc.online seondf.com deviceinf.com getdeviceinf.com *.cloudflare.com *.authorize.net *.braintreegateway.com *.ytimg.com *.paypal.com *.payments-amazon.com *.croapp.net https:\/\/sdk.getxeno.com https:\/\/unpkg.com https:\/\/cdn.jsdelivr.net https:\/\/buttons-config.sharethis.com https:\/\/platform-api.sharethis.com s7.addthis.com *.googletagmanager.com *.facebook.net *.alothemes.com *.magepow.com cdn.tamara.co maps.googleapis.com *.tamara.co 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com https:\/\/cdn.checkout.com apigoswirl.com cdn.jsdelivr.net *.yotpo.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.alothemes.com *.magepow.com *.tamara.co 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.tamara.co 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.magento-datasolutions.com *.magento-ds.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/js.checkout.com *.klarnaevt.com *.ccavenue.ae *.moengage.com sc-static.net *.snapchat.com *.spotii.me apigoswirl.com api.goswirl.live checkout.tabby.ai widgets.tabby.ai cdn.segment.com api.segment.com api.segment.io api.amplitude.com *.seondfresolver.com *.deviceinfresolver.com *.getdeviceinfresolver.com *.cloudflare.com *.twitter.com *.twimg.com api.homesrusae.evinent.site homesrusaenew-api.evinent.site api.homesrusqa.evinent.site homesrusqanew-api.evinent.site api.momstore.evinent.site momstorenew-api.evinent.site api.carters.evinent.site https:\/\/api.getxeno.com https:\/\/events.getxeno.com https:\/\/l.sharethis.com https:\/\/sharethis.com ekr.zdassets.com\/ *.google-analytics.com *.alothemes.com *.magepow.com maps.googleapis.com *.tamara.co 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.seondnsresolve.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self'; style-src 'self';","count":2},{"content-security-policy-report-only":" report-uri \/es\/Error\/ReportCPS;","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https:; connect-src 'self' https:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; report-uri \/csp-report;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.fontawesome.com *.gstatic.com 'self' data: data: surveys-static.survicate.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ cdn.dnky.co amc.demdex.net www.google.com www.facebook.com youtube.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net 'self' data: maps.gstatic.com maps.googleapis.com accounts.google.com www.facebook.com www.google.com.co js.intercomcdn.com intercomassets.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com https:\/\/rum.hlx.page https:\/\/www.google.com *.gstatic.com cdn.dnky.co r1-t.trackedlink.net www.gstatic.com js-agent.newrelic.com bam.nr-data.net maps.googleapis.com connect.facebook.net player.vimeo.com https:\/\/maps.googleapis.com *.snrbox.com static.hotjar.com *.clarity.ms surveys-static.survicate.com script.hotjar.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.fontawesome.com *.googleapis.com *.gstatic.com cdn.dnky.co *.googletagmanager.com *.cookielaw.org *.snrcdn.net https:\/\/surveys-static.survicate.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.magento-datasolutions.com *.magento-ds.com *.synerise.com maps.googleapis.com api.comapi.com bam.nr-data.net *.cookielaw.org *.snrbox.com t.clarity.ms stats.g.doubleclick.net api-iam.intercom.io wss:\/\/nexus-websocket-a.intercom.io wss:\/\/ws.hotjar.com https:\/\/content.hotjar.io 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" base-uri 'self' d6tizftlrpuof.cloudfront.net; default-src 'self' http: https: data: blob: 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' d6tizftlrpuof.cloudfront.net www.googletagmanager.com tags-eu.tiqcdn.com w.usabilla.com api.usabilla.com cdn.mateti.net *.xplosion.de connect.facebook.net sc-static.net static.ads-twitter.com cdn.moengage.com googleads.g.doubleclick.net www.google.com tr.snapchat.com s.go-mpulse.net *.adform.net; style-src 'self' 'unsafe-inline' d6tizftlrpuof.cloudfront.net; img-src 'self'; font-src 'self' ebs10.telekom.de d6tizftlrpuof.cloudfront.net; object-src 'none'; media-src 'self' blob: streaming.magentamusik.de; frame-src 'self' d6tizftlrpuof.cloudfront.net www.googletagmanager.com tr.snapchat.com www.facebook.com; form-action 'self' www.facebook.com; frame-ancestors 'self'; report-to csp-endpoint;","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net * data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.certcapture.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.googletagmanager.com *.yotpo.com 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com * https:\/\/images.unsplash.com *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.prism.app-us1.com *.prismic.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com magefan.com cm.magefan.com *.googletagmanager.com ssl.gstatic.com www.gstatic.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.prism.app-us1.com *.prismic.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.googletagmanager.com tagmanager.google.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net * https:\/\/browser.sentry-cdn.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.cash.app *.certcapture.com https:\/\/static.klaviyo.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com tagmanager.google.com fonts.google.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net * 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.prism.app-us1.com *.prismic.io https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.googletagmanager.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com o250663.ingest.us.sentry.io 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/b311375c-e003-480d-a33d-a95fcc34078f.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src 'none'; connect-src 'self' https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; object-src 'none'; manifest-src https: data:; media-src https: data:; frame-src 'self' https:\/\/youtube.com https:\/\/www.youtube.com https:\/\/mc.yandex.ru https:\/\/mc.yandex.md https:\/\/www.google.com https:\/\/smartcaptcha.yandexcloud.net; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com *.bootstrapcdn.com data: *.3dcloud.io *.fontawesome.com *.taggbox.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com cloudinary.com *.facebook.com *.cybersource.com *.bazaarvoice.com *.salsify.com *.3dcloud.io *.authorize.net *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.affirm.com *.affirm.ca *.certcapture.com cloudinary.com res.cloudinary.com *.pinterest.com *.facebook.com *.doubleclick.net *.cybersource.com *.trkn.us *.paypal.com *.bazaarvoice.com *.google.com *.salsify.com *.hotjar.com *.hon.com *.3dcloud.io *.kmail-lists.com\/ *.braintreegateway.com *.kaptcha.com *.addtoany.com *.paystand.com *.paystand.co *.google.com\/ *.authorize.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.weltpixel.com *.googletagmanager.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.gstatic.com *.affirm.com *.affirm.ca *.certcapture.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.hon.com *.allsteeloffice.com *.honbasyx.com honbasyx.com cloudinary.com res.cloudinary.com *.addtoany.com *.bing.com *.facebook.com *.pinterest.com *.google.com *.google.co.in *.cybersource.com *.bazaarvoice.com *.salsify.com meetanshi.com *.3dcloud.io *.paypal.com *.flippingbook.com *.taggbox.com https:\/\/www.magezon.com store.paradoxlabs.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com https:\/\/rum.hlx.page *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.gstatic.com *.affirm.com *.affirm.ca *.certcapture.com chimpstatic.com downloads.mailchimp.com *.list-manage.com cloudinary.com *.addtoany.com *.bootstrapcdn.com *.googletagmanager.com *.doubleclick.net *.trkn.us *.pinimg.com *.facebook.net *.bing.com *.pinterest.com *.cybersource.com *.online-metrix.net *.hotjar.com *.hotjar.io *.google.com *.google.co.in *.google.in *.googleadservices.com *.google-analytics.com *.paypalobjects.com *.vimeo.com *.cdn-scripts.com *.braintreegateway.com *.signifyd.com *.bazaarvoice.com *.salsify.com bam.nr-data.net *.crazyegg.com mczbf.com *.mczbf.com *.3dcloud.io *.chimpstatic.com *.paypal.com *.paystand.com *.paystand.co *.flippingbook.com *.cloudfront.net *.taggbox.com *.tagbox.com widget.freshworks.com m2epro.freshdesk.com *.google.com\/ *.authorize.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.clarity.ms *.klaviyo.com unpkg.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com downloads.mailchimp.com cloudinary.com *.addtoany.com *.googleapis.com *.bootstrapcdn.com *.cybersource.com *.bazaarvoice.com *.salsify.com *.3dcloud.io *.fontawesome.com *.datatables.net *.typekit.net *.paystand.com *.paystand.co *.taggbox.com widget.freshworks.com m2epro.freshdesk.com unsafe-inline assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com *.yotpo.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.hon.com *.allsteeloffice.com *.honbasyx.com honbasyx.com cloudinary.com res.cloudinary.com *.cybersource.com *.bazaarvoice.com *.salsify.com data: *.3dcloud.io 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.affirm.com *.affirm.ca *.certcapture.com *.addtoany.com *.facebook.com *.cybersource.com *.pinterest.com *.salsify.com *.google-analytics.com bam.nr-data.net *.hotjar.com *.hotjar.io *.crazyegg.com *.doubleclick.net mczbf.com *.mczbf.com sjwoe.com *.sjwoe.com *.3dcloud.io *.braintree-api.com *.flippingbook.com *.taggbox.com widget.freshworks.com m2epro.freshdesk.com *.authorize.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.run.app *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.oliocarli.it https:\/\/*.oliocarli.de https:\/\/*.oliocarli.at https:\/\/*.oliocarli.fr https:\/\/*.oliocarli.be https:\/\/*.oliocarli.ch https:\/\/*.oliocarli.us https:\/\/*.fratellicarli.com https:\/\/carli.my.site.com https:\/\/*.carli.my.site.com https:\/\/*.salesforce.com https:\/\/google.com https:\/\/*.google.com https:\/\/google.it https:\/\/*.google.it https:\/\/google.de https:\/\/*.google.de https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.uk https:\/\/*.google.co.uk https:\/\/google.com.ua https:\/\/*.google.com.ua https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/*.google-analytics.com https:\/\/pay.google.com https:\/\/accounts.google.com https:\/\/paypal.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/shopforward.eu https:\/\/*.gestpay.net https:\/\/*.sella.it https:\/\/*.klarna.com https:\/\/*.adyen.com https:\/\/*.authorize.net https:\/\/*.visa.com https:\/\/*.ccdc02.com https:\/\/*.addthis.com https:\/\/*.addthisedge.com https:\/\/static.addtoany.com https:\/\/*.newrelic.com https:\/\/*.nr-data.net https:\/\/*.cookiebot.com https:\/\/*.clarity.ms https:\/\/*.luckyorange.com https:\/\/*.hotjar.com https:\/\/*.fullstory.com https:\/\/*.smartlook.com https:\/\/*.taboola.com https:\/\/*.zemanta.com https:\/\/*.rfihub.net https:\/\/twitter.com https:\/\/*.twitter.com https:\/\/*.ads-twitter.com https:\/\/*.facebook.net https:\/\/*.bing.com https:\/\/*.webgains.io https:\/\/*.typekit.net https:\/\/*.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/*.cloudfront.net https:\/\/*.salecycle.com https:\/\/*.omniconvert.com https:\/\/*.fanplayr.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.sc-static.net https:\/\/*.moatads.com https:\/\/*.lockerdomecdn.com https:\/\/*.dwin1.com https:\/\/*.roeye.com https:\/\/*.roeyecdn.com https:\/\/*.plyr.io https:\/\/*.trustpilot.com https:\/\/*.sandbox.my.site.com https:\/\/*.creativecdn.com https:\/\/*.r66net.com https:\/\/*.r66net.net https:\/\/malsup.github.io https:\/\/the.sciencebehindecommerce.com https:\/\/*.awin1.com https:\/\/*.adform.net https:\/\/player.wowza.com https:\/\/rum.hlx.page https:\/\/*.zenaps.com https:\/\/overbridgenet.com https:\/\/*.videostep.com https:\/\/*.acsbapp.com https:\/\/www.youtube.com; connect-src 'self' https:\/\/*.oliocarli.it https:\/\/*.oliocarli.de https:\/\/*.oliocarli.at https:\/\/*.oliocarli.fr https:\/\/*.oliocarli.be https:\/\/*.oliocarli.ch https:\/\/*.oliocarli.us https:\/\/acsbapp.com https:\/\/*.acsbapp.com https:\/\/*.addthis.com https:\/\/*.googleapis.com https:\/\/*.nr-data.net https:\/\/*.demdex.net https:\/\/*.omtrdc.net https:\/\/*.cardinalcommerce.com https:\/\/paypal.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/amazon.com https:\/\/*.amazon.com https:\/\/amazon.it https:\/\/*.amazon.it https:\/\/amazon.fr https:\/\/*.amazon.fr https:\/\/amazon.es https:\/\/*.amazon.es https:\/\/amazon.de https:\/\/*.amazon.de https:\/\/*.amazonpay.com https:\/\/*.amazonservices.com https:\/\/*.amazonservices.it https:\/\/*.amazonservices.fr https:\/\/*.amazonservices.es https:\/\/*.amazonservices.de https:\/\/*.dotdigital-pages.com https:\/\/webchat.dotdigital.com https:\/\/*.braintreegateway.com https:\/\/*.braintree-api.com https:\/\/*.yotpo.com https:\/\/*.trackedlink.net https:\/\/*.trackedweb.net https:\/\/*.sella.it https:\/\/*.cookiebot.com https:\/\/*.clarity.ms https:\/\/*.luckyorange.com https:\/\/*.cloudfront.net https:\/\/*.sc-static.net https:\/\/*.salecycle.com wss:\/\/ws.salecycle.com https:\/\/*.fratellicarli.com https:\/\/*.omniconvert.com https:\/\/*.fanplayr.com https:\/\/*.doubleclick.net https:\/\/*.taboola.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/shopforward.eu https:\/\/*.a.run.app https:\/\/*.googlesyndication.com https:\/\/*.hotjar.com https:\/\/*.fullstory.com https:\/\/*.pinimg.com https:\/\/*.pinterest.com https:\/\/*.salesforce-scrt.com https:\/\/*.bing.com https:\/\/*.zemanta.com https:\/\/*.outbrain.com https:\/\/*.typekit.net https:\/\/*.authorize.net https:\/\/*.googletagmanager.com https:\/\/*.trustpilot.com https:\/\/*.sandbox.my.site.com https:\/\/*.googleadservices.com https:\/\/google.com https:\/\/*.google.com https:\/\/google.it https:\/\/*.google.it https:\/\/google.de https:\/\/*.google.de https:\/\/google.at https:\/\/*.google.at https:\/\/google.fr https:\/\/*.google.fr https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.uk https:\/\/*.google.co.uk https:\/\/google.com.ua https:\/\/*.google-analytics.com https:\/\/*.salesforce.com https:\/\/*.jsdelivr.net https:\/\/*.roeye.com https:\/\/klarna.com https:\/\/*.klarna.com https:\/\/*.klarnaevt.com https:\/\/*.sentry.io https:\/\/*.adyen.com https:\/\/*.creativecdn.com https:\/\/*.conversionsapigateway.com https:\/\/facebook.com https:\/\/*.facebook.com https:\/\/*.r66net.com https:\/\/*.r66net.net https:\/\/*.videostep.com https:\/\/user-sync.fwmrm.net https:\/\/*.awinblackfriday.com https:\/\/*.wepowerconnections.com https:\/\/*.adform.net https:\/\/rum.hlx.page https:\/\/*.zenaps.com https:\/\/overbridgenet.com https:\/\/the.sciencebehindecommerce.com; frame-src 'self' https:\/\/*.oliocarli.it https:\/\/*.oliocarli.de https:\/\/*.oliocarli.at https:\/\/*.oliocarli.fr https:\/\/*.oliocarli.be https:\/\/*.oliocarli.ch https:\/\/*.oliocarli.us https:\/\/static.addtoany.com https:\/\/*.addthis.com https:\/\/*.gestpay.net https:\/\/*.sella.it https:\/\/*.salecycle.com https:\/\/*.cookiebot.com https:\/\/*.doubleclick.net https:\/\/*.rfihub.com https:\/\/*.googleapis.com https:\/\/*.typekit.net https:\/\/*.trustpilot.com https:\/\/*.googletagmanager.com https:\/\/*.mainadv.com https:\/\/*.sandbox.my.site.com https:\/\/google.com https:\/\/*.google.com https:\/\/google.it https:\/\/*.google.it https:\/\/google.de https:\/\/*.google.de https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.uk https:\/\/*.google.co.uk https:\/\/google.com.ua https:\/\/*.paypal.com https:\/\/carli.my.site.com https:\/\/*.carli.my.site.com https:\/\/klarna.com https:\/\/*.klarna.com https:\/\/platform.twitter.com https:\/\/facebook.com https:\/\/*.facebook.com https:\/\/*.youtube.com https:\/\/tsdtocl.com https:\/\/*.awin1.com https:\/\/*.rsa3dsauth.co.uk https:\/\/*.securesuite.co.uk https:\/\/e.issuu.com https:\/\/*.wlp-acs.com https:\/\/*.fatcoupon.com https:\/\/tatrck.com https:\/\/hipodi.com https:\/\/*.lcl.fr https:\/\/*.arcot.com https:\/\/*.nexigroup.com https:\/\/oponas.com https:\/\/mitlogen.com https:\/\/bcsgsrv.com https:\/\/go.storecategory.com https:\/\/*.adyen.com https:\/\/*.zenaps.com https:\/\/overbridgenet.com https:\/\/*.videostep.com; font-src 'self' data: https:\/\/*.oliocarli.it https:\/\/*.oliocarli.de https:\/\/*.oliocarli.at https:\/\/*.oliocarli.fr https:\/\/*.oliocarli.be https:\/\/*.oliocarli.ch https:\/\/*.oliocarli.us https:\/\/*.acsbapp.com https:\/\/*.cloudflare.com https:\/\/*.gstatic.com https:\/\/*.typekit.net https:\/\/res-1.cdn.office.net https:\/\/*.klarnacdn.net; img-src 'self' data: blob: https:\/\/*.oliocarli.it https:\/\/*.oliocarli.de https:\/\/*.oliocarli.at https:\/\/*.oliocarli.fr https:\/\/*.oliocarli.be https:\/\/*.oliocarli.ch https:\/\/*.oliocarli.us https:\/\/*.cookiebot.com https:\/\/*.clarity.ms https:\/\/*.luckyorange.com https:\/\/*.cloudfront.net https:\/\/*.sc-static.net https:\/\/*.salecycle.com https:\/\/*.fratellicarli.com https:\/\/*.omniconvert.com https:\/\/*.fanplayr.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.zemanta.com https:\/\/t.co https:\/\/twitter.com https:\/\/*.twitter.com https:\/\/google.it https:\/\/*.google.it https:\/\/google.com https:\/\/*.google.com https:\/\/google.rw https:\/\/*.google.rw https:\/\/google.de https:\/\/*.google.de https:\/\/google.at https:\/\/*.google.at https:\/\/google.fr https:\/\/*.google.fr https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.il https:\/\/*.google.co.il https:\/\/*.bing.com https:\/\/*.adnxs.com https:\/\/*.doubleclick.net https:\/\/*.visa.com https:\/\/*.gstatic.com https:\/\/*.roeye.com https:\/\/*.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.adyen.com https:\/\/facebook.com https:\/\/*.facebook.com https:\/\/facebook.net https:\/\/*.facebook.net https:\/\/paypal.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/*.videostep.com https:\/\/*.pubmatic.com https:\/\/*.googlesyndication.com https:\/\/*.udmserve.net https:\/\/*.rubiconproject.com https:\/\/*.adform.net https:\/\/*.teads.tv https:\/\/*.3lift.com https:\/\/*.adscale.de https:\/\/*.taboola.com https:\/\/*.smartadserver.com https:\/\/*.casalemedia.com https:\/\/ks1.invibes.com https:\/\/ks1.b26net.com https:\/\/*.fwmrm.net https:\/\/*.outbrain.com https:\/\/*.33across.com https:\/\/*.yieldmo.com https:\/\/*.dmxleo.com https:\/\/*.nexx360.io https:\/\/*.awin1.com https:\/\/*.googleadservices.com https:\/\/*.1rx.io https:\/\/i.ytimg.com https:\/\/*.onetag-sys.com https:\/\/*.admixer.net https:\/\/*.omnitagjs.com https:\/\/*.lijit.com https:\/\/*.docomo.ne.jp https:\/\/*.openx.net https:\/\/*.e-planning.net https:\/\/*.seedtag.com https:\/\/*.media.net https:\/\/*.adtarget.com.tr https:\/\/*.mgid.com https:\/\/*.opera.com https:\/\/*.gumgum.com https:\/\/*.smaato.net https:\/\/*.rakuten.com https:\/\/*.connectad.io https:\/\/*.sonobi.com https:\/\/*.contextweb.com https:\/\/*.adtech.ink https:\/\/*.sharethrough.com https:\/\/*.ck-ie.com https:\/\/*.360yield.com https:\/\/*.inmobi.com https:\/\/ib.adnxs.com https:\/\/*.awinblackfriday.com https:\/\/*.loopme.me https:\/\/static-eu.payments-amazon.com https:\/\/user-sync.fwmrm.net https:\/\/cm.g.doubleclick.net https:\/\/bh.contextweb.com https:\/\/onetag-sys.com https:\/\/s.ad.smaato.net https:\/\/carli.my.site.com https:\/\/*.carli.my.site.com; style-src 'self' 'unsafe-inline' https:\/\/*.oliocarli.it https:\/\/*.oliocarli.de https:\/\/*.oliocarli.at https:\/\/*.oliocarli.fr https:\/\/*.oliocarli.be https:\/\/*.oliocarli.ch https:\/\/*.oliocarli.us https:\/\/*.cloudflare.com https:\/\/carli.my.site.com https:\/\/*.carli.my.site.com https:\/\/*.googleapis.com https:\/\/*.typekit.net https:\/\/*.plyr.io https:\/\/*.sandbox.my.site.com https:\/\/*.klarnacdn.net; worker-src 'self' blob:; media-src 'self' data: https:\/\/*.oliocarli.it https:\/\/*.oliocarli.de https:\/\/*.oliocarli.at https:\/\/*.oliocarli.fr https:\/\/*.oliocarli.be https:\/\/*.oliocarli.ch https:\/\/*.oliocarli.us https:\/\/*.adobe.com; frame-ancestors 'self' https:\/\/*.adyen.com https:\/\/*.google.com; report-uri magento-endpoint; report-to magento-endpoint","count":2},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/o4510960324837376.ingest.us.sentry.io\/api\/4510960614375424\/security\/?sentry_key=6b1b2932f1532eff2227d01a122adbb4;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src https:\/\/www.google.com\/recaptcha\/ *.multisafepay.com https:\/\/pay.google.com js.mollie.com 'self' 'unsafe-inline'; img-src data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com https:\/\/www.mollie.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypalobjects.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.multisafepay.com https:\/\/pay.google.com js.mollie.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.multisafepay.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com www.paypalobjects.com *.multisafepay.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/monitor.bigbridgedev.nl\/csp; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com use.typekit.net *.typekit.net *.gstatic.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com 'self' data: *.paypal.com *.paypalobjects.com applepay.cdn-apple.com *.arebos.de *.arebos.ch *.arebos.nl *.arebos.co.uk *.arebos.fr *.arebos.it *.arebos.es *.arebos.dk *.google.ch *.google.cz *.google.de *.google.dk *.google.es *.google.fr *.google.it *.google.nl *.google.se *.dibspayment.eu *.google.co.uk *.google.com *.google.com.tr *.klaviyo.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.link.com *.amazon.com https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors self www.google.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com *.paypal.com *.braintreegateway.com *.klarna.com *.stripe.com *.trustedshops.com *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ google.com *.google.com www.google.com www.gstatic.com apis.google.com www.googletagmanager.com https:\/\/player.vimeo.com https:\/\/www.youtube-nocookie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.sandbox.paypal.com *.arebos.de *.arebos.ch *.arebos.nl *.arebos.co.uk *.arebos.fr *.arebos.it *.arebos.es *.arebos.dk *.dibspayment.eu *.demdex.net *.hotjar.com *.doubleclick.net *.bing.com *.cloudfront.net *.amazonaws.com *.facebook.com *.facebook.net *.google.ch *.google.cz *.google.de *.google.dk *.google.es *.google.fr *.google.it *.google.nl *.google.se *.google.co.uk *.google.com.tr *.klaviyo.com https:\/\/arebos.sjv.io klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: *.google.com *.gstatic.com *.facebook.com *.fbcdn.net *.paypal.com *.braintreegateway.com *.klarna.com *.klarnacdn.net *.trustedshops.com *.pricerunner.com *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.typekit.net validator.swagger.io blueskytechmage.com mageblueskytech.com placehold.jp https:\/\/info.dibs.se *.klarnaevt.com https:\/\/firebasestorage.googleapis.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com blob: https:\/\/updates.themepunch.tools http:\/\/updates.themepunch.tools https:\/\/updates.themepunch-ext-a.tools http:\/\/updates.themepunch-ext-a.tools https:\/\/updates.themepunch-ext-b.tools http:\/\/updates.themepunch-ext-b.tools https:\/\/dev.sliderrevolution.com https:\/\/revolution.themepunch.com http:\/\/revolution5.themepunch.com http:\/\/pbs.twimg.com https:\/\/pbs.twimg.com http:\/\/scontent.cdninstagram.com https:\/\/img.youtube.com http:\/\/live.staticflickr.com https:\/\/live.staticflickr.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.sandbox.paypal.com *.arebos.de *.arebos.ch *.arebos.nl *.arebos.co.uk *.arebos.fr *.arebos.it *.arebos.es *.arebos.dk *.dibspayment.eu *.dibs.se https:\/\/widgets.trustedshops.com *.omtrdc.net *.everesttech.net *.placeholder.com *.cookiepro.com *.cookielaw.org *.doubleclick.net *.google.com.tr *.google.ch *.hotjar.com *.amasty.com *.arebosnl.local *.arebosch.local *.stripe.com *.bing.com *.cloudfront.net *.amazonaws.com *.facebook.net *.clarity.ms *.google.cz *.google.de *.google.dk *.google.es *.google.fr *.google.it *.google.nl *.google.se *.google.co.uk *.klaviyo.com *.windows.net https:\/\/arebos.sjv.io *.loggly.com *.ojrq.net https:\/\/widgets-qa.trustedshops.com *.etrusted.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com *.google.com *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.doubleclick.net *.facebook.com *.fbcdn.net *.stripe.com js.stripe.com *.stripe.network *.paypal.com *.paypalobjects.com *.braintreegateway.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.klarnaservices.com *.trustedshops.com *.pricerunner.com *.retailads.net *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.cdn-apple.com https:\/\/*.dibspayment.eu x.klarnacdn.net s7.addthis.com *.avada.io *.shopify.com connect.facebook.net *.googleadservices.com https:\/\/player.vimeo.com https:\/\/www.youtube.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.sandbox.paypal.com *.arebos.de *.arebos.ch *.arebos.nl *.arebos.co.uk *.arebos.fr *.arebos.it *.arebos.es *.arebos.dk *.trackedlink.net *.cloudflareinsights.com *.cookiepro.com *.cookielaw.org *.onetrust.com *.hotjar.com https:\/\/cdn.polyfill.io https:\/\/browser.sentry-cdn.com *.online-metrix.net *.google.com.tr *.bing.com *.cloudfront.net *.amazonaws.com *.facebook.net *.clarity.ms *.google.ch *.google.cz *.google.de *.google.dk *.google.es *.google.fr *.google.it *.google.nl *.google.se *.google.co.uk *.klaviyo.com *.impactcdn.com https:\/\/arebos.sjv.io *.etrusted.com *.dibspayment.eu *.stripecdn.com klarna.com *.amazon.com *.link.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.trustedshops.com *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com https:\/\/*.dibspayment.eu *.klarnacdn.net *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/fonts.googleapis.com http:\/\/fonts.googleapis.com assets.braintreegateway.com *.arebos.de *.arebos.ch *.arebos.nl *.arebos.co.uk *.arebos.fr *.arebos.it *.arebos.es *.arebos.dk *.google.ch *.google.cz *.google.de *.google.dk *.google.es *.google.fr *.google.it *.google.nl *.google.se *.dibspayment.eu *.google.co.uk *.google.com.tr *.klaviyo.com https:\/\/arebos.sjv.io *.googletagmanager.com *.stripe.network *.stripecdn.com *.amazon.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com blob: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com *.facebook.com *.stripe.com *.stripe.network *.paypal.com *.braintreegateway.com *.klarna.com *.trustedshops.com *.pricerunner.com *.retailads.net *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io google.com *.google.com *.braintree-api.com https:\/\/*.dibspayment.eu *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com ekr.zdassets.com\/ http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/get.geojs.io *.avada.io *.analytics.google.com *.googletagmanager.com stats.g.doubleclick.net https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/api.weatherbit.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.sandbox.paypal.com *.arebos.de *.arebos.ch *.arebos.nl *.arebos.co.uk *.arebos.fr *.arebos.it *.arebos.es *.arebos.dk *.dibspayment.eu *.etrusted.com *.googleapis.com *.demdex.net *.cookiepro.com *.cookielaw.org *.doubleclick.net *.google.ch wss:\/\/*.hotjar.com *.hotjar.io *.hotjar.com https:\/\/*.ingest.sentry.io *.bing.com *.cloudfront.net *.amazonaws.com wss:\/\/*.amazonaws.com wss:\/\/tufsuyburufn.transport.connect.eu-central-1.amazonaws.com *.facebook.net *.clarity.ms *.google.cz *.google.de *.google.dk *.google.es *.google.fr *.google.it *.google.nl *.google.se *.google.co.uk *.google.com.tr *.onetrust.com *.klaviyo.com https:\/\/arebos.sjv.io *.loggly.com klarna.com *.link.com *.amazon.com https:\/\/integrations.etrusted.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.arebos.de *.arebos.ch *.arebos.nl *.arebos.co.uk *.arebos.fr *.arebos.it *.arebos.es *.arebos.dk *.dibspayment.eu *.klarna.com *.stripe.com *.google.ch *.google.cz *.google.de *.google.dk *.google.es *.google.fr *.google.it *.google.nl *.google.se *.google.co.uk *.google.com *.google.com.tr *.klaviyo.com https:\/\/arebos.sjv.io 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.fontawesome.com *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com https:\/\/fonts.bunny.net use.fontawesome.com maxcdn.bootstrapcdn.com *.yotpo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.twitter.com *.google.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline'; frame-ancestors *.meetanshi.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com widgets.sandbox.afterpay.com widgets.sandbox.clearpay.co.uk *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.youtube.com\/ *.google.com https:\/\/scontent-ams4-1.cdninstagram.com https:\/\/www.googletagmanager.com\/ *.meetanshi.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline'; img-src 'self' data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net data: https:\/\/static.afterpay.com https:\/\/site-assets.afterpay.com\/ d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/platform-api.sharethis.com *.cloudflare.com *.klarna.com *.googleadservices.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.google.com *.maps.gstatic.com maps.gstatic.com maps.googleapis.com https:\/\/clauem2.arrowtheme.com https:\/\/scontent.cdninstagram.com\/ https:\/\/scontent-ams4-1.cdninstagram.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/firebasestorage.googleapis.com *.meetanshi.com *.yotpo.com swellrewards.com *.swellrewards.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com https:\/\/rum.hlx.page https:\/\/portal.sandbox.clearpay.co.uk https:\/\/portal.clearpay.co.uk https:\/\/portal.sandbox.afterpay.com https:\/\/portal.afterpay.com https:\/\/static.afterpay.com *.squarecdn.com https:\/\/hbiq.net *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.maps.googleapis.com *.trackedlink.net *.google.com *.maps.gstatic.com maps.googleapis.com *.googletagmanager.com *.googleadservices.com https:\/\/buttons-config.sharethis.com\/ https:\/\/connect.facebook.net https:\/\/platform-api.sharethis.com https:\/\/scontent-ams4-1.cdninstagram.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.googleapis.com *.avada.io *.shopify.com *.meetanshi.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com static.afterpay.com\/ *.squarecdn.com assets.braintreegateway.com *.fontawesome.com https:\/\/static.klaviyo.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.google.com *.maps.gstatic.com maps.gstatic.com maps.googleapis.com *.google-analytics.com https:\/\/platform-api.sharethis.com https:\/\/fonts.bunny.net *.yotpo.com swellrewards.com *.swellrewards.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.magento-datasolutions.com *.magento-ds.com static.afterpay.com static.sandbox.afterpay.com *.squarecdn.com https:\/\/hbiq.net https:\/\/iq.afterpay-beta.com https:\/\/iq.afterpay.com *.clearpay.co.uk *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudflare.com *.twitter.com *.twimg.com *.googleadservices.com *.sandbox.paypal.com *.paypalobjects.com *.trackedlink.net *.ampproject.org *.google.co.in *.maps.gstatic.com *.maps.googleapis.com maps.googleapis.com https:\/\/scontent-ams4-1.cdninstagram.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/get.geojs.io *.avada.io *.meetanshi.com *.yotpo.com swellrewards.com *.swellrewards.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' dc.services.visualstudio.com ssl.google-analytics.com stats.g.doubleclick.net https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com partner.testseek.com https:\/\/api.stripe.com intranet.microk12.com middleman.microk12.com; font-src 'self' data: fonts.gstatic.com static.stockinthechannel.com; frame-src 'self' accounts.us.stockinthechannel.com app.powerbi.com ad.doubleclick.net bid.g.doubleclick.net www.youtube.com www.google.com www.vimeo.com https:\/\/js.stripe.com https:\/\/hooks.stripe.com; frame-ancestors accounts.us.stockinthechannel.com; img-src * data:; media-src 'self' images.us.stockinthechannel.com media.stockinthechannel.com static.stockinthechannel.com; manifest-src images.us.stockinthechannel.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' accounts.us.stockinthechannel.com images.us.stockinthechannel.com static.stockinthechannel.com www.googleadservices.com ssl.google-analytics.com googleads.g.doubleclick.net https:\/\/*.googletagmanager.com www.google.com www.gstatic.com www.youtube.com https:\/\/js.stripe.com; style-src 'self' 'unsafe-inline' static.stockinthechannel.com fonts.googleapis.com ajax.googleapis.com; report-uri https:\/\/stockchannel.report-uri.com\/r\/d\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/www.googletagmanager.com *.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gls.com *.szybkapaczka.pl *.gls-poland.com\/ *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com 'self' data: *.tawk.to data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.facebook.net *.tawk.to 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.facebook.com *.facebook.net js.mollie.com *.szybkapaczka.pl *.gls-poland.com\/ secure.payu.com merch-prod.snd.payu.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.tawk.to *.googletagmanager.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com *.doofinder.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ magefan.com cm.magefan.com *.facebook.com *.facebook.net https:\/\/firebasestorage.googleapis.com https:\/\/www.mollie.com https:\/\/api.mapbox.com *.szybkapaczka.pl *.openstreetmap.org *.gls-poland.com\/ *.gls-poland.com.pl\/ static.payu.com 'self' data: *.tawk.to tawk.link cdn.jsdelivr.net s3.amazonaws.com\/ *.googletagmanager.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src https:\/\/assets.adobedtm.com https:\/\/*.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com https:\/\/*.vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/*.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com tagmanager.google.com https:\/\/www.googletagmanager.com *.doofinder.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.facebook.com *.facebook.net *.fontawesome.com *.googleapis.com https:\/\/*.gstatic.com *.avada.io *.shopify.com js.mollie.com *.szybkapaczka.pl *.openstreetmap.org *.gls-poland.com\/ secure.payu.com secure.snd.payu.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.gstatic.com *.tawk.to cdn.jsdelivr.net *.googletagmanager.com https:\/\/static.cloudflareinsights.com https:\/\/script.hotjar.com https:\/\/www.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/*.newrelic.com https:\/\/*.nr-data.net https:\/\/www.paypal.com https:\/\/www.sandbox.paypal.com https:\/\/www.paypalobjects.com https:\/\/*.vimeocdn.com https:\/\/cdn.jsdelivr.net https:\/\/*.tawk.to https:\/\/*.stripe.com https:\/\/*.stripe.network https:\/\/*.stripecdn.com https:\/\/*.klarna.com https:\/\/*.klarnacdn.net https:\/\/*.klarnaevt.com https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/*.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com *.doofinder.com *.fontawesome.com https:\/\/static.klaviyo.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.szybkapaczka.pl *.gls-poland.com\/ *.stripe.network *.stripecdn.com *.gstatic.com *.tawk.to cdn.jsdelivr.net fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.szybkapaczka.pl *.gls-poland.com\/ *.tawk.to tawk.link 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com *.doofinder.com wss:\/\/*.doofinder.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.facebook.com *.facebook.net https:\/\/get.geojs.io *.avada.io *.szybkapaczka.pl *.openstreetmap.org *.gls-poland.com\/ secure.payu.com merch-prod.snd.payu.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.tawk.to wss:\/\/*.tawk.to *.googletagmanager.com https:\/\/static.cloudflareinsights.com https:\/\/script.hotjar.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.paypal.com https:\/\/www.sandbox.paypal.com https:\/\/*.newrelic.com https:\/\/*.nr-data.net https:\/\/*.stripe.com https:\/\/connect.facebook.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn-cookieyes.com https:\/\/*.cookieyes.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:\/\/cdn.sanity.io https:\/\/*.mux.com; font-src 'self'; connect-src 'self' https:\/\/*.sanity.io https:\/\/*.mux.com https:\/\/*.cookieyes.com https:\/\/*.apicdn.sanity.io; frame-src 'self' https:\/\/www.youtube.com https:\/\/*.mux.com https:\/\/player.vimeo.com; media-src 'self' https:\/\/*.mux.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https:\/\/appliedintuition.sanity.studio https:\/\/appliedintuition-dev.sanity.studio https:\/\/www.sanity.io http:\/\/localhost:* https:\/\/studio.applied.local","count":2},{"content-security-policy-report-only":" script-src 'self' https:\/\/www.googleapis.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.userway.org 'sha256-uQ14xz9MfP77CFLAHa\/RqdOFRRUf44Ceu3ENXhf6V0w='","count":2},{"content-security-policy-report-only":" font-src *.fontawesome.com *.googleapis.com *.gstatic.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com cdn.jsdelivr.net *.cloudflare.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com *.amazon.de *.bing.com *.clarity.ms *.protectgroup.com *.theticketmerchant.com.au *.cfjump.com *.gstatic.com *.stripe.com *.cloudflare.com *.signifyd.com *.affyi.com *.fishrobotflower.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.weltpixel.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.google.com *.gstatic.com *.trustedshops.com *.etrusted.com *.amazon.de *.payments-amazon.de *.bing.com *.clarity.ms *.protectgroup.com *.theticketmerchant.com.au *.cfjump.com *.trustpilot.com *.aptrinsic.com *.cloudflare.com *.signifyd.com *.affyi.com *.fishrobotflower.com zip.co static.zip.co sandbox.zip.co zipmoney.com.au sandbox.zipmoney.com.au checkout.gb.zip.co checkout.quadpay.com checkout-sandbox.quadpay.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com *.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.gstatic.com *.facebook.com *.google.com *.google.lv *.googletagmanager.com stats.g.doubleclick.net *.trustedshops.com *.etrusted.com *.amazon.de d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.de *.media-amazon.de *.bing.com *.clarity.ms *.protectgroup.com *.theticketmerchant.com.au *.cfjump.com *.roeye.com *.stripe.com *.cloudflare.com *.signifyd.com *.brilliantlocco.com *.esnlocco.com *.affyi.com *.fishrobotflower.com https:\/\/firebasestorage.googleapis.com https:\/\/meetanshi.com\/media\/logo.png flagpedia.net t.zip.co static.zip.co data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net *.fontawesome.com *.googleapis.com *.gstatic.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com s7.addthis.com chimpstatic.com *.googletagmanager.com *.zip.co *.sandbox.zip.co *.google.com *.trustedshops.com *.etrusted.com *.amazon.de *.payments-amazon.de *.bing.com *.doubleclick.net *.clarity.ms *.protectgroup.com *.theticketmerchant.com.au *.cfjump.com *.trustpilot.com *.chimpstatic.com *.aptrinsic.com *.roeyecdn.com *.cloudflareinsights.com *.cloudflare.com *.signifyd.com *.brilliantlocco.com *.esnlocco.com *.theticketmerchant.co.nz *.affyi.com *.fishrobotflower.com thanks.is *.avada.io *.shopify.com maps.googleapis.com static.zip.co zip.co 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/static.klaviyo.com unsafe-inline assets.braintreegateway.com *.fontawesome.com tagmanager.google.com cdn.jsdelivr.net *.aptrinsic.com *.stripe.com *.cloudflare.com *.signifyd.com *.affyi.com *.fishrobotflower.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.google-analytics.com *.facebook.net *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com ekr.zdassets.com\/ dpe0djwch8671.cloudfront.net *.sandbox.zip.co *.zip.co *.gstatic.com stats.g.doubleclick.net *.trustedshops.com *.etrusted.com *.amazon.de mws.amazonservices.de *.bing.com *.clarity.ms *.protectgroup.com *.theticketmerchant.com.au *.cfjump.com *.zipmoney.com.au *.amazon.fr *.amazon.es *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es cdn.ampproject.org *.edge.zip.co *.aptrinsic.com *.cloudflare.com *.signifyd.com *.brilliantlocco.com *.esnlocco.com *.affyi.com *.fishrobotflower.com https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.bomenenzo.nl www.bomenenzo.nl *.feedbackcompany.com *.googleapis.com https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.bomenenzo.nl *.feedbackcompany.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com www.googletagmanager.com td.doubleclick.net mc.yandex.com www.facebook.com js.mollie.com *.multisafepay.com https:\/\/pay.google.com 'self' 'unsafe-inline'; img-src cdn.bomenenzo.nl assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.datatrics.com *.google.nl *.google-analytics.com *.hipex.cloud *.bomenenzo.nl *.smartsuppcdn.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.video-dns.com www.google.nl www.facebook.com www.bomenenzo.nl *.feedbackcompany.com https:\/\/www.mollie.com *.multisafepay.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com data: https: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.convertexperiments.com *.smartsuppchat.com widget-v2.smartsuppcdn.com *.feedbackcompany.com *.datatrics.com *.bomenenzo.nl *.clarity.ms chimpstatic.com downloads.mailchimp.com *.list-manage.com www.bomenenzo.nl www.clarity.ms scripts.clarity.ms mc.yandex.ru googletagmanager.com www.smartsuppchat.com connect.facebook.net widget-v3.smartsuppcdn.com static.cloudflareinsights.com pay.multisafepay.com js.mollie.com *.multisafepay.com https:\/\/pay.google.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.typekit.net *.bomenenzo.nl downloads.mailchimp.com widget-v3.smartsuppcdn.com www.bomenenzo.nl pay.multisafepay.com https:\/\/fonts.googleapis.com *.fontawesome.com *.multisafepay.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.video-dns.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.convertexperiments.com *.smartsuppchat.com widget-v2.smartsuppcdn.com translations.smartsuppcdn.com websocket-visitors.smartsupp.com wss:\/\/*.smartsupp.com *.feedbackcompany.com *.datatrics.com *.bomenenzo.nl *.clarity.ms wss:\/\/metrics.video-dns.com bootstrap.smartsuppchat.com widget-v3.smartsuppcdn.com *.video-dns.com www.feedbackcompany.com mc.yandex.com region1.analytics.google.com region1.google-analytics.com www.bomenenzo.nl www.google.com mpc2-prod-1-is5qnl632q-uc.a.run.app b.clarity.ms *.multisafepay.com *.trustedshops.com *.etrusted.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src websocket-visitors.smartsupp.com www.google.com *.video-dns.com www.bomenenzo.nl b.clarity.ms 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.klarnacdn.net *.fontawesome.com *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com fonts.gstatic.com static.klaviyo.com tvape.com torontovaporizer.ca stonersguardian.com api.payengine.de payengine.de *.olark.com cdn.tvape.fr *.cloudflare.com cdnjs.cloudflare.com cloudflare.com js.klevu.com *.yotpo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.google.com accounts.google.com *.canadapost.ca https:\/\/sso.epost.ca *.purolator.com *.bank.in * hubspot.com forms.hubspot.com hsforms.net forms.hsforms.com hsforms.com js.hsforms.net stonersguardian.com api.payengine.de payengine.de signin.ebay.com auth.ebay.com ebay.com www.ebay.com *.cardinalcommerce.com *.cardinaltrusted.com tvape.de *.rfihub.com *.wibmo.com *.hsforms.com *.epost.ca *.paypal.com *.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.meetanshi.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.certcapture.com consentcdn.cookiebot.com consentcdn.cookiebot.eu *.klarna.com www.google.com accounts.google.com *.meetanshi.com *.purolator.com secure.novalnet.de customers.barzahlen.de customers-sandbox.barzahlen.de https:\/\/hosted.paysafe.com *.sendcloud.sc *.jsdelivr.net checkout.sezzle.com sandbox.checkout.sezzle.com tracking.sezzle.com *.trustpilot.com https:\/\/*.paysafe.com https:\/\/*.netbanx.com *.bank.in * customer-upskkbfxkf3xe5cz.cloudflarestream.com iframe.videodelivery.net static.olark.com online.fliphtml5.com r1.dotmailer-surveys.com pp.payengine.de hsforms.net forms.hsforms.com js.hsforms.net dpm.demdex.net demdex.net youtu.be youtube.com stonersguardian.com api.payengine.de payengine.de vimeo.com 20813811p.rfihub.com *.cardinalcommerce.com *.cardinaltrusted.com *.rfihub.com *.wibmo.com *.hsforms.com *.epost.ca *.paypal.com *.weltpixel.com *.wesupply.xyz https:\/\/wesupplylabs.com guarantee-cdn.com *.googletagmanager.com *.doubleclick.net *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.certcapture.com imgsct.cookiebot.com imgsct.cookiebot.eu *.doofinder.com validate.fishpig.co.uk *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ accounts.google.com magefan.com cm.magefan.com mageside.com *.canadapost.ca *.googleapis.com *.gstatic.com *.meetanshi.com https:\/\/redchamps.com *.amazonaws.com media.sezzle.com osm.klarnaservices.com c.clarity.ms c.bing.com videodelivery.net 6064173.fs1.hubspotusercontent-na1.net customer-upskkbfxkf3xe5cz.cloudflarestream.com tvape.co.uk verify.bluecheck.me torontovaporizer.ca cdn.torontovaporizer.ca tvape.com stats.g.doubleclick.net maps.gstatic.com d3svog4tlx445w.cloudfront.net static.olark.com log.olark.com maps.googleapis.com js.hsforms.net hsforms.net forms.hsforms.com perf.hsforms.com forms.hubspot.com *.tvape.com i.liadm.com demdex.net chart.googleapis.com stonersguardian.com api.payengine.de payengine.de r1-t.trackedlink.net img.onesignal.com *.cardinalcommerce.com *.cardinaltrusted.com js.klevu.com x.klarnacdn.net *.cloudfront.net *.google.co.in *.trustpilot.com guarantee-cdn.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.certcapture.com consent.cookiebot.com consentcdn.cookiebot.com consent.cookiebot.eu consentcdn.cookiebot.eu *.doofinder.com widget.freshworks.com m2epro.freshdesk.com *.klarna.com *.klarnacdn.net *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.google.com accounts.google.com *.googleapis.com *.google.com *.gstatic.com *.meetanshi.com *.purolator.com cdn.novalnet.de cdn.barzahlen.de applepay.cdn-apple.com https:\/\/*.paysafe.com https:\/\/api.test.paysafe.com https:\/\/api.paysafe.com  https:\/\/songbirdstag.cardinalcommerce.com embed.sendcloud.sc *.jsdelivr.net checkout-sdk.sezzle.com sandbox.checkout-sdk.sezzle.com widget.sezzle.com *.trustpilot.com https:\/\/*.netbanx.com widget.trustpilot.com static-tracking.klaviyo.com js.klarna.com www.youtube.com cdn.jsdelivr.net embed.cloudflarestream.com embed.videodelivery.net knrpc.olark.com static.cloudflareinsights.com maps.googleapis.com stats.g.doubleclick.net www.gstatic.com r1-t.trackedlink.net c1.rfihub.net a.rfihub.net pp.payengine.de static.olark.com assets.olark.com api.olark.com a.optnmstr.com r1.dotmailer-surveys.com g1782759016.co js.hsforms.net hsforms.net forms.hsforms.com cdn.aggle.net dpm.demdex.net demdex.net stonersguardian.com ajax.cloudflare.com api.payengine.de payengine.de g594253005.co verify.bluecheck.me g1782759015.co.de g10894638425.co g1782759015.co cdn.onesignal.com onesignal.com bam.nr-data.net *.cardinalcommerce.com *.cardinaltrusted.com script.crazyegg.com cdn.noibu.com cdn4.mxpnl.com *.mxpnl.com js.klevu.com *.mantisadnetwork.com g594253006.co *.crazyegg.com *.newrelic.com x.klarnacdn.net *.adobedtm.com *.clarity.ms data: *.aggle.net *.g10696554090.co *.cloudflare.com guarantee-cdn.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.klaviyo.com unpkg.com *.doubleclick.net *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.certcapture.com *.doofinder.com widget.freshworks.com m2epro.freshdesk.com *.klarnacdn.net https:\/\/static.klaviyo.com *.fontawesome.com *.googleapis.com maxcdn.bootstrapcdn.com *.sendcloud.sc *.jsdelivr.net *.trustpilot.com static.olark.com media.sezzle.com fonts.googleapis.com hsforms.net forms.hsforms.com dpm.demdex.net demdex.net stonersguardian.com api.payengine.de payengine.de accounts.google.com onesignal.com cdn.tvape.fr verify.bluecheck.me *.cloudflare.com cdnjs.cloudflare.com cloudflare.com js.klevu.com *.klaviyo.com *.tagmanager.google.com *.googletagmanager.com *.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com tvape.co.uk torontovaporizer.ca static.olark.com cdn.torontovaporizer.ca stonersguardian.com api.payengine.de payengine.de cdn.tvape.fr *.cardinalcommerce.com *.cardinaltrusted.com *.adobedtm.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com consentcdn.cookiebot.com consentcdn.cookiebot.eu consent.cookiebot.com consent.cookiebot.eu *.doofinder.com wss:\/\/*.doofinder.com widget.freshworks.com m2epro.freshdesk.com *.klarnaevt.com *.klarnacdn.net *.klarna.com *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.google.com accounts.google.com *.meetanshi.com payport.novalnet.de secure.novalnet.de https:\/\/api.test.paysafe.com https:\/\/api.paysafe.com *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com gateway.sezzle.com sandbox.gateway.sezzle.com https:\/\/*.paysafe.com https:\/\/*.netbanx.com cdn.onesignal.com region1.google-analytics.com *.crazyegg.com knrpc.olark.com api.omappapi.com geoip.sezzle.com media.sezzle.com *.googleapis.com stats.g.doubleclick.net developer.google.com hsforms.net forms.hsforms.com demdex.net stonersguardian.com api.payengine.de payengine.de bam.nr-data.net onesignal.com *.cardinalcommerce.com *.cardinaltrusted.com cdn.noibu.com script.crazyegg.com input.noibu.com *.noibu.com wss:\/\/input.noibu.com\/pv_part verify.bluecheck.me *.bluecheck.me cdn4.mxpnl.com *.mxpnl.com api-js.mixpanel.com *.mixpanel.com *.ksearchnet.com *.paypal.com *.amazonaws.com *.trustpilot.com *.clarity.ms *.adobedtm.com *.adobe.com *.aggle.net *.google.co.in *.demdex.net static.olark.com t.co *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.doubleclick.net *.run.app *.yotpo.com 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.nosto.com *.nos.to *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.doubleclick.net *.nosto.com *.nos.to c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleadservices.com *.analytics.google.com *.googletagmanager.com *.doubleclick.net cdn.cookielaw.org *.linkedin.com *.google.co.in *.facebook.com *.postcodeanywhere.co.uk *.googlesyndication.com bat.bing.com *.nosto.com *.nos.to www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleadservices.com *.analytics.google.com *.googletagmanager.com *.gstatic.com cdn.cookielaw.org connect.facebook.net googleapis.com *.pcapredict.com *.postcodeanywhere.co.uk *.cloudfront.net bat.bing.com *.cloudflareinsights.com *.licdn.com *.mouseflow.com *.nosto.com *.nos.to js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.postcodeanywhere.co.uk maxcdn.bootstrapcdn.com *.nosto.com *.nos.to assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.analytics.google.com *.google.co.in api.addressy.com cdn.cookielaw.org *.pcapredict.com *.postcodeanywhere.co.uk *.googlesyndication.com *.onetrust.com *.licdn.com *.linkedin.com *.nosto.com *.nos.to *.doubleclick.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src static.leathercollection.com fonts.gstatic.com www.paypalobjects.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com maxcdn.bootstrapcdn.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src td.doubleclick.net ct.pinterest.com js.stripe.com b.stripecdn.com pay.google.com newassets.hcaptcha.com m.stripe.network fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com https:\/\/www.youtube-nocookie.com www.facebook.com platform.twitter.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.weltpixel.com 'self' 'unsafe-inline'; img-src media.leathercollection.com static.leathercollection.com leathercollection.com leathercollection.co.br leathercollection.co.uk leathercollection.com.au eleather.it leathercollection.ch leathercollection.co.za leathercollection.jp leathercollection.nz leathercollection.ru leathercollection.se leathercollection.ca leathercollection.de leathercollection.es leathercollection.fr motospeeds.com app.fera.ai cdn.fera.ai media.fera.ai www.facebook.com www.google.com www.google.com.pk i.ytimg.com js.stripe.com assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com *.youtube.com p.typekit.net validator.swagger.io *.ftcdn.net *.behance.net data: *.paypal.com *.typekit.net *.gstatic.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com https:\/\/img.youtube.com https:\/\/i.ytimg.com pinterest.com assets.pinterest.com syndication.twitter.com blob: *.facebook.com data: 'self' 'unsafe-inline'; script-src static.leathercollection.com leathercollection.com leathercollection.co.br leathercollection.co.uk leathercollection.com.au eleather.it leathercollection.ch leathercollection.co.za leathercollection.jp leathercollection.nz leathercollection.ru leathercollection.se leathercollection.ca leathercollection.de leathercollection.es leathercollection.fr motospeeds.com app.fera.ai cdn.fera.ai www.googletagmanager.com s.pinimg.com static.zdassets.com connect.facebook.net googleads.g.doubleclick.net ct.pinterest.com www.google.com www.gstatic.com js.stripe.com b.stripecdn.com pay.google.com hcaptcha.com newassets.hcaptcha.com m.stripe.network static.cloudflareinsights.com assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com analytics.google.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com twitter.com platform.twitter.com static.addtoany.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src static.leathercollection.com media.leathercollection.com leathercollection.com leathercollection.co.br leathercollection.co.uk leathercollection.com.au eleather.it leathercollection.ch leathercollection.co.za leathercollection.jp leathercollection.nz leathercollection.ru leathercollection.se leathercollection.ca leathercollection.de leathercollection.es leathercollection.fr motospeeds.com app.fera.ai cdn.fera.ai js.stripe.com b.stripecdn.com *.adobe.com fonts.googleapis.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com maxcdn.bootstrapcdn.com *.stripe.network *.stripecdn.com *.amazon.com www.gstatic.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src static.zdassets.com *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src media.leathercollection.com static.leathercollection.com leathercollection.com leathercollection.co.br leathercollection.co.uk leathercollection.com.au eleather.it leathercollection.ch leathercollection.co.za leathercollection.jp leathercollection.nz leathercollection.ru leathercollection.se leathercollection.ca leathercollection.de leathercollection.es leathercollection.fr motospeeds.com app.fera.ai cdn.fera.ai ekr.zdassets.com ct.pinterest.com leathercollection.zendesk.com js.stripe.com merchant-ui-api.stripe.com r.stripe.com api.stripe.com api2.hcaptcha.com api.hcaptcha.com m.stripe.com analytics.google.com www.pinterest.com stats.g.doubleclick.net www.facebook.com googleads.g.doubleclick.net wss:\/\/widget-mediator.zopim.com dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com stats.addtoany.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com www.googleapis.com *.facebook.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src media.leathercollection.com static.leathercollection.com leathercollection.com leathercollection.co.br leathercollection.co.uk leathercollection.com.au eleather.it leathercollection.ch leathercollection.co.za leathercollection.jp leathercollection.nz leathercollection.ru leathercollection.se leathercollection.ca leathercollection.de leathercollection.es leathercollection.fr motospeeds.com app.fera.ai cdn.fera.ai static.zdassets.com ekr.zdassets.com leathercollection.zendesk.com *.zopim.com zendesk-eu.my.sentry.io v2assets.zopim.io wss:\/\/widget-mediator.zopim.com r.stripe.com apis.google.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com b2b.mcstaging.sumatec.co mcstaging.ferricentro.com b2b.mcstaging.ferricentro.com mcstaging.werkindustrial.com sumatec.co ferricentro.com ferrindustria.ferricentro.com werkindustrial.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; frame-ancestors https:\/\/*.ariba.com https:\/\/*.ariba-network.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.newrelic.com *.herokuapp.com *.doubleclick.net\/ *.googleapis.com b2b.mcstaging.sumatec.co mcstaging.ferricentro.com b2b.mcstaging.ferricentro.com mcstaging.werkindustrial.com sumatec.co ferricentro.com ferrindustria.ferricentro.com werkindustrial.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/sumatec.co *.google.com.ar *.mercadopago.com *.facebook.com *.newrelic.com *.clarity.ms *.bing.com *.googleapis.com b2b.mcstaging.sumatec.co mcstaging.ferricentro.com b2b.mcstaging.ferricentro.com mcstaging.werkindustrial.com sumatec.co ferricentro.com ferrindustria.ferricentro.com werkindustrial.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googleapis.com *.herokuapp.com *.clarity.ms b2b.mcstaging.sumatec.co mcstaging.ferricentro.com b2b.mcstaging.ferricentro.com mcstaging.werkindustrial.com sumatec.co ferricentro.com ferrindustria.ferricentro.com werkindustrial.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.herokuapp.com *.newrelic.com b2b.mcstaging.sumatec.co mcstaging.ferricentro.com b2b.mcstaging.ferricentro.com mcstaging.werkindustrial.com sumatec.co ferricentro.com ferrindustria.ferricentro.com werkindustrial.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.googleapis.com *.google.com.ar *.doubleclick.com *.doubleclick.net *.clarity.ms b2b.mcstaging.sumatec.co mcstaging.ferricentro.com b2b.mcstaging.ferricentro.com mcstaging.werkindustrial.com sumatec.co ferricentro.com ferrindustria.ferricentro.com werkindustrial.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src b2b.mcstaging.sumatec.co mcstaging.ferricentro.com b2b.mcstaging.ferricentro.com mcstaging.werkindustrial.com sumatec.co ferricentro.com ferrindustria.ferricentro.com werkindustrial.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com https:\/\/use.typekit.net https:\/\/static.formstack.com https:\/\/css.zohocdn.com https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com maxcdn.bootstrapcdn.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com https:\/\/www.google.com https:\/\/www.youtube.com https:\/\/www.bullseyelocations.com landofcoder.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com https:\/\/www.truck-lite.com https:\/\/www.rigidindustries.com https:\/\/www.clariencetechnologies.com https:\/\/www.lumiteclighting.com https:\/\/www.truck-lite.eu.com https:\/\/mcstaging.truck-lite.com https:\/\/trucklite.localhost https:\/\/mcstaging.clariencetechnologies.com https:\/\/pm.geniusmonkey.com https:\/\/css.zohocdn.com https:\/\/static.ctctcdn.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.googleapis.com https:\/\/www.gstatic.com https:\/\/www.google.com *.google.bg *.googletagmanager.com https:\/\/connect.facebook.net *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com https:\/\/browser-update.org https:\/\/wwwtrucklitecom.formstack.com https:\/\/static.formstack.com https:\/\/www.google.com\/recaptcha\/api.js https:\/\/code.jquery.com https:\/\/cdnjs.cloudflare.com https:\/\/static.ctctcdn.com https:\/\/salesiq.zoho.com https:\/\/js.zohocdn.com https:\/\/static.zohocdn.com https:\/\/js-agent.newrelic.com https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/googleads.g.doubleclick.net https:\/\/www.truck-lite.com https:\/\/mcstaging.truck-lite.com https:\/\/cdn.jsdelivr.net landofcoder.com *.avada.io *.shopify.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/js.stripe.com https:\/\/www.gstatic.com\/recaptcha\/releases\/Trd6gj1dhC_fx0ma_AWHc1me\/recaptcha__en.js 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/static.ctctcdn.com https:\/\/css.zohocdn.com https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/www.truck-lite.com https:\/\/mcstaging.truck-lite.com https:\/\/cdn.jsdelivr.net maxcdn.bootstrapcdn.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com https:\/\/wwwtrucklitecom.formstack.com https:\/\/listgrowth.ctctcdn.com https:\/\/bam.nr-data.net https:\/\/salesiq.zohopublic.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/www.facebook.com https:\/\/maps.googleapis.com https:\/\/www.truck-lite.com https:\/\/mcstaging.truck-lite.com landofcoder.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.modo.com.ar fonts.googleapis.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.gocuotas.com 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.mercadopago.com.ar mercadopago.com.ar *.getblue.io *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/mobbex.com *.gocuotas.com www.facebook.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.google.com.ar *.google.es *.google.com.uy *.mercadopago.com.ar *.modo.com.ar *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.mobbex.com *.gocuotas.com blob: *.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.woowup.com *.hotjar.com *.pageimprove.io pageimprove.io *.getblue.io *.adidas.com *.modo.com.ar *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.mobbex.com *.gocuotas.com cdn.ampproject.org www.gstatic.com connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms unpkg.com *.doubleclick.net https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com maxcdn.bootstrapcdn.com www.gstatic.com *.tagmanager.google.com *.googletagmanager.com https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.pangle-ads.com *.modo.com.ar *.google.com.ar *.google.com *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.mobbex.com *.gocuotas.com cdn.ampproject.org www.googleapis.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.clarity.ms *.doubleclick.net *.run.app https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" report-uri \/algemeen\/report_CSP_error.php; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src * data: blob: 'unsafe-inline' 'unsafe-eval';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/cdn-cookieyes.com https:\/\/sdk.woosmap.com https:\/\/unpkg.com https:\/\/checkoutshopper-test.cdn.adyen.com https:\/\/checkoutshopper-live.cdn.adyen.com https:\/\/f.vimeocdn.com https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/static.doubleclick.net https:\/\/*.omniconvert.com; style-src 'self' 'unsafe-inline' https:\/\/cdn-cookieyes.com https:\/\/checkoutshopper-test.cdn.adyen.com https:\/\/checkoutshopper-live.cdn.adyen.com https:\/\/f.vimeocdn.com https:\/\/www.youtube.com; img-src 'self' data: blob: https:\/\/cdn-cookieyes.com https:\/\/www.google.com https:\/\/www.google.es https:\/\/www.googletagmanager.com https:\/\/i.vimeocdn.com https:\/\/www.youtube.com https:\/\/*.omniconvert.com; font-src 'self' data: https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/api.woosmap.com https:\/\/cdn-cookieyes.com https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.google.com https:\/\/stats.g.doubleclick.net https:\/\/log.cookieyes.com https:\/\/www.googletagmanager.com https:\/\/vimeo.com https:\/\/arclight.vimeo.com https:\/\/lensflare.vimeo.com https:\/\/i.vimeocdn.com https:\/\/f.vimeocdn.com https:\/\/vod-adaptive-ak.vimeocdn.com https:\/\/www.youtube.com https:\/\/googleads.g.doubleclick.net https:\/\/jnn-pa.googleapis.com https:\/\/*.omniconvert.com; frame-src 'self' https:\/\/*.cdn.adyen.com https:\/\/player.vimeo.com https:\/\/vimeo.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self';","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com *.googleapis.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.facebook.com *.googlesyndication.com *.tiktok.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com * *.googleapis.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com flagpedia.net assets.myparcel.nl *.openstreetmap.fr www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com *.googleapis.com *.gstatic.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com maps.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com maxcdn.bootstrapcdn.com cdn.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.googleapis.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com www.gstatic.com maps.googleapis.com api.myparcel.nl cdn.jsdelivr.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/www.voordeelhelmen.nl\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.fontawesome.com https:\/\/fonts.bunny.net *.gstatic.com 'self' data: https:\/\/fonts.gstatic.com *.googleapis.com *.hsappstatic.net data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; form-action *.facebook.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.cookiebot.com *.doubleclick.net js.mollie.com *.weltpixel.com www.xtento.com *.googletagmanager.com *.bing.com *.facebook.com *.google.com google.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; img-src data: widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.bing.com *.hsforms.net *.hsforms.com *.prism.app-us1.com *.prismic.io https:\/\/images.unsplash.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/firebasestorage.googleapis.com https:\/\/www.mollie.com 'self' data: www.google.com.ua www.xtento.com cdn.xtento.com *.googletagmanager.com ssl.gstatic.com www.gstatic.com *.cookiebot.com *.doubleclick.net *.facebook.com *.facebook.net *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.bi www.google.bj www.google.bs www.google.by www.google.ca www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ma www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.sl www.google.com.tr www.google.com.tw www.google.com.uy www.google.com.vn www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.za www.google.co.zm www.google.co.zw www.google.cv www.google.cz www.google.de www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gr www.google.hn www.google.hr www.google.hu www.google.ie www.google.iq www.google.is www.google.it www.google.jo www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.mn www.google.mu www.google.mv www.google.nl www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.si www.google.sk www.google.sn www.google.sr www.google.td www.google.tm www.google.tn *.google.com google.com *.googlesyndication.com *.googleusercontent.com data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.cookiebot.com *.cloudfront.net *.bing.com *.facebook.net *.hsforms.net *.hsforms.com *.prism.app-us1.com *.prismic.io https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.shopify.com js.mollie.com *.google.com *.gstatic.com www.xtento.com cdn.xtento.com *.googletagmanager.com tagmanager.google.com *.doubleclick.net *.googleapis.com *.googlesyndication.com *.klaviyo.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src fonts.googleapis.com https:\/\/static.klaviyo.com *.fontawesome.com https:\/\/fonts.bunny.net *.googleapis.com *.gstatic.com tagmanager.google.com fonts.google.com https:\/\/fonts.googleapis.com *.klaviyo.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io t.elasticsuite.io *.hsforms.net *.hsforms.com *.prism.app-us1.com *.prismic.io https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io *.googletagmanager.com *.pay.nl *.bing.com *.cookiebot.com *.doubleclick.net *.facebook.com *.facebook.net *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.bi www.google.bj www.google.bs www.google.ca www.google.ch www.google.cl www.google.cm www.google.co.ao www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ma www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.gh www.google.com.hk www.google.com.kh www.google.com.kw www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.ph www.google.com.pk www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.sl www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.vn www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.za www.google.co.zw www.google.cv www.google.cz www.google.de www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ga www.google.ge www.google.gm www.google.gr www.google.hr www.google.hu www.google.ie www.google.iq www.google.is www.google.it www.google.jo www.google.kz www.google.lk www.google.lt www.google.lu www.google.lv www.google.me www.google.mg www.google.mk www.google.mu www.google.nl www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.se www.google.si www.google.sk www.google.sn www.google.sr www.google.td www.google.tn *.google.com google.com *.googlesyndication.com *.klaviyo.com p2iqhncxyh.execute-api.eu-central-1.amazonaws.com rkkck31tec.execute-api.eu-central-1.amazonaws.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/cc69216c-160f-49b7-b5a2-f80ae473753e.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; frame-ancestors fatmoose.cz fatmoose.nl www.gstatic.com 'self'; form-action www.facebook.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com 'self' 'unsafe-inline'; font-src fatmoose.co.uk fatmoose.nl www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com fonts.googleapis.com *.googleapis.com data: 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com maxcdn.bootstrapcdn.com *.fontawesome.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com data: 'self' 'unsafe-inline'; style-src widgets.xsellco.com static.spotlersearch.com fatmoose.co.uk fatmoose.nl fatmoose.de js.neoday.com *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com maxcdn.bootstrapcdn.com *.fontawesome.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com 'self' 'unsafe-inline'; frame-src tw.fatmoose.be tw.fatmoose.de tw.fatmoose.se www.googletagmanager.com tw.fatmoose.nl tw.fatmoose.fr tw.fatmoose.co.uk tw.fatmoose.at tw.fatmoose.it tw.fatmoose.pl tw.fatmoose.dk tw.fatmoose.es tw.fatmoose.ie tw.fatmoose.ch tw.fatmoose.cz ct.pinterest.com www.edesk.com www.paypalobjects.com twr.fatmoose.fr twr.fatmoose.be twr.fatmoose.ch twr.fatmoose.co.uk twr.fatmoose.cz twr.fatmoose.dk twr.fatmoose.es twr.fatmoose.ie twr.fatmoose.it twr.fatmoose.de twr.fatmoose.at twr.fatmoose.se twr.fatmoose.nl twr.fatmoose.pl fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com js.mollie.com 'self' 'unsafe-inline'; img-src dashboard.edesk.com www.google.be px.ads.linkedin.com t.squeezely.tech googleads.g.doubleclick.net bat.bing.com xsellco-blobstore.s3.amazonaws.com c.delivery.consentmanager.net tw.fatmoose.de static.spotlersearch.com tw.fatmoose.fr www.google.de tw.fatmoose.be static.sooqr.com cdn.consentmanager.net www.google.cz tw.fatmoose.cz tw.fatmoose.co.uk www.google.co.uk cdn.flbx.io tw.fatmoose.it www.google.it www.google.se tw.fatmoose.se www.google.nl tw.fatmoose.nl www.google.fr fatmoose.es fatmoose.it www.google.at fatmoose.at fatmoose.be fatmoose.co.uk tw.fatmoose.at fatmoose.pl fatmoose.ch fatmoose.se www.google.pl tw.fatmoose.pl fatmoose.cz fatmoose.de tw.fatmoose.dk www.google.dk prod-m2.fatmoose.pt www.google.es tw.fatmoose.es prod-m2.fatmoose.sk tw.fatmoose.ie www.google.ie cdn.honey.io www.google.com.ph tw.fatmoose.ch www.google.ch fatmoose.dk fatmoose.fr fatmoose.ie stats.g.doubleclick.net dy639ytn88nua.cloudfront.net widgets.xsellco.com joko-mobile-app-media.s3.eu-west-1.amazonaws.com scontent-lhr6-1.xx.fbcdn.net www.google.gr www.google.lu region1.google-analytics.com scontent-fra5-2.xx.fbcdn.net www.google.no www.google.com.tr www.google.sk www.google.com.do www.google.com.cy www.facebook.com widgets.trustedshops.com www.googletagmanager.com www.google.sr www.google.pt www.google.cl www.google.tn www.google.com.co ade.googlesyndication.com www.google.com.qa www.google.ro www.google.co.in bat.bing.net www.google.com.mt www.google.fi www.google.com.lb www.google.co.ma www.google.hr www.google.ae lh3.googleusercontent.com www.google.com.ua www.google.com.sa www.google.is www.google.com.ar www.google.ba www.google.co.za www.google.al www.google.co.nz www.google.co.ke lh3.google.com www.google.com.pk www.coupert.com www.google.ad www.google.im cdn.weward.app www.google.com.tw www.google.hu www.google.lt www.google.si www.google.dz www.google.cg www.google.gg www.google.tg www.google.sn www.google.cd www.google.az www.google.je www.google.mu www.google.rs www.google.com www.google.com.vn www.google.com.mx www.google.sc fatmoose.nl www.google.co.th www.google.com.bh www.google.com.np www.google.sm www.google.com.gi www.google.com.br www.google.com.eg twr.fatmoose.fr twr.fatmoose.be twr.fatmoose.ch twr.fatmoose.co.uk twr.fatmoose.cz twr.fatmoose.dk twr.fatmoose.es twr.fatmoose.ie twr.fatmoose.it twr.fatmoose.de twr.fatmoose.at twr.fatmoose.se twr.fatmoose.nl twr.fatmoose.pl data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com bid.g.doubleclick.net *.analytics.google.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io maps.googleapis.com maps.gstatic.com *.googleapis.com https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com magefan.com cm.magefan.com https:\/\/www.mollie.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com *.pixriot.com *.storeimaging.com data: 'self' 'unsafe-inline'; connect-src tw.fatmoose.de tw.fatmoose.be bat.bing.com widgets.xsellco.com tr.kickbite.io px.ads.linkedin.com tw.fatmoose.fr tw.fatmoose.nl tw.fatmoose.it tw.fatmoose.cz tw.fatmoose.co.uk gateway.getflowbox.com a.getflowbox.com tw.fatmoose.se tw.fatmoose.at tw.fatmoose.pl ad.doubleclick.net tracking.s24.com tw.fatmoose.ch tw.fatmoose.dk tw.fatmoose.es tw.fatmoose.ie experience.getflowbox.com socketio.xsellco.com stats.g.doubleclick.net fatmoose.at fatmoose.ch fatmoose.co.uk googleads.g.doubleclick.net connect.getflowbox.com static.spotlersearch.com log.ablyft.com www.google.de fatmoose.de fatmoose.se www.google.com fatmoose.be fatmoose.cz fatmoose.ie fatmoose.pl fatmoose.fr fatmoose.dk fatmoose.es fatmoose.it fatmoose.nl twr.fatmoose.be twr.fatmoose.fr twr.fatmoose.ch twr.fatmoose.co.uk twr.fatmoose.cz twr.fatmoose.dk twr.fatmoose.es twr.fatmoose.ie twr.fatmoose.it twr.fatmoose.de twr.fatmoose.at twr.fatmoose.se twr.fatmoose.nl twr.fatmoose.pl cdn.consentmanager.net dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com *.trustedshops.com *.etrusted.com *.pixriot.com *.storeimaging.com analytics.google.com 'self' 'unsafe-inline'; script-src c.delivery.consentmanager.net cdn.consentmanager.net static.spotlersearch.com widgets.xsellco.com tw.fatmoose.nl bat.bing.com connect.getflowbox.com cdn.ablyft.com spotlersearchanalytics.com static.cloudflareinsights.com squeezely.tech tr.kickbite.io dynamic.spotlersearch.com snap.licdn.com tracking.s24.com widgets.trustedshops.com fatmoose.co.uk connect.facebook.net js.mollie.com fatmoose.fr fatmoose.nl tw.fatmoose.be fatmoose.de www.paypal.com twr.fatmoose.dk tw.fatmoose.dk twr.fatmoose.be twr.fatmoose.ch twr.fatmoose.fr twr.fatmoose.co.uk twr.fatmoose.it tw.fatmoose.fr twr.fatmoose.ie twr.fatmoose.es twr.fatmoose.cz twr.fatmoose.de twr.fatmoose.at twr.fatmoose.nl twr.fatmoose.pl twr.fatmoose.se assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com 'self' 'unsafe-inline' 'unsafe-eval';","count":2},{"content-security-policy-report-only":" child-src 'self'; connect-src 'self' wss: https:\/\/*.google-analytics.com https:\/\/*.space-and-time.workers.dev https:\/\/o4506820159406080.ingest.us.sentry.io https:\/\/api.web3modal.com; default-src 'self'; font-src 'self' https:\/\/fonts.gstatic.com; frame-src 'self' http:\/\/js.stripe.com https:\/\/accounts.google.com https:\/\/verify.walletconnect.com; img-src * data:; manifest-src 'none'; media-src 'self' https:\/\/pub-470af287cceb43ff85efacf49a62a335.r2.dev; object-src 'none'; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/cdn.tailwindcss.com https:\/\/accounts.google.com https:\/\/js.stripe.com https:\/\/static.cloudflareinsights.com 'unsafe-eval' 'unsafe-inline' blob:; script-src-attr 'unsafe-inline'; style-src 'self' https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/accounts.google.com 'unsafe-inline'; worker-src 'self' blob:; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-to csp-endpoint; report-uri \/bff\/csp-reports; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.boxnow.gr *.boxnow.cy *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net *.kalogirou.com *.adman.gr *.grxchange.gr http:\/\/trustmark.gr *.klarnaservices.com *.cloudflare.com *.twitter.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com *.octocom.ai data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.googlesyndication.com www.facebook.com www.youtube.com *.adman.gr *.grxchange.gr http:\/\/trustmark.gr *.klarnaservices.com *.twitter.com *.octocom.ai 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.google.com *.doubleclick.net www.facebook.com *.googlesyndication.com *.boxnow.gr *.boxnow.cy connect.facebook.net graph.facebook.com business.facebook.com *.klarna.com *.cookiebot.com www.youtube.com *.contactpigeon.com *.skroutz.gr *.netsteps.net *.trust-servers.net https:\/\/www.googletagmanager.com *.adman.gr *.grxchange.gr http:\/\/trustmark.gr *.klarnaservices.com *.twitter.com *.octocom.ai 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com 'self' data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com www.youtube.com p.typekit.net validator.swagger.io *.gstatic.com *.google.com *.google.bg www.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.boxnow.gr *.boxnow.cy connect.facebook.net graph.facebook.com business.facebook.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/firebasestorage.googleapis.com www.google.gr *.cookiebot.com *.google-analytics.com maps.gstatic.com *.kalogirou.com *.contactpigeon.com *.sharethis.com *.klarnaservices.com *.netsteps.net *.trust-servers.net https:\/\/kalogirou.com https:\/\/kalogirou.com\/pub\/media\/ *.adman.gr *.grxchange.gr http:\/\/trustmark.gr *.cloudflare.com *.googleadservices.com *.paypal.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.octocom.ai *.skroutz.gr data: 'self' 'unsafe-inline'; script-src www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com www.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ *.google.com assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.googleapis.com *.google.bg *.googletagmanager.com www.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.boxnow.gr *.boxnow.cy connect.facebook.net graph.facebook.com business.facebook.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.avada.io 'self' data: *.cookiebot.com *.googleadservices.com stats.g.doubleclick.net googleads.g.doubleclick.net *.kalogirou.com *.go-mpulse.net *.sharethis.com *.contactpigeon.com *.google.gr *.taboola.com *.skroutz.gr *.netsteps.net *.trust-servers.net *.adman.gr *.grxchange.gr http:\/\/trustmark.gr *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.octocom.ai 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net *.kalogirou.com www.youtube.com *.contactpigeon.com *.netsteps.net *.trust-servers.net *.adman.gr *.grxchange.gr http:\/\/trustmark.gr *.klarnaservices.com *.cloudflare.com *.twitter.com *.twimg.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.octocom.ai 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.google-analytics.com www.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com *.boxnow.gr *.boxnow.cy connect.facebook.net graph.facebook.com business.facebook.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/get.geojs.io *.avada.io maps.googleapis.com stats.g.doubleclick.net googleads.g.doubleclick.net *.cookiebot.com *.kalogirou.com www.youtube.com *.go-mpulse.net *.sharethis.com *.contactpigeon.com eu.klarnaevt.com *.taboola.com *.akstat.io *.skroutz.gr *.netsteps.net *.trust-servers.net *.adman.gr *.grxchange.gr http:\/\/trustmark.gr *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com *.octocom.ai 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.contactpigeon.com *.googlesyndication.com *.netsteps.net *.trust-servers.net *.adman.gr *.grxchange.gr http:\/\/trustmark.gr *.klarnaservices.com 'self' 'unsafe-inline'; report-uri https:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src https:; connect-src https: wss:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' *.google.com fonts.googleapis.com static.pazaruvaj.com unpkg.com api.mapbox.com cdn.jsdelivr.net geowidget.easypack24.net maxcdn.bootstrapcdn.com ssl.ceneo.pl s.kk-resources.com elnino.daktela.com www.wiarygodneopinie.pl ts.tradetracker.net cdn.foxentry.cz www.parfemy-elnino.cz geowidget.inpost.pl www.googletagmanager.com smartsuppcdn.com static.compari.ro *.demandware.net; object-src 'self'; img-src 'self' https: data:; font-src https: data:; frame-ancestors 'self' *.creativecdn.com *.hotjar.com *.googletagmanager.com; report-uri https:\/\/elnino.report-uri.com\/r\/d\/csp\/enforce","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/cdn.riverty.design\/ * robincontentdesktop.blob.core.windows.net data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com uc8.tv * 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com uc8.tv https:\/\/documents.riverty.com\/ * *.multisafepay.com https:\/\/pay.google.com *.googletagmanager.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com data: widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com https:\/\/cdn.myafterpay.com\/ uc8.tv https:\/\/cdn.riverty.design\/ ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com https:\/\/images.unsplash.com *.prism.app-us1.com *.prismic.io * *.multisafepay.com *.googletagmanager.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com uc8.tv https:\/\/cdn.myafterpay.com\/ https:\/\/cdn.bnpl.riverty.io\/ chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com https:\/\/maps.googleapis.com *.prism.app-us1.com *.prismic.io * https:\/\/widget-acc.paazl.com https:\/\/widget.paazl.com https:\/\/api-acc.paazl.com https:\/\/api.paazl.com *.multisafepay.com https:\/\/pay.google.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com downloads.mailchimp.com * https:\/\/widget-acc.paazl.com https:\/\/widget.paazl.com https:\/\/api-acc.paazl.com https:\/\/api.paazl.com *.multisafepay.com tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com * 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com uc8.tv https:\/\/cdn.myafterpay.com\/ https:\/\/documents.myafterpay.com\/ https:\/\/documents.riverty.com\/ https:\/\/www.afterpay.nl\/ https:\/\/cdn.bnpl.riverty.io\/ https:\/\/trace-api.newrelic.com\/ https:\/\/distributions.crowdin.net\/ https:\/\/api.crowdin.com\/ form-assets.mailchimp.com *.intuit.com *.amazonaws.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.prism.app-us1.com *.prismic.io * https:\/\/widget-acc.paazl.com https:\/\/widget.paazl.com https:\/\/api-acc.paazl.com https:\/\/api.paazl.com *.multisafepay.com *.googletagmanager.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/4c701c01-85ba-408b-96cc-0fd2ab244242.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss:; media-src 'self' https: blob:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'self' https:\/\/*.altezzatravel.com https:\/\/altezza.travel https:\/\/*.altezza.travel; upgrade-insecure-requests; report-uri https:\/\/altezza.report-uri.com\/r\/d\/csp\/reportOnly","count":2},{"content-security-policy-report-only":" \tdefault-src blob: https:;\timg-src data: https:;\tscript-src 'unsafe-inline' 'unsafe-eval' blob: https:;\tstyle-src 'unsafe-inline' https:;\tfont-src data: https:;\tframe-src https:;\tmedia-src data: https:;\tobject-src 'none';\tconnect-src https:;\tframe-ancestors 'self';","count":2},{"content-security-policy-report-only":" https:\/\/www.calyxsoftware.com;static.hsappstatic.net, *.hubspotusercontent-*.net, *.hubspot.net, *.hs-scripts.com","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-to csp-endpoint","count":2},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' www.facebook.com stats.g.doubleclick.net *.oribi.io www.google-analytics.com csp.withgoogle.com cdn.jsdelivr.net data:; frame-src 'self' 52.186.34.239 www.facebook.com *.aquawater.com *.youtube.com *.google.com www.googletagmanager.com; img-src 'self' www.linkedin.com t.co analytics.twitter.com www.google-analytics.com px.ads.linkedin.com www.facebook.com i.ytimg.com *.google.com www.googleapis.com *.gstatic.com *.aquaamerica.com data:; script-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' snap.licdn.com connect.facebook.net *.googletagmanager.com code.jquery.com *.google.com cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; script-src-attr 'self' 'unsafe-hashes' 'unsafe-inline'; script-src-elem 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google.com *.gstatic.com snap.licdn.com connect.facebook.net code.jquery.com cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src 'self' 'unsafe-hashes' 'unsafe-inline' hello.myfonts.net www.google.com cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src-attr 'self' 'unsafe-hashes' 'unsafe-inline'; frame-ancestors 'self'","count":2},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'strict-dynamic' https: http: 'nonce-JMImICH7GjmqAnCUK9u2SQ=='; script-src-elem 'self' 'nonce-JMImICH7GjmqAnCUK9u2SQ==' https:\/\/cdn.ckeditor.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/kit.fontawesome.com https:\/\/unpkg.com https:\/\/go.evolent.com https:\/\/go.evolenthealth.com https:\/\/www.clarity.ms https:\/\/www.clarity.ms\/tag\/h0yoxp4coe https:\/\/scripts.clarity.ms https:\/\/cdn.pardot.com https:\/\/pi.pardot.com https:\/\/edge.marker.io https:\/\/www.googletagmanager.com\/gtm.js https:\/\/www.googletagmanager.com https:\/\/browser.sentry-cdn.com","count":2},{"content-security-policy-report-only":" frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; style-src-elem app.leadfox.co blog.clubtissus.com www.clubtissus.com fonts.googleapis.com; form-action www.facebook.com payflowlink.paypal.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com connect.facebook.net graph.facebook.com https:\/\/seo.mageplaza.com *.facebook.com 'self' 'unsafe-inline'; img-src www.facebook.com ct.pinterest.com google.com www.google.com www.google.ca admin.thefabricclub.ca data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com www.apptrian.com facebook.com connect.facebook.net graph.facebook.com https:\/\/firebasestorage.googleapis.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src-elem script.hotjar.com www.googletagmanager.com www.clubtissus.com clubtissus.com www.thefabricclub.ca www.google-analytics.com static.hotjar.com www.youtube.com s.pinimg.com google.com connect.facebook.net app.leadfox.co blog.clubtissus.com www.google.com www.gstatic.com 'sha256-B4yPHKaXnvFWtRChIbabYmUBFZdVfKKXHbWtWidDVF8=-0'; frame-src www.google.com vars.hotjar.com www.facebook.com payflowlink.paypal.com ct.pinterest.com fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.apptrian.com facebook.com connect.facebook.net graph.facebook.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline'; style-src fonts.googleapis.com *.adobe.com https:\/\/fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.stripe.network *.stripecdn.com *.amazon.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; font-src fonts.gstatic.com www.paypalobjects.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; script-src www.google-analytics.com www.googletagmanager.com www.google.com www.gstatic.com static.hotjar.com s.pinimg.com connect.facebook.net clubtissus.com www.clubtissus.com www.thefabricclub.ca assets.adobedtm.com *.adobe.com www.googleadservices.com googleads.g.doubleclick.net analytics.google.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.apptrian.com facebook.com www.facebook.com graph.facebook.com *.avada.io *.shopify.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline' 'unsafe-eval'; connect-src www.google-analytics.com ct.pinterest.com in.hotjar.com stats.g.doubleclick.net ws17.hotjar.com wss:\/\/ws17.hotjar.com blog.clubtissus.com rest.leadfox.co app.leadfox.co dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/get.geojs.io *.avada.io *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.googleapis.com fonts.gstatic.com *.bootstrapcdn.com *.fontawesome.com *.cloudfront.net data: *.typekit.net userlike-cdn-umm.b-cdn.net maxcdn.bootstrapcdn.com https:\/\/fonts.gstatic.com https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.facebook.net *.facebook.com https:\/\/plumrocket.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.jsctool.com *.timify.com *.cookiebot.com *.pay1.de *.facebook.net *.facebook.com https:\/\/static.fittingbox.com vto-advanced.fittingbox.com secure.pay1.de payments.amazon.de jsctool.com www.jsctool.com js.playground.klarna.com https:\/\/plumrocket.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * www.xtento.com *.sendcloud.sc *.jsdelivr.net *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com maps.googleapis.com maps.gstatic.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de static-eu.payments-amazon.com *.cloudfront.net *.amazonaws.com widgets.trustedshops.com *.klarnacdn.net *.pay1.de *.facebook.com *.cookiebot.com www.google.de becker-floege.de mcstaging.becker-floege.de brilledirekt.de mcstaging.brilledirekt.de stream.brilledirekt.de cdn.pay1.de x.klarnacdn.net m.media-amazon.com https:\/\/cdn.doofinder.com https:\/\/api.mapbox.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.xtento.com cdn.xtento.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.newrelic.com *.pay1.de *.ratepay.com *.cloudfront.net *.amazonaws.com userlike-cdn-umm.b-cdn.net *.nr-data.net *.timify.com chimpstatic.com widgets.trustedshops.com *.cookiebot.com connect.facebook.net static.hotjar.com script.hotjar.com pagead2.googlesyndication.com stream.brilledirekt.de www.clarity.ms extern.conversion.consulting *.fittingbox.com\/api\/v1\/fitmix.js https:\/\/msrt-integration-api.fittingbox.com\/index.js https:\/\/api.segment.io\/v1\/batch vto-advanced-integration-api.fittingbox.com secure.pay1.de d.ratepay.com static-eu.payments-amazon.com x.klarnacdn.net cdn.klarna.com jsctool.com d.payla.io *.avada.io https:\/\/cdn.doofinder.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.sendcloud.sc *.jsdelivr.net https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.bootstrapcdn.com *.typekit.net *.fonts.net *.cookiebot.com *.googletagmanager.com d.ratepay.com d.payla.io dr.payla.io *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/cdn.doofinder.com unsafe-inline assets.braintreegateway.com https:\/\/fonts.googleapis.com *.sendcloud.sc *.jsdelivr.net https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cloudfront.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.google-analytics.com *.doubleclick.net *.ratepay.com *.nr-data.net userlike-cdn-widgets.s3-eu-west-1.amazonaws.com api.userlike.com www.xtento.com *.etrusted.com *.trustbadge.com *.trustedshops.com *.cookiebot.com *.facebook.net *.facebook.com maps.googleapis.com pagead2.googlesyndication.com wss:\/\/ws.hotjar.com content.hotjar.io vc.hotjar.io metrics.hotjar.io u.clarity.ms product-api.fittingbox.com payments.amazon.de payments-eu.amazon.com d.ratepay.com jsctool.com eu.playground.klarnaevt.com https:\/\/get.geojs.io *.avada.io https:\/\/eu1-layer.doofinder.com wss:\/\/eu1-layer.doofinder.com https:\/\/us1-layer.doofinder.com wss:\/\/us1-layer.doofinder.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com autocomplete2.postdirekt.de *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com https:\/\/integrations.etrusted.site 'self' 'unsafe-inline'; child-src *.facebook.net *.facebook.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.checkout.com *.cdn-apple.com *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/www.google.com https:\/\/www.gstatic.com maxcdn.bootstrapcdn.com data: checkout.tabby.ai widgets.tabby.ai cdn.tabby.ai fonts.googleapis.com storage.googleapis.com fonts.gstatic.com cdn.livechat.connexease.com api.connexease.com *.g.doubleclick.net *.tamara.co *.smooch.io cdnjs.cloudflare.com *.personaclick.com *.googlesyndication.com *.googleadservices.com *.googletagservices.com *.google.com google.ae *.googletagmanager.com google.com *.uplo.io *.tabby.ai data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.twitter.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors self www.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.checkout.com *.klarna.com *.youtube.com\/ www.google.com www.gstatic.com apis.google.com checkout.tabby.ai 'self' *.paypal.com *.tamara.co *.vimeo.com *.braintreegateway.com td.doubleclick.net *.googletagmanager.com livechat.connexease.com cdn.allinone.connexease.com cdnjs.cloudflare.com tr.snapchat.com *.personaclick.com *.googlesyndication.com *.googleadservices.com *.g.doubleclick.net www.googletagservices.com *.google.com google.com *.uplo.io server-side-tagging-kbxfdsts4q-uc.a.run.app *.tabby.ai *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.checkout.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.paypal.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu checkout.tabby.ai widgets.tabby.ai cdn.tabby.ai fonts.googleapis.com storage.googleapis.com *.tamara.co 'self' 'unsafe-inline' *.g.doubleclick.net *.facebook.com *.snapchat.com preprod.calvinklein.ae preprod.calvinklein.sa preprod.calvinklein.com.kw preprod.calvinklein.om preprod.calvinklein.bh preprod.calvinklein.qa calvinklein.ae calvinklein.sa calvinklein.com.kw calvinklein.om calvinklein.bh calvinklein.qa cdn.allinone.connexease.com cdn.livechat.connexease.com api.connexease.com *.smooch.io cdnjs.cloudflare.com tr.snapchat.com *.personaclick.com cdn.connexease.com *.googlesyndication.com *.googletagservices.com *.google.com *.google.ae *.google.com.af *.google.com.bh *.google.com.eg *.google.iq *.google.com.jo *.google.com.kw *.google.com.lb *.google.com.om *.google.ps *.google.com.qa *.google.com.sa *.google.com.tr *.google.com.ye *.googletagmanager.com google.com *.uplo.io *.tabby.ai *.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.checkout.com *.klarnacdn.net *.cdn-apple.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.trackedlink.net *.googleapis.com *.google.com *.avada.io checkout.tabby.ai widgets.tabby.ai cdn.segment.com connect.facebook.net www.google.com cdn.sift.com score.jcsc.online seondf.com deviceinf.com getdeviceinf.com *.tamara.co 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.facebook.net *.braintreegateway.com *.adobedtm.com *.g.doubleclick.net tr.snapchat.com *.tiktok.com preprod.calvinklein.ae api.segment.io sc-static.net *.tiktokw.us livechat.connexease.com cdn.allinone.connexease.com cdn.livechat.connexease.com api.connexease.com *.smooch.io td.doubleclick.net *.googletagmanager.com cdnjs.cloudflare.com *.personaclick.com cdn.connexease.com *.googlesyndication.com *.googleadservices.com *.googletagservices.com *.google.ae *.google.com.af *.google.com.bh *.google.com.eg *.google.iq *.google.com.jo *.google.com.kw *.google.com.lb *.google.com.om *.google.ps *.google.com.qa *.google.com.sa *.google.com.tr *.google.com.ye google.com *.uplo.io *.hotjar.com *.contentsquare.net wss:\/\/*.hotjar.com *.hotjar.io *.tabby.ai https:\/\/www.googletagmanager.com tagmanager.google.com unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.checkout.com https:\/\/static.klaviyo.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.google.com maxcdn.bootstrapcdn.com *.tamara.co fonts.googleapis.com 'self' 'unsafe-inline' livechat.connexease.com preprod.calvinklein.ae cdn.allinone.connexease.com cdn.livechat.connexease.com api.connexease.com *.g.doubleclick.net *.smooch.io cdnjs.cloudflare.com tr.snapchat.com *.personaclick.com *.googlesyndication.com *.googleadservices.com *.googletagservices.com *.google.ae *.google.com.eg *.google.com.lb *.googletagmanager.com google.com *.uplo.io *.tabby.ai tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.tamara.co 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.checkout.com *.klarnaevt.com *.klarnacdn.net *.klarna.com *.browser-intake-datadoghq.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com *.googleadservices.com *.google-analytics.com *.sandbox.paypal.com *.paypalobjects.com *.trackedlink.net *.ampproject.org http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/get.geojs.io *.avada.io checkout.tabby.ai widgets.tabby.ai cdn.segment.com api.segment.com api.segment.io api.amplitude.com *.seondfresolver.com *.deviceinfresolver.com *.getdeviceinfresolver.com *.tamara.co 'self' *.braintreegateway.com *.facebook.net tr.snapchat.com get.geojs.io tr6.snapchat.com *.tiktok.com *.tiktokw.us cdn.sift.com api.braintreegateway.com livechat.connexease.com api.connexease.com cdn.livechat.connexease.com *.g.doubleclick.net *.smooch.io cdnjs.cloudflare.com *.personaclick.com *.googlesyndication.com *.googletagservices.com *.google.com *.google.ae *.google.com.eg *.google.com.lb google.com\/pay *.googletagmanager.com server-side-tagging-kbxfdsts4q-uc.a.run.app *.uplo.io google.com *.hotjar.com wss:\/\/*.hotjar.com *.hotjar.io *.contentsquare.net *.tabby.ai 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.seondnsresolve.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';","count":2},{"content-security-policy-report-only":" upgrade-insecure-requests; report-to https:\/\/myrgroup.com\/csp-report.php;; report-uri https:\/\/myrgroup.com\/csp-report.php;;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com data: *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.twitter.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com consentcdn.cookiebot.com consentcdn.cookiebot.eu https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.hotjar.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.twitter.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: *.googleapis.com imgsct.cookiebot.com imgsct.cookiebot.eu https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.google.co.uk *.cloudfront.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ consent.cookiebot.com consentcdn.cookiebot.com consent.cookiebot.eu consentcdn.cookiebot.eu https:\/\/*.pcapredict.com\/js\/sensor.js https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/*.hotjar.com https:\/\/*.doubleclick.net https:\/\/secure.leadforensics.com https:\/\/*.googleapis.com player.vimeo.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/*.googleapis.com *.typekit.net assets.braintreegateway.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com consentcdn.cookiebot.com consentcdn.cookiebot.eu consent.cookiebot.com consent.cookiebot.eu https:\/\/*.hotjar.com https:\/\/*.adobedc.net https:\/\/*.nr-data.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.cloudflare.com *.twitter.com *.twimg.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' *.microvision.com; script-src 'self' 'unsafe-inline' *.jobvite.com *.onlyfy.jobs *.googletagmanager.com 'unsafe-eval' https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com *.vimeo.com www.youtube.com; object-src 'none'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; img-src 'self' data: *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.google.com.br *.google.com.my *.google.com.hk *.google.com.ng *.google.com.pk *.google.com.uk *.google.de *.google.it *.google.fr *.google.at *.google.ch *.google.ca *.google.co.ao *.google.co.nz *.google.co.jp *.google.co.in https:\/\/www.google.com https:\/\/google.com i.ytimg.com; connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.google.com.br *.google.com.my *.google.com.hk *.google.com.ng *.google.com.pk *.google.com.uk *.google.de *.google.it *.google.fr *.google.at *.google.ch *.google.ca *.google.co.ao *.google.co.nz *.google.co.jp *.google.co.in noembed.com; frame-src 'self' *.jobvite.com *.onlyfy.jobs https:\/\/bid.g.doubleclick.net https:\/\/td.doubleclick.net *.vimeo.com www.youtube.com www.youtube-nocookie.com; report-uri https:\/\/sentry.networkteam.com\/api\/321\/security\/?sentry_key=86c8eb4a595a42448a455afac3f49ef6","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https:\/\/fonts.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.certcapture.com https:\/\/www.google.com https:\/\/widget.trustpilot.com https:\/\/bid.g.doubleclick.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.trustpilot.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.certcapture.com https:\/\/www.google.com https:\/\/www.google.co.in magefan.com cm.magefan.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.disqus.com maps.gstatic.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/maps.gstatic.com\/ https:\/\/amcglobal.sc.omtrdc.net *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.certcapture.com pay.google.com *.google-analytics.com googletagmanager.com *.googletagmanager.com apis.google.com https:\/\/maps.googleapis.com *.googleapis.com *.googleadservices.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha https:\/\/www.google.com\/recaptcha *.google.com\/ https:\/\/maps.googleapis.com\/maps\/api\/js https:\/\/widget.trustpilot.com http:\/\/widget.trustpilot.com https:\/\/invitejs.trustpilot.com chimpstatic.com *.paypalobjects.com c.paypal.com *.paypal.com sandbox.paypal.com *.sandbox.paypal.com downloads.mailchimp.com *.list-manage.com *.disqus.com maps.googleapis.com https:\/\/cdn.jsdelivr.net js.braintreegateway.com assets.braintreegateway.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com https:\/\/maps.googleapis.com\/ https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net assets.shipperhq.com *.trustpilot.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com downloads.mailchimp.com *.fontawesome.com assets.braintreegateway.com *.trustpilot.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/bam.nr-data.net ovs.shipperhq.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/marysvillemarine.com\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/ https:\/\/translate.google.com\/translate_a\/element.js https:\/\/www.youtube.com\/iframe_api https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/www.google.com\/tools\/feedback\/chat_load.js https:\/\/www.google.com\/tools\/feedback\/help_api.js https:\/\/www.google.com\/tools\/feedback\/load.js https:\/\/www.google.com\/tools\/feedback\/open.js https:\/\/www.google.com\/tools\/feedback\/open_to_help_guide_lazy.js https:\/\/www.gstatic.com\/feedback\/js\/ https:\/\/www.gstatic.com\/feedback\/js\/help\/prod\/service\/lazy.min.js https:\/\/www.gstatic.com\/inproduct_help\/api\/main.min.js https:\/\/www.gstatic.com\/inproduct_help\/chatsupport\/chatsupport_button_v2.js https:\/\/www.gstatic.com\/inproduct_help\/service\/lazy.min.js https:\/\/www.gstatic.com\/uservoice\/feedback\/client\/web\/live\/ https:\/\/www.gstatic.com\/uservoice\/surveys\/resources\/prod\/js\/survey\/ https:\/\/www.gstatic.com\/_\/mss\/boq-chrome-webstore\/_\/js\/k=boq-chrome-webstore.ChromeWebStoreConsumerFeUi.en_US.EDbKE3icpyI.2018.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/www.youtube.com\/s\/player\/ https:\/\/translate.googleapis.com\/_\/translate_http\/_\/js\/;report-uri \/_\/ChromeWebStoreConsumerFeUi\/cspreport\/fine-allowlist","count":2},{"content-security-policy-report-only":" font-src *.fontawesome.com *.googleapis.com *.gstatic.com https:\/\/fonts.gstatic.com maxcdn.bootstrapcdn.com fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/seo.mageplaza.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com landofcoder.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.weltpixel.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.trackedlink.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.xtento.com cdn.xtento.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com https:\/\/www.facebook.com https:\/\/c.clarity.ms\/ https:\/\/bat.bing.com\/ https:\/\/c.bing.com\/ data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com landofcoder.com s7.addthis.com *.fontawesome.com *.googleapis.com *.gstatic.com player.vimeo.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.googletagmanager.com tagmanager.google.com https:\/\/cs.iubenda.com\/ static.addtoany.com acsbapp.com mylivechat.com a6.mylivechat.com https:\/\/cdn.iubenda.com\/cs\/ccpa\/stub.js https:\/\/connect.facebook.net\/ http:\/\/www.paypalobjects.com http:\/\/www.googletagmanager.com http:\/\/www.vimeo.com https:\/\/cdn.iubenda.com\/ https:\/\/bat.bing.com\/ https:\/\/www.clarity.ms\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.fontawesome.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.googleapis.com *.addtoany.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com tagmanager.google.com fonts.google.com a6.mylivechat.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com landofcoder.com ekr.zdassets.com\/ http:\/\/dpm.demdex.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com cdn.acsbapp.com http:\/\/www.googletagmanager.com http:\/\/www.sandbox.paypal.com http:\/\/www.paypalobjects.com https:\/\/hits-i.iubenda.com\/ https:\/\/w.clarity.ms\/collect http:\/\/www.google-analytics.com https:\/\/consent.iubenda.com\/ https:\/\/o.clarity.ms\/collect https:\/\/v.clarity.ms\/collect 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; report-uri https:\/\/lleung.uriports.com\/reports\/report; report-to default","count":2},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval'; report-to report; report-uri \/?_task=background&_action=csp_report","count":2},{"content-security-policy-report-only":" object-src  'none'; connect-src 'self' *.nextdoorstudios.com *.asgmax.com cognito-identity.us-east-1.amazonaws.com backend.getbeamer.com *.comm100.io *.algolia.net insights.algolia.io *.algolianet.com *.gammaapis.com *.gammacdn.com analytics.google.com *.google-analytics.com adservice.google.com *.analytics.google.com *.doubleclick.net *.pubnub.com *.lovense.com *.handyfeeling.com www.gammaentertainment.com *.tiypa.com *.recombee.us dasasoveekepl.cloudfront.net capture.trackjs.com ws: jlduihq7lrcdxgw4vrndhdfcsq.appsync-api.us-east-1.amazonaws.com tcs4u525zrg5hnnoe5kzndxuaq.appsync-api.us-east-1.amazonaws.com xtnzefcqrb.execute-api.us-east-1.amazonaws.com 2aed6ghjsb4436qtebuqk3gfzq0xeauy.lambda-url.us-east-1.on.aws lzzos7clo5.execute-api.us-east-1.amazonaws.com *.izooto.com www.idealgasm.com 3tt0xhv5u7.execute-api.us-east-1.amazonaws.com; form-action 'self' *.nextdoorstudios.com *.asgmax.com join.gammasecure.com; script-src 'self' *.nextdoorstudios.com *.asgmax.com app.getbeamer.com static.getbeamer.com blob: vue.comm100.com standby.comm100vue.com *.gammacdn.com www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com code.jquery.com d3a3ewgd1iewwz.cloudfront.net cdn.izooto.com 'unsafe-eval' 'unsafe-inline'; frame-src 'self' *.nextdoorstudios.com *.asgmax.com push.getbeamer.com app.getbeamer.com www.google.com *.doubleclick.net cdn.izooto.com *.banhq.com; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub787d5a6164b329b26f2e4f7956bbed10&dd-evp-origin=content-security-policy&ddsource=csp-prod&ddtags=CSP-Prod;","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/widgets.trustedshops.com https:\/\/fonts.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googlesyndication.com *.tiktok.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com *.google.com *.doubleclick.net *.googlesyndication.com *.tiktok.com *.multisafepay.com https:\/\/pay.google.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' data: *.google.com *.google.bg *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com *.tiktok.com https:\/\/firebasestorage.googleapis.com flagpedia.net *.multisafepay.com assets.myparcel.nl https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com https:\/\/mylivechat.com https:\/\/uk.mylivechat.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.com *.google.bg *.googletagmanager.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com *.avada.io *.shopify.com maps.googleapis.com *.multisafepay.com https:\/\/pay.google.com cdnjs.cloudflare.com cdn.jsdelivr.net https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com https:\/\/www.feedbackcompany.com https:\/\/mylivechat.com https:\/\/uk.mylivechat.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.multisafepay.com cdn.jsdelivr.net https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com https:\/\/uk.mylivechat.com https:\/\/fonts.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com *.tiktok.com https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com *.multisafepay.com api.myparcel.nl cdn.jsdelivr.net *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site https:\/\/www.feedbackcompany.com https:\/\/mylivechat.com https:\/\/uk.mylivechat.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.klarnacdn.net *.fontawesome.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com https:\/\/www.paypal.com https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io *.klarna.com js.mollie.com *.sendcloud.sc *.jsdelivr.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com https:\/\/portal.payconiq.com https:\/\/static.buckaroo.nl https:\/\/www.paypalobjects.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/www.mollie.com *.amazonaws.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com maps.gstatic.com www.magmodules.eu *.squeezely.tech https:\/\/maps.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/static.buckaroo.nl https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/buckaroo.nl https:\/\/www.paypal.com https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com js.mollie.com *.sendcloud.sc *.jsdelivr.net https:\/\/www.googletagmanager.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com maps.googleapis.com squeezely.tech www.squeezely.tech *.squeezely.tech polyfill.io cdn.cookie-script.com gallery.cevoid.com inc.fotobehang.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl *.klarnacdn.net *.fontawesome.com *.sendcloud.sc *.jsdelivr.net https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com wss:\/\/websocketservice-externalapi.prod.buckaroo.io https:\/\/static.buckaroo.nl wss:\/\/websockets.buckaroo.io\/ https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io https:\/\/applepay.buckaroo.io https:\/\/www.paypal.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com *.trustedshops.com *.etrusted.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com squeezely.tech *.squeezely.tech 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.yotpo.com *.googleapis.com *.gstatic.com *.klevu.com *.ksearchnet.com https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.yotpo.com *.authorize.net *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.credova.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.credova.com * c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com *.yotpo.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.authorize.net *.weltpixel.com *.googletagmanager.com *.doubleclick.net https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.asc-stage-magento.com asc-stage-magento.com *.channels.magento.com channels.magento.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/*.credova.com\/ https:\/\/*.clarity.ms https:\/\/*.bing.com *.yotpo.com *.klevu.com *.ksearchnet.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com magefan.com cm.magefan.com https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com moogento.com *.moogento.com *.googleapis.com *.gstatic.com *.google.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.asc-stage-magento.com asc-stage-magento.com *.channels.magento.com channels.magento.com *.credova.com chimpstatic.com downloads.mailchimp.com *.list-manage.com widget.freshworks.com m2epro.freshdesk.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/*.credova.com\/ https:\/\/*.avmws.com https:\/\/*.livechatinc.com https:\/\/statsjs.klevu.com https:\/\/*.bing.com https:\/\/*.crazyegg.com https:\/\/*.clarity.ms *.yotpo.com js.klevu.com *.ksearchnet.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.avada.io *.shopify.com l2.moogento.com *.authorize.net *.googleapis.com *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.asc-stage-magento.com asc-stage-magento.com *.channels.magento.com channels.magento.com downloads.mailchimp.com widget.freshworks.com m2epro.freshdesk.com unsafe-inline assets.braintreegateway.com *.yotpo.com *.googleapis.com *.klevu.com *.ksearchnet.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.fontawesome.com https:\/\/fonts.bunny.net *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.asc-stage-magento.com asc-stage-magento.com *.channels.magento.com channels.magento.com https:\/\/*.credova.com\/ 'self' 'unsafe-inline'; manifest-src *.asc-stage-magento.com asc-stage-magento.com *.channels.magento.com channels.magento.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.asc-stage-magento.com asc-stage-magento.com *.channels.magento.com channels.magento.com *.credova.com widget.freshworks.com m2epro.freshdesk.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/*.credova.com\/ https:\/\/*.clarity.ms https:\/\/statsjs.klevu.com https:\/\/*.livechatinc.com *.yotpo.com *.klevu.com *.ksearchnet.com https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/get.geojs.io *.avada.io *.authorize.net *.automaticffl.com *.googleapis.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.asc-stage-magento.com asc-stage-magento.com *.channels.magento.com channels.magento.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com data: https:\/\/www.googletagmanager.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.authorize.net *.syfpos.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.authorize.net syf.demdex.net *.syfpos.com *.syf.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.googleapis.com *.bing.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de static-eu.payments-amazon.com magefan.com cm.magefan.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/img.youtube.com store.paradoxlabs.com *.syfpos.com *.syf.com analytics.synchrony.com *.d1.sc.omtrdc.net *.mysynchrony.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com tagmanager.google.com https:\/\/www.googletagmanager.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.bing.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.attn.tv events.attentivemobile.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ s7.addthis.com *.authorize.net *.syfpos.com analytics.synchrony.com *.mysynchrony.com *.syf.com *.tiqcdn.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com unsafe-inline assets.braintreegateway.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com https:\/\/static.klaviyo.com *.syfpos.com *.yotpo.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.googleapis.com https:\/\/www.google-analytics.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.attn.tv events.attentivemobile.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ ekr.zdassets.com\/ *.authorize.net *.syfpos.com *.syf.com *.d1.sc.omtrdc.net *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" require-trusted-types-for 'script';report-uri https:\/\/csp.withgoogle.com\/csp\/6b8ce7c01e3dacd3d2c7a8cd322ff979\/mr","count":2},{"content-security-policy-report-only":" default-src 'self'; img-src *; style-src 'unsafe-inline'; script-src 'unsafe-inline' 'unsafe-eval'","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.tailwindcss.com https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/js.stripe.com https:\/\/accounts.google.com https:\/\/cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https:\/\/cdn.tailwindcss.com https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net; img-src 'self' data: https: blob:; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/cdn.jsdelivr.net; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/api.stripe.com https:\/\/accounts.google.com https:\/\/api.deepseek.com; frame-src https:\/\/js.stripe.com https:\/\/accounts.google.com https:\/\/www.youtube.com https:\/\/iframe.mediadelivery.net https:\/\/www.googletagmanager.com; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/accounts.google.com;","count":2},{"content-security-policy-report-only":" default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri \/csp_report;","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com widget.thuiswinkel-cdn.org data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com consent.cookiebot.com *.freshchat.com consentcdn.cookiebot.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.trustpilot.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com imgsct.cookiebot.com *.google.com.ua *.google.com.nl api.taggrs.io widget.thuiswinkel-cdn.org px.ads.linkedin.com bat.bing.com sst.officecentre.nl https:\/\/www.mollie.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com consent.cookiebot.com static.zdassets.com wss:\/\/widget-mediator.zopim.com consentcdn.cookiebot.com widget.thuiswinkel.org widget.thuiswinkel-cdn.org eu.fw-cdn.com *.freshchat.com bat.bing.com sst.officecentre.nl js.mollie.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com *.typekit.net *.freshchat.com static-tracking.klaviyo.com widget.thuiswinkel-cdn.org https:\/\/static.klaviyo.com assets.braintreegateway.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com ekr.zdassets.com wss:\/\/widget-mediator.zopim.com consentcdn.cookiebot.com widget.trustpilot.com widget.thuiswinkel.org widget.thuiswinkel-cdn.org app-euc.freshmarketer.com widgetcontent.thuiswinkel-cdn.org sst.officecentre.nl px.ads.linkedin.com bat.bing.com ws:\/\/127.0.0.1:35729\/livereload https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:;","count":2},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: maxcdn.bootstrapcdn.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cenpos.net *.cenpos.com *.google.com *.gstatic.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.cenpos.net *.cenpos.com *.google.com *.gstatic.com *.cardinalcommerce.com *.google.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com www.facebook.com *.cenpos.net *.cenpos.com https:\/\/www.magezon.com *.hubspot.com *.hsforms.com *.linkedin.com *.adsymptotic.com *.otcindustrial.com *.google.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.hsforms.net 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ ws.zoominfo.com secure.venture-365-inspired.com js.hubspot.com cdn.callrail.com js.usemessages.com *.cenpos.com *.cenpos.net *.google.com *.cardinalcommerce.com *.termly.io *.fullstory.com *.licdn.com *.doubleclick.net *.listenlayer.com *.hs-scripts.com *.hscollectedforms.net *.hs-analytics.net *.hsadspixel.net *.hs-banner.com connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com ws.zoominfo.com idx.liadm.com px.ads.linkedin.com forms.hscollectedforms.net static.listenlayer.com pagead2.googlesyndication.com googleads.g.doubleclick.net js.hs-banner.com *.fullstory.com *.termly.io *.linkedin.oribi.io *.analytics.google.com *.hubspot.com *.hubapi.com *.google-analytics.com *.googletagmanager.com stats.g.doubleclick.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self';                     script-src 'self'                       https:\/\/consent.cookiebot.com                       https:\/\/consentcdn.cookiebot.com                       https:\/\/www.googletagmanager.com                       https:\/\/www.google-analytics.com                       https:\/\/www.google.com                       https:\/\/googleads.g.doubleclick.net                       https:\/\/snap.licdn.com                       https:\/\/kit.fontawesome.com                       https:\/\/ka-p.fontawesome.com                       https:\/\/static.ads-twitter.com                       https:\/\/connect.facebook.net                       https:\/\/www.clickcease.com                       https:\/\/go.brooks.com;                     style-src 'self'                       https:\/\/ka-p.fontawesome.com                       https:\/\/static.ads-twitter.com                       https:\/\/connect.facebook.net                       https:\/\/www.clickcease.com                       https:\/\/connect.facebook.net                       https:\/\/consent.cookiebot.com                       https:\/\/go.brooks.com;                     img-src 'self' data:                       https:\/\/www.google-analytics.com                       https:\/\/googleads.g.doubleclick.net                       https:\/\/stats.g.doubleclick.net                       https:\/\/www.google.com                       https:\/\/px.ads.linkedin.com                       https:\/\/t.co                       https:\/\/analytics.twitter.com                       https:\/\/www.facebook.com                       https:\/\/www.linkedin.com                       https:\/\/www.googletagmanager.com;                     font-src 'self' data:                       https:\/\/ka-p.fontawesome.com                       https:\/\/kit.fontawesome.com                       https:\/\/consentcdn.cookiebot.com;                     connect-src 'self'                       https:\/\/www.google-analytics.com                       https:\/\/analytics.google.com                       https:\/\/www.googletagmanager.com                       https:\/\/consent.cookiebot.com                       https:\/\/consentcdn.cookiebot.com                       https:\/\/snap.licdn.com                       https:\/\/www.google.com                       https:\/\/googleads.g.doubleclick.net                       https:\/\/kit.fontawesome.com                       https:\/\/ka-p.fontawesome.com                       https:\/\/px.ads.linkedin.com                       https:\/\/stats.g.doubleclick.net;                     frame-src 'self'                       https:\/\/www.youtube.com                       https:\/\/www.youtube-nocookie.com                       https:\/\/consentcdn.cookiebot.com;                     media-src 'self'                       https:\/\/www.youtube.com                       https:\/\/www.youtube-nocookie.com;                     object-src 'none';                     base-uri 'self';                     frame-ancestors 'self';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.fontawesome.com *.googleapis.com *.gstatic.com https:\/\/cdnjs.cloudflare.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.googleapis.com *.gstatic.com www.apptrian.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.googleapis.com *.gstatic.com www.apptrian.com *.avada.io https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/www.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com unsafe-inline assets.braintreegateway.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.googleapis.com www.apptrian.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.bootstrapcdn.com js.klevu.com *.finance-calculator.co.uk *.klarnacdn.net *.klevu.com *.ksearchnet.com *.magentocommerce.com *.googleapis.com *.cloudfront.net fonts.googleapis.com *.hotjar.com *.zopim.com *.fontawesome.com *.paypal.com *.feefo.com *.postcodeanywhere.co.uk *.magentosite.cloud https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com https:\/\/plumrocket.com www.facebook.com 1merchantacsstag.cardinalcommerce.com payments.securetrading.net 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.instagram.com https:\/\/www.google.com *.doubleclick.net *.facebook.com assets.braintreegateway.com tst.kaptcha.com c.paypal.com www.paypalobjects.com *.zopim.com *.finance-calculator.co.uk *.deko.finance *.dekopay.com *.dekopay.org *.klarnacdn.net https:\/\/plumrocket.com *.magentocommerce.com cdn.dnky.co *.hotjar.com www.facebook.com *.trustpilot.com *.feefo.com *.postcodeanywhere.co.uk *.magentosite.cloud x.klarnacdn.net *.pinterest.com *.pinterdev.com commerce-app.pintergration.com webservices.securetrading.net cdn.eu.trustpayments.com brw.3ds.trustpayments.com songbirdstag.cardinalcommerce.com 1merchantacsstag.cardinalcommerce.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.cdninstagram.com 'self' data: https:\/\/*.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.bing.com *.clarity.ms js.klevu.com cdn-cookieyes.com *.finance-calculator.co.uk *.dekopay.com *.klarnacdn.net *.klarnaevt.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.magentocommerce.com *.cloudfront.net https:\/\/*.gstatic.com www.google.nl connect.onlinesucces.nl px.ads.linkedin.com *.googleapis.com www.linkedin.com linkedin.com gallery.mailchimp.com *.trustedshops.com *.zopim.com cdn.jsdelivr.net *.feefo.com *.postcodeanywhere.co.uk *.magentosite.cloud *.increasingly.co https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com https:\/\/www.magezon.com *.pinterest.com *.pinterdev.com *.pinimg.com commerce-app.pintergration.com gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.instagram.com 'self' *.google.com\/ *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com bat.bing.com js.klevu.com *.clarity.ms c.paypal.com chimpstatic.com cdn-cookieyes.com *.hotjar.com sentry.bigeyedeers.dev browser.sentry-cdn.com *.finance-calculator.co.uk *.dekopay.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.ksearchnet.com *.magentocommerce.com *.cloudfront.net maps.googleapis.com *.trackedlink.net *.increasingly.co *.increasingly.com *.googleapis.com cdn.dnky.co api.comapi.com snap.licdn.com checkout.buckaroo.nl *.adyen.com *.zopim.com *.zdassets.com *.sendcloud.sc *.mailchimp.com *.trustedshops.com *.fontawesome.com www.feedbackcompany.com *.trustpilot.com cdn.jsdelivr.net www.googleoptimize.com *.paypal.com js.klarna.com *.eu-library.klarnaservices.com\/lib.js *.feefo.com *.postcodeanywhere.co.uk *.magentosite.cloud *.mouseflow.com *.webgains.io https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com player.vimeo.com *.pinterest.com *.pinterdev.com *.pinimg.com commerce-app.pintergration.com https:\/\/apis.google.com webservices.securetrading.net cdn.eu.trustpayments.com songbirdstag.cardinalcommerce.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.bootstrapcdn.com *.typekit.net js.klevu.com *.klarnacdn.net https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com 'self' *.magentocommerce.com *.cloudfront.net cdn.dnky.co *.fontawesome.com *.mailchimp.com *.finance-calculator.co.uk *.trustpilot.com cdn.jsdelivr.net *.paypal.com *.feefo.com *.postcodeanywhere.co.uk *.magentosite.cloud *.increasingly.co https:\/\/fonts.googleapis.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com *.zopim.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.google-analytics.com *.facebook.com *.facebook.net https:\/\/*.google.com *.sandbox.braintree-api.com *.clarity.ms *.cookieyes.com cdn-cookieyes.com *.doubleclick.net *.trustpilot.com *.hotjar.com *.googlesyndication.com sentry.bigeyedeers.dev *.finance-calculator.co.uk *.dekopay.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.cloudfront.net *.magentocommerce.com commerce.adobedc.net api.comapi.com *.googleapis.com *.zdassets.com *.hotjar.io *.zopim.com wss:\/\/*.zopim.com www.feedbackcompany.com *.zendesk.com *.eu-library.klarnaservices.com\/lib.js *.feefo.com *.postcodeanywhere.co.uk *.magentosite.cloud *.increasingly.co api.addressy.com https:\/\/ipinfo.io https:\/\/*.gstatic.com https:\/\/*.googleapis.com *.pinterest.com *.pinterdev.com commerce-app.pintergration.com o402164.ingest.sentry.io 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com fonts.googleapis.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com *.cloudfront.net *.reviews.io *.reviews.co.uk data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.nosto.com *.nos.to *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.reviews.io *.reviews.co.uk 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com platform.twitter.com *.nosto.com *.nos.to c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.reviews.io *.reviews.co.uk *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/firebasestorage.googleapis.com pinterest.com assets.pinterest.com syndication.twitter.com flagpedia.net *.nosto.com *.nos.to www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.cloudfront.net *.reviews.io *.reviews.co.uk maps.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.shopify.com twitter.com platform.twitter.com static.addtoany.com *.gstatic.com maps.googleapis.com *.nosto.com *.nos.to https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.reviews.io *.reviews.co.uk https:\/\/www.googletagmanager.com tagmanager.google.com unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com *.nosto.com *.nos.to https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com assets.braintreegateway.com *.cloudfront.net *.reviews.io *.reviews.co.uk tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io stats.addtoany.com www.gstatic.com maps.googleapis.com *.nosto.com *.nos.to api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.cloudfront.net *.reviews.io *.reviews.co.uk *.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com maxcdn.bootstrapcdn.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com  'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.innoship.ro https:\/\/*.sameday.ro *.addthis.com  www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com *.tiktok.com *.tile.openstreetmap.org *.openstreetmap.org magefan.com cm.magefan.com *.disqus.com https:\/\/firebasestorage.googleapis.com www.xtento.com cdn.xtento.com https:\/\/oqtagonmedia-1224e.kxcdn.com https:\/\/www.google.ro\/ads\/ga-audiences https:\/\/region1.analytics.google.com\/ https:\/\/airsoftcluj-1224e.kxcdn.com\/ https:\/\/airsoftbucuresti-1224e.kxcdn.com https:\/\/oqtagon-1224e.kxcdn.com https:\/\/www.oqtagon.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com https:\/\/cdn.jsdelivr.net *.tiktok.com https:\/\/*.sameday.ro *.disqus.com *.addthis.com https:\/\/z.moatads.com https:\/\/v1.addthisedge.com *.avada.io *.shopify.com www.xtento.com cdn.xtento.com https:\/\/airsoftbucuresti-1224e.kxcdn.com https:\/\/oqtagon-1224e.kxcdn.com https:\/\/airsoftcluj-1224e.kxcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com https:\/\/*.sameday.ro maxcdn.bootstrapcdn.com https:\/\/cdn.jsdelivr.net *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/oqtagonmedia-1224e.kxcdn.com https:\/\/airsoftcluj-1224e.kxcdn.com\/ https:\/\/airsoftbucuresti-1224e.kxcdn.com https:\/\/oqtagon-1224e.kxcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com *.tiktok.com https:\/\/get.geojs.io *.avada.io  https:\/\/region1.analytics.google.com\/g\/collect 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' https:\/\/dev.visualwebsiteoptimizer.com; font-src 'self' https:\/\/font.circlekeurope.com data:; frame-src 'self' https:\/\/consentcdn.cookiebot.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com; img-src 'self' data: blob: https:\/\/www.google-analytics.com https:\/\/slim-prod.cksites-prod.alpaque.net https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/imgsct.cookiebot.com; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/maps.googleapis.com https:\/\/assets.adobedtm.com https:\/\/websdk.appsflyer.com https:\/\/cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klevu.com *.ksearchnet.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/*.svea.com https:\/\/*.vipps.no https:\/\/*.trustly.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/*.svea.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io textilgallerian.b-cdn.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/www.googletagmanager.com tagmanager.google.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com s7.addthis.com *.avada.io *.shopify.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/*.svea.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com tagmanager.google.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/www.google-analytics.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com ekr.zdassets.com\/ https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https:\/\/fonts.gstatic.com data: *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de api.bazaarvoice.com stg.api.bazaarvoice.com https:\/\/seo.mageplaza.com *.authorize.net *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com *.klarna.com *.authorize.net static.addtoany.com *.wesupply.xyz https:\/\/wesupplylabs.com guarantee-cdn.com *.weltpixel.com www.xtento.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.trackedlink.net *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/firebasestorage.googleapis.com guarantee-cdn.com www.xtento.com cdn.xtento.com *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com widget.freshworks.com m2epro.freshdesk.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.avada.io *.shopify.com *.authorize.net static.addtoany.com acsbapp.com apis.google.com *.cloudflare.com cloudflare.com static.cloudflareinsights.com guarantee-cdn.com www.xtento.com cdn.xtento.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com display.ugc.bazaarvoice.com webchat.dotdigital.com webchat.staging.dotdigital.com widget.freshworks.com m2epro.freshdesk.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net *.googleapis.com *.addtoany.com maxcdn.bootstrapcdn.com *.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com widget.freshworks.com m2epro.freshdesk.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/get.geojs.io *.avada.io http:\/\/dpm.demdex.net *.authorize.net cdn.acsbapp.com *.yotpo.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.fontawesome.com youtube.com vimeo.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.googlesyndication.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.creditguard.co.il vimeo.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com youtube.com validator.swagger.io 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com vimeo.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/rum.hlx.page *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.creditguard.co.il *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.fontawesome.com youtube.com vimeo.com *.addtoany.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com youtube.com https:\/\/get.geojs.io *.avada.io http:\/\/dpm.demdex.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src  'self' data: *.pinimg.com *.postaffiliatepro.com partneri.affilmax.cz *.doubleclick.net *.facebook.net *.google-analytics.com *.biano.cz *.dognet.sk *.googlesyndication.com *.imedia.cz *.googletagmanager.com *.googleadservices.com ;font-src  'self' data: fonts.gstatic.com *.zbozi.cz *.biano.cz *.biano.sk *.biano.hu ;connect-src  'self' google.com *.google.com *.google.hu *.google.ae *.google.co.uk *.google.cz *.google.sk *.google.de *.google.at *.google.fr *.google.it *.google.sk *.google.pl *.google.nl *.google.ie *.google.com.ua *.googleapis.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.zbozi.cz *.exchangeratesapi.io *.pingdom.net *.biano.cz *.biano.sk *.biano.hu *.bianopixel.com *.dognet.sk *.foxentry.cz *.seznam.cz *.facebook.com *.pinterest.com *.doubleclick.net https:\/\/*.clarity.ms partner-events.favi.cz partner-events.favi.sk partner-events.favi.hu t.targito.signal-nabytek.cz t.targito.sg-nabytek.cz t.targito.signal-nabytok.sk t.targito.sg-nabytok.sk t.targito.butor-signal.hu t.targito.sg-butor.hu *.clickcease.com *.targito.com *.googlesyndication.com https:\/\/saas.bianoapi.com bat.bing.com bat.bing.net live.luigisbox.com api.luigisbox.com  https:\/\/*.api.rvndev.com https:\/\/*.raventic.ai *.pinimg.com https:\/\/*.api.raventic.ai https:\/\/*.api.raventic.dev https:\/\/api.raventic.dev https:\/\/eshops-uet-tags.ams3.cdn.digitaloceanspaces.com apps.sg-nabytek.cz apps.sg-nabytok.sk apps.sg-butor.hu *.srovname.cz *.heureka.cz *.heureka.sk *.heureka.group ;script-src  'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.google.cz *.seznam.cz *.googleapis.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.imedia.cz *.facebook.net *.doubleclick.net *.rival.cz *.fg.cz *.3dliving.cz *.imedia.cz *.zbozi.cz *.exchangeratesapi.io *.facebook.com *.pingdom.net *.biano.cz *.biano.sk *.biano.hu *.bianopixel.com *.dognet.sk *.foxentry.cz *.googlesyndication.com *.pinimg.com *.pinterest.com partneri.affilmax.cz *.postaffiliatepro.com *.heureka.cz *.heureka.sk *.heureka.group im9.cz cz.img9.cz *.glami.cz *.licdn.com *.linkedin.com tracking.srovname.cz https:\/\/*.clarity.ms partner-events.favicdn.net cdn.targito.signal-nabytek.cz cdn.targito.sg-nabytek.cz cdn.targito.signal-nabytok.sk cdn.targito.sg-nabytok.sk cdn.targito.butor-signal.hu cdn.targito.sg-butor.hu *.clickcease.com cdn.targito.com https:\/\/saas.bianoapi.com bat.bing.com bat.bing.net scripts.luigisbox.com cdn.luigisbox.com https:\/\/sdk.cdn.rvndev.com https:\/\/sdk.rvndn.com apps.sg-nabytek.cz apps.sg-nabytok.sk apps.sg-butor.hu *.srovname.cz ;form-action  'self' *.facebook.com *.facebook.net *.pinterest.com ;frame-src  'self' *.youtube.com *.iplatba.cz *.facebook.com *.imedia.cz *.zbozi.cz *.essox.cz *.foxentry.cz *.doubleclick.net *.googletagmanager.com *.google.com *.heureka.cz *.heureka.sk *.heureka.group *.pinterest.com *.googlesyndication.com login.szn.cz ;worker-src  'self' *.youtube.com *.iplatba.cz *.facebook.com *.imedia.cz *.zbozi.cz *.essox.cz *.foxentry.cz *.doubleclick.net *.googletagmanager.com *.google.com *.heureka.cz *.heureka.sk *.heureka.group *.pinterest.com *.googlesyndication.com login.szn.cz ;frame-ancestors  'self' ;img-src  'self' data: blob: *.gstatic.com *.googleapis.com *.googlecode.com *.googletagmanager.com *.google-analytics.com *.seznam.cz *.doubleclick.net *.google.com *.google.hu *.google.ae *.google.co.uk *.google.cz *.google.sk *.google.de *.google.at *.google.fr *.google.it *.google.sk *.google.pl *.google.nl *.google.ie *.google.com.ua *.imedia.cz *.facebook.com *.facebook.net *.fg.cz *.3dliving.cz *.signal-nabytek.cz *.sg-nabytek.cz *.signal-nabytok.sk *.sg-nabytok.sk *.rival.cz *.vykupto.cz *.signal.pl *.zbozi.cz *.exchangeratesapi.io *.dognet.sk *.foxentry.cz *.pinimg.com *.pinterest.com *.biano.cz *.biano.sk *.biano.hu *.heureka.cz *.heureka.sk *.heureka.group im9.cz *.glami.cz *.googleadservices.com https:\/\/*.clarity.ms bat.bing.com bat.bing.net *.favionline.com *.bing.com cdn.targito.com https:\/\/i.cdn.rvndev.com https:\/\/i.rvndn.com *.srovname.cz ;style-src  'self' 'unsafe-inline' fonts.googleapis.com *.seznam.cz *.google.com *.gstatic.com *.googletagmanager.com *.fg.cz *.3dliving.cz *.signal-nabytek.cz *.sg-nabytek.cz *.signal-nabytok.sk *.sg-nabytok.sk *.sg-butor.hu *.zbozi.cz *.exchangeratesapi.io *.foxentry.cz cdn.targito.com https:\/\/saas.bianoapi.com cdn.luigisbox.com https:\/\/sdk.cdn.rvndev.com https:\/\/sdk.rvndn.com ;object-src  'self' ; report-uri \/frontendreport\/report\/","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.googleadservices.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.gstatic.com *.googlesyndication.com script.crazyegg.com *.ortto.app *.ap3api.com cdn3l.ink *.ksrndkehqnwntyxlhgto.com t.sprintlaw.com.au t.sprintlaw.co.uk connect.facebook.net *.clarity.ms *.bing.com bat.bing.com challenges.cloudflare.com *.sentry-cdn.com browser.sentry-cdn.com *.clickcease.com www.clickcease.com monitor.clickcease.com sprintlaw-visitor-intel.vercel.app; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.googleadservices.com www.googleadservices.com googleads.g.doubleclick.net *.doubleclick.net www.google.com www.gstatic.com *.ortto.app *.ap3api.com *.clarity.ms *.bing.com bat.bing.com connect.facebook.net *.facebook.com *.ksrndkehqnwntyxlhgto.com *.crazyegg.com *.sprintlaw.com.au *.sprintlaw.co.uk *.sprintlaw.co.nz t.sprintlaw.co.uk t.sprintlaw.com.au challenges.cloudflare.com *.sentry.io *.ingest.us.sentry.io *.clickcease.com www.clickcease.com monitor.clickcease.com sprintlaw-visitor-intel.vercel.app; frame-src 'self' *.googletagmanager.com *.youtube.com *.youtu.be challenges.cloudflare.com t.sprintlaw.co.uk t.sprintlaw.com.au www.google.com; media-src 'self' https:","count":2},{"content-security-policy-report-only":" default-src 'self' data: blob: https:; img-src 'self' data: blob: https:; media-src 'self' data: blob: https:; frame-src 'self' data: blob: https:; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; connect-src 'self' https:; base-uri 'self'; form-action 'self'; frame-ancestors 'self';","count":2},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; img-src 'self' data: https:; font-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; script-src 'self' https:; connect-src 'self' https:; form-action 'self'; upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.cloudfront.net *.bootstrapcdn.com maxcdn.bootstrapcdn.com data: 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/www.googletagmanager.com\/ *.facebook.com *.usercentrics.eu secure.pay1.de payments.amazon.de jsctool.com www.jsctool.com js.playground.klarna.com *.tokenization.secure.payone.com www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.cdninstagram.com *.1rx.io *.3lift.com *.360yield.com *.adform.net *.adnxs.com *.adtriba.com *.amazonaws.com *.bidswitch.net *.bing.com *.casalemedia.com *.criteo.com *.demdex.net *.doubleclick.net *.emxdgt.com *.facebook.com maps.googleapis.com id5-sync.com *.ivitrack.com *.juneapp.com *.media.net *.mediavine.com *.omnitagjs.com *.outbrain.com *.postrelease.com *.pubmatic.com *.roeye.com *.rubiconproject.com *.sharethrough.com *.smartadserver.com *.snapchat.com squarelovin.com *.squarelovin.com *.taboola.com *.teads.tv *.tremorhub.com *.unrulymedia.com *.usercentrics.eu *.yieldlab.net *.yieldmo.com *.trustedshops.com flagpedia.net cdn.pay1.de x.klarnacdn.net *.cloudfront.net m.media-amazon.com static-eu.payments-amazon.com *.hsforms.net *.hsforms.com 'self' data: www.xtento.com cdn.xtento.com *.google.de *.google.pl *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.dynamicyield.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ player.vimeo.com connect.facebook.net cdnjs.cloudflare.com *.adtriba.com dwin1.com *.bing.com clarity.ms *.cloudflareinsights.com *.cloudfront.net *.criteo.com *.doubleclick.net *.facebook.net *.pinimg.com *.pinterest.com *.roeyecdn.com *.sc-static.net *.snapchat.com squarelovin.com *.squarelovin.com *.survicate.com *.usercentrics.eu *.getzowie.com *.eyefitu.com maps.googleapis.com *.trustedshops.com *.gstatic.com secure.pay1.de d.ratepay.com static-eu.payments-amazon.com x.klarnacdn.net cdn.klarna.com jsctool.com d.payla.io *.tokenization.secure.payone.com *.hsforms.net *.hsforms.com www.xtento.com cdn.xtento.com *.brevo.com sibautomation.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com squarelovin.com *.squarelovin.com *.cloudfront.net *.bootstrapcdn.com *.googleapis.com *.adtriba.com maxcdn.bootstrapcdn.com *.gstatic.com d.ratepay.com d.payla.io dr.payla.io src.mastercard.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ *.cloudfront.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com *.dynamicyield.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.amazonaws.com *.cloudfront.net *.squarelovin.com *.usercentrics.eu maps.googleapis.com www.gstatic.com payments.amazon.de payments-eu.amazon.com d.ratepay.com jsctool.com eu.playground.klarnaevt.com *.tokenization.secure.payone.com t.elasticsuite.io *.hsforms.net *.hsforms.com region1.analytics.google.com *.brevo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' *.kerebro.com *.google-analytics.com *.google.com *.facebook.com *.livechatinc.com store.gsscloud.com opencompany.azurewebsites.net in.hotjar.com kerebro.com stats.g.doubleclick.net vc.hotjar.io www.gsscloud.com ka-p.fontawesome.com b.clarity.ms https:\/\/r.adgeek.net; font-src 'self' data: fonts.gstatic.com www.gsscloud.com uwillx.com cdn.livechatinc.com; frame-src 'self' *.doubleclick.net secure.livechatinc.com www.facebook.com vars.hotjar.com www.youtube.com tpc.googlesyndication.com www.googletagmanager.com cdn.videgree.com bizform.vitalyun.com; img-src 'self' data:  *.gsscloud.com *.google-analytics.com *.n0.cdn.getcloudapp.com *.g.doubleclick.net *.gstatic.com cdn.files-text.com www.facebook.com i.ytimg.com www.google.com www.google.com.tw gssweb.gss.com.tw www.gss.com.tw cl.ly connect.facebook.net uwillx.com www.googletagmanager.com widgets.magentocommerce.com s3.amazonaws.com lh3.googleusercontent.com lh4.ggpht.com member.kerebro.com www.googleadservices.com jolly-beach-08300eb00.6.azurestaticapps.net; media-src cdn.livechatinc.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.livechatinc.com *.hotjar.com *.google-analytics.com *.google.com connect.facebook.net googleads.g.doubleclick.net kerebro.com store.gsscloud.com www.googleadservices.com www.googletagmanager.com www.youtube.com www.linkedin.com  uwillx.com tpc.googlesyndication.com unpkg.com kit.fontawesome.com cdnjs.cloudflare.com www.clarity.ms; script-src-elem 'self' 'unsafe-inline' data: store.gsscloud.com cdnjs.cloudflare.com cdn.jsdelivr.net cdn.livechatinc.com api.livechatinc.com unpkg.com www.clarity.ms kit.fontawesome.com www.googletagmanager.com kerebro.com www.youtube.com www.google-analytics.com ssl.google-analytics.com connect.facebook.net googleads.g.doubleclick.net https:\/\/r.adgeek.net; style-src 'self' 'unsafe-eval' 'unsafe-inline' fonts.googleapis.com store.gsscloud.com uwillx.com kerebro.com kerebro.com unpkg.com cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com unpkg.com; report-uri https:\/\/gsscloud.report-uri.com\/r\/d\/csp\/wizard","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.klarnacdn.net *.cloudflare.com *.trustedshops.com *.googleapis.com *.klaviyo.com cdn1.stamped.io stamped.io *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.adyen.com *.facebook.com *.nosto.com *.nos.to *.twitter.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.adyen.com *.doubleclick.net *.facebook.com *.klarna.com *.nosto.com *.nos.to *.freshchat.com *.twitter.com *.pinterest.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.ingrid.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com 'self' data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com *.adyen.com *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.klarna.com *.klarnaevt.com *.nosto.com *.nos.to *.rubiconproject.com\/ *.sharethrough.com\/ *.teads.tv\/ *.tremorhub.com\/ *.3lift.com\/ *.yieldlab.net\/ *.ads.yieldmo.com\/ *.emxdgt.com\/ *.adform.net\/ *.demdex.net\/ *.criteo.net *.adnxs.com\/ *.cloudfront.net\/ *.stamped.io *.freshchat.com\/ *.cloudflare.com *.ytimg.com *.bing.com\/ *.clarity.ms\/ *.google.al\/ *.google.am\/ *.google.at\/ *.google.az\/ *.google.ba\/ *.google.be\/ *.google.bg\/ *.google.by\/ *.google.ch\/ *.google.cz\/ *.google.de\/ *.google.dk\/ *.google.ee\/ *.google.es\/ *.google.fi\/ *.google.fr\/ *.google.ge\/ *.google.gr\/ *.google.hr\/ *.google.hu\/ *.google.ie\/ *.google.is\/ *.google.it\/ *.google.kz\/ *.google.li\/ *.google.lt\/ *.google.lu\/ *.google.lv\/ *.google.md\/ *.google.me\/ *.google.mk\/ *.google.mt\/ *.google.nl\/ *.google.no\/ *.google.pl\/ *.google.pt\/ *.google.ro\/ *.google.rs\/ *.google.ru\/ *.google.se\/ *.google.si\/ *.google.sk\/ *.google.sm\/ *.google.tr\/ *.google.ua\/ *.google.uk\/ *.google.com.ua\/ *.google.com.tr\/ *.google.com.gr\/ *.google.com.pt\/ *.google.com.pl\/ https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ cdn1.stamped.io stamped.io https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.klarna.com\/ *.nosto.com *.nos.to *.cloudfront.net\/ *.cookiebot.com\/ *.kuvio.io\/ *.reamaze.com\/ *.shopalike.fi\/ *.chatbotize.com\/ qanuk-stage.vercel.app *.tradedoubler.com *.criteo.com *.cookiefirst.com *.omappapi.com *.googleoptimize.com *.klaviyo.com reviewsonmywebsite.com 'self' data: *.fontawesome.com *.videoly.co\/ *.freshchat.com cdnjs.cloudflare.com\/ *.googleapis.com\/ *.noibu.com\/ *.pinimg.com\/ *.bing.com\/ *.tiktok.com\/ *.pinterest.com\/ *.intercom.io\/ *.intercomcdn.com\/ *.clarity.ms\/ *.klarnaservices.com\/ *.livechatinc.com\/ *.hotjar.com\/ https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ player.vimeo.com cdn1.stamped.io stamped.io js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.ingrid.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.nosto.com *.nos.to *.cookiefirst.com *.klarnacdn.net *.omappapi.com reviewsonmywebsite.com *.typekit.net *.freshchat.com\/ *.cloudflare.com\/ *.klaviyo.com\/ https:\/\/static.klaviyo.com cdn1.stamped.io stamped.io *.fontawesome.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src cdn1.stamped.io stamped.io 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.adyen.com *.algolia.net *.algolia.com\/ *.algolianet.com *.insights.algolia.io insights.algolia.io *.google-analytics.com *.facebook.com *.facebook.net *.google.com\/ *.klarnaevt.com *.nosto.com *.nos.to *.criteo.com *.hobbybox.fi\/ *.g.doubleclick.net\/ *.reamaze.com\/ *.cookiebot.com\/ *.kelkoogroup.net\/ *.chatbotize.com *.klarnaservices.com *.doubleclick.net *.qanuk.app *.cookiefirst.com *.omappapi.com *.googlesyndication.com reviewsonmywebsite.com *.cloudflare.com *.pinterest.com *.tiktok.com\/ *.clarity.ms\/ *.noibu.com\/ wss:\/\/input.noibu.com\/ wss:\/\/nexus-websocket-a.intercom.io\/ *.intercom.io\/ *.bing.com\/ *.algolia.io\/ *.klarna.com\/ wss:\/\/ws.reamaze.com\/ *.reamaze.io\/ https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ cdn1.stamped.io stamped.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src self data: *.nosto.com\/ *.klaviyo.com\/ *.stamped.io\/ https:\/\/stamped.io\/ *.gstatic.com\/ *.cloudfront.net\/ *.cloudflare.com\/ *.klarnaservices.com\/ *.klarna.com\/ *.klarnaevt.com\/ *.klarnacdn.net\/ *.reamaze.io\/ *.reamaze.com\/ wss:\/\/ws.reamaze.com\/ 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" img-src 'self' data: *.commercecloud.salesforce.com *.googleapis.com *.gstatic.com *.ctfassets.net *.autoshack.com *.autoshack.ca *.demandware.net nova.collect.igodigital.com prd-cdn-talkdesk.talkdesk.com www.facebook.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.g.doubleclick.net *.google.com *.google.ca googleads.g.doubleclick.net www.google.com pagead2.googlesyndication.com www.googleadservices.com google.com google.ca *.equalweb.com *.usercentrics.eu www.paypal.com www.paypalobjects.com www.sandbox.paypal.com;script-src 'self' 'unsafe-eval' localhost:* *.site.com *.cybersource.com www.cybersource.com storage.googleapis.com *.autoshack.ca https:\/\/api.rates.autoshack.com *.autoshack.com autoshack.ca autoshack.com *.collect.igodigital.com *.googleapis.com talkdeskchatsdk.talkdeskapp.com *.googletagmanager.com *.google-analytics.com clarity.ms www.clarity.ms www.googleadservices.com www.google.com www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net connect.facebook.net 546006088.collect.igodigital.com *.equalweb.com *.usercentrics.eu ipapi.co script.crazyegg.com *.crazyegg.com crazyegg.com wwww.crazyegg.com runtime.commercecloud.com api.quotiient.com *.doubleclick.net spglobal.com www.paypal.com www.sandbox.paypal.com pay.google.com *.cdn-apple.com www.gstatic.com gstatic.com www.google.com google.com 'unsafe-inline';connect-src 'self' localhost:* *.salesforce-scrt.com *.cybersource.com www.cybersource.com *.googleapis.com api.cquotient.com api.talkdeskappca.com *.autoshack.com *.autoshack.ca *.spglobal.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.g.doubleclick.net *.google.com *.google.ca *.clarity.ms pagead2.googlesyndication.com www.googleadservices.com www.google.com google.com *.mobify-storefront.com *.collect.igodigital.com *.equalweb.com *.usercentrics.eu ipapi.co script.crazyegg.com *.crazyegg.com crazyegg.com wwww.crazyegg.com www.facebook.com api.paypal.com api.sandbox.paypal.com www.paypal.com www.sandbox.paypal.com;media-src *.ctfassets.net *.autoshack.com *.autoshack.ca;frame-src *.site.com *.cybersource.com www.cybersource.com *.ctfassets.net youtube.com www.youtube.com vimeo.com www.vimeo.com talkdeskchatsdk.talkdeskapp.com td.doubleclick.net www.googletagmanager.com www.paypal.com www.sandbox.paypal.com pay.google.com *.cdn-apple.com www.google.com google.com www.gstatic.com gstatic.com *.demandware.net demandware.net development-na01-autoshack.demandware.net staging-na01-autoshack.demandware.net production-na01-autoshack.demandware.net;frame-ancestors 'self' *.salesforce.com *.autoshack.com *.autoshack.ca autoshack.ca autoshack.com;child-src www.facebook.com staticxx.facebook.com *.autoshack.ca *.autoshack.com autoshack.ca autoshack.com www.autoshack.ca www.autoshack.com *.demandware.net demandware.net development-na01-autoshack.demandware.net staging-na01-autoshack.demandware.net production-na01-autoshack.demandware.net www.paypal.com www.sandbox.paypal.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';worker-src 'self' blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.brevo.com https:\/\/sibautomation.com https:\/\/www.youtube.com https:\/\/cdn.amcharts.com https:\/\/cdn.curator.io https:\/\/connect.facebook.net; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.brevo.com https:\/\/cdn.curator.io; img-src 'self' data: https: blob:; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com https:\/\/archive.floorball.sport; connect-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/cdn.brevo.com https:\/\/sibautomation.com https:\/\/in-automate.brevo.com https:\/\/www.youtube.com https:\/\/api.curator.io; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.facebook.com https:\/\/www.instagram.com https:\/\/www.linkedin.com https:\/\/x.com; media-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; worker-src 'self' blob:;","count":2},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' data: bstore.be bstore.nl webprice.eu btienda.es fr.bstore.be","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com 'self' data: maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com accounts.google.com www.facebook.com api.twitter.com www.linkedin.com api.instagram.com *.amazon.com *.twitch.tv login.microsoftonline.com https:\/\/pinterest.com https:\/\/www.pinterest.com appleid.apple.com *.authorize.net *.twitter.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.addthis.com *.facebook.com *.twitter.com *.authorize.net www.youtube.com accounts.google.com *.iubenda.com cdn-quick-ar.threedy.ai quick-ar.threedy.ai td.doubleclick.net www.googletagmanager.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.addthisedge.com *.twitter.com *.hsforms.net *.hsforms.com 'self' data: cdn.ywxi.net seal.networksolutions.com ssl.gstatic.com syndication.twitter.com *.stats.paypal.com *.cloudmaestro.com *.twimg.com maps.gstatic.com maps.googleapis.com seal-santabarbara.bbb.org *.google.com csi.gstatic.com fonts.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.addthis.com *.moatads.com *.addthisedge.com *.facebook.net *.twitter.com *.authorize.net *.hsforms.net *.hsforms.com *.gstatic.com diffuser-cdn.app-us1.com\/ prism.app-us1.com trackcmp.net seal-santabarbara.bbb.org platform.twitter.com apis.google.com seal.networksolutions.com www.google.com www.gstatic.com *.iubenda.com *.paypal.com *.twimg.com maps.googleapis.com https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net cdn-quick-ar.threedy.ai acsbapp.com cdn.iubenda.com *.googletagmanager.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com *.twitter.com *.twimg.com www.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.googleadservices.com www.google-analytics.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.authorize.net t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com *.iubenda.com *.facebook.com maps.googleapis.com https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net quick-ar.threedy.ai *.acsbapp.com *.doubleclick.net stats.g.doubleclick.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/ab6dd833-5ccc-470b-a6cb-3bca3080bb2f.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" script-src, object-src, base-uri, frame-src","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/*.gopersonal.ai 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com webpay3g.transbank.cl webpay3gint.transbank.cl 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com https:\/\/*.gopersonal.ai *.mercadolibre.com api.cappasity.com event.getblue.io googleads.g.doubleclick.net api-static.mercadopago.com secure-fields.mercadopago.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.ftcdn.net *.behance.net https:\/\/*.gopersonal.ai *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar *.mercadolivre.com 'self' data: www.google.com.mx www.google.com.ar operaciones.jazminchebar.com.ar www.mailing.todoparachebar.com mg.mlstatic.com h.online-metrix.net ventasonline.payway.com.ar developers-ventasonline.payway.com.ar www.mailing.jazminchebar.com public-assets.goshops.ai jazminchebar.com.ar jazminchebar.com jazminchebar.cl jazminchebar.mx todoparachebar.com.ar todoparachebar.cl jazmincircular.com.ar data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page https:\/\/*.gopersonal.ai https:\/\/*.gstatic.com *.mlstatic.com *.mercadopago.com *.gstatic.com cdn.retailrocket.net d12zyq17vm1xwx.cloudfront.net event.getblue.io widget.getblue.io externalassets.icommarketing.com static.oct8ne.com connect.facebook.net services.fitprenda.com live.decidir.com maps.googleapis.com developers.decidir.com h.online-metrix.net h64.online-metrix.net ventasonline.payway.com.ar developers-ventasonline.payway.com.ar api.wcx.cloud www.clarity.ms f.wcentrix.com js-agent.newrelic.com scripts.clarity.ms 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/*.gopersonal.ai *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/*.gopersonal.ai https:\/\/*.goshops.ai https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.mercadopago.com *.mercadolibre.com notifications-icommkt.com track-icommkt.com tracking.retailrocket.net cdn.retailrocket.net frontal-usa.oct8ne.com maps.googleapis.com googleads.g.doubleclick.net developers.decidir.com h.online-metrix.net ventasonline.payway.com.ar developers-ventasonline.payway.com.ar bam.nr-data.net d.clarity.ms jch-api.goshops.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.reachout.global pos-kowzef.reachout.global 'self' 'unsafe-inline'; frame-ancestors *.bolt.com www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.bolt.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/static.addtoany.com\/ *.doubleclick.net\/ *.addthis.com *.doubleclick.com *.mercadolibre.com *.mercadolivre.com *.mlstatic.com *.mercadopago.com *.mercadopago.com.ar *.mercadopago.cl *.mercadopago.com.co *.mercadopago.com.br *.mercadopago.com.mx *.mercadopago.com.uy *.mercadopago.com.ve *.mercadopago.com.pe 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.adobedtm.com *.afip.gob.ar *.cloudfront.net https:\/\/player.vimeo.com *.clarity.ms *.google.com.co *.bing.com *.kosiuko.com *.facebook.com *.metricool.com *.google.com.ar *.google.com *.mercadolibre.com *.mercadolivre.com *.mlstatic.com *.mercadopago.com *.mercadopago.com.ar *.mercadopago.cl *.mercadopago.com.co *.mercadopago.com.br *.mercadopago.com.mx *.mercadopago.com.uy *.mercadopago.com.ve *.mercadopago.com.pe data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.bolt.com *.commerce-quick-checkout.com http:\/\/localhost:8082 https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.addtoany.com *.cloudfront.net *.doubleclick.net *.vimeo.com https:\/\/f.vimeocdn.com https:\/\/player.vimeo.com *.clarity.ms *.tiktok.com *.aptrinsic.com *.facebook.net *.facebook.com *.googleapis.com *.googletagmanager.com track-icommkt.com *.icommarketing.com *.reachout.global *.mercadolibre.com *.mercadolivre.com *.mlstatic.com *.mercadopago.com *.mercadopago.com.ar *.mercadopago.cl *.mercadopago.com.co *.mercadopago.com.br *.mercadopago.com.mx *.mercadopago.com.uy *.mercadopago.com.ve *.mercadopago.com.pe 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bolt.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.doubleclick.net *.vimeo.com https:\/\/vimeo.com *.vimeocdn.com https:\/\/f.vimeocdn.com *.clarity.ms *.google.com *.tiktok.com *.facebook.net *.facebook.com *.googletagmanager.com track-icommkt.com *.notifications-icommkt.com https:\/\/notifications-icommkt.com pos-kowzef.reachout.global *.reachout.global *.mercadolibre.com *.mercadolivre.com *.mlstatic.com *.mercadopago.com *.mercadopago.com.ar *.mercadopago.cl *.mercadopago.com.co *.mercadopago.com.br *.mercadopago.com.mx *.mercadopago.com.uy *.mercadopago.com.ve *.mercadopago.com.pe 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.aptrinsic.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * www.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.weltpixel.com *.google.com\/ js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * secure.pay1.de payments.amazon.de jsctool.com www.jsctool.com js.playground.klarna.com *.tokenization.secure.payone.com *.ad-srv.net www.usemaxserver.de *.redintelligence.net www.pinterest.com www.pinterest.de www.facebook.com *.googletagmanager.com ad4m.at *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com flagpedia.net https:\/\/www.mollie.com bat.bing.com bat.bing.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com cdn.pay1.de x.klarnacdn.net *.cloudfront.net m.media-amazon.com static-eu.payments-amazon.com maps.gstatic.com *.cdninstagram.com *.fbcdn.net www.google.de *.facebook.com *.pinterest.com www.usemaxserver.de *.awin1.com *.googleadservices.com *.doubleclick.net widgets.trustedshops.com as.ad4m.at ad11.adfarm1.adition.com imagesrv.adition.com adservice.google.com lantern.roeye.com *.roeye.com ih.adscale.de rtb-csync.smartadserver.com simage2.pubmatic.com dsum-sec.casalemedia.com a.twiago.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.avada.io *.shopify.com *.google.com\/ *.gstatic.com maps.googleapis.com js.mollie.com bat.bing.com ajax.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com secure.pay1.de d.ratepay.com static-eu.payments-amazon.com x.klarnacdn.net cdn.klarna.com jsctool.com d.payla.io *.tokenization.secure.payone.com https:\/\/freegeoip.app https:\/\/www.googletagmanager.com tagmanager.google.com *.instagram.com analytics.gourvita.com www.gstatic.com *.ratepay.com www.dwin1.com www.usemaxserver.de *.ad-srv.net *.doubleclick.net connect.facebook.net *.pinimg.com widgets.trustedshops.com *.googletagmanager.com lantern.roeyecdn.com ad4m.at 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com assets.braintreegateway.com d.ratepay.com d.payla.io dr.payla.io src.mastercard.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.friendlycaptcha.com eu-api.friendlycaptcha.eu https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com bat.bing.com bat.bing.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com payments.amazon.de payments-eu.amazon.com d.ratepay.com jsctool.com eu.playground.klarnaevt.com *.tokenization.secure.payone.com https:\/\/freegeoip.app https:\/\/www.google-analytics.com *.instagram.com *.googleusercontent.com analytics.gourvita.com *.ratepay.com *.pinterest.com *.merchant-center-analytics.goog *.doubleclick.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/clients2.google.com\/gr\/gr_full_2.0.6.js https:\/\/clients2.google.com\/gr\/gr_sync.js https:\/\/payments.google.com\/payments\/v4\/js\/integrator.js https:\/\/payments.sandbox.google.com\/payments\/v4\/js\/integrator.js https:\/\/ssl.gstatic.com\/external_hosted\/lottie\/lottie.js https:\/\/translate.google.com\/translate_a\/element.js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/www.google.com\/tools\/feedback\/chat_load.js https:\/\/www.google.com\/tools\/feedback\/help_api.js https:\/\/www.google.com\/tools\/feedback\/load.js https:\/\/www.google.com\/tools\/feedback\/open.js https:\/\/www.google.com\/tools\/feedback\/open_to_help_guide_lazy.js https:\/\/www.gstatic.com\/feedback\/js\/ https:\/\/www.gstatic.com\/feedback\/js\/help\/prod\/service\/lazy.min.js https:\/\/www.gstatic.com\/inproduct_help\/api\/main.min.js https:\/\/www.gstatic.com\/inproduct_help\/chatsupport\/chatsupport_button_v2.js https:\/\/www.gstatic.com\/inproduct_help\/service\/lazy.min.js https:\/\/www.gstatic.com\/uservoice\/feedback\/client\/web\/live\/ https:\/\/www.gstatic.com\/uservoice\/surveys\/resources\/prod\/js\/survey\/ https:\/\/www.google.com\/js\/bg\/ https:\/\/www.gstatic.com\/_\/boq-play\/_\/js\/k=boq-play.PlayStoreUi.hi.rqupgQ3Cbnk.2021.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/translate.googleapis.com\/_\/translate_http\/_\/js\/ https:\/\/www.gstatic.com\/recaptcha\/releases\/ https:\/\/payments.youtube.com\/payments\/v4\/js\/integrator.js https:\/\/payments.cloud.google\/payments\/v4\/js\/integrator.js;report-uri \/_\/PlayStoreUi\/cspreport\/fine-allowlist","count":2},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; connect-src 'self' wss: https:; style-src 'self' 'unsafe-inline' data: https:; frame-src 'self' https:\/\/batmaid.prismic.io https:\/\/*.trustpilot.com https:\/\/vars.hotjar.com https:\/\/*.google.com https:\/\/www.facebook.com https:\/\/*.doubleclick.net https:\/\/tpc.googlesyndication.com https:\/\/www.youtube.com https:\/\/pay.datatrans.com https:\/\/3dsec.cardcenter.ch https:\/\/acs1.viseca.ch https:\/\/acs.touch.tech https:\/\/www.instagram.com https:\/\/www.googletagmanager.com https:\/\/consentcdn.cookiebot.com data:; frame-ancestors 'self'; form-action 'self' https:\/\/pay.datatrans.com https:\/\/www.facebook.com; object-src 'none'; upgrade-insecure-requests; report-uri \/en\/api\/v1\/csp-violation-report","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com *.gstatic.com widget.trustpilot.com t4.my-probance.one *.aplazame.com *.zendesk.com *.adobedtm.com *.adobe.com *.authorize.net *.braintreegateway.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cetelem.es *.livechatinc.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.youtube.com *.youtube-nocookie.com player.vimeo.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com https:\/\/www.google.com\/recaptcha\/ *.avis-verifies.com\/ widget.trustpilot.com t4.my-probance.one *.aplazame.com *.zendesk.com *.adobedtm.com *.adobe.com *.authorize.net *.braintreegateway.com *.googletagmanager.com *.google.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com live.cdn.sequra.svea.com next-live.sequra.svea.com live.sequra.svea.com sandbox.cdn.sequra.svea.com next-sandbox.sequra.svea.com sandbox.sequra.svea.com *.livechatinc.com *.weltpixel.com 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com *.vimeocdn.com i.ytimg.com *.youtube.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com validator.swagger.io *.cetelem.es cdn.doofinder.com *.google.com *.youtube.com\/ widget.trustpilot.com t4.my-probance.one *.aplazame.com *.zendesk.com *.adobedtm.com *.adobe.com *.authorize.net *.braintreegateway.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com live.cdn.sequra.svea.com next-live.sequra.svea.com live.sequra.svea.com sandbox.cdn.sequra.svea.com next-sandbox.sequra.svea.com sandbox.sequra.svea.com *.livechatinc.com imgsct.cookiebot.com *.gstatic.com *.facebook.com data: 'self' 'unsafe-inline'; script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com\/ www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.cetelem.es cdn.doofinder.com *.googletagmanager.com *.cdn.cookielaw.org\/ widget.trustpilot.com t4.my-probance.one *.aplazame.com *.zendesk.com *.adobedtm.com *.adobe.com *.authorize.net *.braintreegateway.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com live.cdn.sequra.svea.com next-live.sequra.svea.com live.sequra.svea.com sandbox.cdn.sequra.svea.com next-sandbox.sequra.svea.com sandbox.sequra.svea.com *.livechatinc.com *.tradedoubler.com consent.cookiebot.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ https:\/\/www.googletagmanager.com tagmanager.google.com analytics.google.com *.facebook.net unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.cetelem.es *.doofinder.com *.googleapis.com widget.trustpilot.com t4.my-probance.one *.aplazame.com *.zendesk.com *.adobedtm.com *.adobe.com *.authorize.net *.braintreegateway.com *.livechatinc.com *.fontawesome.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.cetelem.es *.doofinder.com wss:\/\/*.doofinder.com *.googletagmanager.com *.cdn.cookielaw.org\/ *.youtube.com\/ widget.trustpilot.com t4.my-probance.one *.aplazame.com *.zendesk.com *.adobedtm.com *.adobe.com *.authorize.net *.braintreegateway.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com live.cdn.sequra.svea.com next-live.sequra.svea.com live.sequra.svea.com sandbox.cdn.sequra.svea.com next-sandbox.sequra.svea.com sandbox.sequra.svea.com *.livechatinc.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ *.google-analytics.com analytics.google.com *.facebook.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com data: *.stape.io *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com *.stape.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com magefan.com cm.magefan.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.doubleclick.net *.googletagmanager.com *.stape.io https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com flagpedia.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com *.doubleclick.net *.stape.io *.avada.io *.shopify.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com maps.googleapis.com www.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.googletagmanager.com *.stape.io *.fontawesome.com https:\/\/fonts.bunny.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com maxcdn.bootstrapcdn.com *.gstatic.com www.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.google-analytics.com *.doubleclick.net *.googlesyndication.com https:\/\/www.merchant-center-analytics.goog *.stape.io https:\/\/get.geojs.io *.avada.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.gstatic.com maps.googleapis.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/def9d71d-669f-4322-8f25-4ef099a2d33a.sansec.watch\/; report-to report-endpoint;","count":2},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/www.google.com https:\/\/www.gstatic.com *.alothemes.com *.magepow.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com https:\/\/webpay3gint.transbank.cl webpay3g.transbank.cl webpay3gint.transbank.cl *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com bytedance: sslocal: https:\/\/www.google.com http:\/\/www.google.com https:\/\/www.facebook.com https:\/\/web.facebook.com https:\/\/bid.g.doubleclick.net *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.cl https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/cdn.pushcrew.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/googleads.g.doubleclick.net https:\/\/pushcrew.com *.alothemes.com *.magepow.com *.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com commerce.adobe.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com https:\/\/www.google.cl https:\/\/cdn.pushcrew.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/fonts.googleapis.com https:\/\/maps.googleapis.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net http:\/\/www.google.com https:\/\/tracking.krip.cl https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net https:\/\/cdn.fitit.ai *.googleapis.com *.google.com *.gstatic.com *.alothemes.com *.magepow.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com https:\/\/fonts.googleapis.com https:\/\/cdn.pushcrew.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/cdn.fitit.ai *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com *.alothemes.com *.magepow.com *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.net qa-api.magedevteam.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/bam.nr-data.net https:\/\/www.facebook.com https:\/\/api.bciplus.cl https:\/\/maps.googleapis.com https:\/\/pushcrew.com https:\/\/firebase.googleapis.com https:\/\/firebaseremoteconfig.googleapis.com https:\/\/us-central1-fitit-a5bde.cloudfunctions.net https:\/\/firebaselogging-pa.googleapis.com http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com *.alothemes.com *.magepow.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" worker-src https:\/\/cdn.connectif.cloud; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/cdn.cs.1worldsync.com https:\/\/script.hotjar.com https:\/\/fonts.cdnfonts.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com api.bazaarvoice.com stg.api.bazaarvoice.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com www.xtento.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * td.doubleclick.net www.google.com https:\/\/www.google.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com www.xtento.com cdn.xtento.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com mcstaging.digitalixcomercio.com mcprod.digitalixcomercio.com rt.flix360.com media.flixcar.com www.google.com.co https:\/\/mcprod.digitalixcomercio.com https:\/\/cdn.cs.1worldsync.com https:\/\/photos-us.bazaarvoice.com https:\/\/www.facebook.com https:\/\/px.ads.linkedin.com https:\/\/www.linkedin.com\/px\/ https:\/\/ad.doubleclick.net https:\/\/px4.ads.linkedin.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com www.xtento.com cdn.xtento.com https:\/\/cdn.connectif.cloud js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/www.googletagmanager.com tagmanager.google.com unpkg.com *.cardinalcommerce.com www.google.com www.gstatic.com cdn.cs.1worldsync.com media.flixfacts.com ws.cs.1worldsync.com media.flixcar.com static.queue-it.net assets.queue-it.net static.hotjar.com script.hotjar.com static.zdassets.com js-agent.newrelic.com https:\/\/static.zdassets.com https:\/\/static.hotjar.com https:\/\/static.queue-it.net https:\/\/prod.flixgvid.flix360.io  https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/analytics.tiktok.com https:\/\/pixels.lemonpi.io https:\/\/pagead2.googlesyndication.com https:\/\/stapecdn.com https:\/\/ix.aqmaster.com https:\/\/scripts.clarity.ms\/0.8.59\/clarity.js https:\/\/scripts.clarity.ms\/0.8.60-beta\/clarity.js https:\/\/rum.hlx.page\/.rum\/@adobe\/helix-rum-js@%5E2\/dist\/rum-standalone.js 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com display.ugc.bazaarvoice.com assets.braintreegateway.com tagmanager.google.com https:\/\/cdn.cs.1worldsync.com https:\/\/fonts.cdnfonts.com\/css\/satoshi https:\/\/www.googletagmanager.com\/debug\/badge.css 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.zdassets.com https:\/\/cdn.cs.1worldsync.com https:\/\/mcprod.shop.epson.com.co\/media 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.google-analytics.com *.doubleclick.net media.flixcar.com ekr.zdassets.com *.zendesk.com bam.nr-data.net googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/ekr.zdassets.com wss:\/\/widget-mediator.zopim.com https:\/\/am1-api.connectif.cloud https:\/\/surveystats.hotjar.io https:\/\/content.hotjar.io wss:\/\/ws.hotjar.com https:\/\/vc.hotjar.io https:\/\/analytics.tiktok.com https:\/\/px.ads.linkedin.com https:\/\/www.facebook.com https:\/\/ix.aqmaster.com https:\/\/cdn.connectif.cloud https:\/\/f.clarity.ms\/collect https:\/\/n.clarity.ms\/collect 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com https: blob: 'self' 'unsafe-inline'; default-src googleads.g.doubleclick.net stats.g.doubleclick.net commerce.adobedc.net widget-mediator.zopim.com https:\/\/pagead2.googlesyndication.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src *.klarnacdn.net fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de player.vimeo.com *.facebook.com *.youtube.com *.youtube-nocookie.com 'self' 'unsafe-inline'; img-src d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cdninstagram.com *.hsforms.net *.hsforms.com *.gstatic.com *.facebook.com data: 'self' 'unsafe-inline'; script-src www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ player.vimeo.com connect.facebook.net *.newrelic.com *.nr-data.net *.hsforms.net *.hsforms.com https:\/\/www.googletagmanager.com tagmanager.google.com analytics.google.com *.facebook.net unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.klarnacdn.net https:\/\/static.klaviyo.com tagmanager.google.com fonts.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.klarnaservices.com *.klarna.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.newrelic.com *.nr-data.net vimeo.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com analytics.google.com *.facebook.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.youtube.com https:\/\/analytics.ahrefs.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; img-src 'self' data: https:\/\/mssb-media.xcms.io https:\/\/static01.mediaselangor.com https:\/\/mediaselangor.com https:\/\/mediaselangor.github.io; connect-src 'self' https:\/\/feeds.mediaselangor.com https:\/\/www.googletagmanager.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/static01.mediaselangor.com https:\/\/selangor-player.glueapi.io; media-src 'self' https:\/\/mediaselangor.com https:\/\/static01.mediaselangor.com; frame-ancestors *","count":2},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: https:\/\/www.googletagmanager.com *.fontawesome.com maxcdn.bootstrapcdn.com fonts.googleapis.com fonts.gstatic.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.zdassets.com *.zendesk.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org *.openstreetmap.org maps.googleapis.com maps.gstatic.com magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com *.zdassets.com *.zendesk.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com *.gstatic.com tagmanager.google.com https:\/\/www.googletagmanager.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.avada.io *.shopify.com *.zdassets.com *.cloudflare.com *.cloudflareinsights.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com *.stripe.network *.stripecdn.com *.amazon.com https:\/\/fonts.bunny.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com ws:\/\/localhost:9109\/ws wss:\/\/localhost:9109\/ws wss:\/\/localhost:9109\/ maps.googleapis.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com https:\/\/get.geojs.io *.avada.io *.zdassets.com *.zendesk.com wss:\/\/widget-mediator.zopim.com *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de https:\/\/www.apparelvideos.com https:\/\/www.bluegeneration.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com *.positivessl.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.doubleclick.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.google-analytics.com *.googleadservices.com *.paypal.com *.zonos.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.gstatic.com *.googletagmanager.com *.doubleclick.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com https:\/\/hello.zonos.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.googletagmanager.com *.fontawesome.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.zonos.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":2},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-oYyfSp7tg5eTb8V83Giq6A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-kpCvHnghl_4MAjZnXL-89Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' cdn.transcend.io transcend-cdn.com www.mozilla.org; frame-src 'self' accounts.firefox.com gtm.mozilla.org js.stripe.com www.google-analytics.com www.googletagmanager.com www.youtube.com; font-src 'self' www.mozilla.org; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.transcend.io js.stripe.com s.ytimg.com tagmanager.google.com transcend-cdn.com www.google-analytics.com www.googletagmanager.com www.mozilla.org www.youtube.com; upgrade-insecure-requests; frame-ancestors 'none'; base-uri 'none'; connect-src 'self' cdn.transcend.io gtm.mozilla.org https:\/\/abdri3ttkb.execute-api.us-east-2.amazonaws.com https:\/\/accounts.firefox.com\/ https:\/\/basket.mozilla.org o1069899.ingest.sentry.io o1069899.sentry.io region1.google-analytics.com telemetry.transcend.io telemetry.us.transcend.io transcend-cdn.com www.google-analytics.com www.googletagmanager.com www.mozilla.org\/submit\/bedrock\/; img-src 'self' blog.mozilla.org data: images.ctfassets.net www.google-analytics.com www.googletagmanager.com www.mozilla.org; default-src 'self' *.mozilla.org; form-action 'self' https:\/\/abdri3ttkb.execute-api.us-east-2.amazonaws.com https:\/\/accounts.firefox.com\/ https:\/\/basket.mozilla.org; media-src 'self' assets.mozilla.net videos.cdn.mozilla.net www.mozilla.org","count":1},{"content-security-policy-report-only":" style-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com 'unsafe-inline';script-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval';report-uri \/1\/batch\/2\/OE\/mid=ATVPDKIKX0DER:sid=145-4167268-9589601:rid=S3YE0B9MCY6GCPQYWSG4:sn=www.primevideo.com;default-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/www_google","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B%3F710a%3Ac%3F05(rbpv27.i~or7-19e2409bde5-0x1605#pd","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/cacerts","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' hubapi.com *.hubapi.com hubspot.com *.hubspot.com app.hubspot.com hubspotusercontent-na1.net *.hubspotusercontent-na1.net hsappstatic.net *.hsappstatic.net hs-banner.com *.hs-banner.com hsforms.com *.hsforms.com forms.hsforms.com *googletagmanager.com\u00a0 https:\/\/munchkin.marketo.net https:\/\/snap.licdn.com *linkedin.com; 'unsafe-inline' https:\/\/trusted-cdn.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' https:; connect-src 'self' forms.hscollectedforms.net *.hscollectedforms.net hubspot.com *.hubspot.com hubapi.com *.hubapi.com hsforms.com *.hsforms.com hsforms.net *.hsforms.net hsappstatic.net *.hsappstatic.net googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com cdn.cookielaw.org *.cookielaw.org www.google.com analytics.google.com  px.ads.linkedin.com *.linkedin.com; frame-ancestors 'none'; base-uri 'self'; object-src 'none'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' 50339659.hs-sites.com 1003891.track.convertexperiments.com app.hubspot.com cdn-3.convertexperiments.com cdn-4.convertexperiments.com *.metrics.convertexperiments.com *.signals.convertexperiments.com logs.convertexperiments.com *.convertexperiments.com cdn.pdst.fm connect.facebook.net js.hs-analytics.net js.hs-banner.com js.hsforms.net js.hsleadflows.net js.hubspotfeedback.com js.usemessages.com play.vidyard.com script.hotjar.com snap.licdn.com static.hotjar.com static.hsappstatic.net www.google-analytics.com www.googletagmanager.com www.recaptcha.net code.highcharts.com www.youtube.com js.hubspot.com www.dropbox.com widget.altrulabs.com www.google.com maps.googleapis.com wt-assets.hubteam.com cdn2.hubspot.net www.redditstatic.com cdn.veritonic.com gosniply.com d.impactradius-event.com test.test.com js.hubspot.com analytics.tiktok.com 'strict-dynamic' 'nonce-ebWSEmgKhySwXEYnYsXcpg=='; report-uri https:\/\/send.hsbrowserreports.com\/csp\/report","count":1},{"content-security-policy-report-only":" script-src 'nonce-uCVpsfHLEYcnwS4fiOcDgw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/static-on-bigtable; base-uri 'none'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-2KYrRZdGW4oEzRFKFj5ZlA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" upgrade-insecure-requests; img-src 'self' data: www.firefox.com www.google-analytics.com www.googletagmanager.com www.mozilla.org; style-src 'self' 'unsafe-inline' cdn.transcend.io transcend-cdn.com www.firefox.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.transcend.io s.ytimg.com tagmanager.google.com transcend-cdn.com www.firefox.com www.google-analytics.com www.googletagmanager.com www.youtube.com; media-src 'self' assets.mozilla.net videos.cdn.mozilla.net www.firefox.com www.mozilla.org; default-src 'self' www.firefox.com; base-uri 'none'; connect-src 'self' basket.mozilla.org cdn.transcend.io gtm-dev.springfield.moz.works gtm.firefox.com gtm.springfield.moz.works https:\/\/accounts.firefox.com\/ https:\/\/basket.mozilla.org o1069899.ingest.sentry.io o1069899.ingest.us.sentry.io o1069899.sentry.io region1.google-analytics.com telemetry.transcend.io telemetry.us.transcend.io transcend-cdn.com www.firefox.com www.google-analytics.com www.googletagmanager.com; form-action 'self' https:\/\/accounts.firefox.com\/ https:\/\/basket.mozilla.org; object-src 'none'; frame-ancestors 'none'; frame-src 'self' accounts.firefox.com www.google-analytics.com www.googletagmanager.com www.youtube-nocookie.com www.youtube.com; font-src 'self' www.firefox.com","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-jWRwdG9Ns6J1e51Q8RjkBA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" script-src 'nonce-ajNvsrs5jrgNGI6GGnONaw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/static-on-bigtable; base-uri 'none'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-dHqAyK28ED2DOwyEZ499LA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/ss.datasconsole.com; worker-src 'self' blob:; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/*.coinmarketcap.com https:\/\/cdn.adx.ws https:\/\/cdn.cookielaw.org https:\/\/cdn4.buysellads.net https:\/\/btloader.com https:\/\/script.4dex.io https:\/\/www.google.com https:\/\/*.googlesyndication.com https:\/\/securepubads.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/ep2.adtrafficquality.google https:\/\/www.youtube.com https:\/\/s3.tradingview.com https:\/\/organizer.bizzabo.com https:\/\/telegram.org https:\/\/staticrecap.cgicgi.io https:\/\/3f0fb9bcf568.edge.sdk.awswaf.com https:\/\/unpkg.com\/vconsole\/dist\/vconsole.min.js https:\/\/browser.sentry-cdn.com https:\/\/ajax.googleapis.com\/ajax\/libs\/jquery\/ https:\/\/www.recaptcha.net\/recaptcha\/; report-uri https:\/\/o230231.ingest.us.sentry.io\/api\/1773863\/security\/?sentry_key=f6a79779d88945e5bf5c2b7e74ee1ed8","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/use.typekit.net; object-src 'none'; base-uri 'self'; worker-src 'none'; connect-src 'self' https:\/\/collect.datas3ntinel.com;","count":1},{"content-security-policy-report-only":" child-src 'self' https:\/\/*.qualified.com; default-src 'self'; frame-src 'self' https:\/\/9628652.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/ct.pinterest.com https:\/\/tealium-f.squarecdn.com; worker-src 'self' blob:; connect-src 'self' https:\/\/assets.ctfassets.net https:\/\/api.broadway.squareup.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/api.squareup.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com https:\/\/api.squareup.com https:\/\/api.squareupstaging.com *.contentsquare.net https:\/\/capi.squareup.com https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/stats.g.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/google.com https:\/\/www.google.com https:\/\/us-central1-sq-sgtm-prod.cloudfunctions.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net http:\/\/424-iab-218.mktoresp.com https:\/\/424-iab-218.mktoresp.com https:\/\/xms2-marketo.beta.stage.sqprod.co https:\/\/424-iab-218.mktoutil.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/logx.optimizely.com https:\/\/ct.pinterest.com https:\/\/conversions-config.reddit.com https:\/\/pixel-config.reddit.com https:\/\/www.redditstatic.com *.ingest.us.sentry.io *.6sc.co https:\/\/api.sprig.com https:\/\/squareupstaging.com https:\/\/visitor-scoring-new.marketlinc.com https:\/\/api.chilipiper.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com wss:\/\/*.qualified.com https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com localhost:*; font-src 'self' https:\/\/cash-f.squarecdn.com https:\/\/square-fonts-production-f.squarecdn.com; img-src 'self' data: blob: https:\/\/ib.adnxs.com https:\/\/assets.ctfassets.net https:\/\/cdn.blisspointmedia.com https:\/\/campaign-hub-production-f.squarecdn.com *.contentsquare.net https:\/\/ad.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/google.com https:\/\/www.google.com https:\/\/adservice.google.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/*.g.doubleclick.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net https:\/\/px.ads.linkedin.com https:\/\/cdn.cookielaw.org https:\/\/pixel.pointmediatracker.com https:\/\/alb.reddit.com *.6sc.co https:\/\/api.squareup.com https:\/\/api.squareupstaging.com https:\/\/insight.adsrvr.org https:\/\/match.adsrvr.org https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; manifest-src 'self' https:\/\/pw-renderer-production-c.squarecdn.com; media-src 'self' mediastream: https:\/\/assets.ctfassets.net https:\/\/js.driftt.com http:\/\/videos.ctfassets.net https:\/\/videos.ctfassets.net https:\/\/*.qualified.com; script-src 'self' *.contentsquare.net https:\/\/www.datadoghq-browser-agent.com https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/connect.facebook.net https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/lift-ai-js.marketlinc.com https:\/\/martech-development-c.squarecdn.com https:\/\/martech-production-c.squarecdn.com https:\/\/martech-staging-c.squarecdn.com http:\/\/munchkin.marketo.net https:\/\/munchkin.marketo.net https:\/\/cdn.cookielaw.org https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/pw-renderer-production-c.squarecdn.com https:\/\/pw-renderer-staging-c.squarecdn.com https:\/\/pwt-production-c.squarecdn.com https:\/\/pwt-staging-c.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com https:\/\/www.redditstatic.com *.6sc.co https:\/\/cdn.sprig.com https:\/\/xms-production-f.squarecdn.com https:\/\/www.youtube.com https:\/\/pw-renderer-production-c.squarecdn.com 'nonce-V17x8L0ft7ojwQVAix15Vw=='; style-src 'self' https:\/\/square-fonts-production-f.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com 'unsafe-inline' https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; frame-ancestors 'self' https:\/\/app.contentful.com; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin=content-security-policy&ddsource=csp-report; report-to browser-intake-datadoghq","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-lKzHplJfAG3ltUECCm1Gyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/variety.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/www.google.com\/recaptcha\/enterprise.js https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.gstatic.com\/_\/mss\/boq-recaptcha\/_\/js\/k=boq-recaptcha.RecaptchaChallengePageUi.en_US.krsbn9YqWT8.2018.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/www.gstatic.com\/recaptcha\/releases\/;report-uri \/recaptcha\/challengepage\/_\/RecaptchaChallengePageUi\/cspreport\/fine-allowlist","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.rollingstone.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" script-src 'self' https: https:\/\/www.google-analytics.com https:\/\/cdn.amplitude.com 'unsafe-eval' 'unsafe-inline' data: 'nonce-zLlq4d0dkBhEL+63deTH2w=='; worker-src blob: data:; report-uri https:\/\/us.sentry.io\/api\/4506690010480640\/security\/?sentry_key=aab2498373841041d6b48d721aefbdc1&sentry_environment=production&sentry_release=3e3eb28d031812930264335e80ae9cf1d9f551ee","count":1},{"content-security-policy-report-only":" script-src 'nonce-2a658a64e26d40d5bc4fad2f7f99b752' 'strict-dynamic' 'wasm-unsafe-eval' 'unsafe-eval' *.bdxiguastatic.com *.bytescm.com *.bytetos.com *.toutiao.com *.ibytedapm.com bdxiguastatic.com *.bytegoofy.com;img-src blob: data: *.douyinstatic.com *.toutiaoimg.com *.bdxiguastatic.com *.bdxiguaimg.com *.bytexservice.com *.bytednsdoc.com *.douyinpic.com *.byteeffecttos.com *.byteacctimg.com *.byteimg.com *.bytecdn.cn http: *.ixigua.com *.itoutiaoimg.com *.toutiaostatic.com s.360.cn *.bytescm.com *.byted.org pos.baidu.com www.gstatic.com jonypractic.net wx.qlogo.cn;report-to slardar-endpoint;style-src blob: 'self' pwm-image.trendmicro.com www.gstatic.com cdn.jsdelivr.net plugin.newmorehot.com *.bytedance.net lib.baomitu.com *.bdxiguastatic.com 'unsafe-inline';manifest-src *.bytednsdoc.com;frame-src wo.laiwoshop.com pwm-image.trendmicro.com a.safen100.com c.safen110.com m.youtube.com code.woqrcode.com api.xiaoduis.com *.ixigua.com cdn.hunong.xyz cha.chaweather.com cx.chacizus.com v2.maoyinews.xyz *.summer5188.com tj.shshinfo.com www.mgtv.com vip.zhanyangsh.cn;","count":1},{"content-security-policy-report-only":" default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.zijieimg.com *.helo-app.com *.toutiaopage.com *.zjurl.cn *.pstatp.com *.bytecdn.cn *.isnssdk.com *.byteoversea.com *.365yg.com *.ks-cdn.com *.ipstatp.com *.amemv.com *.ibytedtos.com *.ixigua.com *.ixiguavideo.com *.hypstarcdn.com *.tiktokcdn.com *.topbuzzcdn.com *.lemocamcdn.com *.musical.ly *.muscdn.com *.ulikecam.mobi *.faceu.mobi *.wukongwenda.com *.wukongwenda.cn *.toutiao13.com *.toutiaoribao.cn *.ribaoapi.com *.dongchediapp.com *.huoshanzhibo.com *.huoshanxiaoshipin.cn *.huoshanxiaoshipin.net *.huoshanvideo.cn *.huoshanvideo.net *.ieshuodong.cn *.ieshuodong.net *.byteoversea.com *.topbuzz.com *.hypstar.com *.tiktokv.com *.byted.org *.bytedance.net *.bytedance.com *.bytedance.cn *.toutiaocloud.com *.snssdk.com *.toutiao.com *.neihanshequ.com *.wukong.com *.huoshan.com *.douyin.com *.everphoto.cn *.jinritemai.com *.tuchong.com *.stock.tuchong.com *.luckycalendar.cn *.bcy.net *.feishu.cn *.dcdapp.com *.oceanengine.com *.chengzijianzhan.com *.byteimg.com *.google-analytics.com","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-nMuuOVBd3QtJTECS-ibzuw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-TkmfsvreNxcXQl6SKbJmmA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' 50339659.hs-sites.com 1003891.track.convertexperiments.com app.hubspot.com cdn-3.convertexperiments.com cdn-4.convertexperiments.com *.metrics.convertexperiments.com *.signals.convertexperiments.com logs.convertexperiments.com *.convertexperiments.com cdn.pdst.fm connect.facebook.net js.hs-analytics.net js.hs-banner.com js.hsforms.net js.hsleadflows.net js.hubspotfeedback.com js.usemessages.com play.vidyard.com script.hotjar.com snap.licdn.com static.hotjar.com static.hsappstatic.net www.google-analytics.com www.googletagmanager.com www.recaptcha.net code.highcharts.com www.youtube.com js.hubspot.com www.dropbox.com widget.altrulabs.com www.google.com maps.googleapis.com wt-assets.hubteam.com cdn2.hubspot.net www.redditstatic.com cdn.veritonic.com gosniply.com d.impactradius-event.com test.test.com js.hubspot.com analytics.tiktok.com 'strict-dynamic' 'nonce-EECQFqaDoWqVak0u2kZQ\/g=='; report-uri https:\/\/send.hsbrowserreports.com\/csp\/report","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' hubspot.mintlify.dev app.hubspot.com cdn-3.convertexperiments.com cdnjs.cloudflare.com connect.facebook.net cta-service-cms2.hubspot.com js.hsforms.net js.hs-analytics.net js.hs-banner.com js.hsleadflows.net js.hubspotfeedback.com js.usemessages.com platform.twitter.com play.vidyard.com run.pstmn.io script.crazyegg.com script.hotjar.com static.hotjar.com static.hsappstatic.net use.typekit.net www.googletagmanager.com www.google-analytics.com www.hubspot.com 'strict-dynamic' 'nonce-SnLwWvmGTDS8ZcnuGeyhsw=='; report-uri https:\/\/send.hsbrowserreports.com\/csp\/report","count":1},{"content-security-policy-report-only":" script-src https:\/\/www.airtable.com https:\/\/airtable-marketing.herokuapp.com https:\/\/airtable.com https:\/\/static.airtable.com\/ 'unsafe-eval' 'unsafe-inline' 'report-sample' https: blob:; style-src 'unsafe-inline' https:; block-all-mixed-content; object-src \/\/pages.airtable.com; base-uri 'none'; report-uri https:\/\/airtable.com\/.csp\/report","count":1},{"content-security-policy-report-only":" child-src 'self' https:\/\/*.qualified.com; default-src 'self'; frame-src 'self' https:\/\/9628652.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/ct.pinterest.com https:\/\/tealium-f.squarecdn.com; worker-src 'self' blob:; connect-src 'self' https:\/\/assets.ctfassets.net https:\/\/api.broadway.squareup.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/api.squareup.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com https:\/\/api.squareup.com https:\/\/api.squareupstaging.com *.contentsquare.net https:\/\/capi.squareup.com https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/stats.g.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/google.com https:\/\/www.google.com https:\/\/us-central1-sq-sgtm-prod.cloudfunctions.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net http:\/\/424-iab-218.mktoresp.com https:\/\/424-iab-218.mktoresp.com https:\/\/xms2-marketo.beta.stage.sqprod.co https:\/\/424-iab-218.mktoutil.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/logx.optimizely.com https:\/\/ct.pinterest.com https:\/\/conversions-config.reddit.com https:\/\/pixel-config.reddit.com https:\/\/www.redditstatic.com *.ingest.us.sentry.io *.6sc.co https:\/\/api.sprig.com https:\/\/squareupstaging.com https:\/\/visitor-scoring-new.marketlinc.com https:\/\/api.chilipiper.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com wss:\/\/*.qualified.com https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com localhost:*; font-src 'self' https:\/\/cash-f.squarecdn.com https:\/\/square-fonts-production-f.squarecdn.com; img-src 'self' data: blob: https:\/\/ib.adnxs.com https:\/\/assets.ctfassets.net https:\/\/cdn.blisspointmedia.com https:\/\/campaign-hub-production-f.squarecdn.com *.contentsquare.net https:\/\/ad.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/google.com https:\/\/www.google.com https:\/\/adservice.google.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/*.g.doubleclick.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net https:\/\/px.ads.linkedin.com https:\/\/cdn.cookielaw.org https:\/\/pixel.pointmediatracker.com https:\/\/alb.reddit.com *.6sc.co https:\/\/api.squareup.com https:\/\/api.squareupstaging.com https:\/\/insight.adsrvr.org https:\/\/match.adsrvr.org https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; manifest-src 'self' https:\/\/pw-renderer-production-c.squarecdn.com; media-src 'self' mediastream: https:\/\/assets.ctfassets.net https:\/\/js.driftt.com http:\/\/videos.ctfassets.net https:\/\/videos.ctfassets.net https:\/\/*.qualified.com; script-src 'self' *.contentsquare.net https:\/\/www.datadoghq-browser-agent.com https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/connect.facebook.net https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/lift-ai-js.marketlinc.com https:\/\/martech-development-c.squarecdn.com https:\/\/martech-production-c.squarecdn.com https:\/\/martech-staging-c.squarecdn.com http:\/\/munchkin.marketo.net https:\/\/munchkin.marketo.net https:\/\/cdn.cookielaw.org https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/pw-renderer-production-c.squarecdn.com https:\/\/pw-renderer-staging-c.squarecdn.com https:\/\/pwt-production-c.squarecdn.com https:\/\/pwt-staging-c.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com https:\/\/www.redditstatic.com *.6sc.co https:\/\/cdn.sprig.com https:\/\/xms-production-f.squarecdn.com https:\/\/www.youtube.com https:\/\/pw-renderer-production-c.squarecdn.com 'nonce-14\/zEkXtSkdPAqDiFAgR8w=='; style-src 'self' https:\/\/square-fonts-production-f.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com 'unsafe-inline' https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; frame-ancestors 'self' https:\/\/app.contentful.com; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin=content-security-policy&ddsource=csp-report; report-to browser-intake-datadoghq","count":1},{"content-security-policy-report-only":" script-src 'unsafe-eval' 'wasm-unsafe-eval' 'report-sample' 'strict-dynamic' 'nonce-khivOc6kVhHBQr0MisZEX' *.bytescm.com *.bytednsdoc.com *.ibytedapm.com *.snssdk.com *.yhgfb-cn-static.com *.bytetos.com *.byte-gslb.com *.bytegoofy.com *.bytecdn.cn *.toutiaostatic.com;style-src 'self' 'unsafe-inline' *.toutiaoimg.com *.bdxiguaimg.com *.bytescm.com *.bytegoofy.com *.douyinstatic.com *.toutiao.com *.toutiaostatic.com *.bytedance.net cdn.bootcss.com;connect-src 'self' wss: ws: data: blob: http:\/\/localhost:* toutiao.govwza.cn *.bytedance.net *.bytedance.com *.snssdk.com *.toutiaostatic.com *.bytescm.com *.toutiao.com *.bytetcc.com *.zijieapi.com *.yhgfb-cn-static.com *.toutiaovod.com *.bytednsdoc.com *.ibytedapm.com *.bytedanceapi.com *.google-analytics.com *.douyinstatic.com *.douyinvod.com *.bytegoofy.com *.bytetos.com *.toutiaoimg.com *.huoshanstatic.com *.idouyinvod.com:* *.volcsiriusbd.com:* *.volcsirius.com:*  *.tt.x.bsgslb.cn:* *.dy.zzcdnx.com:*  *.qc.bsccdn.net:* *.smtcdns.com:* *.ugslb.com:* *.livehwc3.cn:* *.smtcdns.net:* *.bytefcdnrd.com:* *.ksyungslb.com:* *.ksyungslb2.com:* *.ourdvsss.com:* *.tbcache.com:* *.jomodns.com:* *.douyincdn.com:* *.ixigua.com:* *.bdxigualive.com:* *.pstatp.com:* *.douyinliving.com:* *.picovr.com:* *.huoshanlive.com:* *.ihuoshanlive.com:* *.volccdn.com:* *.bestv.com.cn:* *.bytefcdn.com:* *.qnqcdn.net:*  *.jomoxc.com *.jomoxd.com *.a.bdycdn.cn *.hiecheimaetu.com:* *.ppio.cloud:* *.weilayun.com:* *.saxysec.com:* *.saxyit.com:* *.saxydc.com:* *.sjxysec.com:* *.sjxydc.com:* *.vegslb.com:*;upgrade-insecure-requests;frame-ancestors 'self' *.bytedance.net *.snssdk.com shiqu.cn *.shiqu.cn zhan.vivo.com wukong.vivo.com.cn *.feishuapp.cn *.toutiao.com *.bytescm.com *.jiyunhudong.com *.bytedance.com *.feishu.cn;report-uri https:\/\/mon.zijieapi.com\/log\/sentry\/v2\/api\/slardar\/main\/?ev_type=csp&bid=toutiao_web_pc;report-to main-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/cdn.ampproject.org https:\/\/snap.licdn.com https:\/\/www.youtube.com *.youtube.com *.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/consent.bumble.com *.typeform.com *.doubleclick.net *.taboola.com; script-src 'self' 'unsafe-inline' 'report-sample' 'nonce-drctjWnrYhGiN1RjjRw1lQ==' https:\/\/cdn.ampproject.org https:\/\/snap.licdn.com https:\/\/www.youtube.com *.youtube.com *.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/consent.bumble.com *.typeform.com *.doubleclick.net *.taboola.com; style-src 'self' 'unsafe-inline' *.typeform.com; connect-src 'self' https:\/\/cdn.ampproject.org https:\/\/consent.bumble.com https:\/\/www.googletagmanager.com *.google-analytics.com *.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com\/pagead *.googlesyndication.com *.typeform.com *.typeformcdn.com; child-src 'self'; font-src 'self' data:; manifest-src 'self'; base-uri 'self'; frame-src 'self' https:\/\/cdn.ampproject.org https:\/\/snap.licdn.com https:\/\/www.youtube.com *.youtube.com *.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/consent.bumble.com *.typeform.com *.doubleclick.net *.taboola.com; img-src * data: blob: www.googletagmanager.com; media-src * data: blob:; report-uri \/jss\/csp_report.phtml?token=bumble_team_site&env=production;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-gq-bahMBYu5jz4xbI9rhhA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-V7x693iOYyOtcAPrUakSvQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-w1GXmPY4s-gHxMqv5AyxAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-3cKg6pXdde-HD-MYgo2khg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Svnz-stq9XPYQf-NUDUoIA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-SsrJjXiJsNCb4sioUogUJw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-DdOO04V3zViRUzUobsqHjg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-jpiihHv3c7I2B16B5GvfbQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-V9NzXmNasWaL0Sg-lakSYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';connect-src 'self' data: https: wss:\/\/keepalive.gotinder.com wss:\/\/keepalive.ue1.d1.tstaging.com;script-src 'nonce-xnqInSZQZ338TEG29rCULQ==' 'strict-dynamic' 'unsafe-hashes' 'unsafe-eval' 'wasm-unsafe-eval' 'sha256-PLCxbpHSwAa8+W198R1KQQ9UDCexTvYy4z4YmCg21NM=' 'unsafe-inline';style-src 'self' 'unsafe-inline' blob: https:\/\/*.googleapis.com https:\/\/accounts.google.com;frame-src 'self' https:;frame-ancestors 'self';form-action 'self' https:;object-src 'none';img-src 'self' data: blob: https:;media-src 'self' data: https:;report-to tinderweb-csp-reports;font-src 'self' data: https:;manifest-src 'self' https:","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-CrpFUoTFwGsW4qFjYU0J2w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-AFyDnCsT8tMWLcS8rQ2I9w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-VP8_HPaY0oO4efO6QsL12g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-6f0Pg_OstWvTDc86eiQl7Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" report-to slardar-endpoint; upgrade-insecure-requests ; frame-ancestors 'self' *.toutiao.com *.douyin.com *.bytedance.com *.bytedance.net tcs.jiyunhudong.com aup.jijixiangshangabc.com chrome-extension:\/\/dbjibobgilijgolhjdcbdebjhejelffo chrome-extension:\/\/molcibnmfbjmmfbefjfcafdeabfniobi chrome-extension:\/\/capohkkfagimodmlpnahjoijgooocdjhd chrome-extension:\/\/mijalhmcgaaaggjfhkliffkanfhimhch chrome-extension:\/\/obkcimipmjdkghadnfcjojepocldeggd chrome-extension:\/\/epjhdbhhoeemcbbbgkimcfndcbjapdaa safari-web-extension:; script-src 'nonce-d18a4972de17c243f31365eaff264aa5-argus' blob: data: 'self' 'unsafe-eval' 'report-sample' 'strict-dynamic'  'unsafe-inline' https:; base-uri 'self'; object-src 'self'; frame-src 'self' *.toutiao.com *.douyin.com *.bytedance.com *.bytedance.net tcs.jiyunhudong.com aup.jijixiangshangabc.com;report-uri https:\/\/mon.zijieapi.com\/monitor_browser\/collect\/batch\/security\/?bid=flow_web;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.stripe.com https:\/\/*.paddle.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/; style-src 'self' 'unsafe-inline' https:\/\/*.paddle.com https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com; img-src 'self' data: https:\/\/ipapi.co https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/*.stripe.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com; frame-src 'self' https:\/\/www.google.com https:\/\/*.stripe.com https:\/\/*.paddle.com https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/; connect-src 'self' https:\/\/ipapi.co\/ https:\/\/*.paddle.com https:\/\/*.stripe.com https:\/\/maps.googleapis.com https:\/\/www.google.com\/recaptcha\/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" default-src 'self' *.airasia.com; worker-src 'self' blob: *.airasia.com *.apiairasia.com https:\/\/cdnjs.cloudflare.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/tag.airasia.com *.airasia.com https:\/\/www.google-analytics.com *.googletagservices.com *.googletagmanager.com https:\/\/www.googletagmanager.com https:\/\/*.clarity.ms *.recaptcha.net *.gstatic.com *.g.doubleclick.net *.adtrafficquality.google *.googlesyndication.com *.cloudflareinsights.com https:\/\/cdnjs.cloudflare.com https:\/\/connect.facebook.net *.facebook.com *.fbcdn.net https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/bat.bing.com https:\/\/cdn.moengage.com https:\/\/accounts.google.com https:\/\/iap.googleapis.com; style-src 'self' 'unsafe-inline' *.airasia.com https:\/\/fonts.googleapis.com; img-src 'self' data: blob: *.airasia.com https:\/\/*.google.com https:\/\/www.googletagmanager.com https:\/\/www.google.com.my https:\/\/www.google.co.in https:\/\/*.clarity.ms https:\/\/*.doubleclick.net https:\/\/tpc.googlesyndication.com https:\/\/ep1.adtrafficquality.google https:\/\/storage.googleapis.com https:\/\/*.bstatic.com https:\/\/i.travelapi.com\/ https:\/\/pix8.agoda.net https:\/\/photos.hotelbeds.com  https:\/\/ak-d.tripcdn.com\/ tm-prod-event-files-v3.s3.ap-southeast-1.amazonaws.com https:\/\/www.facebook.com *.facebook.com *.fbcdn.net https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/bat.bing.com; font-src 'self' data: *.airasia.com https:\/\/fonts.gstatic.com; connect-src 'self' https: wss:\/\/*.airasia.com https:\/\/tag.airasia.com *.airasia.com *.cloudflareinsights.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.clarity.ms https:\/\/connect.facebook.net https:\/\/www.facebook.com *.facebook.com *.fbcdn.net https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/business-api.tiktok.com https:\/\/airasia.cdn-gw-dv.vip https:\/\/airasia.ck123.io https:\/\/bat.bing.com; frame-src 'self' *.airasia.com https:\/\/*.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.googleadservices.com https:\/\/*.recaptcha.net https:\/\/ls.cdn-gw-dv.vip https:\/\/ep2.adtrafficquality.google; frame-ancestors 'self' *.airasia.com; base-uri 'self'; form-action 'self'; report-uri https:\/\/flights.airasia.com\/fp\/web\/report-uri;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-0C_xjYYCUMn0RS4otLPVhQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-W8-oCBto-loUDWIKy7p1fQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-XwcLC50hL2XmSeRt5Vh3Lg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Kto9uxqvHR2OEbrprfYZ2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-rg9O1C-dL_GGtThIIQWZWA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-AJ-rjuIvHRIfSxb6DcMvXQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-rXjDxKFWyT5j2vCW2_K4VQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ugOU5pDor5faX-3EJSb9BA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-G12rEwT5c_uPOwA9OGkkqg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src * 'unsafe-eval' 'unsafe-inline' blob: data:;frame-src 'self' sinaweibo: weibo.com *.weibo.com weibo.cn *.weibo.cn sina.com.cn *.sina.com.cn sina.cn *.sina.cn *.sinaimg.cn sinanews: sinanewslite: intent: se5bed38c567feb2a: sb5750862870e1cc2: sdc77698a60e45368: sb2623a3919ed77d3: s3d4cfbed31875e1c: sc876cbd9ae34e814: sdf08f19582289581: sc640c3792845ba3e: se8525a4dbfaa192b: sb5261983836bde16: sinablog: sinanewapmwebview: sinanewsdirect: sinafinance:; script-src 'self' 'unsafe-inline' 'unsafe-eval' weibo.com *.weibo.com weibo.cn *.weibo.cn sina.com.cn *.sina.com.cn sina.cn *.sina.cn *.sinaimg.cn *.qchannel03.cn *.qihucdn.com *.qhres.com *.sinajs.cn *.leju.com *.qq.com qzonestyle.gtimg.cn; report-uri https:\/\/logger.sina.cn\/report;","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; font-src 'self' fonts.gstatic.com *.atlassian.com data:; worker-src blob:; media-src 'self' api.media.atlassian.com *.atlassian.com; img-src data: blob: 'self' *.badgen.net *.youtube.com atlassian.wpengine.netdna-cdn.com global.discourse-cdn.com img.shields.io *.atlassian.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat www.gstatic.com *.wp.com cdn.cookielaw.org *.clicktale.net *.doubleclick.net https:\/\/googleads.g.doubleclick.net images.ctfassets.net *.public.atl-paas.net trello.com trello-backgrounds.s3.amazonaws.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.google.co.in *.google.com *.atlassian.com *.gravatar.com; frame-src 'self' *.atlassian.com *.atlassian.net *.atl-paas.net *.googletagmanager.com player.vimeo.com trello.com www.youtube.com www.figma.com; connect-src 'self' *.googletagmanager.com *.algolianet.com *.algolia.net *.clicktale.net *.launchdarkly.com *.trello.com *.doubleclick.net *.qualtrics.com *.onetrust.com *.sentry.io cdn.segment.com api.segment.io www.google-analytics.com cdn.cookielaw.org *.atlassian.com *.atlassian.net *.algolia.io *.google.com *.staging.atl-paas.net *.jira-dev.com; report-uri https:\/\/web-security-reports.services.atlassian.com\/csp-report\/dac; object-src 'none'; style-src 'self' *.trellocdn.com *.atlassian.com 'unsafe-inline'; script-src 'nonce-lxdQNZRyh24hwCgSMCCtY0GlyykfwltuIZi\/gBEj\/Ss=' 'self' 'sha256-Nt9ereHaxV04RZ20OLtdR3uuFr1X0\/Pbt5KbGls\/wXg=' 'sha256-tOj+\/hncGB+HoNjG4vZ22kFWnTZFaTLrsJFU8r20y1w=' https:\/\/www.googleadservices.com https:\/\/player.vimeo.com\/api\/player.js *.segment.com *.clicktale.net mscgen.js.org *.qualtrics.com *.trellocdn.com *.atlassian.com *.atlassian.net www.googletagmanager.com www.google-analytics.com https:\/\/cdn.cookielaw.org https:\/\/cdn.jsdelivr.net\/npm\/search-insights@2.2.1 https:\/\/run.pstmn.io\/button.js *.atl-paas.net https:\/\/srm.bf.contentsquare.net\/exist *.jira-dev.com","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' *.uicdn.com *.mail.com *.ui-portal.de *.doubleclick.net *.primis.tech *.sekindo.com *.amazon-adsystem.com www.googletagmanager.com *.googlesyndication.com *.adtrafficquality.google *.googleapis.com *.script.ac *.2mdn.net; style-src 'self' 'unsafe-inline' *.uicdn.com *.primis.tech *.sekindo.com *.googleapis.com *.mail.com; font-src 'self' *.uicdn.com *.gstatic.com *.mail.com; img-src 'self' data: blob: *.uicdn.com *.ui-portal.de *.google.de *.google.com *.doubleclick.net *.primis.tech *.sekindo.com *.intentiq.com *.adtrafficquality.google *.mail.com *.taboola.com *.criteo.com *.criteo.net united-infos.net *.adition.com *.googletagmanager.com *.googlesyndication.com *.quantserve.com *.bidswitch.net *.adsrvr.org *.loopme.me *.casalemedia.com *.3lift.com *.rubiconproject.com *.yahoo.com *.tremorhub.com *.media.net *.lijit.com *.stickyadstv.com *.smartadserver.com *.adform.net *.sharethrough.com *.1rx.io *.kueezrtb.com *.ingage.tech *.a-mo.net *.yieldmo.com *.inmobi.com *.ottadvisors.com *.fwmrm.net *.adnxs.com domself.de *.ads.linkedin.com *.a-mx.com *.pubmatic.com *.unrulymedia.com *.openx.net *.visx.net *.360yield.com *.amazon-adsystem.com *.opera.com *.outbrain.com *.turn.com *.ctnsnet.com *.admanmedia.com *.temu.com; connect-src 'self' data: *.mail.com *.ui-portal.de *.gstatic.com *.google-analytics.com *.analytics.google.com *.criteo.com *.criteo.net *.taboola.com *.id5-sync.com id5-sync.com *.eu-1-id5-sync.com *.adsrvr.org *.primis.tech *.sekindo.com *.doubleclick.net *.googlesyndication.com *.amazon-adsystem.com *.adtrafficquality.google *.crwdcntrl.net *.intentiq.com *.uicdn.com *.adition.com *.rlcdn.com united-infos.net *.pubmatic.com *.openx.net *.sharethrough.com *.rubiconproject.com *.primis-tech.org *.dnacdn.net dnacdn.net *.casalemedia.com *.adnxs-simple.com *.smartadserver.com; frame-src 'self' *.mail.com *.doubleclick.net www.googletagmanager.com *.googlesyndication.com *.adtrafficquality.google *.google.com *.primis.tech *.sekindo.com *.pubmatic.com *.openx.net *.yellowblue.io *.googleapis.com; media-src 'self' blob: *.primis.tech *.sekindo.com; frame-ancestors *.mail.com; object-src 'none'; block-all-mixed-content","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ZH72dMjTfJWdMFGFdUxRMQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/chrome","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-A8AnPXBVVsoBktSroEroqg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-N5zcxRMih_gVVl6rLm1X5g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-TtH9eu4-B-VzbFWj64lnMg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.stripe.com *.braintreegateway.com *.googleadservices.com *.googletagservices.com *.googleapis.com cdnjs.cloudflare.com unpkg.com cdn.datatables.net connect.facebook.net *.google.com *.recaptcha.net recaptcha.net *.marinetraffic.com *.googletagmanager.com *.wootric.com *.segment.com *.hotjar.com *.licdn.com *.inmobi.com *.profitwell.com *.kpler.com *.intercom.io *.intercomcdn.com *.doubleclick.net *.hs-scripts.com *.hsadspixel.net *.hubspot.com *.hs-banner.com *.hs-analytics.net static.cloudflareinsights.com cdn.dreamdata.cloud *.gstatic.com; style-src 'self' 'unsafe-inline' *.googleapis.com unpkg.com netdna.bootstrapcdn.com cdn.datatables.net *.kpler.com *.gstatic.com; img-src 'self' data: blob: https:; media-src 'self' data: *.intercomcdn.com; worker-src 'self' blob:; connect-src 'self' https: wss:\/\/*.marinetraffic.com wss:\/\/*.intercom.io wss:\/\/*.hotjar.com; font-src 'self' data: *.marinetraffic.com *.gstatic.com netdna.bootstrapcdn.com *.intercomcdn.com; frame-src 'self' *.google.com *.googletagmanager.com *.stripe.com *.hotjar.com *.intercom.io *.facebook.com recaptcha.net; object-src 'none'; base-uri 'self'; form-action 'self' *.facebook.com; report-uri \/csp-report;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-bGU3OclBgGY0M1BJnW4vpA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-8Eh846DhBVtYRy4dVH6yGQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-A_7IaE_urPm8MfQ_DjTA4A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-OSo0VI9im9DIVUlPiR0IJg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-vsYddQWDl-aL3yBN1M_NNg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-CgM9C_r2oKFxdinacHmBLg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-5px7gW_MTR1C3_WnS4Tg7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-SGRZ1wYQsdL7_xvAkJouYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.ca *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.ca *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.ca *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B%3F710a%3Ac%3F05(rbpv7%3F2(wv6i%7C-19e241336c5-0x2605#pd","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-fiC31llILyJDkDs9RFCOVg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-vwHQTCJIrXKhgesK_5Jc1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-wfB9PikewBphudcnIRcxsA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' data: https: blob:; img-src 'self' data: https: http: blob:; script-src 'self' 'nonce-3F44F23E98604567D202F65D62F35362BBBAA0C1C14F5501E560FE610CC59D82' *.enable-now.cloud.sap *.salesforceliveagent.com *.siteintercept.qualtrics.com *.walkme.com *.liveperson.net *.ssl.ak.dynamic.tiles.virtualearth.net *.concursolutions.com *.sapdas-staging.cloud.sap *.sapdas.cloud.sap code.jquery.com consent.trustarc.com dev.virtualearth.net storage.glancecdn.net www.glancecdn.net www.google-analytics.com assets.adobedtm.com bam.nr-data.net maps.googleapis.com www.google-analytics.com www.googletagmanager.com siteintercept.qualtrics.com ajax.googleapis.com static.contextall.com *.bing.com www.vfmii.com blob:; style-src 'self' 'unsafe-inline' https: blob:; connect-src wss:\/\/*.glance.net 'self' https:; report-uri https:\/\/concursolutions.report-uri.com\/r\/t\/csp\/reportOnly; report-to report-only","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-by6G_plnLiSTO4fmvHPsaw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-uqKqpDWZiIgD0a7kReBUQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.com.au *.ebay.au *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.com.au *.ebay.au *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.com.au *.ebay.au *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B170%600e3b15(rbpv30.f%3F2uq-19e2420676e-0x605#pd","count":1},{"content-security-policy-report-only":" img-src peatix.com *.peatix.com cdn.peatix.com peatix-api.com data:;","count":1},{"content-security-policy-report-only":" default-src https:\/\/www.oreilly.com\/Yl0xpTG67Iif\/0dLC04yT65\/5N\/6rS7G2YwNOau\/NTJ8bzkhJAE\/Ci5wW\/AEwR1gt https:\/\/www.oreilly.com\/Yl0xpTG67Iif\/0dLC04yT65\/5N\/6rS7G2YwNOau\/NTJ8bzkhJAE\/Ci5wW\/AEwR1gt  https:\/\/www.oreilly.com\/Yl0xpTG67Iif\/0dLC04yT65\/5N\/aQS7G2pJmD8cSGh5t1\/E0B3bzkhJAE\/NxEdb\/k5eVVoB  https:\/\/www.oreilly.com  * 'unsafe-inline' 'unsafe-eval' data: blob: android-webview-video-poster: moz-extension: ms-browser-extension: chrome-extension: ios-log:; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubb898c25826db9d251f99fdcece943792&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service:wordpress-prod-cluster;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-i6DIee88ktPKorU22hCQgw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce--4P5K9AUD8gqS6SpdQxt7Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-l4JDqoAOcNerTNqqCdgmaQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'nonce-2a9eb829a593e67503f2b72d99d5d43c' 'none'; base-uri 'none'; img-src 'self' data: https:\/\/* *.bing.com *.bing.net *.marksandspencer.com *.mparticle.com; connect-src 'self' ms-gb.attn.tv *.attentivemobile.com the.sciencebehindecommerce.com www.wepowerconnections.com *.bing.com *.bing.net *.contentsquare.net dpm.demdex.net *.doubleclick.net googleads.g.doubleclick.net *.dynatrace.com *.facebook.com *.google.com *.google.co.uk *.google.ie *.googlesyndication.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com obseu.iseaskies.com *.medallia.eu *.marksandspencer.app *.marksandspencer.com *.mnscorp.net *.mparticle.com *.onetrust.com *.optimizely.com ct.pinterest.com *.reddit.com *.swrve.com api.taggstar.com *.tiktok.com *.tiktokw.us tags.tiqcdn.com; child-src 'none'; manifest-src 'self'; frame-ancestors 'self'; form-action 'self' www.facebook.com; object-src 'none'; worker-src blob: 'self'; script-src 'self' 'unsafe-inline' cdn.attn.tv *.dwin1.com *.roeyecdn.com the.sciencebehindecommerce.com *.bing.com *.bing.net *.contentsquare.net blob: *.doubleclick.net js-cdn.dynatrace.com *.facebook.com *.facebook.net *.getamigo.io *.googletagmanager.com *.iseaskies.com *.medallia.eu *.marksandspencer.com *.mparticle.com *.onetrust.com cdn-pci.optimizely.com s.pinimg.com ct.pinterest.com *.redditstatic.com *.tiktok.com tags.tiqcdn.com; style-src 'self' 'unsafe-inline'; frame-src *.demdex.net *.doubleclick.net www.facebook.com servedby.flashtalking.com *.googletagmanager.com *.medallia.eu *.optimizely.com ct.pinterest.com; media-src *.marksandspencer.app blob:; font-src *.marksandspencer.com","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-S40NbqhnhCrccJE9sSG_nA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-mN9fOo2hJWAxWrT4QJfntg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-r2IXqESgxnWXQcTVggBojw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-csVXb5E7UgARG50Yjd8XRA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.fr *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.fr *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.fr *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B170%600e3b15(rbpv5%3F.i%7Cv%3Af-19e243a164e-0x1706#pd","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-F368UJoNsvGy9rXxWMocVw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-BZHrQftQFY8YTib2d9geSQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-WkSsGtNSFRLK6wKwYhgGDA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self'; report-uri \/+cspreport\/log;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/cdn.wetransfer.com 'nonce-9d04cc15-cb88-433b-b3f1-d35a5a9d7908' 'sha256-4hRuHNFOqK6I2GgL9T5HwGETI5qu8rNsCs1G\/d5PPBk=' 'sha256-ZES\/2z0cbUZYbmG6sgCzU453zUUUmmotyFwnZ7G8WaY=' 'sha256-NvzBT9rJnGEWMlHqwvXg6OHIegGdn5PsAP3YZ7RzmgE=' 'sha256-f\/k++c7mXW35G13Y7R6PzP\/vWuqKqAVF3ph0iisXZX0=' 'sha256-ws2EcVAq3u\/bDFH4r+3pcRahQuX\/HRlekAqTc6GnDWI=' 'sha256-Bd1r8fyU+a98FYknUDsYXLvQwPaw2Trg0SDQ0pT+cWY=' 'sha256-scue6\/wrhAUP1T4+YMVMvhoJLHziYmv37BcJuN11XwM=' 'sha256-tUHp97FxQMwOfUs1KAvNxJvnntHhr1ukXQBr1sZ\/vKA=' 'sha256-L8m6ygYvYlmr5M0s5E\/t19ls7FHY3o5G8LFtd8UqytA=' 'sha256-cWB6LeQeTPFHH9QCg8VrP0sPJfqqdgDupHwitbxysNo=' 'sha256-1+tdasFuSYydtmIV8i2k8bpXyDasrvpd0i6vXt5p8xo=' 'sha256-pe6hK6\/pXs86IrWP5sSJTjHKKgBqZoSjkbrMZLM0MQg=' 'wasm-unsafe-eval' blob: https:\/\/nolan.wetransfer.net https:\/\/nolan.wetransferbeta.net https:\/\/accounts.google.com https:\/\/tagging.wetransfer.com https:\/\/www.googletagmanager.com https:\/\/bat.bing.com https:\/\/cdn.cookielaw.org https:\/\/js.stripe.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/*.clarity.ms https:\/\/*.rokt.com https:\/\/*.hcaptcha.com https:\/\/*.typeform.com https:\/\/connect.facebook.net https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/*.brandmetrics.com https:\/\/*.amazon-adsystem.com https:\/\/*.crwdcntrl.net https:\/\/js.adsrvr.org https:\/\/securepubads.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/*.zendesk.com https:\/\/static.zdassets.com https:\/\/ekr.zdassets.com https:\/\/privacy.wetransfer.com https:\/\/*.doubleverify.com https:\/\/aam.a47b.com https:\/\/cdn.xpln.tech; style-src 'self' https:\/\/cdn.wetransfer.com 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/accounts.google.com https:\/\/*.typeform.com; style-src-elem 'self' https:\/\/cdn.wetransfer.com 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/accounts.google.com https:\/\/*.typeform.com https:\/\/www.gstatic.com https:\/\/translate.googleapis.com; font-src 'self' https:\/\/cdn.wetransfer.com data: https:\/\/fonts.gstatic.com; img-src 'self' data: blob: https:\/\/*.zendesk.com https:\/\/*.zdassets.com https:\/\/*.wetransfer.com https:\/\/*.wetransfer.net https:\/\/*.wetransferbeta.net https:\/\/*.wetransferbeta.com https:\/\/*.hotjar.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/cdn.cookielaw.org https:\/\/*.googleusercontent.com https:\/\/accounts.google.com https:\/\/www.googletagmanager.com https:\/\/*.amazonaws.com https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/ad.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/adservice.google.com https:\/\/www.google.com https:\/\/google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/*.doubleverify.com https:\/\/di.rlcdn.com https:\/\/*.brandmetrics.com https:\/\/*.clarity.ms https:\/\/data.ad-score.com https:\/\/*.adform.net https:\/\/fonts.gstatic.com https:\/\/ep1.adtrafficquality.google https:\/\/*.flashtalking.com https:\/\/*.adsafeprotected.com https:\/\/tracker.samplicio.us https:\/\/track.activemetering.com https:\/\/tag.researchnow.com https:\/\/gdesk.hit.gemius.pl https:\/\/secure.insightexpressai.com https:\/\/*.innovid.com https:\/\/secure-gl.imrworldwide.com https:\/\/translate.google.com https:\/\/px.ads.linkedin.com; connect-src 'self' blob: https:\/\/wetransferbeta.com https:\/\/*.wetransferbeta.net https:\/\/*.wetransferbeta.com https:\/\/wetransfer.com https:\/\/*.wetransfer.net https:\/\/*.wetransfer.com https:\/\/*.datadoghq.eu https:\/\/browser-intake-datadoghq.eu https:\/\/*.browser-intake-datadoghq.eu https:\/\/*.hcaptcha.com https:\/\/*.stripe.com https:\/\/*.zendesk.com wss:\/\/*.zendesk.com https:\/\/*.zdassets.com https:\/\/app.launchdarkly.com wss:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/*.clarity.ms https:\/\/cdn.cookielaw.org https:\/\/*.onetrust.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/*.rokt.com https:\/\/*.adzerk.net https:\/\/*.googlesyndication.com https:\/\/*.googleusercontent.com https:\/\/*.typeform.com https:\/\/*.amazonaws.com https:\/\/ct.pinterest.com https:\/\/*.amazon-adsystem.com https:\/\/ara.paa-reporting-advertising.amazon https:\/\/insight.adsrvr.org https:\/\/*.crwdcntrl.net https:\/\/*.ltmsphrcl.net https:\/\/x.bndspn.com https:\/\/apps.apple.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/securepubads.g.doubleclick.net https:\/\/collector.brandmetrics.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/google.com https:\/\/ep1.adtrafficquality.google https:\/\/csi.gstatic.com https:\/\/translate-pa.googleapis.com https:\/\/translate.googleapis.com https:\/\/px.ads.linkedin.com; frame-src 'self' https:\/\/accounts.google.com https:\/\/tagging.wetransfer.com https:\/\/*.stripe.com https:\/\/*.hcaptcha.com https:\/\/collectapp.page.link https:\/\/debugcollectapp.page.link https:\/\/*.wetransfer.net https:\/\/*.wetransfer.com https:\/\/*.wetransferbeta.net https:\/\/*.wetransferbeta.com https:\/\/*.rokt.com https:\/\/match.adsrvr.org https:\/\/insight.adsrvr.org https:\/\/ct.pinterest.com https:\/\/*.crwdcntrl.net https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/cm.g.doubleclick.net https:\/\/ep2.adtrafficquality.google https:\/\/securepubads.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/*.amazon-adsystem.com https:\/\/gum.criteo.com https:\/\/google-bidout-d.openx.net https:\/\/www.facebook.com https:\/\/*.trustpilot.com https:\/\/console.googletagservices.com; worker-src 'self' blob:; media-src 'self' blob: https:\/\/*.wetransfer.net https:\/\/*.wetransfer.com https:\/\/*.wetransferbeta.net https:\/\/*.wetransferbeta.com https:\/\/wetransferplusimages.s3.eu-west-1.amazonaws.com https:\/\/static.zdassets.com; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/webto.salesforce.com https:\/\/test.salesforce.com https:\/\/wetransfer.zendesk.com https:\/\/www.facebook.com; report-uri https:\/\/browser-intake-datadoghq.eu\/api\/v2\/logs?dd-api-key=pubabbc81b16855ec184b0753bf36600da1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Afrontend-transfer%2Cenv%3Aproduction%2Cversion%3A58fbeea08a21c50c1e483b2d6aa9a0c325251053","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-JYeaNimw_tcK8oADiEbaUg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-eirP-eKRYQ__-iq4WJgIug' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-i1GM_-lmErt2P2QAN5-Nrg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/chromebook","count":1},{"content-security-policy-report-only":" default-src 'self';    script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.brivo.com *.googletagmanager.com *.google-analytics.com *.hubspot.com *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hs-banner.com *.onetrust.com cdn.cookielaw.org *.linkedin.com *.licdn.com *.facebook.net *.google.com *.gstatic.com *.okta.com *.een.com *.amazonaws.com *.addtoany.com *.wistia.com *.wistia.net *.zoom.us zoom.us *.zoominfo.com *.zi-scripts.com *.hotjar.com browser.sentry-cdn.com *.acsbapp.com acsbapp.com *.statuspage.io *.vimeo.com meet.jit.si *.youtube.com *.youtube-nocookie.com public.flourish.studio;    object-src 'none';    style-src 'self' 'unsafe-inline' *.googleapis.com *.hubspot.com *.wistia.com *.acsbapp.com;    font-src 'self' data: fonts.gstatic.com script.hotjar.com *.wistia.net *.wistia.com;    img-src 'self' data: *.brivo.com *.google-analytics.com *.googletagmanager.com *.hubspot.com *.hsforms.com *.hsforms-na1.com *.hs-scripts.com *.hs-analytics.net *.hs-banner.com *.licdn.com *.linkedin.com *.facebook.com *.wistia.com *.wistia.net *.zoom.us zoom.us cdn.cookielaw.org *.acsbapp.com stats.g.doubleclick.net *.vimeocdn.com *.cdntwrk.com secure.gravatar.com *.ytimg.com *.googleusercontent.com;    connect-src 'self' blob: *.brivo.com *.google-analytics.com analytics.google.com *.analytics.google.com *.googletagmanager.com *.hubspot.com *.hsforms.com *.hsforms-na1.com *.hs-analytics.net *.onetrust.com *.een.com *.amazonaws.com *.wistia.com *.wistia.net *.zoom.us zoom.us *.zoominfo.com *.zi-scripts.com *.hotjar.com *.hotjar.io *.linkedin.com cdn.cookielaw.org www.google.com *.acsbapp.com acsbapp.com stats.g.doubleclick.net *.litix.io *.vimeo.com meet.jit.si;    frame-src 'self' *.brivo.com *.hubspot.com *.hsforms.com js.hsforms.net *.google.com *.okta.com *.een.com *.addtoany.com *.zoom.us zoom.us *.wistia.com *.acsbapp.com *.statuspage.io *.vimeo.com meet.jit.si *.youtube.com *.youtube-nocookie.com flo.uri.sh public.flourish.studio;    media-src 'self' blob: *.wistia.com *.wistia.net *.amazonaws.com *.vimeocdn.com;    base-uri 'self';    form-action 'self' *.brivo.com *.hubspot.com *.hsforms.com;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-2Lfi1fi3C436r5_wIQJ49g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-3mhgI-t0V8-GPwZBy3YOZw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-6Ii79gWrohc0DtllsnT0Yw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Bug3U8i-soC3ErI4aB5-AQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-hviKezqXzqeEziCINSGeBA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-TKpB9wFCABAksuPDpteNag' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net betano.com *.betano.com betgenius.com *.betgenius.com bing.com *.bing.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org creativecdn.com *.creativecdn.com facebook.net *.facebook.net fullstory.com *.fullstory.com gmlinteractive.com *.gmlinteractive.com googletagmanager.com *.googletagmanager.com kaizengaming.com *.kaizengaming.com kameleoon.eu *.kameleoon.eu kameleoon.io *.kameleoon.io optimove.net *.optimove.net sportradar.com *.sportradar.com cloudflareinsights.com *.cloudflareinsights.com app.delivery *.app.delivery bet.br *.bet.br google-analytics.com *.google-analytics.com lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com sportradarserving.com *.sportradarserving.com *.taboola.com *.geocomply.com *.ads-twitter.com *.jsdelivr.net *.kwai.net *.clarity.ms *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.pa4r.com *.brandinsight.tech res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=t7QHeItUMAqbzvYyVKFaxBMGI0d6Nx0L843DY3EqRdU-1778728528.9485652-1.0.1.1-6SPJsm2u6VM8odAPwXqxbYzKavsXIQ4Ka.L00AUVK9ZW9vCmP3dJwDz418_8foRMTByQhsU5U3qmBFWyw2hwZpHuMoDC9XTZeyn0w6ZJMwv4kYkguYl618RTUDAg.Kal9Nr_vqWyK59OwrF.QxRdXqxuxqflO2Bj_D2k8CrSmYomF6dfuErJgMd3qjbbwCJK; report-to cf-ttrojneobeludnxt","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline'; connect-src 'self' https:\/\/mc.yandex.ru wss:\/\/mc.yandex.ru https:\/\/mc.yandex.com wss:\/\/mc.yandex.com https:\/\/mc.yandex.by wss:\/\/mc.yandex.by https:\/\/mc.yandex.md https:\/\/api-maps.yandex.ru https:\/\/smartcaptcha.yandexcloud.net https:\/\/cdn.redoc.ly https:\/\/ymlgbi0m5g.ru https:\/\/ymebm1c4fu.ru; font-src 'self' data:; frame-src *; img-src 'self' data: https:\/\/core-renderer-tiles.maps.yandex.net https:\/\/yandex.ru https:\/\/api-maps.yandex.ru https:\/\/mc.yandex.ru https:\/\/mc.yandex.com https:\/\/mc.yandex.by https:\/\/mc.yandex.com.tr https:\/\/yastatic.net https:\/\/cdn.redoc.ly; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/api-maps.yandex.ru https:\/\/mc.yandex.ru https:\/\/mc.yandex.com https:\/\/cdn.redoc.ly https:\/\/ymlgbi0m5g.ru https:\/\/ymebm1c4fu.ru; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' blob: https:\/\/core-renderer-tiles.maps.yandex.net https:\/\/yastatic.net https:\/\/api-maps.yandex.ru https:\/\/mc.yandex.ru https:\/\/mc.yandex.com https:\/\/smartcaptcha.yandexcloud.net https:\/\/cdn.redoc.ly https:\/\/ymlgbi0m5g.ru https:\/\/ymebm1c4fu.ru; worker-src 'self' blob:; media-src 'self' data:; object-src 'none'; report-uri https:\/\/csp.nspk.ru\/report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-NJh7NZP1sDibRo4JKS2WNg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' blob: data: https:\/\/www.googleadservices.com\/pagead\/conversion\/ https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.google.com\/js\/bg\/ https:\/\/www.gstatic.com\/external_hosted\/highlightjs\/highlight.pack.js https:\/\/www.gstatic.com\/monaco_editor\/ https:\/\/fonts.gstatic.com\/s\/e\/notoemoji\/search\/wrapper.js https:\/\/www.youtube.com\/iframe_api https:\/\/translate.google.com\/translate_a\/element.js https:\/\/www-onepick-opensocial.googleusercontent.com\/gadgets\/js\/rpc.js https:\/\/www.gstatic.com\/_\/mss\/boq-one-google\/_\/ https:\/\/www.gstatic.com\/og\/_\/js\/ https:\/\/apis.google.com\/js\/api.js https:\/\/apis.google.com\/js\/client.js https:\/\/www.google.com\/tools\/feedback\/chat_load.js https:\/\/www.google.com\/tools\/feedback\/help_api.js https:\/\/www.google.com\/tools\/feedback\/load.js https:\/\/www.google.com\/tools\/feedback\/open.js https:\/\/www.google.com\/tools\/feedback\/open_to_help_guide_lazy.js https:\/\/www.gstatic.com\/feedback\/js\/ https:\/\/www.gstatic.com\/feedback\/js\/help\/prod\/service\/lazy.min.js https:\/\/www.gstatic.com\/inproduct_help\/api\/main.min.js https:\/\/www.gstatic.com\/inproduct_help\/chatsupport\/chatsupport_button_v2.js https:\/\/www.gstatic.com\/inproduct_help\/service\/lazy.min.js https:\/\/www.gstatic.com\/uservoice\/feedback\/client\/web\/live\/ https:\/\/www.gstatic.com\/uservoice\/surveys\/resources\/prod\/js\/survey\/ https:\/\/maps.googleapis.com\/maps\/api\/js https:\/\/gemini.gstatic.com\/_\/mss\/boq-bard-web\/_\/js\/k=boq-bard-web.BardChatUi.en_US.mI4mwM9B9F8.2018.O\/ https:\/\/apis.google.com\/_\/scs\/abc-static\/_\/js\/ https:\/\/maps.googleapis.com\/maps-api-v3\/api\/js\/ https:\/\/maps.googleapis.com\/maps\/vt https:\/\/maps.googleapis.com\/maps\/api\/js\/ https:\/\/maps.googleapis.com\/maps\/api\/place\/js\/ https:\/\/www.youtube.com\/s\/player\/ https:\/\/translate.googleapis.com\/_\/translate_http\/_\/js\/;report-uri \/_\/BardChatUi\/cspreport\/fine-allowlist","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.cookielaw.org https:\/\/optly.heap.io https:\/\/www.googleoptimize.com https:\/\/www.googletagmanager.com https:\/\/cdn.us.heap-api.com https:\/\/marketo.clearbit.com https:\/\/*.wistia.net https:\/\/js.chilipiper.com https:\/\/js.driftt.com https:\/\/*.clearbit.com https:\/\/app-ab33.marketo.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.cookielaw.org https:\/\/*.ctfassets.net; img-src 'self' data: https:\/\/*.ctfassets.net https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.wistia.net https:\/\/heapanalytics.com https:\/\/*.clearbit.com https:\/\/*.doubleclick.net; connect-src 'self' https:\/\/*.contentful.com https:\/\/*.heap-api.com https:\/\/heapanalytics.com https:\/\/www.google-analytics.com https:\/\/*.wistia.net https:\/\/*.doubleclick.net https:\/\/*.cookielaw.org https:\/\/app-ab33.marketo.com; font-src 'self' data: https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/*.wistia.net https:\/\/*.marketo.com https:\/\/*.chilipiper.com; worker-src 'self' blob:; manifest-src 'self'; base-uri 'self'; form-action 'self' https:\/\/*.marketo.com; frame-ancestors 'self'; media-src 'self' https:\/\/*.wistia.net blob:; object-src 'none'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-jViRYcJDJubFHD4czL7fNQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-MGauGvbtRa2yXlwF7wdsaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'report-sample' addtocalendar.com cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.knightlab.com https:\/\/code.jquery.com https:\/\/science-catalog.fws.gov https:\/\/touchpoints.app.cloud.gov https:\/\/unpkg.com https:\/\/www.google.com maps.google.com unpkg.com; style-src 'self' 'report-sample' addtocalendar.com cdnjs.cloudflare.com fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.knightlab.com https:\/\/fonts.googleapis.com https:\/\/science-catalog.fws.gov https:\/\/unpkg.com unpkg.com; webrtc 'block'; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.kolesa.kz https:\/\/kolesa.kz wss:\/\/*.kolesa.kz https:\/\/sentry-common.kolesa.team yastatic.net *.adfox.ru *.yandex.ru *.yandex.net *.yandex.kz *.yandex.com yandex.ru yandex.kz yandex.com yandexadexchange.net *.ftd.agency *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com *.google.kz *.google.co.uz *.googlesyndication.com *.googleadservices.com *.gstatic.com *.ampproject.org *.segmentstream.com *.facebook.net *.facebook.com *.tiktok.com *.youtube.com; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/about_appsheet_com","count":1},{"content-security-policy-report-only":" default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self'; report-uri \/_\/csp-reports","count":1},{"content-security-policy-report-only":" base-uri 'self'; connect-src 'self' https:\/\/*.clarity.ms\/collect https:\/\/*.google-analytics.com\/g\/collect https:\/\/*.launchdarkly.com https:\/\/ad.doubleclick.net https:\/\/amplify.outbrain.com https:\/\/analytics.google.com https:\/\/analytics.tiktok.com https:\/\/api.segment.io https:\/\/aplo-evnt.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/browser-intake-datadoghq.eu https:\/\/cdn.segment.com https:\/\/content.hotjar.io https:\/\/conversions-config.reddit.com https:\/\/cookie-cdn.cookiepro.com https:\/\/geolocation.onetrust.com https:\/\/graphql.contentful.com https:\/\/id.sage.com https:\/\/ingress.eu2.rum-ingress-coralogix.com\/browser\/v1beta\/logs https:\/\/maps.googleapis.com https:\/\/pagead2.googlesyndication.com https:\/\/pagesense-collect.zoho.in https:\/\/pixel-config.reddit.com https:\/\/pixel.quantserve.com https:\/\/pixels.spotify.com https:\/\/postcodes.io https:\/\/privacyportal.cookiepro.com https:\/\/px.ads.linkedin.com https:\/\/rum-http-intake.logs.datadoghq.eu https:\/\/stats.g.doubleclick.net https:\/\/tide.api.kustomerapp.com https:\/\/tr.outbrain.com https:\/\/widget.trustpilot.com https:\/\/www.cloudflare.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.redditstatic.com https:\/\/z.clarity.ms; default-src 'none'; font-src 'self' https:\/\/cdn.kustomerapp.com https:\/\/fonts.gstatic.com https:\/\/web-assets.tide.co; frame-ancestors 'self' https:\/\/uniclient-demo.web.app; frame-src 'self' https:\/\/14663405.fls.doubleclick.net https:\/\/forms.zohopublic.in https:\/\/widget.trustpilot.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com; img-src 'self' https:\/\/ade.googlesyndication.com https:\/\/bat.bing.net https:\/\/c.clarity.ms https:\/\/cdn.prod2.kustomerhostedcontent.com https:\/\/downloads.ctfassets.net https:\/\/heapanalytics.com https:\/\/images.ctfassets.net https:\/\/impressions.onelink.me https:\/\/px.ads.linkedin.com\/collect https:\/\/q.quora.com https:\/\/web-assets.tide.co https:\/\/www.facebook.com https:\/\/www.google.co.in https:\/\/www.google.com; manifest-src 'self'; media-src 'self' https:\/\/videos.ctfassets.net; object-src 'none'; report-to csp-reporting-endpoint; report-uri https:\/\/csp-report.browser-intake-datadoghq.eu\/api\/v2\/logs?dd-api-key=pubd4258020965cc5258eee35ac618e9586&dd-evp-origin=content-security-policy&ddsource=csp-report; script-src 'self' 'unsafe-inline' https:\/\/a.quora.com https:\/\/amplify.outbrain.com https:\/\/analytics.tiktok.com\/ https:\/\/assets.apollo.io\/ https:\/\/bat.bing.com https:\/\/cdn-in.pagesense.io https:\/\/cdn.datatables.net https:\/\/cdn.heapanalytics.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.kustomerapp.com https:\/\/cdn.rum-ingress-coralogix.com https:\/\/cdn.segment.com\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/ https:\/\/code.jquery.com https:\/\/connect.facebook.net\/ https:\/\/cookie-cdn.cookiepro.com\/ https:\/\/d34r8q7sht0t9k.cloudfront.net https:\/\/d38xvr37kwwhcm.cloudfront.net https:\/\/geotargetly-api-2.com https:\/\/googleads.g.doubleclick.net https:\/\/googleusercontent.com https:\/\/js.stripe.com https:\/\/kit.fontawesome.com https:\/\/payments.tide.co https:\/\/pixel.byspotify.com\/ https:\/\/rules.quantcount.com https:\/\/script.hotjar.com https:\/\/scripts.clarity.ms https:\/\/scripts.clarity.ms\/ https:\/\/secure.quantserve.com https:\/\/snap.licdn.com https:\/\/stackpath.bootstrapcdn.com https:\/\/static.ads-twitter.com https:\/\/static.hotjar.com https:\/\/tr.outbrain.com https:\/\/wave.outbrain.com https:\/\/web-assets.tide.co\/ https:\/\/widget.trustpilot.com\/ https:\/\/www.clarity.ms https:\/\/www.datadoghq-browser-agent.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com\/ https:\/\/www.gstatic.com https:\/\/www.redditstatic.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com\/ajax\/libs https:\/\/fonts.googleapis.com\/css https:\/\/stackpath.bootstrapcdn.com https:\/\/use.typekit.net; worker-src 'self'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-dqLT67wWyqEY0bYBOnaEww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-8xG97f_V3H6ahObuGjs0Rw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri \/cgi-bin\/csp-reports.cgi","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-yi3v-IM15KE9TFPdjBPE4g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-aWu1IbZh3LBpvZeblxGXzA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-24DJonnsZsc3V_KcRAR31g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/www.rferl.org\/embed https:\/\/www.rferl.org\/embed\/player https:\/\/www.rferl.org\/embed\/player\/0 https:\/\/www.rferl.org\/embed\/player\/1 https:\/\/www.rferl.org\/ext https:\/\/www.rferl.org\/widget; report-uri https:\/\/csp.pangeadigital.io\/cspreport","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-p1DdlrD3MjHWxs-s6g7DHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Wn2jewR36mCY3lpZoc5cQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src 'self' https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/www.youtube.com; img-src 'self' data: https:\/\/www.google-analytics.com; object-src 'none'; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com releases.flowplayer.org; script-src-attr 'self'; script-src-elem 'self' https:\/\/www.googletagmanager.com https:\/\/www.google.com releases.flowplayer.org; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com releases.flowplayer.org; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' releases.flowplayer.org; frame-ancestors 'self'; block-all-mixed-content","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.indiewire.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.fantia.jp; script-src 'unsafe-inline' 'self' https:\/\/*.fantia.jp *.genieesspv.jp *.gsspat.jp *.gsspcln.jp *.gssprt.jp *.im-apps.net *.ad-stir.com *.i-mobile.co.jp *.amoad.com *.criteo.net *.criteo.com *.fout.jp *.goldspotmedia.com *.zucks.net j.zucks.net.zimg.jp *.zucks.co.jp ta-adquick.info nend.net *.rtbhouse.com *.ad-gate.net securepubads.g.doubleclick.net *.geniee.jp https:\/\/ec-widget.toranoana.jp nav.yumenosora.co.jp *.google-analytics.com www.googletagmanager.com www.googleoptimize.com cdnjs.cloudflare.com stackpath.bootstrapcdn.com cdn.jsdelivr.net vjs.zencdn.net *.twitter.com static.ads-twitter.com *.clarity.ms *.recaptcha.net *.gstatic.com *.fontawesome.com *.chatplus.jp *.amplitude.com https:\/\/csp-report-ij4goxpsha-an.a.run.app\/api\/v1\/csp_report; font-src 'self' https:\/\/*.fantia.jp * data:; style-src 'self' https:\/\/*.fantia.jp 'unsafe-inline' * data:; img-src 'self' https:\/\/*.fantia.jp * blob: data: www.googletagmanager.com; child-src 'self' https:\/\/*.fantia.jp blob: *.genieesspv.jp *.gsspat.jp *.gsspcln.jp *.gssprt.jp *.im-apps.net *.ad-stir.com *.i-mobile.co.jp *.amoad.com *.criteo.net *.criteo.com *.fout.jp *.goldspotmedia.com *.zucks.net j.zucks.net.zimg.jp *.zucks.co.jp ta-adquick.info nend.net *.rtbhouse.com *.ad-gate.net securepubads.g.doubleclick.net *.geniee.jp platform.twitter.com www.googletagmanager.com www.youtube.com player.vimeo.com *.recaptcha.net *.chatplus.jp; connect-src 'self' https:\/\/*.fantia.jp *.genieesspv.jp *.gsspat.jp *.gsspcln.jp *.gssprt.jp *.im-apps.net *.ad-stir.com *.i-mobile.co.jp *.amoad.com *.criteo.net *.criteo.com *.fout.jp *.goldspotmedia.com *.zucks.net j.zucks.net.zimg.jp *.zucks.co.jp ta-adquick.info nend.net *.rtbhouse.com *.ad-gate.net securepubads.g.doubleclick.net *.geniee.jp https:\/\/cc.fantia.jp https:\/\/c.fantia.jp https:\/\/dd.fantia.jp https:\/\/d.fantia.jp https:\/\/ec-widget.toranoana.jp www.google-analytics.com stats.g.doubleclick.net *.clarity.ms *.fontawesome.com *.agora.io:* *.agoraio.cn *.ap.sd-rtn.com *.statscollector.sd-rtn.com:* *.veritrans.co.jp *.chatplus.jp wss:\/\/*.edge.agora.io:* wss:\/\/*.edge.agoraio.cn:* wss:\/\/*.edge.sd-rtn.com *.amplitude.com https:\/\/ogp-cache-system-prod-ij4goxpsha-an.a.run.app\/api\/v1\/ogp\/info https:\/\/csp-report-ij4goxpsha-an.a.run.app\/api\/v1\/csp_report https:\/\/fantia.s3.ap-northeast-1.amazonaws.com; media-src 'self' https:\/\/*.fantia.jp *.genieesspv.jp *.gsspat.jp *.gsspcln.jp *.gssprt.jp *.im-apps.net *.ad-stir.com *.i-mobile.co.jp *.amoad.com *.criteo.net *.criteo.com *.fout.jp *.goldspotmedia.com *.zucks.net j.zucks.net.zimg.jp *.zucks.co.jp ta-adquick.info nend.net *.rtbhouse.com *.ad-gate.net securepubads.g.doubleclick.net *.geniee.jp blob: https:\/\/*.chatplus.jp; frame-ancestors 'self' https:\/\/*.fantia.jp *.toranoana.jp toranoana.jp *.yumenosora.co.jp yumenosora.co.jp *.toranoana.co.jp toranoana.co.jp; form-action 'self' https:\/\/*.fantia.jp; report-to report-server; report-uri https:\/\/csp-report-ij4goxpsha-an.a.run.app\/api\/v1\/csp_report;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-GZx0HP4KHHEBOoC_6-r9PA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' 'nonce-4F0lLE6MDAPDIN2xuGAC4H3DTkqnzEEA0ZkHCKu09YQ=' 'strict-dynamic' https:; script-src 'nonce-4F0lLE6MDAPDIN2xuGAC4H3DTkqnzEEA0ZkHCKu09YQ='  'sha512-gU7kztaQEl7SHJyraPfZLQCNnrKdaQi5ndOyt4L4UPL\/FHDd\/uB9Je6KDARIqwnNNE27hnqoWLBq+Kpe4iHfeQ==' 'sha512-DXYctkkhmMYJ4vYp4Dm6jprD4ZareZ7ud\/d9mGCKif\/Dt3FnN95SjogHvwKvxXHoMAAkZX6EO6ePwpDIR1Y8jw==' 'sha512-mz4SrGyk+dtPY9MNYOMkD81gp8ajViZ4S0VDuM\/Zqg40cg9xgIBYSiL5fN79Htbz4f2+uR9lrDO6mgcjM+NAXA==' 'sha512-pnt8OPBTOklRd4\/iSW7msOiCVO4uvffF17Egr3c7AaN0h3qFnSu7L6UmdZJUCednMhhruTLRq7X9WbyAWNBegw=='  'strict-dynamic' https:; font-src 'self' https:\/\/res-1.cdn.office.net\/files\/fabric-cdn-prod_20221201.001\/assets\/fonts\/ https:\/\/res-1.cdn.office.net\/files\/fabric-cdn-prod_20221201.001\/assets\/icons\/ 'nonce-4F0lLE6MDAPDIN2xuGAC4H3DTkqnzEEA0ZkHCKu09YQ='; base-uri 'none'; form-action 'self' 'nonce-4F0lLE6MDAPDIN2xuGAC4H3DTkqnzEEA0ZkHCKu09YQ='; style-src 'self' 'nonce-4F0lLE6MDAPDIN2xuGAC4H3DTkqnzEEA0ZkHCKu09YQ='; report-uri ; object-src 'none'; frame-ancestors 'none';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-bbpD8O8TqasnlWBARRzOFw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-D9m3T0HXWqJhn58L_UzcsA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-TSyGoflQKu4Hh1FgeG6nAA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-gtFG4IIDUQxNEUtehmUbeA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-IdolHsYgLddLuUvjaRprmA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-UAWsOpZz3jWhnksV-aHcrQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" script-src 'strict-dynamic' 'self' https: 'nonce-3070dc72f93a9f14dae1456e14a5c2944c873581e11f9032'; script-src-elem 'self' 'nonce-3070dc72f93a9f14dae1456e14a5c2944c873581e11f9032'; object-src 'none'; base-uri 'none'; report-to csp-report; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-efUCDYciC5gJvHHVaQSUew' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-0DciF8w6aXL1nsn9QBT7Nw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-H9XJDuvWU9znNhRwWzV15Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" connect-src *.bundesregierung.de analytics.bundesregierung.de https:\/\/hls-hd.myrasec.de *.stage.bio ; style-src *.bundesregierung.de 'unsafe-inline' ; script-src *.bundesregierung.de ; script-src-elem *.bundesregierung.de 'nonce-tgjIrk6RgrzTCvogzcGV2Nsv6Z6zXn34FHZ3dYzsy5mJsMCPrQD1T4wypMlV5nuu7SoCTGuAlo3GxIDafMEGCgQCe4vdYjUhXi0DnLTd\/tXmUUe46nUzSuYi1eO6huObDlKqIxhInfTMIRBu8tq+TfjA5ugBh5MNabJn0fkwFV4=' *.stage.bio ; frame-src *.bundesregierung.de ; media-src *.bundesregierung.de http:\/\/video.bundesregierung.de https:\/\/zdf-hls-18.akamaized.net *.stage.bio ; frame-ancestors *.bundesregierung.de ; img-src *.bundesregierung.de *.bundeskanzler.de https:\/\/*.tile.openstreetmap.de data: *.stage.bio ; default-src *.bundesregierung.de ; font-src *.bundesregierung.de ; report-uri https:\/\/www.bundesregierung.de\/service\/csp-report ;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-F9zpKUqxuxDK4GCimG_tIQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" base-uri 'self';script-src-elem 'self' https:\/\/snap.licdn.com\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/js.hs-analytics.net\/analytics\/ https:\/\/www.googletagmanager.com\/gtag\/ https:\/\/js.hs-banner.com\/ https:\/\/js.hsadspixel.net\/ https:\/\/x.clearbitjs.com\/ https:\/\/reveal.clearbit.com\/ https:\/\/tag.clearbitscripts.com\/ https:\/\/cdn.koala.live\/ https:\/\/app.leandata.com\/ https:\/\/www.datadoghq-browser-agent.com\/ https:\/\/cdn.jsdelivr.net\/ https:\/\/browser.sentry-cdn.com\/ 'nonce-ab83f156c56d656b';report-uri \/api\/report_csp_violation;object-src 'self';form-action 'self';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Gx4n1SkLcCRDMWCM_BAcjQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-IWDZvTl4yfjJ9rzYhRXi8g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-GVKZ36k0lMqCBuJCvkI2bQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ng152DVlHr4B2sy5wHILNA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce--JCTxRdbC-ZiNPdJJsqioQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-hcc3iIhTYCzfqHJECWPXuA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-kJSjX_cQA4b8yyMfOH8qRA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net betano.bg *.betano.bg betano.com *.betano.com betgenius.com *.betgenius.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org facebook.net *.facebook.net fullstory.com *.fullstory.com gmlinteractive.com *.gmlinteractive.com creativecdn.com *.creativecdn.com googletagmanager.com *.googletagmanager.com kaizengaming.com *.kaizengaming.com kameleoon.eu *.kameleoon.eu optimove.net *.optimove.net sportradar.com *.sportradar.com bing.com *.bing.com stoiximan.gr *.stoiximan.gr cloudflareinsights.com *.cloudflareinsights.com app.delivery *.app.delivery google-analytics.com *.google-analytics.com lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com *.taboola.com *.geocomply.com *.kameleoon.io *.ads-twitter.com *.jsdelivr.net *.kwai.net *.clarity.ms *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.sportradarserving.com *.pa4r.com *.brandinsight.tech res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ahRiKdGiwZBgdL8VccCy8dudmleP08iKgZgI_M5j0hU-1778720952.8626916-1.0.1.1-JsZ263k_lVYb.g404JpkbyaY9v3P69Ef4rGvAacDuI0f5Cha4bx6D.Z4WcCBnnMrEfZ2oSvc4wvn4_FBjZkf35j9kqhzQcrZx.vghG3B6cQoNJLS.jT8BD6mYHHLVxU8oQWrMq5_mGjTAqmIYZ2eHCvxQ0kxGzqtW.Ny_CSr8Anemvv_FwuYuzdJtaVaGw8A; report-to cf-lbjsmsxgoksgrrna","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ESR32Uy5ICooqGwgkM5HZg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-9_3DMBlGB8UkiLED3V_4EA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri \/csp-report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-NlwOcb9r5L9dl4sVBc6EgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-QJTlI27eeHBuA0K3gHDqbA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-9v1_6pwtAjyZPcwUTjmP5g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-FyYaV-MMbMkSGCBfZhgS8g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-EV8FaowjE5A56E70fk2_0g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-_kIErgYP9eDTZia-K2z6nA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-E41-b28_BnmAZTMcLPPkgg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-kmQzwp4l9fckmtTH6pkekA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-bF35dk6nUY27Ahp_vTaUQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-UobfGuqSYOa0-IKohewfqA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors https:\/\/*.workable.com\/; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubcbe8d2ef0966e8645a91099cfac490bb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=%40http.headers.cfray%3A9fb62726aaf06cb7","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.dedeman.ro data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com maps.google.com *.recaptcha.net *.dedeman.ro applepay.cdn-apple.com *.gigya.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.dedeman.ro maps.gstatic.com *.googletagmanager.com server.arcgisonline.com a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org applepay.cdn-apple.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com *.gigya.com 'self' data: 'unsafe-inline' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.nr-ext.net *.nr-assets.net *.dedeman.ro *.googleapis.com *.google-analytics.com *.recaptcha.net *.facebook.com applepay.cdn-apple.com pay.google.com *.clarity.ms *.plugins.emarsys.net *.scarabresearch.com chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com *.gigya.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.dedeman.ro downloads.mailchimp.com 'unsafe-inline' data: 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src *.dedeman.ro 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.dedeman.ro maps.googleapis.com cdns.eu1.gigya.com apple-pay-gateway.apple.com apple-pay-gateway-cert.apple.com apple.com *.clarity.ms *.scarabresearch.com *.eservice.emarsys.net form-assets.mailchimp.com *.intuit.com *.amazonaws.com *.gigya.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.dedeman.ro maps.googleapis.com *.google-analytics.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' *.iheartmedia.com data: blob: https:; img-src 'self' data: https:; font-src https: data:; style-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; frame-src 'self' data: https:; child-src https:; media-src https:; object-src 'none'; connect-src 'self' wss: https:; report-uri https:\/\/csp.qw.iheartmedia.com\/api\/report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-rKdb8417Pof6pjJvFlvU1g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-qt9dozPZUqPucltiBz0Pgw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-CjOttQ0mjl2P_PyKszxayw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-BaNHII9rXfqvJ9XEeDgCTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-C5E7E-ZxcsaVwaa_XPfSYg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-DzzUBwlfxuupNtMSoUneyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-PqRtYszfv56JK56wm7oXcg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-DFyjytfZy2fyikBdQg7Suw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-EjqPwR2KTLGV0SfvomjF5A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net betano.com *.betano.com betgenius.com *.betgenius.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org facebook.net *.facebook.net fullstory.com *.fullstory.com gmlinteractive.com *.gmlinteractive.com creativecdn.com *.creativecdn.com googletagmanager.com *.googletagmanager.com kaizengaming.com *.kaizengaming.com kameleoon.eu *.kameleoon.eu optimove.net *.optimove.net sportradar.com *.sportradar.com bing.com *.bing.com stoiximan.gr *.stoiximan.gr cloudflareinsights.com *.cloudflareinsights.com geocomply.com *.geocomply.com kameleoon.io *.kameleoon.io ads-twitter.com *.ads-twitter.com app.delivery *.app.delivery google-analytics.com *.google-analytics.com lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com *.brandinsight.tech *.taboola.com *.jsdelivr.net *.kwai.net *.clarity.ms *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.sportradarserving.com *.pa4r.com res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co *.betano.bet.ar; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ZOf_ORnF1IRDvuc7HCESMCUZYGpmy8nqk1nvgxrHrgw-1778723008.644071-1.0.1.1-aWWQ6LxX9jUvthNhxIbRX4XObeCu9uJqt1HEbuQ5MQ6Aqx3YuffIgFsmH8Acc31z0sPa.DgOPDRbDkkBr8uj0w1eBNd06SArX1inMCikPVeK8jtnPiqlLjv89QAF0u_2VD4dDbroUMXuU9n06kT60b_l43bPqaNeK6lo5I3Gx_HApW2ArJ5Lmao6xjmP.reRSqFbIRw2gG8LrHs6Eyr1TA; report-to cf-pfqnxxssnxpzusda","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ghNEX9JcNVLp6i-YKeo-Hw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Rl1-8MgPIVksA8mxPFwRFQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-efEt7G8ztJO5-S_nnYJZWQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Rh4fYUdKYSCvBM-paOPA2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ZEJ0w6912aqinHqH4AW2Kw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-lXBTemmev6qK3GYaqJLsnA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; object-src 'self' 'unsafe-inline'; media-src *.salesforce-sites.com *.lightning.force.com *.storyblok.com *.zdassets.com *.doofinder.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; form-action https:\/\/www.facebook.com https:\/\/druni.my.salesforce-sites.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/store.plumrocket.com www.paycomet.com api.paycomet.com 'self' 'unsafe-inline'; frame-src http:\/\/fast.amc.demdex.net https:\/\/www.youtube.com https:\/\/www.facebook.com https:\/\/app3.salesmanago.pl https:\/\/10138016.fls.doubleclick.net https:\/\/insight.adsrvr.org https:\/\/td.doubleclick.net https:\/\/druni.my.salesforce-sites.com https:\/\/www.googletagmanager.com https:\/\/pay.google.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ https:\/\/js.checkout.com *.klarna.com https:\/\/store.plumrocket.com www.paycomet.com api.paycomet.com instantcredit.net test.instantcredit.net https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com www.googletagmanager.com *.salesforce-sites.com *.lightning.force.com *.hotjar.com *.oct8ne.com *.pinterest.com *.doofinder.com *.empathybroker.com *.empathy.co *.criteo.com 'self' 'unsafe-inline'; connect-src https:\/\/dpm.demdex.net http:\/\/dpm.demdex.net https:\/\/www.paypal.com https:\/\/eu1-search.doofinder.com https:\/\/shops-si.trustedshops.com https:\/\/api.trustedshops.com https:\/\/trustbadge.api.etrusted.com https:\/\/storytech.io https:\/\/analytics.tiktok.com https:\/\/region1.analytics.google.com https:\/\/vc-service.saleago.com https:\/\/api.swogo.net https:\/\/content.syndigo.com https:\/\/tracking.swogo.net https:\/\/www.google.com https:\/\/bat.bing.com https:\/\/druni.my.salesforce-sites.com https:\/\/pay.google.com https:\/\/cdn.equalweb.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/www.googletagmanager.com https:\/\/vc-service.salesmanago.pl https:\/\/app3.salesmanago.es https:\/\/www.facebook.com https:\/\/war.salesmanago.com https:\/\/capig.stape.org www.google-analytics.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/js.checkout.com *.klarnaevt.com *.doofinder.com wss:\/\/*.doofinder.com instantcredit.net *.instantcredit.net https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.googletagmanager.com *.salesforce-sites.com *.lightning.force.com *.oct8ne.com *.zendesk.com *.zopim.com *.doubleclick.net *.hotjar.com *.hotjar.io *.clarity.ms *.smartsuppcdn.com *.googleapis.com *.gstatic.com *.google-analytics.com *.google.es *.connectif.cloud *.klaviyo.com *.photoslurp.com *.zdassets.com *.pinterest.com *.nosto.com *.empathybroker.com *.empathy.co 'self' 'unsafe-inline'; img-src data: http:\/\/cm.everesttech.net http:\/\/amcglobal.sc.omtrdc.net https:\/\/asistentecosmeticatest1.herokuapp.com https:\/\/ad.doubleclick.net https:\/\/p1.zemanta.com https:\/\/www.storytech.io https:\/\/cdnstory.com https:\/\/insight.adsrvr.org https:\/\/www.druni.es https:\/\/event.syndigo.cloud https:\/\/ui.swogo.net https:\/\/googleads.g.doubleclick.net https:\/\/tau.collect.igodigital.com https:\/\/www.googletagmanager.com https:\/\/analytics.tiktok.com https:\/\/app3.salesmanago.es https:\/\/c.clarity.ms https:\/\/connect.facebook.net widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.doofinder.com instantcredit.net test.instantcredit.net https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com https:\/\/images.unsplash.com www.googletagmanager.com *.salesforce-sites.com *.lightning.force.com *.facebook.com *.google.com *.google.es widgets.trustedshops.com *.twitter.com t.co *.azureedge.net *.pinterest.com *.bing.com 'self' data: data: 'self' 'unsafe-inline'; font-src http:\/\/widgets.trustedshops.com http:\/\/maxcdn.bootstrapcdn.com https:\/\/fonts.gstatic.com https:\/\/asistentecosmeticatest1.herokuapp.com https:\/\/cdn.checkout.com instantcredit.net test.instantcredit.net maxcdn.bootstrapcdn.com *.salesforce-sites.com *.lightning.force.com fonts.gstatic.com *.azureedge.net *.doofinder.com *.typekit.net *.googleapis.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; style-src http:\/\/fonts.googleapis.com http:\/\/maxcdn.bootstrapcdn.com https:\/\/asistentecosmeticatest1.herokuapp.com https:\/\/storytech.io https:\/\/druni.my.salesforce-sites.com https:\/\/access.equalweb.com https:\/\/cdn.checkout.com *.doofinder.com instantcredit.net test.instantcredit.net maxcdn.bootstrapcdn.com *.salesforce-sites.com *.lightning.force.com *.photoslurp.com *.nosto.com *.klaviyo.com *.typekit.net *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; script-src http:\/\/widgets.trustedshops.com http:\/\/www.gstatic.com http:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.dwin1.com https:\/\/eu1-search.doofinder.com https:\/\/cdn.doofinder.com https:\/\/asistentecosmeticatest1.herokuapp.com https:\/\/cdnjs.cloudflare.com\/ https:\/\/ui.swogo.net https:\/\/analytics.tiktok.com https:\/\/storytech.io https:\/\/bucket.cdnwebcloud.com https:\/\/js.adsrvr.org https:\/\/js-tag.zemanta.com https:\/\/content.syndigo.com https:\/\/ct.pinterest.com https:\/\/fonts.googleapis.com https:\/\/druni.my.salesforce-sites.com https:\/\/536005834.collect.igodigital.com https:\/\/cdn.equalweb.com https:\/\/access.equalweb.com https:\/\/app3.salesmanago.es www.googleadservices.com www.google-analytics.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/*.checkout.com *.klarnacdn.net *.doofinder.com www.paycomet.com api.paycomet.com instantcredit.net test.instantcredit.net code.jquery.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com https:\/\/maps.googleapis.com www.googletagmanager.com *.salesforce-sites.com *.lightning.force.com *.googleoptimize.com widgets.trustedshops.com static-eu.oct8ne.com static.zdassets.com *.facebook.net *.tradedoubler.com *.doubleclick.net *.hotjar.com *.ads-twitter.com smct.co *.bsmartdata.com *.retargeted.co *.bing.com *.clarity.ms *.smartsuppcdn.com *.smartsuppchat.com *.smartsupp.com *.connectif.cloud *.klaviyo.com *.photoslurp.com *.pinimg.com *.nosto.com *.empathybroker.com *.unpkg.com *.google.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-lxqzm3kmRhIlDYZtiugC7Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-8fSikzAbE8QydubPB56wFA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-FIB2iThL4LqQAceb-zwTkQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" base-uri 'self';script-src 'self' *.aliyun.com *.alicdn.com dxwebview: *.qwen.ai qwen.ai *.alibaba.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'report-sample' https: http: 'nonce-lGC6XonxPZj7dKllxGjTLg' 'Strict-Dynamic' 'unsafe-hashes';frame-src 'self'  *.aliyun.com *.alicdn.com td.doubleclick.net *.alibaba-inc.com qwenlm.io *.alibabacloud.com dxwebview: *.qwen.ai qwen.ai www.youtube.com;worker-src blob: 'self';object-src 'none';frame-ancestors 'self' *.aliyun.com *.alibabacloud.com;report-uri \/report-csp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-0ixwpSNT6DEBlT_pynN7ww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-OWoW9HvxFGARZYWUKQ9puw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-DUKJpSAtAzhM3BV6pkTjlQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-CagOPVktfK9AKQtcNgcDfQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-pDnVp5jO7d2wuIO5wI3rTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-evmAOyRsiXjuSsvTjR3Sjg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-lk9Mj7yU3Ri3cNGBBG2kvg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-saXTn62MNfEXyH_3cYccpg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-LvuIO4e-CB-ynYX_nQc-Lw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-pef87zhlY3GCoxK2S4dJ4g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-GzYdBU4aEIMvKLS34gkuTw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-XaOqDILa-MJH92hk3MfmYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-yiJztPi7xeKYxQpR_03hOg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-5KxaaLP6EVSSqfTEF0Pxwg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-wI7_HEQgJRtSFMtFCcOdvg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-G3gtunGRdTl3blZ7_qnDiQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" block-all-mixed-content; report-uri https:\/\/www.warau.jp\/mixedcontentreport.php","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-_p1DaynxkovYGQPE3KwoIA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-lesASN-Q0RGv4ktMTC_scw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-4KoIb7r9O7amNLedg0eNSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-RCsmSN9qIC1k_zjpwNekAA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/js.qualified.com\/ https:\/\/unpkg.com\/ https:\/\/analytics.ahrefs.com https:\/\/fast.wistia.com https:\/\/connect.facebook.net https:\/\/browser.sentry-cdn.com;style-src 'self' 'unsafe-inline'; img-src 'self' https:\/\/logicmonitor.com https:\/\/www.logicmonitor.com https:\/\/d21y75miwcfqoq.cloudfront.net https:\/\/fast.wistia.com https:\/\/embed-ssl.wistia.com; media-src 'self' blob:; font-src 'self' data: https:\/\/fast.wistia.com; object-src 'none'; base-uri 'self'; form-action 'none'; frame-ancestors 'self' https:\/\/*.logicmonitor.com; frame-src 'self' https:\/\/logicmonitor.com https:\/\/www.logicmonitor.com ; connect-src 'self' https:\/\/app.qualified.com wss:\/\/ws2.qualified.com https:\/\/fast.wistia.com https:\/\/pipedream.wistia.com https:\/\/distillery.wistia.com https:\/\/embed-cloudfront.wistia.com https:\/\/fg8vvsvnieiv3ej16jby.litix.io;upgrade-insecure-requests; report-uri \/wp-json\/lm\/v1\/csp-report; report-to csp_report;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-bIF6hzLDh5wAUvSlaIIHwQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-EIYhGJsk8uNG2xLZai5uUA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' ; script-src 'self'  pos.gosuslugi.ru mc.yandex.ru 'unsafe-inline' 'unsafe-eval'; style-src 'self'  'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self'  data: pos.gosuslugi.ru mc.yandex.ru; connect-src 'self'  pos.gosuslugi.ru mc.yandex.ru; font-src 'self'  https:\/\/fonts.gstatic.com data:; media-src 'self' ; frame-src 'self'  mc.yandex.ru; object-src 'none';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-PyzGJkKuKa4LPTYNbq-o8A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-kEm4Z3lQjAgcyPSdkFb8jQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-VfnXsPd_P3yqhnGbLT360Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-LH1EuCKnjfmooKr7Hr8D2w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-DyJJXeFlj18GTVV-4yF3hg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-H_bhtX7yOeY1w5fyEcfcgQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js 'unsafe-eval' 'nonce-82d8dae512ddf250cc49396a4989fbc2' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com  https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-U92IhWnFFo1NXp_pwVy9HA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-qu2ulyIPpayKSWkInUC6iA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" child-src 'self' https:\/\/*.qualified.com; default-src 'self'; frame-src 'self' https:\/\/9628652.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/ct.pinterest.com https:\/\/tealium-f.squarecdn.com; worker-src 'self' blob:; connect-src 'self' https:\/\/assets.ctfassets.net https:\/\/api.broadway.squareup.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/api.squareup.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com https:\/\/api.squareup.com https:\/\/api.squareupstaging.com *.contentsquare.net https:\/\/capi.squareup.com https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/stats.g.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/google.com https:\/\/www.google.com https:\/\/us-central1-sq-sgtm-prod.cloudfunctions.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net http:\/\/424-iab-218.mktoresp.com https:\/\/424-iab-218.mktoresp.com https:\/\/xms2-marketo.beta.stage.sqprod.co https:\/\/424-iab-218.mktoutil.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/logx.optimizely.com https:\/\/ct.pinterest.com https:\/\/conversions-config.reddit.com https:\/\/pixel-config.reddit.com https:\/\/www.redditstatic.com *.ingest.us.sentry.io *.6sc.co https:\/\/api.sprig.com https:\/\/squareupstaging.com https:\/\/visitor-scoring-new.marketlinc.com https:\/\/api.chilipiper.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com wss:\/\/*.qualified.com https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com localhost:*; font-src 'self' https:\/\/cash-f.squarecdn.com https:\/\/square-fonts-production-f.squarecdn.com; img-src 'self' data: blob: https:\/\/ib.adnxs.com https:\/\/assets.ctfassets.net https:\/\/cdn.blisspointmedia.com https:\/\/campaign-hub-production-f.squarecdn.com *.contentsquare.net https:\/\/ad.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/google.com https:\/\/www.google.com https:\/\/adservice.google.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/*.g.doubleclick.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net https:\/\/px.ads.linkedin.com https:\/\/cdn.cookielaw.org https:\/\/pixel.pointmediatracker.com https:\/\/alb.reddit.com *.6sc.co https:\/\/api.squareup.com https:\/\/api.squareupstaging.com https:\/\/insight.adsrvr.org https:\/\/match.adsrvr.org https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; manifest-src 'self' https:\/\/pw-renderer-production-c.squarecdn.com; media-src 'self' mediastream: https:\/\/assets.ctfassets.net https:\/\/js.driftt.com http:\/\/videos.ctfassets.net https:\/\/videos.ctfassets.net https:\/\/*.qualified.com; script-src 'self' *.contentsquare.net https:\/\/www.datadoghq-browser-agent.com https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/connect.facebook.net https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/lift-ai-js.marketlinc.com https:\/\/martech-development-c.squarecdn.com https:\/\/martech-production-c.squarecdn.com https:\/\/martech-staging-c.squarecdn.com http:\/\/munchkin.marketo.net https:\/\/munchkin.marketo.net https:\/\/cdn.cookielaw.org https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/pw-renderer-production-c.squarecdn.com https:\/\/pw-renderer-staging-c.squarecdn.com https:\/\/pwt-production-c.squarecdn.com https:\/\/pwt-staging-c.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com https:\/\/www.redditstatic.com *.6sc.co https:\/\/cdn.sprig.com https:\/\/xms-production-f.squarecdn.com https:\/\/www.youtube.com https:\/\/pw-renderer-production-c.squarecdn.com 'nonce-S639bgoQrUP\/0Bymhb9tPg=='; style-src 'self' https:\/\/square-fonts-production-f.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com 'unsafe-inline' https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; frame-ancestors 'self' https:\/\/app.contentful.com; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin=content-security-policy&ddsource=csp-report; report-to browser-intake-datadoghq","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-lF4vCA_sYMmtHriEfhAwAw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src https: data: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn; child-src https: data: blob: edge: brave: puffin:; img-src data: https: blob: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn https:\/\/*.d.aa.online-metrix.net https:\/\/cdn.cookielaw.org https:\/\/app.pendo.uptodate.com https:\/\/cdn.wolterskluwer.io; font-src https: data: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn; worker-src blob: brave: edge: puffin: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn; media-src data: https: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn; connect-src data: https: wss: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn https:\/\/geolocation.onetrust.com https:\/\/cdn.cookielaw.org https:\/\/app.pendo.uptodate.com https:\/\/privacyportal-de.onetrust.com; script-src 'unsafe-inline' 'unsafe-eval' https: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn https:\/\/cdn.cookielaw.org https:\/\/cdn.pendo.uptodate.com https:\/\/www.googletagmanager.com https:\/\/tmx.uptodate.com https:\/\/rollouts.cdn.uptodate.com https:\/\/www.google-analytics.com https:\/\/code.jquery.com; style-src 'unsafe-inline' https: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn https:\/\/cdn.pendo.uptodate.com; frame-src https: https:\/\/www.uptodate.com https:\/\/www.uptodate.cn baiduboxapp: ms-appx-web:; report-uri \/services\/app\/content-security-policy-report\/report\/json;frame-ancestors *;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-f5pux0xOlNY-YV6WN2_4kw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-7Pgt9Q2Z2S_yAq4rS9Nghw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/plausible.io https:\/\/tally.so https:\/\/player.vimeo.com https:\/\/muse.ai https:\/\/embeds.iubenda.com https:\/\/cdn.iubenda.com https:\/\/www.googletagmanager.com https:\/\/platform.twitter.com https:\/\/va.vercel-scripts.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/d34r8q7sht0t9k.cloudfront.net https:\/\/www.gstatic.com http:\/\/www.gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' https: data: blob: https:\/\/api.dub.co https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/stats.g.doubleclick.net https:\/\/pbs.twimg.com https:\/\/abs.twimg.com https:\/\/www.facebook.com https:\/\/px.ads.linkedin.com https:\/\/verifi.podscribe.com https:\/\/verifi.pdscrb.com https:\/\/*.iubenda.com https:\/\/*.muse.ai; font-src 'self' data: https:\/\/*.iubenda.com; connect-src 'self' https: https:\/\/amp.granola.ai https:\/\/plausible.io https:\/\/api.dub.co https:\/\/vitals.vercel-insights.com https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/o4506028222513152.ingest.us.sentry.io https:\/\/app.appsflyer.com https:\/\/engagements.appsflyer.com https:\/\/www.facebook.com https:\/\/px.ads.linkedin.com https:\/\/verifi.podscribe.com https:\/\/verifi.pdscrb.com https:\/\/pixel.tapad.com https:\/\/ipv4.podscribe.com https:\/\/ipv4.pdscrb.com https:\/\/*.iubenda.com https:\/\/muse.ai https:\/\/*.muse.ai; frame-src 'self' https:\/\/tally.so https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/muse.ai https:\/\/platform.twitter.com https:\/\/*.iubenda.com https:\/\/*.sanity.io; media-src 'self' blob: https:\/\/granola-marketing-assets.s3.us-east-1.amazonaws.com https:\/\/video.twimg.com https:\/\/*.muse.ai; worker-src 'self' blob:; manifest-src 'self'; form-action 'self'; upgrade-insecure-requests; report-uri https:\/\/o4506028222513152.ingest.us.sentry.io\/api\/4510606199488512\/security\/?sentry_key=52cfb921b4c29a142972c19448181de3; report-to sentry-csp-reports","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-i6vwwbJTsZQfOsU1Lyy1FA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' http:\/\/localhost:4002;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-kAMHz5Tu5fS8I9C4qfrfHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-IprUiUZAnf5zx0goUe40vQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-pD8G82iK53c3n0KrIKPIKQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-sKkQoQubPHM0ahR0JytGHA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; connect-src 'self' bam.nr-data.net sentry.io *.freshworksapi.com wss:\/\/*.freshworksapi.com www.google-analytics.com heapanalytics.com www.in-freshbots.ai *.pusher.com; font-src 'self' d2r0bfj5oxwi8g.cloudfront.net d3t6wcud4kij68.cloudfront.net d28y7gk8dndm8e.cloudfront.net data: fonts.gstatic.com use.typekit.net maxcdn.bootstrapcdn.com heapanalytics.com; frame-src 'self' *.webpush.freshchat.com *.freshreports.com wchat.freshchat.com *.freshid.io *.freshworks360.io *.chargebee.com *.myfreshworks.dev *.freshworksweb.com freshdesk.com *.freshworks.com *.int.myfreshworks.dev; img-src https: data: blob: heapanalytics.com; manifest-src 'self'; media-src 'self' https:; object-src 'none'; script-src 'report-sample' 'self' 'unsafe-eval' accounts.freshworks.com bam.nr-data.net d2r0bfj5oxwi8g.cloudfront.net d3t6wcud4kij68.cloudfront.net d28y7gk8dndm8e.cloudfront.net js-agent.newrelic.com polyfill.io wchat.freshchat.com sentry.io js.chargebee.com www.google-analytics.com *.freshworksapi.com heapanalytics.com *.heapanalytics.com fonts.googleapis.com cdn.in-freshbots.ai stats.pusher.com cdn.inlinemanual.com fe-perf-assets.freshworks.com 'unsafe-inline'; style-src 'report-sample' 'self' 'unsafe-inline' accounts.freshworks.com d2r0bfj5oxwi8g.cloudfront.net d3t6wcud4kij68.cloudfront.net d28y7gk8dndm8e.cloudfront.net wchat.freshchat.com fonts.googleapis.com cdn.in-freshbots.ai heapanalytics.com; worker-src 'self'; report-uri https:\/\/vfm4r1o44m.execute-api.us-east-1.amazonaws.com\/default\/FreshreleaseCSPReport","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-EqYOBH0xyh5gPq7QkvzgSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-8PLmq8mAkaX5eCw8q4zX2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-bOKZQVy6TiFj2Y3T6ZaoeQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-aIOHCzzqTWCauYPLQd7tcw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Gnu5fgH09BrStLQEWDPI2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' 50339659.hs-sites.com 1003891.track.convertexperiments.com app.hubspot.com cdn-3.convertexperiments.com cdn-4.convertexperiments.com *.metrics.convertexperiments.com *.signals.convertexperiments.com logs.convertexperiments.com *.convertexperiments.com cdn.pdst.fm connect.facebook.net js.hs-analytics.net js.hs-banner.com js.hsforms.net js.hsleadflows.net js.hubspotfeedback.com js.usemessages.com play.vidyard.com script.hotjar.com snap.licdn.com static.hotjar.com static.hsappstatic.net www.google-analytics.com www.googletagmanager.com www.recaptcha.net code.highcharts.com www.youtube.com js.hubspot.com www.dropbox.com widget.altrulabs.com www.google.com maps.googleapis.com wt-assets.hubteam.com cdn2.hubspot.net www.redditstatic.com cdn.veritonic.com gosniply.com d.impactradius-event.com test.test.com js.hubspot.com analytics.tiktok.com 'strict-dynamic' 'nonce-YlDuS8rhT+bYR8im1BSWew=='; report-uri https:\/\/send.hsbrowserreports.com\/csp\/report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-gT-IrIXAA_xtsf_AJ6llYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Wa-mc6OT5HHWikDX-7c4hA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ViikKJciYLOIMeq3M4mIEg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-t_a0BeR0eGvLEbDgIzvPpg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' spotify.okta.com *.oktacdn.com; connect-src 'self' spotify.okta.com spotify-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com spotify.kerberos.okta.com spotify.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-C4bmkyfsDGUjjmF--5hyzg' 'self' 'report-sample' spotify.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' spotify.okta.com *.oktacdn.com; frame-src 'self' spotify.okta.com spotify-admin.okta.com login.okta.com *.vidyard.com com-okta-authenticator: api-0f3c7c4d.duosecurity.com; img-src 'self' spotify.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' spotify.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https:\/\/dashboards.spotify.net","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src 'self' 'unsafe-inline' https: data:;connect-src https: wss:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data: blob:;media-src https: blob:; report-uri \/csp_rep","count":1},{"content-security-policy-report-only":" default-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-955bdfde-ce3b-4e80-9da2-db3c53da0627' https: data: https:\/\/js.sentry-cdn.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/siteintercept.qualtrics.com https:\/\/browser.sentry-cdn.com https:\/\/*.siteintercept.qualtrics.com https:\/\/www.googletagmanager.com https:\/\/js.monitor.azure.com; style-src 'self' 'unsafe-inline' https:\/\/fast.wistia.com https:\/\/cdn.jsdelivr.net https:\/\/more.suse.com; img-src 'self' https: data: https:\/\/fast.wistia.com https:\/\/embed-ssl.wistia.com https:\/\/cdn.cookielaw.org https:\/\/embed-ssl.wistia.com https:\/\/fast.wistia.net https:\/\/fast.wistia.com https:\/\/cdn.cookielaw.org https:\/\/embed-ssl.wistia.com https:\/\/embed-ssl.wistia.com https:\/\/cdn.cookielaw.org https:\/\/embed-ssl.wistia.com; connect-src 'self' https: wss: https:\/\/cdn.cookielaw.org https:\/\/distillery.wistia.com https:\/\/siteintercept.qualtrics.com https:\/\/dc.services.visualstudio.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/pipedream.wistia.com wss:\/\/ws.qualified.com https:\/\/embed-ssl.wistia.com https:\/\/apple.dxcloud.episerver.net https:\/\/cdn.jsdelivr.net https:\/\/js.monitor.azure.com wss:\/\/ws.qualified.com; font-src 'self' https: data: https:\/\/fonts.gstatic.com https:\/\/fast.wistia.net; object-src 'none' ; media-src 'self' https: blob: ; frame-src 'self' https: ; form-action 'self' https:\/\/suselinux.fra1.qualtrics.com; frame-ancestors 'self' ; base-uri 'none' ;  report-uri https:\/\/www.suse.com\/api\/reporting\/;  report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-H42DjnVs1PwZUSfHKv2vZA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=DPouu24lWt_LFxsuNPkPLJ.eSm3sSjqoL6zY_0Z_SBM-1778726701.6687374-1.0.1.1-HZrUCELfk2eRNDg3LwWfiGFUpiJfRlf49Y_pja.FMPqOod0qQrhMsQwkE6LzvLtCTdmUD2Hyy9Yf4dOYZ0wqyILJ4kM1YTZg121e8CGPl34cAZroj6EFo0xZV0S3OllOmHuIBIVU34EC6btzPbdXd4Vl1ho0RHuoVLs.NbLsSG4; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" default-src * data: blob: wss: 'unsafe-eval' 'unsafe-inline'; connect-src * wss:; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; style-src * 'unsafe-inline'; img-src * data: blob:; object-src * data:; media-src * data:; frame-src *; font-src * data:; manifest-src *; worker-src * blob:; frame-ancestors 'self' *.speechify.com speechify.com *.speechify.dev; report-uri https:\/\/speechify.com\/api\/csp-reports; report-to speechify","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-nDY_xAPXZDK-w23zAY6ACg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" base-uri 'none'; default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' https:\/\/cdn.heapanalytics.com https:\/\/distillery.wistia.com\/x https:\/\/matillion.ddev.site:3000\/ wss:\/\/matillion.ddev.site:3000 https:\/\/fast.wistia.com https:\/\/www.googletagmanager.com https:\/\/cdn.heapanalytics.com\/js\/heap-1873293713.js https:\/\/cdn.iubenda.com\/cs\/iubenda_cs.js https:\/\/connect.facebook.net\/en_US\/fbevents.js https:\/\/content.cdntwrk.com\/components\/website-widget\/v1\/118604\/widget.js https:\/\/fast.wistia.com\/assets\/external\/E-v1.js https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/848565924\/ https:\/\/in.ml314.com\/ud.ashx https:\/\/js.driftt.com\/include\/1688577300000\/vh948h8ntehg.js https:\/\/js.intercomcdn.com\/vendor-modern.255c4d36.js https:\/\/lift-ai-js.marketlinc.com\/www.matillion.com\/deployment.js https:\/\/ml314.com\/tag.aspx https:\/\/munchkin.marketo.net\/munchkin.js https:\/\/okt.to\/ping https:\/\/pages.matillion.com\/js\/forms2\/js\/forms2.min.js https:\/\/script.hotjar.com\/modules.832d10fb416834285523.js https:\/\/snap.licdn.com\/li.lms-analytics\/insight.beta.min.js https:\/\/static.ads-twitter.com\/uwt.js https:\/\/static.hotjar.com\/c\/hotjar-2386626.js https:\/\/static.oktopost.com\/oktrk.js https:\/\/tag.demandbase.com\/00a4b81bfa345e5b.min.js https:\/\/tracking.g2crowd.com\/attribution_tracking\/conversions\/5351.js https:\/\/widget.intercom.io\/widget\/rjk6vrpn https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googleadservices.com\/pagead\/conversion\/848565924\/ https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.iubenda.com\/cookie-solution\/confs\/js\/48216078.js https:\/\/www.redditstatic.com\/ads\/pixel.js; style-src 'self' 'unsafe-inline' https:\/\/p.typekit.net https:\/\/pages.matillion.com https:\/\/use.typekit.net; img-src 'self' data: 'self' data: https:\/\/alb.reddit.com https:\/\/analytics.twitter.com https:\/\/embed-ssl.wistia.com https:\/\/fast.wistia.com https:\/\/googleads.g.doubleclick.net https:\/\/heapanalytics.com https:\/\/id.rlcdn.com https:\/\/insight.adsrvr.org https:\/\/pubads.g.doubleclick.net https:\/\/px.ads.linkedin.com https:\/\/t.co https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.google.com; connect-src 'self' https:\/\/992-uiw-731.mktoresp.com https:\/\/analytics.google.com https:\/\/api-iam.intercom.io https:\/\/api.company-target.com https:\/\/content.hotjar.io https:\/\/distillery.wistia.com https:\/\/fast.wistia.com https:\/\/fg8vvsvnieiv3ej16jby.litix.io https:\/\/google.com https:\/\/hits-i.iubenda.com https:\/\/in.hotjar.com https:\/\/metrics.hotjar.io https:\/\/stats.g.doubleclick.net https:\/\/tag-logger.demandbase.com https:\/\/v2.api.uberflip.com https:\/\/visitor-scoring-c.marketlinc.com https:\/\/www.google-analytics.com https:\/\/www.google.com wss:\/\/nexus-websocket-a.intercom.io wss:\/\/ws.hotjar.com; font-src 'self' 'self' data: https:\/\/fast.wistia.com https:\/\/use.typekit.net; media-src 'self' blob:; frame-src 'self' 'self' https:\/\/12420912.fls.doubleclick.net https:\/\/js.driftt.com https:\/\/pages.matillion.com https:\/\/s.company-target.com https:\/\/www.facebook.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:   https:\/\/www.googletagmanager.com   https:\/\/www.google-analytics.com   https:\/\/www.googleadservices.com   https:\/\/googleads.g.doubleclick.net   https:\/\/kit.fontawesome.com   https:\/\/cdn.bc0a.com   https:\/\/fast.wistia.com   https:\/\/unpkg.com   https:\/\/*.hubspot.com   https:\/\/*.hubspot.net   https:\/\/*.hubspotusercontent-na1.net   https:\/\/*.hubspotusercontent30.net   https:\/\/js.hsadspixel.net   https:\/\/js.hs-analytics.net   https:\/\/js.hs-banner.com   https:\/\/abrtp2-cdn.marketo.com   https:\/\/abrtp2.marketo.com   https:\/\/rtp-static.marketo.com   https:\/\/munchkin.marketo.net   https:\/\/x.clearbitjs.com   https:\/\/js.zi-scripts.com   https:\/\/snap.licdn.com   https:\/\/connect.facebook.net   https:\/\/bat.bing.com   https:\/\/vidassets.terminus.services   https:\/\/js.adsrvr.org   https:\/\/metadata-static-files.sfo2.cdn.digitaloceanspaces.com   https:\/\/dev.visualwebsiteoptimizer.com   https:\/\/j.6sc.co   https:\/\/tools.luckyorange.com   https:\/\/browser.sentry-cdn.com   https:\/\/tags.clickagy.com;  style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-src 'self' https:; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" base-uri 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: chrome: https:; worker-src 'self' data: blob:; child-src 'self' blob:; frame-src 'self' *.consumeraffairs.com *.google.com *.googletagmanager.com *.googleapis.com *.facebook.com *.youtube.com *.px-cloud.net i.liadm.com; connect-src 'self' *.consumeraffairs.com wss:\/\/ws.hotjar.com https:\/\/ws.hotjar.com *.px-cloud.net api.segment.io https:; report-uri https:\/\/stderr.consumeraffairs.com\/api\/40\/security\/?sentry_key=7cf6b3564e4343f68a310b937a3d823e&sentry_environment=production&sentry_release=ms-2025.12.23.00;","count":1},{"content-security-policy-report-only":" default-src 'self' mitel.io *.mitel.io mitel.com *.mitel.com; require-trusted-types-for 'script'; object-src 'self' mitel.io *.mitel.io mitel.com *.mitel.com;","count":1},{"content-security-policy-report-only":" default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; base-uri 'self' *.hackerrank.com; connect-src * data: blob: 'unsafe-inline' 'unsafe-eval'; frame-src 'unsafe-inline' *; img-src * data: blob: 'unsafe-inline'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.chatlio.com *.ads.linkedin.com *.demandbase.com *.firebaseio.com *.hackerrank.com *.hackerrank.io *.linkedin.com *.twitter.com *.wsp.hackerrank.com *.wss.hackerrank.com *.zopim.com api.filepicker.io api.olark.com app-sji.marketo.com bam.nr-data.net cdn.amplitude.com cdn.auryc.com cdn.bizible.com cdn.heapanalytics.com cdn.mxpnl.com cdn.optimizely.com cdn.raygun.io cdn.userty.com cdn.walkme.com cdnjs.cloudflare.com connect.facebook.net d1ka33fs6lvw5x.cloudfront.net d1ncy0v3du7k5q.cloudfront.net ds-aksb-a.akamaihd.net googleads.g.doubleclick.net www.gstatic.com hrcdn.net js-agent.newrelic.com js.stripe.com munchkin.marketo.net script.hotjar.com snap.licdn.com ssl.google-analytics.com static.ads-twitter.com static.hotjar.com static.olark.com static.zdassets.com stats.pusher.com use.typekit.net www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com s3.amazonaws.com cdn.pendo.io edge.fullstory.com media.twiliocdn.com *.pendo.hackerrank.com *.private.hackerrank.link download-cdn.perfext.hackerrank.link d2a3h6e71jcifd.cloudfront.net marketo.clearbit.com assets.churnkey.co rs.fullstory.com app.runrehearsals.com data.pendo.io www.vscode-web.hrcdn.net cdn.cookielaw.org hackerrank.chilipiper.com unpkg.com accounts.google.com d2i34c80a0ftze.cloudfront.net; style-src * data: blob: 'unsafe-inline'; worker-src 'self' data: blob:; report-uri https:\/\/hackerrank.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src https:; font-src 'self' data: cms.zdv.uni-mainz.de cms-cdn.zdv.uni-mainz.de; frame-src 'self' cms.zdv.uni-mainz.de video.uni-mainz.de; img-src blob: data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' cms.zdv.uni-mainz.de cms-cdn.zdv.uni-mainz.de; style-src 'self' 'unsafe-inline' cms.zdv.uni-mainz.de cms-cdn.zdv.uni-mainz.de; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" base-uri 'self'; child-src 'self'; connect-src 'self' sicoob.com.br *.sicoob.com.br google.com *.google.com google-analytics.com *.google-analytics.com googleadservices.com *.googleadservices.com clarity.ms *.clarity.ms; default-src 'self' sicoob.com.br *.sicoob.com.br; font-src 'self'; frame-src 'self'; media-src 'self'; script-src 'self' sicoob.com.br *.sicoob.com.br google-analytics.com *.google-analytics.com googletagmanager.com *.googletagmanager.com gstatic.com *.gstatic.com google.com *.google.com; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=qdhiIRX2hTlPRXdYJDfgaLHxKAxM.de09dAS1JzQON0-1778722263.6306987-1.0.1.1-Qnv3EEHEBrxTlH76_zUjCiagCQYWCSe3fsc4fwjM3rFvNo3gUkNxm.DVWOggf52LEwjjhcEvtFauaBytoIsdGfM3A5JgO2nLS6WEIGcqB74YE6YRL4JT._ZuIXgBLzsPu2qbJA_KFJh6OgXt.w7aiZvvxNN5DXXSGvONOQtyuDJQEWhmo69CgExVr1YD59pTavJmTqhulWtMB9ZqfVaoTg; report-to cf-mxnqjxdkeqmiuwjr","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-krneEG2f-7ubKG88IwEplg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'none' ;script-src 'unsafe-eval' 'unsafe-inline' *.starbucks.co.jp *.google.com *.google-analytics.com www.googleadservices.com\/pagead\/ *.googletagmanager.com *.g.doubleclick.net cdn.optimizely.com\/js\/ *.facebook.net b92.yahoo.co.jp *.twitter.com d.adlpo.com *.treasuredata.com hm.mieru-ca.com d2fzkgg97cd93o.cloudfront.net platform.sumally.com p.jwpcdn.com jwpsrv.com apis.google.com starbucks-faq.pbcv.sitesearch.jp starbucks-faq.sitesearch.jp rum.optimizely.com s.yimg.jp b97.yahoo.co.jp ci-mpsnare.iovation.com dqpw8dh9f7d3f.cloudfront.net d3vgbguy0yofad.cloudfront.net ajax.googleapis.com auth1.freespot.com collect.ptengine.jp d-cache.microad.jp js.ptengine.jp js.fout.jp cdnjs.cloudflare.com in.treasuredata.com ssl.p.jwpcdn.com ;style-src 'unsafe-inline' *.starbucks.co.jp fonts.googleapis.com starbucks-faq.pbcv.sitesearch.jp starbucks-faq.sitesearch.jp ;img-src data: *.starbucks.co.jp *.google.com *.google.co.jp *.google-analytics.com www.googleadservices.com\/pagead\/ *.googletagmanager.com *.g.doubleclick.net *.twitter.com d2fzkgg97cd93o.cloudfront.net sumally.com jwpltx.com b97.yahoo.co.jp dqpw8dh9f7d3f.cloudfront.net d3vgbguy0yofad.cloudfront.net collect.ptengine.jp d-track.send.microad.jp target.fout.jp huaban.com map.chizumaru.com s3-ap-northeast-1.amazonaws.com www.google.co.id www.google.co.kr www.google.com.hk www.google.com.sg www.google.com.tw www.google.de www.gstatic.com ;font-src *.starbucks.co.jp fonts.gstatic.com ;media-src d2fzkgg97cd93o.cloudfront.net ;object-src *.starbucks.co.jp ;frame-src *.google.com *.g.doubleclick.net *.facebook.com *.twitter.com sumally.com www.youtube.com js.fout.jp dsp.fout.jp ;connect-src *.starbucks.co.jp *.g.doubleclick.net dwjw4x8nnai5d.cloudfront.net rum.optimizely.com uc.gre d11abxzrrvbz6o.cloudfront.net track.uc.cn ws:\/\/ntjp.mieru-ca.com ;report-uri https:\/\/sbjcsp2.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https:\/\/vercel.com https:\/\/vercel.live\/; style-src 'self' 'unsafe-inline'; img-src * data: blob:; connect-src * data: blob:; worker-src 'self' blob:; frame-src 'self' *; report-to https:\/\/uniswaplabs.report-uri.com\/r\/t\/csp\/reportOnly; form-action none;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-oIG0XAfe_VVJ6g4Omeluag' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" base-uri 'self';connect-src https:\/\/*.go-mpulse.net https:\/\/*.akstat.io 'self' https: *.sentry.io *.amplitude.com *.care.com *.carezen.net *.signalfx.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net font.google.com analytics.google.com tagmanager.google.com www.google.com https:\/\/*.hotjar.com https:\/\/vc.hotjar.io https:\/\/content.hotjar.io https:\/\/events.hotjar.io https:\/\/surveystats.hotjar.io wss:\/\/*.hotjar.com https:\/\/geolocation.onetrust.com jsv3.recruitics.com accounts.google.com;default-src 'self' wss:\/\/*.care.com *.care.com *.careapis.com *.carezen.net *.cdn-care.com care.com cdn-care.com www.gstatic.com www.google.com *.googlesyndication.com tags.tiqcdn.com tags-eu.tiqcdn.com tk.getwork.com tr.snapchat.com shareasale.com *.doubleclick.net apps.rokt.com bid.g.doubleclick.net tags.w55c.net *.linkedin.com www.pinterest.com carecom.sjv.io staging-pt.ispot.tv ct.pinterest.com;font-src 'self' data: https:\/\/www.care.com https:\/\/www.dev.carezen.net https:\/\/www.stg.carezen.net fonts.gstatic.com https:\/\/script.hotjar.com;frame-ancestors 'self';img-src data: blob: *;object-src 'none';script-src https:\/\/*.go-mpulse.net 'nonce-86c645628f527c287da7beb67d43a650' 'self' *.akamaihd.net *.care.com *.careapis.com *.carezen.net *.cdn-care.com *.cloudfront.net *.googlesyndication.com *.sift.com *.monetate.net acsbapp.com analytics.tiktok.com apps.rokt.com bat.bing.com care.com cdn-care.com cdn.pdst.fm connect.facebook.net d.impactradius-event.com googleads.g.doubleclick.net securepubads.g.doubleclick.net maps.googleapis.com s.pinimg.com ssl.google-analytics.com tags-eu.tiqcdn.com tags.tiqcdn.com wss:\/\/*.care.com www.emjcd.com www.google-analytics.com www.google.com www.googleadservices.com *.googletagmanager.com www.gstatic.com tr.outbrain.com tags.w55c.net clarity.ms staging-pt.ispot.tv tracker.mnixdata.com *.mountain.com tagmanager.google.com s.go-mpulse.net collector-12308.tvsquared.com js.adsrvr.org https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/cdn.cookielaw.org assets.calendly.com jsv3.recruitics.com accounts.google.com 'nonce-1b412c195557a65dde43e3075bf69e1c' 'strict-dynamic';frame-src 'self' alchemy.veriff.com www.google.com recaptcha.google.com bid.g.doubleclick.net 12355078.fls.doubleclick.net s.go-mpulse.net carecom.sjv.io apps.rokt.com tr.snapchat.com 3239339.fls.doubleclick.net https:\/\/vars.hotjar.com insight.adsrvr.org match.adsrvr.org https:\/\/www.youtube.com\/ https:\/\/ots2-qa.learningcaregroup.com\/ScheduleATour\/ https:\/\/ots2.learningcaregroup.com\/ScheduleATour\/ td.doubleclick.net https:\/\/calendly.com securepubads.g.doubleclick.net *.googlesyndication.com ep2.adtrafficquality.google tagging.care.com accounts.google.com;style-src 'self' 'unsafe-inline' tagmanager.google.com fonts.google.com fonts.googleapis.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/cdn.cookielaw.org 'nonce-1b412c195557a65dde43e3075bf69e1c';style-src-attr 'self' 'unsafe-inline' tags.tiqcdn.com tags-eu.tiqcdn.com bat.bing.com;upgrade-insecure-requests;report-uri https:\/\/o466311.ingest.sentry.io\/api\/6004104\/security\/?sentry_key=2c284ff228ac4d0e8b8ad9ea17497eee&sentry_release=vhp-mfe%402.221.0&sentry_environment=prod","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-lb9LX_nyGI8oUHDVTqpu1A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-C3Jq_iJQQm3E5QNlEan5_g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; script-src-elem 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https: wss:; frame-src https:; media-src 'self' https: blob:; worker-src 'self' blob: https:;","count":1},{"content-security-policy-report-only":" report-to slardar-endpoint; script-src 'unsafe-eval' 'report-sample' 'nonce-fba0c384657fea0e842f941e4b4f8796-argus' 'strict-dynamic';","count":1},{"content-security-policy-report-only":" default-src 'self' wwwv2.tailscale.com;\tscript-src 'self' wwwv2.tailscale.com bat.bing.com cdn.rudderlabs.com www.google-analytics.com www.googletagmanager.com www.google.com *.mutinycdn.com js.hs-scripts.com js.hs-banner.com js.hubspot.com js.hs-analytics.com *.hsforms.net unpkg.com snap.licdn.com www.redditstatic.com https:\/\/bwa.marketplace.awsstatic.com widget.kapa.ai;\tconnect-src 'self' wwwv2.tailscale.com login.tailscale.com bat.bing.com *.mutinyhq.io *.mutinycdn.com analytics.google.com www.google-analytics.com cdn.sanity.io unpkg.com *.rudderstack.com *.hubspot.com www.redditstatic.com pixel-config.reddit.com px.ads.linkedin.com https:\/\/medley.prod.irtysh.dubai.aws.dev proxy.kapa.ai kapa-widget-proxy-la7dkmplpq-uc.a.run.app metrics.kapa.ai;\timg-src 'self' wwwv2.tailscale.com cdn.sanity.io lh3.googleusercontent.com www.google-analytics.com *.hsforms.com alb.reddit.com px.ads.linkedin.com bat.bing.com track.hubspot.com;\tframe-ancestors 'none';\tform-action 'self' wwwv2.tailscale.com;\tbase-uri 'self' wwwv2.tailscale.com;\tblock-all-mixed-content;\tobject-src 'self' wwwv2.tailscale.com;\treport-to csp-endpoint;\treport-uri https:\/\/login.tailscale.com\/csp-report;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-g_K2If0TPJ0iVT7zDfAknA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" report-uri https:\/\/mon-ttp.lemon8-app.us\/monitor_browser\/collect\/batch\/security\/?bid=tiktok_pns&ev_type=csp&p=a2ER8eALdqWH8mbn5n3bkT&v=4&s=587&b=oab; report-to csp-endpoint; script-src 'report-sample' 'unsafe-eval' *.tiktokcdn-us.com connect.facebook.net ct.pinterest.com; worker-src 'self'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-C048JgWNIEehu8WH2AQm5g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" report-uri https:\/\/bringatrailer.report-uri.com\/r\/t\/csp\/wizard; script-src 'nonce-PJX3OnkWAqMR+LfLTXbgXA==' 'self' 'strict-dynamic' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/js.stripe.com https:\/\/securepubads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com *.carfax.com *.hearstapps.com","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-EWaSX9uV3Mae9JSIxBJt3w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/track.buyma.com\/csp\/report.json","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com maxcdn.bootstrapcdn.com 'unsafe-inline' data: *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.certcapture.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.googleapis.com https:\/\/www.youtube.com https:\/\/c.paypal.com\/ *.trustpilot.com www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.certcapture.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com maps.gstatic.com https:\/\/b.stats.paypal.com\/ https:\/\/slc.stats.paypal.com\/ https:\/\/c.paypal.com\/ https:\/\/cdn.sparkfun.com track.hubspot.com perf-na1.hsforms.com *.pixriot.com *.storeimaging.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.certcapture.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com assets.shipperhq.com *.googleapis.com *.fontawesome.com *.google-analytics.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net https:\/\/c.paypal.com js.hs-scripts.com cta-service-cms2.hubspot.com api.hubspot.com js.usemessages.com js.hs-analytics.net js.hsleadflows.net js.hubspot.com js.hs-banner.com *.trustpilot.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com maxcdn.bootstrapcdn.com assets.braintreegateway.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com ovs.shipperhq.com *.googleapis.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net https:\/\/payments.sandbox.braintree-api.com\/ https:\/\/origin-analytics-sand.sandbox.braintree-api.com\/ https:\/\/cdn.sparkfun.com cta-service-cms2.hubspot.com api.hubspot.com forms.hubspot.com *.pixriot.com *.storeimaging.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/sparkfun.report-uri.com\/r\/d\/csp\/reportOnly; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src * data:; img-src * data:; media-src * data: blob:; frame-src *; script-src 'nonce-13eff07239c5b9cf0180976a278b7eac' 'unsafe-hashes' 'sha256-qwP4QCno5UAWneuNeQYFyvAiDvTfkg75J5D14cZjCDA=' 'sha256-S5xKDgI7S06g6YwGoh\/T\/JTDbndl\/QB9P\/WrrdygaUU=' 'sha256-lfXlPY3+MCPOPb4mrw1Y961+745U3WlDQVcOXdchSQc=' 'sha256-rRMdkshZyJlCmDX27XnL7g3zXaxv7ei6Sg+yt4R3svU=' 'sha256-kbHtQyYDQKz4SWMQ8OHVol3EC0t3tHEJFPCSwNG9NxQ=' 'sha256-F2FIxepkuC0NOVNSk0vN01FYQmWDYl4CITiGrDxcpZs=' 'sha256-2rvfFrggTCtyF5WOiTri1gDS8Boibj4Njn0e+VCBmDI=' 'sha256-MhtPZXr7+LpJUY5qtMutB+qWfQtMaPccfe7QXtCcEYc=' 'sha256-1tjffMrOxPdkP4w\/XDnQFquGVJ+hRMdaRnvL6y+\/CtQ=' 'unsafe-eval' https:\/\/actionnetwork.org\/includes\/js\/ https:\/\/cdn.basejump.ai\/js\/ https:\/\/app.basejump.ai\/static\/ https:\/\/cdn.jsdelivr.net\/npm\/emojione@3.1.2\/; worker-src 'self' blob:; style-src * 'unsafe-inline'; style-src-attr 'unsafe-inline'; object-src 'none'; connect-src https:; report-uri \/_\/csp-reports; report-to local-csp-reports;","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/panoramio","count":1},{"content-security-policy-report-only":" script-src 'nonce-Z\/3f9EA4mWTDIADV6vn06w==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=ca96b96f-8e71-497b-8442-6630e41f9a4e; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" base-uri 'self'; default-src 'self' *.atl-paas.net; script-src 'self' 'unsafe-inline' *.atl-paas.net https:\/\/recaptcha.net https:\/\/www.recaptcha.net https:\/\/accounts.google.com https:\/\/www.gstatic.com; style-src 'self' 'unsafe-inline' *.atl-paas.net; img-src 'self' *.atl-paas.net; font-src 'self' *.atl-paas.net; frame-ancestors 'none'; form-action 'self'; report-uri https:\/\/web-security-reports.services.atlassian.com\/csp-report\/id-frontend; report-to csp-default-endpoint; connect-src 'self' *.atl-paas.net https:\/\/*.atlassian.com https:\/\/*.ingest.sentry.io; object-src 'none'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-dI7sEM_Wg_L1w6lrv_dVwA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/*.gong.io https:\/\/gong-next-sanity-studio.vercel.app https:\/\/gong-next-sanity-studio-git-*.vercel.app https:\/\/www.sanity.io  https:\/\/optimize.webflow.com https:\/\/usepastel.com https:\/\/gong.storylane.io; report-uri https:\/\/o4509470677663744.ingest.us.sentry.io\/api\/4511231668256768\/security\/?sentry_key=56173b9b39273a99aba304731a83bb1b","count":1},{"content-security-policy-report-only":" script-src 'nonce-Pl_Azm6ixyv3cHpd7hABMw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/static-on-bigtable; base-uri 'none'","count":1},{"content-security-policy-report-only":" script-src 'nonce-UJd0fOB\/HPvDUTZ24b7ooQ==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=3e87eef7-31a5-4f82-830c-a1f2ebd7328b; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'report-sample' 'unsafe-eval' https:\/\/unpkg.com 'unsafe-inline' https:\/\/webomat.unistra.fr\/; script-src-elem 'self' 'report-sample' 'unsafe-eval' https:\/\/unpkg.com; style-src 'self' 'report-sample'; webrtc 'block'; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" script-src 'nonce-xrLnVmhfQ72RH-dTgUumlA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl; base-uri 'none'","count":1},{"content-security-policy-report-only":" script-src 'nonce-mY8mt+zOGyxvV7VyaGG7FQ==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=03feee5b-43c7-4ddf-8522-b7f710c30021; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'report-sample' https:\/\/sierra.chat giving.classy.org https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/platform.twitter.com https:\/\/unpkg.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com public.flourish.studio; style-src 'self' 'report-sample' https:\/\/sierra.chat cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com https:\/\/unpkg.com; webrtc 'block'; worker-src 'self' blob:; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' blob: 'nonce--b_q4KrmoPxAp5jQpwnHHg' 'sha256-EcIhP2B3snRqL+1YQ8\/z4Jzyum5Fl6GV2p1zfwKeFJw=' https:\/\/browser.sentry-cdn.com https:\/\/cdn.rudderlabs.com https:\/\/cdn.cookielaw.org https:\/\/edge.fullstory.com https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com https:\/\/www.google-analytics.com https:\/\/geolocation.onetrust.com https:\/\/www.google.com https:\/\/www.redditstatic.com https:\/\/a.quora.com https:\/\/analytics.tiktok.com https:\/\/q.quora.com https:\/\/googleads.g.doubleclick.net https:\/\/static.geetest.com https:\/\/bat.bing.com https:\/\/pixel-config.reddit.com https:\/\/alb.reddit.com https:\/\/downloads.intercomcdn.com https:\/\/analytics.google.com https:\/\/www.gstatic.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/api.geevisit.com https:\/\/www.googletagmanager.com https:\/\/blog.binance.us https:\/\/static.devfdg.us https:\/\/static.binance.us https:\/\/resource.binance.us\/ wss:\/\/stream.binance.us:* https:\/\/*.plaid.com https:\/\/cdn.cognitohq.com; style-src 'self' 'unsafe-inline' https:\/\/static.devfdg.us https:\/\/static.binance.us https:\/\/www.gstatic.com https:\/\/use.fontawesome.com\/; connect-src 'self' https:\/\/cdn.cookielaw.org https:\/\/edge.fullstory.com https:\/\/rs.fullstory.com https:\/\/api.rudderstack.com wss:\/\/mbx-wsp-wss.qafdg.us:* https:\/\/static.devfdg.us https:\/\/static.binance.us https:\/\/binanceseamg.dataplane.rudderstack.com https:\/\/sdk.iad-05.braze.com https:\/\/api-iam.intercom.io wss:\/\/nexus-websocket-a.intercom.io https:\/\/o588082.ingest.sentry.io https:\/\/www.google-analytics.com https:\/\/geolocation.onetrust.com https:\/\/www.google.com https:\/\/www.redditstatic.com https:\/\/a.quora.com https:\/\/analytics.tiktok.com https:\/\/q.quora.com https:\/\/googleads.g.doubleclick.net https:\/\/static.geetest.com https:\/\/bat.bing.com https:\/\/pixel-config.reddit.com https:\/\/alb.reddit.com https:\/\/downloads.intercomcdn.com https:\/\/analytics.google.com https:\/\/www.gstatic.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/api.geevisit.com https:\/\/www.googletagmanager.com https:\/\/blog.binance.us https:\/\/static.devfdg.us https:\/\/static.binance.us https:\/\/resource.binance.us\/ wss:\/\/stream.binance.us:* https:\/\/*.plaid.com https:\/\/cdn.cognitohq.com; img-src 'self' data: https:\/\/public.cstatic.us https:\/\/cdn.cookielaw.org https:\/\/static.binance.us https:\/\/public.bnbstatic.com https:\/\/www.google-analytics.com https:\/\/geolocation.onetrust.com https:\/\/www.google.com https:\/\/www.redditstatic.com https:\/\/a.quora.com https:\/\/analytics.tiktok.com https:\/\/q.quora.com https:\/\/googleads.g.doubleclick.net https:\/\/static.geetest.com https:\/\/bat.bing.com https:\/\/pixel-config.reddit.com https:\/\/alb.reddit.com https:\/\/downloads.intercomcdn.com https:\/\/analytics.google.com https:\/\/www.gstatic.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/api.geevisit.com https:\/\/www.googletagmanager.com https:\/\/blog.binance.us https:\/\/static.devfdg.us https:\/\/static.binance.us https:\/\/resource.binance.us\/ wss:\/\/stream.binance.us:* https:\/\/*.plaid.com https:\/\/cdn.cognitohq.com; media-src 'self' https:\/\/static.devfdg.us https:\/\/static.binance.us https:\/\/resource.binance.us https:\/\/www.google-analytics.com https:\/\/geolocation.onetrust.com https:\/\/www.google.com https:\/\/www.redditstatic.com https:\/\/a.quora.com https:\/\/analytics.tiktok.com https:\/\/q.quora.com https:\/\/googleads.g.doubleclick.net https:\/\/static.geetest.com https:\/\/bat.bing.com https:\/\/pixel-config.reddit.com https:\/\/alb.reddit.com https:\/\/downloads.intercomcdn.com https:\/\/analytics.google.com https:\/\/www.gstatic.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/api.geevisit.com https:\/\/www.googletagmanager.com https:\/\/blog.binance.us https:\/\/static.devfdg.us https:\/\/static.binance.us https:\/\/resource.binance.us\/ wss:\/\/stream.binance.us:* https:\/\/*.plaid.com https:\/\/cdn.cognitohq.com; font-src 'self' data: https:\/\/static.devfdg.us https:\/\/static.binance.us https:\/\/www.gstatic.com https:\/\/use.fontawesome.com\/; object-src 'none'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src https: data: 'unsafe-eval' 'unsafe-inline'; report-uri \/csp_reports","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' *.alicdn.com *.aliyun.com *.alyasset.com *.alcasset.com *.alipay.com log.mmstat.com ynuf.aliapp.org *.alipayobjects.com local.alipcsec.com:6691 appx appx-t2; style-src 'unsafe-inline' *.alicdn.com *.aliyun.com *.alipay.com *.alipayobjects.com; font-src data: *.alicdn.com *.aliyun.com *.alipayobjects.com; frame-src *.aliyun.com *.alicdn.com *.aliyuncs.com *.alipay.com *.taobao.com *.alibabacloud.com *.1688.com xstore.insights.1688.com; report-uri \/\/www.aliyun.com\/api\/log\/csp-report","count":1},{"content-security-policy-report-only":" default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https:\/\/pp.ephapay.net\/ https:\/\/pp.eshapay.net\/ https:\/\/scripts.agilone.com\/ https:\/\/widget.trustpilot.com\/ https:\/\/edigitalsurvey.com\/ https:\/\/static.addtoany.com\/ https:\/\/c.paypal.com\/ https:\/\/www.paypal.com https:\/\/www.paypalobjects.com\/ https:\/\/www.sandbox.paypal.com\/ https:\/\/www.zenaps.com\/ https:\/\/www.youtube.com\/ https:\/\/*.doubleclick.net\/ https:\/\/gum.criteo.com\/ https:\/\/www.facebook.com\/ https:\/\/*.hotjar.com\/ https:\/\/s.salecycle.com https:\/\/www.googletagmanager.com\/ https:\/\/www.google.com https:\/\/*.customizer.cadesignform.dk\/ https:\/\/static.criteo.net\/ https:\/\/www.youtube-nocookie.com\/ https:\/\/d16fk4ms6rqz1v.cloudfront.net\/ https:\/\/*.arcot.com\/ https:\/\/www.securesuite.co.uk\/ https:\/\/www.clicksafe.lloydstsb.com\/ https:\/\/secure.barclaycard.co.uk https:\/\/*.photorank.me\/ https:\/\/pay.google.com\/ https:\/\/js.playground.klarna.com\/ https:\/\/js.klarna.com\/ https:\/\/placement-api-sandbox.clearpay.co.uk\/ https:\/\/placement-api.clearpay.co.uk\/ https:\/\/portal.sandbox.clearpay.co.uk\/ https:\/\/portal.clearpay.co.uk\/; report-uri https:\/\/csp-violations.external.wickes.co.uk","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src * 'unsafe-inline'; img-src * data:; font-src * data:; frame-src *; worker-src blob:; script-src 'self' erli.pl 'unsafe-inline' 'unsafe-eval' https:\/\/*.erli.pl https:\/\/*.erli.tech https:\/\/*.prod.erli.tech https:\/\/bat.bing.com\/bat.js https:\/\/bat.bing.com\/p\/action\/134629556.js https:\/\/static.hotjar.com\/c\/hotjar-1742207.js https:\/\/script.hotjar.com\/modules.*.js https:\/\/www.googletagmanager.com\/gtm.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/analytics.optimalpeople.fr\/js\/rd-o-sdk.js https:\/\/analytics.tiktok.com\/i18n\/pixel\/events.js https:\/\/analytics.tiktok.com\/i18n\/pixel\/static\/main.* https:\/\/analytics.tiktok.com\/i18n\/pixel\/static\/identify_935b0d03.js https:\/\/connect.facebook.net\/en_US\/fbevents.js https:\/\/connect.facebook.net\/signals\/config\/306722670488438 https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/655077238 https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/466746092 https:\/\/pixel.wp.pl\/w\/tr.js https:\/\/pixel.wp.pl\/w\/WP-ERLI-SOFQW-AHA\/ir.js https:\/\/fpx.wp.pl\/web\/v3\/geBqSFMxQ5V57gTthkuL\/loader_v3.11.0.js https:\/\/swrap.tradedoubler.com\/wrap https:\/\/ams.creativecdn.com\/tags\/v2 https:\/\/ams.creativecdn.com\/ig-membership https:\/\/tags.creativecdn.com\/J05AnhvDIxGtgSQnpWbK.js https:\/\/www.artfut.com\/static\/tagtag.min.js https:\/\/www.artfut.com\/static\/tracking.min.js https:\/\/www.artfut.com\/static\/crossdevice.min.js https:\/\/www.google.com\/pagead\/1p-conversion\/655077238 https:\/\/www.googleadservices.com\/pagead\/conversion\/655077238; script-src-elem 'self' 'unsafe-inline' erli.pl *.erli.pl *.erli.tech *.prod.erli.tech connect.facebook.net maps.googleapis.com www.googleadservices.com www.gstatic.com www.google.com fpx.wp.pl bat.bing.com static.hotjar.com script.hotjar.com www.googletagmanager.com analytics.optimalpeople.fr analytics.tiktok.com connect.facebook.net googleads.g.doubleclick.net pixel.wp.pl fpx.wp.pl swrap.tradedoubler.com ams.creativecdn.com tags.creativecdn.com www.artfut.com; connect-src 'self' erli.pl *.erli.pl *.erli.tech *.prod.erli.tech *.google-analytics.com *.analytics.google.com *.googleadservices.com https:\/\/storage.googleapis.com\/images-temp-erli-pl\/ https:\/\/storage.googleapis.com\/external-offers-import-erli-pl\/ www.google.pl www.google.com maps.googleapis.com *.hotjar.io pixel.wp.pl fpx.wp.pl bat.bing.com forms.fcc-online.pl analytics.tiktok.com pos.bliskapaczka.pl clk.leadexpert.pl analytics.optimalpeople.fr ams.creativecdn.com stats.g.doubleclick.net www.facebook.com; report-to 'csp-endpoint'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-gf99XaZ8inD88vR8RRtaBg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/admob_google_com","count":1},{"content-security-policy-report-only":" default-src * 'unsafe-inline' data: blob:; report-uri \"https:\/\/montrealgazette.com\/wp-json\/pmd\/v1\/csp-report\"; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" default-src * 'self' 'unsafe-eval' 'unsafe-inline' data: blob: ws: wss:; report-uri https:\/\/o1151714.ingest.us.sentry.io\/api\/4509640700461056\/security\/?sentry_key=74a33d973a69190986eba8f4bca540d2; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' analytics.init.de; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org *.twitter.com *.instagram.com *.europa.eu *.3qsdn.com *.twimg.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.openstreetmap.org *.twitter.com *.instagram.com *.europa.eu *.3qsdn.com *.twimg.com *.flockler.com *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.twitter.com *.instagram.com *.europa.eu *.3qsdn.com *.twimg.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.twitter.com *.instagram.com *.europa.eu *.3qsdn.com *.twimg.com *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri \/site\/servlet\/csp-report;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval';    font-src 'self' https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com data:;     style-src-elem 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com;     script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/a.usbrowserspeed.com https:\/\/pg.feroot.com https:\/\/static.hsappstatic.net https:\/\/js.hs-scripts.com https:\/\/js.hubspot.com https:\/\/js-na1.hs-scripts.com https:\/\/js.hs-banner.com https:\/\/js.hs-analytics.net https:\/\/js.usemessages.com https:\/\/unpkg.com https:\/\/cdn.cookielaw.org https:\/\/js.hsforms.net https:\/\/tag.trovo-tag.com https:\/\/www.clarity.ms https:\/\/cdn.cookielaw.org https:\/\/www.googletagmanager.com https:\/\/www.statcounter.com https:\/\/s3-us-west-2.amazonaws.com https:\/\/r2.leadsy.ai https:\/\/api.hubspot.com;     img-src 'self' 'unsafe-inline' data: https:\/\/www.googletagmanager.com https:\/\/c.clarity.ms https:\/\/track.hubspot.com https:\/\/cdn.cookielaw.org https:\/\/perf-na1.hsforms.com https:\/\/forms-na1.hsforms.com;     connect-src 'self' https:\/\/pro.ip-api.com https:\/\/geolocation.onetrust.com https:\/\/pageguard.feroot.com https:\/\/api.hubspot.com https:\/\/cta-service-cms2.hubspot.com wss:\/\/statcounter.io https:\/\/s.clarity.ms https:\/\/n.clarity.ms https:\/\/cdn.cookielaw.org https:\/\/forms.hsforms.com https:\/\/c.statcounter.com https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net;     worker-src blob:;     frame-src https:\/\/meetings.hubspot.com https:\/\/app.hubspot.com https:\/\/www.facebook.com;     report-uri https:\/\/csp.ferootstage.com\/18b81144-3bd3-4865-a794-a12c61fe5488\/277c4f84-de2d-44c9-9079-40f8187028cb\/collect;","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/cdn.checkout.com instantcredit.net test.instantcredit.net *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net *.oct8ne.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.doofinder.com *.afterpay.com oct8necdneu.azureedge.net *.cloudfront.net css.zohostatic.com static.zohocdn.com *.primor.eu *.frizbit.com *.bing.com *.awin.com *.tiktok.com *.outbrain.com *.reskyt.com cdn.reskyt.com *.zenaps.com *.the.sciencebehindecommerce.com the.sciencebehindecommerce.com ams.creativecdn.com tags.creativecdn.com fledge-eu.creativecdn.com *.dwin1.com *.awin1.com *.mrf.io auxwebpr1.primor.eu *.reetmo.com *.clic2buy.com *.clic2drive.com *.click2buy.com *.reetmo.media *.adnxs.com *.pinterest.com *.taboola.com s.pinimg.com *.jeanpaulgaultier.com *.facebook.com *.facebook.net criteo-sync.teads.tv sync-criteo.ads.yieldmo.com criteo-partners.tremorhub.com cdn.preciso.net ban.preciso.net cdn.2trk.info ban.2trk.info data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com www.paycomet.com api.paycomet.com *.twitter.com *.paycomet.com *.afterpay.com *.redsys.es *.redsys.es:25443 *.primor.eu *.bing.com *.awin.com *.tiktok.com *.outbrain.com *.reskyt.com cdn.reskyt.com *.zenaps.com *.the.sciencebehindecommerce.com the.sciencebehindecommerce.com static.zohocdn.com ams.creativecdn.com tags.creativecdn.com fledge-eu.creativecdn.com *.dwin1.com *.awin1.com *.mrf.io auxwebpr1.primor.eu *.reetmo.com *.clic2buy.com *.clic2drive.com *.click2buy.com *.reetmo.media *.adnxs.com *.pinterest.com *.taboola.com s.pinimg.com *.jeanpaulgaultier.com *.facebook.com *.facebook.net criteo-sync.teads.tv sync-criteo.ads.yieldmo.com criteo-partners.tremorhub.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com campaign.odicci.com 'self' 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/js.checkout.com *.klarna.com www.paycomet.com api.paycomet.com instantcredit.net test.instantcredit.net *.klarnaservices.com *.syndigo.com *.weltpixel.com *.oct8ne.com *.twitter.com *.fontawesome.com *.doofinder.com *.paycomet.com *.afterpay.com *.primor.eu *.crazyegg.com *.frizbit.com *.bing.com *.awin.com *.tiktok.com *.outbrain.com *.reskyt.com cdn.reskyt.com *.zenaps.com *.the.sciencebehindecommerce.com the.sciencebehindecommerce.com *.descuentoestudiante.com *.op.humi-agency.fr nars.jebbit.com static.zohocdn.com ams.creativecdn.com tags.creativecdn.com fledge-eu.creativecdn.com *.dwin1.com *.awin1.com campaign.odicci.com le-male-elixir-primor.jeanpaulgaultier.com *.mrf.io www.descontoestudante.com auxwebpr1.primor.eu *.criteo.com *.criteo.net *.reetmo.com *.clic2buy.com *.clic2drive.com *.click2buy.com d27sapsk5j0xr8.cloudfront.net *.reetmo.media *.adnxs.com *.pinterest.com *.taboola.com s.pinimg.com *.jeanpaulgaultier.com *.facebook.com *.facebook.net criteo-sync.teads.tv sync-criteo.ads.yieldmo.com criteo-partners.tremorhub.com kerastase-quiz.vercel.app narcisorodriguez.jebbit.com *.caast.tv fragrance.hermes.com leseldissey.isseymiyakeparfums.com *.odicci.com *.googletagmanager.com *.doubleclick.net *.mainad.com *.tangoo.it *.tangooserver.com *.2trk.info experiencezadig.zadig-et-voltaire.com la-bomba-eretail.carolinaherrera.com xponemillion.rabanne.com rb-xmas-xp-2025.rabanne-experience.com jpg-gaultier-divine-chatbot-fragrances.com www.carolinaherrera.com gift-finder-noel.jeanpaulgaultier.com lantern.roeye.com *.connectif.cloud *.mainadv.com cdn.preciso.net ban.preciso.net cdn.2trk.info ban.2trk.info gentlemansociety.efghosting.com www.canva.com mockup-berrycrushprimor.my.canva.site 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com https:\/\/images.unsplash.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.connectif.cloud https:\/\/maps.googleapis.com instantcredit.net test.instantcredit.net *.syndigo.com *.syndigo.cloud https:\/\/firebasestorage.googleapis.com *.oct8ne.com *.cloudflare.com *.klarna.com *.googleadservices.com *.twitter.com *.twimg.com *.ytimg.com 'self' *.lightemporium.com *.usercentrics.eu *.dendago.com *.fontawesome.com *.doofinder.com black.bird.eu *.primor.eu *.afterpay.com *.redsys.es oct8necdneu.azureedge.net *.ggpht.com *.openstreetmap.org *.2mdn.net cdn.doofinder.com *.googletagmanager.com *.zoho.eu css.zohostatic.eu *.clarity.ms *.crazyegg.com *.frizbit.com *.bing.com *.awin.com *.tiktok.com *.outbrain.com *.reskyt.com cdn.reskyt.com *.zenaps.com *.the.sciencebehindecommerce.com the.sciencebehindecommerce.com ad.360yield.com ad.yieldlab.net cm.adform.net contextual.media.net criteo-partners.tremorhub.com criteo-sync.teads.tv eb2.3lift.com exchange.mediavine.com id5-sync.com match.sharethrough.com matching.ivitrack.com pixel.rubiconproject.com r.casalemedia.com rtb-csync.smartadserver.com simage2.pubmatic.com sync-criteo.ads.yieldmo.com ups.analytics.yahoo.com visitor.omnitagjs.com x.bidswitch.net beacon.krxd.net s.thebrighttag.com *.etrusted.com static.zohocdn.com ams.creativecdn.com tags.creativecdn.com fledge-eu.creativecdn.com *.dwin1.com *.awin1.com www.google.es *.mrf.io *.criteo.com *.criteo.net retailmedia-static.azureedge.net auxwebpr1.primor.eu *.reetmo.com *.clic2buy.com *.clic2drive.com *.click2buy.com *.reetmo.media *.adnxs.com *.pinterest.com *.taboola.com s.pinimg.com *.jeanpaulgaultier.com *.facebook.com *.facebook.net *.caast.tv *.doubleclick.net *.mainad.com *.tangoo.it *.tangooserver.com *.bing.net *.ban.2trk.info cdn.preciso.net ban.preciso.net cdn.2trk.info ban.2trk.info *.googlesyndication.com *.reddit.com *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com https:\/\/*.checkout.com *.klarnacdn.net *.connectif.cloud *.frizbit.com www.paycomet.com api.paycomet.com instantcredit.net test.instantcredit.net code.jquery.com *.klarna.com https:\/\/cdn.jsdelivr.net\/npm\/@fancyapps\/ui@5.0\/dist\/fancybox\/fancybox.umd.js *.syndigo.com *.avada.io *.shopify.com *.oct8ne.com *.geoapify.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.doofinder.com *.afterpay.com *.etrusted.com *.cloudfront.net cdn.doofinder.com *.zoho.eu *.zohostatic.eu *.zoho.com *.zohostatic.com *.primor.eu *.googletagmanager.com *.clarity.ms *.crazyegg.com sdk.mrf.io flowcards.mrf.io *.bing.com *.awin.com *.tiktok.com *.outbrain.com *.reskyt.com cdn.reskyt.com *.criteo.net *.criteo.com static.zohocdn.com ams.creativecdn.com tags.creativecdn.com fledge-eu.creativecdn.com *.dwin1.com *.awin1.com *.zenaps.com *.the.sciencebehindecommerce.com the.sciencebehindecommerce.com 'self' api.odicci.com www.hlserve.com cdn.ampproject.org *.mrf.io *.chetools.com auxwebpr1.primor.eu *.reetmo.com *.clic2buy.com *.clic2drive.com *.click2buy.com *.reetmo.media *.adnxs.com *.pinterest.com *.taboola.com s.pinimg.com *.jeanpaulgaultier.com *.facebook.com *.facebook.net criteo-sync.teads.tv sync-criteo.ads.yieldmo.com criteo-partners.tremorhub.com *.caast.tv *.youtube-nocookie.com *.empathy.co *.doubleclick.net *.mainad.com *.tangoo.it *.tangooserver.com *.preciso.net *.2trk.info *.googlesyndication.com tagmanager.google.com cdn.equalweb.com *.appsflyer.com lantern.roeyecdn.com cdn.preciso.net ban.preciso.net cdn.2trk.info ban.2trk.info *.googleadservices.com *.redditstatic.com *.reddit.com unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/cdn.checkout.com *.frizbit.com instantcredit.net test.instantcredit.net *.klarnacdn.net https:\/\/cdn.jsdelivr.net\/npm\/@fancyapps\/ui@5.0\/dist\/fancybox\/fancybox.css https:\/\/cdnjs.cloudflare.com *.fontawesome.com https:\/\/fonts.bunny.net *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.doofinder.com *.afterpay.com *.primor.eu *.cloudfront.net *.zoho.com *.zohostatic.com *.crazyegg.com *.bing.com *.awin.com *.tiktok.com *.outbrain.com *.reskyt.com cdn.reskyt.com *.zenaps.com *.the.sciencebehindecommerce.com the.sciencebehindecommerce.com *.etrusted.com static.zohocdn.com ams.creativecdn.com tags.creativecdn.com fledge-eu.creativecdn.com *.dwin1.com *.awin1.com *.mrf.io auxwebpr1.primor.eu *.reetmo.com *.clic2buy.com *.clic2drive.com *.click2buy.com *.reetmo.media *.adnxs.com *.pinterest.com *.taboola.com s.pinimg.com *.jeanpaulgaultier.com *.facebook.com *.facebook.net criteo-sync.teads.tv sync-criteo.ads.yieldmo.com criteo-partners.tremorhub.com *.googletagmanager.com *.tagmanager.google.com cdn.preciso.net ban.preciso.net cdn.2trk.info ban.2trk.info 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com blob: *.caast.tv *.mux.com *.youtube.com *.youtube-nocookie.com *.primor.eu 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com https:\/\/js.checkout.com *.klarnaevt.com *.connectif.cloud *.frizbit.com instantcredit.net *.instantcredit.net *.klarna.com *.klarnacdn.net *.syndigo.com https:\/\/get.geojs.io *.avada.io *.oct8ne.com *.geoapify.com *.cloudflare.com *.twitter.com *.twimg.com *.fontawesome.com *.doofinder.com *.doubleclick.net *.afterpay.com *.googleapis.com wss:\/\/*.doofinder.com *.zoho.eu *.zoho.com *.primor.eu https:\/\/www.google.com\/pay https:\/\/google.com\/pay https:\/\/pay.google.com\/about\/redirect https:\/\/pay.google.com\/gp\/p\/payment_method_manifest.json https:\/\/pay.google.com\/gp\/p\/web_manifest.json *.googletagmanager.com *.clarity.ms *.crazyegg.com events.newsroom.bi flowcards.mrf.io *.bing.com *.awin.com *.tiktok.com *.outbrain.com *.reskyt.com cdn.reskyt.com *.zenaps.com *.the.sciencebehindecommerce.com the.sciencebehindecommerce.com *.wepowerconnections.com static.zohocdn.com ams.creativecdn.com tags.creativecdn.com fledge-eu.creativecdn.com *.dwin1.com *.awin1.com *.mrf.io auxwebpr1.primor.eu *.criteo.net *.criteo.com *.reetmo.com *.clic2buy.com *.clic2drive.com *.click2buy.com *.reetmo.media *.adnxs.com *.pinterest.com *.taboola.com s.pinimg.com *.jeanpaulgaultier.com *.facebook.com *.facebook.net criteo-sync.teads.tv sync-criteo.ads.yieldmo.com criteo-partners.tremorhub.com *.onlive.site *.googlesyndication.com cdn.caast.tv *.caast.tv *.mux.com *.empathy.co *.google.es *.bing.net *.analytics-ipv6.tiktokw.us cdn.preciso.net ban.preciso.net cdn.2trk.info ban.2trk.info *.redditstatic.com *.reddit.com *.run.app 'self' 'unsafe-inline'; child-src *.caast.tv *.primor.eu http: https: blob: 'self' 'unsafe-inline'; default-src *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.cloudfront.net bc.marfeel.com *.bing.com *.awin.com *.tiktok.com *.outbrain.com *.reskyt.com cdn.reskyt.com *.zenaps.com *.the.sciencebehindecommerce.com the.sciencebehindecommerce.com static.zohocdn.com *.primor.eu *.dwin1.com *.awin1.com auxwebpr1.primor.eu *.reetmo.com *.clic2buy.com *.clic2drive.com *.click2buy.com *.reetmo.media *.adnxs.com *.pinterest.com *.taboola.com s.pinimg.com *.jeanpaulgaultier.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.feedingamerica.org\/report-uri\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self' https:; object-src 'none'; img-src 'self' https: blob: data:; font-src 'self' https: data:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https: wss:; report-uri https:\/\/buildkite.uriports.com\/reports\/report","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/cmp.inmobi.com https:\/\/cdn.intergient.com https:\/\/*.doubleclick.net https:\/\/cdn.intergi.com http:\/\/cdn.intergient.com https:\/\/btloader.com https:\/\/c.amazon-adsystem.com https:\/\/*.googlesyndication.com https:\/\/mowgoats.com; connect-src 'self' https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/jamie-oliver-2.commercelayer.io https:\/\/*.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/*.sentry.io https:\/\/*.playwire.com https:\/\/*.amazon-adsystem.com https:\/\/api.btloader.com https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/auth.commercelayer.io https:\/\/*.auth0.com https:\/\/csi.gstatic.com https:\/\/simple-save.jamieoliver.workers.dev https:\/\/s5g.jamieoliver.workers.dev; img-src 'self' https:\/\/asset.jamieoliver.com https:\/\/www.google.co.uk https:\/\/www.google-analytics.com https:\/\/px.moatads.com https:\/\/ad-delivery.net https:\/\/ad.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/img.youtube.com https:\/\/i.ytimg.com https:\/\/s.gravatar.com https:\/\/*.auth0.com https:\/\/*.googlesyndication.com https:\/\/csi.gstatic.com https:\/\/cdn.sanity.io https:\/\/*.wp.com data:; media-src 'self' data:; frame-src 'self' https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/cdn.intergient.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; worker-src 'self' blob:; object-src 'none'; style-src 'self' 'unsafe-inline' https:\/\/config.playwire.com; frame-ancestors 'none';","count":1},{"content-security-policy-report-only":" default-src data: blob: 'unsafe-eval' 'unsafe-inline' px-client.net px-cdn.net pxchk.net perimeterx.net px-cloud.net https: 'self'; script-src 7299633.collect.igodigital.com ajax.cloudflare.com *.bazaarvoice.com bs.serving-sys.com cdn.evgnet.com\/beacon\/liderdomicilio\/pruebas\/scripts\/evergage.min.js connect.facebook.net deploy.mopinion.com googleads.g.doubleclick.net *.lider.cl media.richrelevance.com recs.richrelevance.com s3.amazonaws.com\/mapcity-assets\/leaflet-0.7.3\/leaflet.js secure-ds.serving-sys.com services.mapcity.com static.cloudflareinsights.com www.google-analytics.com www.google.com www.googletagmanager.com *.googleapis.com static.hotjar.com script.hotjar.com https:\/\/cdn.jsdelivr.net\/npm\/slick-carousel@1.8.1\/slick\/slick.min.js *.googleadservices.com *.gstatic.com cdn-widgets.chattigo.com media.flixfacts.com media.flixcar.com 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'none'; report-uri https:\/\/csp.walmart.com\/c\/r\/liders","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/api.github.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/ace\/1.1.3\/ace.js https:\/\/connect.facebook.net\/en_US\/fbevents.js  https:\/\/connect.facebook.net\/signals\/config\/ https:\/\/js.intercomcdn.com https:\/\/js.intercomcdn.com\/vendor-modern.7a9ca9be.js https:\/\/prod.hackster-cdn.online\/ https:\/\/snap.licdn.com\/li.lms-analytics\/insight.min.js https:\/\/js.intercomcdn.com\/ https:\/\/widget.intercom.io\/widget\/l4h7orei https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.googletagmanager.com\/gtm.js  https:\/\/www.googletagmanager.com\/gtm.js https:\/\/www.gstatic.com\/recaptcha\/; style-src 'report-sample' 'self' 'unsafe-inline' https:\/\/prod.hackster-cdn.online https:\/\/cdnjs.cloudflare.com\/; object-src 'none'; base-uri 'self'; connect-src 'self' blob: https:\/\/www.hackster.io\/ https:\/\/hacksterio.s3.amazonaws.com\/ https:\/\/7yqjt9bhux-dsn.algolia.net https:\/\/analytics.google.com https:\/\/api-iam.intercom.io https:\/\/api.hackster.io https:\/\/o4506440451424256.ingest.sentry.io https:\/\/ohm-dot-hackster-io.appspot.com https:\/\/prod.hackster-cdn.online https:\/\/px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com wss:\/\/nexus-websocket-a.intercom.io; font-src 'self' data: application\/font-woff https:\/\/prod.hackster-cdn.online; frame-src 'self' https:\/\/lookerstudio.google.com\/ https:\/\/datastudio.google.com https:\/\/www.facebook.com\/ https:\/\/www.google.com https:\/\/www.youtube.com; img-src 'self' data: blob: https:\/\/lh6.googleusercontent.com https:\/\/lh5.googleusercontent.com https:\/\/content.arduino.cc https:\/\/avatars.githubusercontent.com https:\/\/avatars2.githubusercontent.com\/ https:\/\/platform-lookaside.fbsbx.com https:\/\/www.hackster.io\/ https:\/\/graph.facebook.com https:\/\/gravatar.com https:\/\/hackster.imgix.net https:\/\/i.ytimg.com https:\/\/lh3.googleusercontent.com https:\/\/prod.hackster-cdn.online https:\/\/px.ads.linkedin.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.newark.com https:\/\/px4.ads.linkedin.com; manifest-src 'self' https:\/\/prod.hackster-cdn.online; media-src 'self' https:\/\/hackster.imgix.net; report-uri https:\/\/6620045c077c1adc81b63f22.endpoint.csper.io\/?v=2; worker-src blob:;","count":1},{"content-security-policy-report-only":" frame-src *.force.com https:\/\/player.vimeo.com 'self' https:\/\/stats.g.doubleclick.net https:\/\/gmocloudcommunity.force.com *.youtube.co.uk https:\/\/sfdc-link-preview.hk.salesforce.com https:\/\/b99.yahoo.co.jp https:\/\/checkoutshopper-test.adyen.com\/ https:\/\/pal-test.adyen.com https:\/\/www.google.co.jp *.cybersource.com *.youtube.es https:\/\/www.domainking.jp *.adis.ws https:\/\/www.wadax.ne.jp https:\/\/jpn160.sfdc-p1i6qd.salesforce.com *.youtube.ie https:\/\/www.youtube.com *.cloudinary.com https:\/\/www.google.com https:\/\/pay.google.com https:\/\/analytics.google.com *.vimeo.com *.youtube.jp bcove.video *.youtube.fr https:\/\/altus.gmocloud.com https:\/\/*.a.forceusercontent.com https:\/\/player.cloudinary.com https:\/\/dnsck.gmocloud.com https:\/\/sfdc-link-preview-staging.sfdc.sh https:\/\/s1.adis.ws *.forceusercontent.com *.brightcove.net *.youtube.com *.youtube.nl https:\/\/service.force.com\/embeddedservice\/ https:\/\/faq.wadax.ne.jp https:\/\/fast.wistia.net *.quip.com *.arkoselabs.com *.youtube-nocookie.com https:\/\/www.paypal.com https:\/\/appiniummastertrial.secure.force.com https:\/\/play.vidyard.com https:\/\/translation.googleapis.com *.youtube.com.br https:\/\/icl.dns.ishioka.xyz *.salesforce-experience.com *.salesforceliveagent.com https:\/\/scormanywhere.secure.force.com https:\/\/gmogshd-ch.file.force.com https:\/\/checkoutshopper-live.adyen.com\/ *.sfdcfc.net *.youtube.ca https:\/\/location.force.com *.vidyard.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/players.brightcove.net https:\/\/cdn.embedly.com https:\/\/www.google.com\/recaptcha\/ https:\/\/js.stripe.com\/ https:\/\/www.sandbox.paypal.com https:\/\/support.gmocloud.com https:\/\/*.a.forceusercontent.com\/lightningmaps\/ https:\/\/www.googletagmanager.com *.wistia.net https:\/\/www.google-analytics.com *.salesforce.com https:\/\/www.rapidsite.jp *.youtube.pl; report-to sfdc-csp-ep; report-uri https:\/\/gmogshd-ch.lightning.force.com\/_\/ContentDomainCSPNoAuth?tenantId=00D10000000Hq6P&networkId=0DM5F00000001rL&type=communities","count":1},{"content-security-policy-report-only":" report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=0k84Ix9qpUvRifYoXJIstf4_CFFqfyI7uBIN1Jj1OO5Dk2hLqJQ8l_0W3qC20ffqsWw=&policy_id=71&user_id=&request_id=8a81298b-5a2c-41d6-bd53-113dbdd6eb7e; report-to csp-endpoint-kixqpuvrifyoxjistfcffqfyiubinjjoodkhlqjqlwqcffqsww; frame-ancestors 'none'","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' betano.bg *.betano.bg betano.com *.betano.com betgenius.com *.betgenius.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org facebook.net *.facebook.net fullstory.com *.fullstory.com gmlinteractive.com *.gmlinteractive.com creativecdn.com *.creativecdn.com kaizengaming.com *.kaizengaming.com kameleoon.eu *.kameleoon.eu optimove.net *.optimove.net sportradar.com *.sportradar.com bing.com *.bing.com betano.pt *.betano.pt cloudflareinsights.com *.cloudflareinsights.com app.delivery *.app.delivery clarity.ms *.clarity.ms lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com *.taboola.com *.geocomply.com *.kameleoon.io *.ads-twitter.com *.google-analytics.com *.jsdelivr.net *.kwai.net *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.sportradarserving.com *.pa4r.com *.brandinsight.tech res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co *.googletagmanager.com *.adform.net; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=qn0MuC.D3DKabWXs95Afa0dQj362JbXKU409tIdQ7dU-1778721390.8399594-1.0.1.1-T9ba83MeXjZ2LX77h8G.0DdMLtJdhfR9WtYlOZ.iCt.PzXaWTPSLPvPy_mZ4GbvnkeWuNlvON63at5D0I58AjCcCGGirS8DEVfXXXsoKu7wwCzUUHQ1t4cfjHi94eDcjTbQmjAjLtY3QJNAXb0Uicy4d_Hrjpa0Ry3Pzkwbg_iJx.jKFA.KV2HwZa4ekoEaQ; report-to cf-bhxsusrqgzjdzdpy","count":1},{"content-security-policy-report-only":" worker-src blob:; font-src fonts.gstatic.com *.kxcdn.com *.fontawesome.com principiaskin.com *.principiaskin.com https:\/\/fonts.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.facebook.com *.pinterest.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ facebook.com www.facebook.com *.kxcdn.com youtube.com www.youtube.com platform.twitter.com google.com *.addthis.com *.mercadolibre.com *.weltpixel.com connect.facebook.net graph.facebook.com business.facebook.com *.facebook.com *.authorize.net *.google.com *.paypal.com *.freshchat.com *.pagseguro.uol.com.br *.doubleclick.net *.pinterest.com *.principiacosmeticos.com principiaskin.com *.principiaskin.com *.googletagmanager.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io scontent.cdninstagram.com *.kxcdn.com *.twitter.com *.googleapis.com google.com *.gstatic.com *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.instagram.com *.magentocommerce.com *.ytimg.com s.ytimg.com *.pinterest.com *.googleadservices.com *.google.com *.google.com.br *.google.it *.google-analytics.com www.paypalobjects.com *.paypalobjects.com *.paypal.com www.paypal.com t.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.ftcdn.com *.behance.com *.pagseguro.com\/ www.apptrian.com *.apptrian.com *.mercadolivre.com *.yotpo.com *.adobedtm.com *.demdex.net *.everesttech.net assets.braintreegateway.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com c.paypal.com checkout.paypal.com https:\/\/pagseguro.uol.com.br https:\/\/sandbox.pagseguro.uol.com.br https:\/\/stc.pagseguro.uol.com.br https:\/\/sandbox.stc.pagseguro.uol.com.br *.doubleclick.net *.onesignal.com *.principiacosmeticos.com principiaskin.com *.principiaskin.com *.googletagmanager.com https:\/\/principiacosmeticos.com\/mtracking.gif https:\/\/www.google.com.ar\/ads\/ga-audiences https:\/\/www.google.com.ar\/pagead\/1p-user-list\/700931334\/ https:\/\/principiaskincare.com.br\/mtracking.gif https:\/\/t.co\/1\/i\/adsct *.facebook.com content.app-us1.com cdn.jsdelivr.net *.cloudfront.net *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com google.com *.gstatic.com cdn.ampproject.org connect.facebook.net www.googletagmanager.com googletagmanager.com *.kxcdn.com platform.twitter.com *.addthis.com *.addthisedge.com *.moatads.com *.mlstatic.com www.facebook.com graph.facebook.com business.facebook.com *.freshchat.com *.google.com *.google-analytics.com *.facebook.com *.adobedtm.com *.authorize.net *.braintreegateway.com *.cardinalcommerce.com *.paypal.com www.paypal.com *.ytimg.com *.googleadservices.com *.paypalobjects.com www.paypalobjects.com *.vimeo.com www.youtube.com *.viacep.com.br www.apptrian.com *.apptrian.com *.polyfill.io *.cloudflare.com *.pagseguro.uol.com.br *.tiktok.com *.pinimg.com *.mercadopago.com *.doubleclick.net *.ccdc02.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co api.comapi.com webchat.dotdigital.com *.avada.io pay.google.com *.yotpo.com *.onesignal.com https:\/\/onesignal.com\/api\/v1\/sync\/980b27db-f331-407d-8b91-7ea1ff79c577\/web *.principiacosmeticos.com https:\/\/principiacosmeticos.com\/mtc.js *.k-analytix.com principiaskin.com *.principiaskin.com *.cloudflareinsights.com https:\/\/designestylelab.com\/css\/ https:\/\/analytics-manager.com\/an https:\/\/analytics-manager.com\/an\/ https:\/\/principiaskincare.com.br\/mtc.js https:\/\/static.cloudflareinights.com\/beacon.min.js\/v52afc6f149f6479b8c77fa569edb01181681764108816 *.ads-twitter.com\/uwt.js *.pinterest.com diffuser-cdn.app-us1.com prism.app-us1.com *.activehosted.com trackcmp.net cdn.jsdelivr.net *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com google.com *.kxcdn.com *.gstatic.com *.fontawesome.com *.freshchat.com fonts.googleapis.com *.mercadopago.com getfirebug.com cdn.dnky.co webchat.dotdigital.com *.yotpo.com *.onesignal.com https:\/\/onesignal.com\/sdks\/OneSignalSDKStyles.css *.principiacosmeticos.com principiaskin.com *.principiaskin.com *.googletagmanager.com *.google.com cdn.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/www.paypal.com\/xoplatform\/logger\/api\/logger cdn.ampproject.org *.kxcdn.com *.mercadopago.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.rastreio.alfatracking.com.br *.tracking.totalexpress.com.br *.rastreio.fmtransportes.com.br *.correios.com.br *.instagram.com *.pinterest.com www.apptrian.com *.apptrian.com *.polyfill.io *.cloudflare.com *.paypal.com *.pinimg.com *.tiktok.com *.google.com *.google.com.br *.google.it https:\/\/www.google.com.br\/ads\/ga-audiences https:\/\/www.google.it\/ads\/ga-audiences *.google-analytics.com *.doubleclick.net *.yotpo.com *.mercadolibre.com *.onesignal.com https:\/\/onesignal.com\/api\/v1\/apps\/980b27db-f331-407d-8b91-7ea1ff79c577\/icon *.principiacosmeticos.com https:\/\/principiacosmeticos.com\/mtc\/event *.konduto.com principiaskin.com *.principiaskin.com *.googleapis.com *.viacep.com.br https:\/\/viacep.com.br\/ws\/ viacep.com.br\/ws *.amcglobal.sc.omtrdc.net *.geostag.cardinalcommerce.com *.geo.cardinalcommerce.com *.1eafstag.cardinalcommerce.com *.1eaf.cardinalcommerce.com *.centinelapistag.cardinalcommerce.com *.centinelapi.cardinalcommerce.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.api.comapi.com *.webchat.dotdigital.com *.ekr.zdassets.com *.braintreegateway.com *.braintree-api.com https:\/\/principiaskincare.com.br\/mtc\/event https:\/\/pagead2.googlesyndication.com\/pagead\/buyside_topics\/set\/ analytics.pangle-ads.com https:\/\/google.com\/ccm\/form-data\/700931334 https:\/\/google.com\/pagead\/form-data\/700931334 analytics-ipv6.tiktokw.us http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/get.geojs.io *.avada.io *.activehosted.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri csp-reporting\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/widgets.wp.com https:\/\/ajax.cloudflare.com https:\/\/stackpath.bootstrapcdn.com https:\/\/webdata.up.edu.ph https:\/\/s0.wp.com https:\/\/stats.wp.com https:\/\/pixel.wp.com https:\/\/cdn.jsdelivr.net https:\/\/apis.google.com; style-src 'self' 'unsafe-inline' https:\/\/widgets.wp.com https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/stackpath.bootstrapcdn.com https:\/\/use.typekit.net https:\/\/fonts-api.wp.com https:\/\/p.typekit.net https:\/\/s0.wp.com https:\/\/pixel.wp.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/up.edu.ph https:\/\/c0.wp.com; font-src 'self' data: https:\/\/fonts.wp.com https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/s0.wp.com https:\/\/c0.wp.com https:\/\/cdnjs.cloudflare.com https:\/\/*.wp.com; img-src 'self' data: blob: https:\/\/secure.gravatar.com https:\/\/scontent-xsp1-3.xx.fbcdn.net https:\/\/i0.wp.com https:\/\/i1.wp.com https:\/\/i2.wp.com https:\/\/pixel.wp.com https:\/\/public-api.wordpress.com https:\/\/*.wp.com https:\/\/up.edu.ph https:\/\/*.up.edu.ph; connect-src 'self' https:\/\/*.up.edu.ph https:\/\/elementor.com https:\/\/*.googleapis.com https:\/\/fontawesome.com https:\/\/stats.wp.com https:\/\/s0.wp.com https:\/\/c0.wp.com https:\/\/webdata.up.edu.ph https:\/\/pixel.wp.com https:\/\/stackpath.bootstrapcdn.com https:\/\/performance.typekit.net https:\/\/use.typekit.net; frame-src 'self' data: blob: https:\/\/www.youtube.com https:\/\/youtube.com https:\/\/www.youtube-nocookie.com https:\/\/googleusercontent.com https:\/\/www.google.com https:\/\/wordpress.com https:\/\/pixel.wp.com https:\/\/up.edu.ph https:\/\/*.up.edu.ph https:\/\/elementor.com https:\/\/*.elementor.com; object-src 'none'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self'; base-uri 'self'; form-action 'self'; report-to https:\/\/up.edu.ph\/wp-json\/csp-logger\/v1\/report; report-uri https:\/\/up.edu.ph\/wp-json\/csp-logger\/v1\/report;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-eval' 'unsafe-inline' *.algolia.com *.algolia.io *.algolia.net *.algolianet.com algolia.com algolia.io algolia.net algolianet.com blob: data: cdn.weglot.com *.3lift.com *.adroll.com *.affilae.com *.arcade.software *.bidr.io *.casalemedia.com *.clarity.ms *.clearbit.com *.company-target.com *.datadoghq.com *.doubleclick.net *.js.driftt.com *.facebook.com *.getbeamer.com *.googleoptimize.com *.googletagmanager.com *.hotjar.com *.licdn.com *.linkedin.com *.marketo.com *.mktoresp.com *.mutinycdn.com *.onetrust.com *.outbrain.com *.pendo.io *.pingdom.net *.pubmatic.com *.reddit.com *.rlcdn.com *.rubiconproject.com *.sitespect.com *.taboola.com *.twitter.com ajax.googleapis.com amplify.outbrain.com api.amplitude.com api.madkudu.com api.segment.io attr.ml-api.io bat.bing.com browser.sentry-cdn.com cdn.amplitude.com cdn.bizible.com cdn.cookielaw.org cdn.jsdelivr.net cdn.madkudu.com cdn.segment.com cdn.segment.io cdnjs.cloudflare.com client-registry.mutinycdn.com client.mutinycdn.com connect.facebook.net fonts.googleapis.com fonts.gstatic.com getbeamer.com js.driftt.com js.sentry-cdn.com js.stripe.com maxcdn.bootstrapcdn.com munchkin.marketo.net res.cloudinary.com s.ml-attr.com secure.adnxs.com secure.gravatar.com snap.licdn.com static.ads-twitter.com stats.g.doubleclick.net t.co tag.clearbitscripts.com tag.demandbase.com tr.outbrain.com tracking.g2crowd.com user-data.mutinycdn.com www.datadoghq-browser-agent.com www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.redditstatic.com www.welcometothejungle.com x.clearbitjs.com m.servedby-buysellads.com paapi9371.d41.co api.c99.ai analytics.funnelfuel.io v2.d41.co ; img-src * data: *.mutinycdn.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com ; font-src 'self' data: fonts.gstatic.com github.com images.mutinycdn.com maxcdn.bootstrapcdn.com use.typekit.net use.fontawesome.com ; connect-src 'self' *.algolia.com *.algolia.io *.algolia.net *.algolianet.com algolia.com algolia.io algolia.net algolianet.com data: api.weglot.com cdn.weglot.com *.clarity.ms *.datadoghq.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.hotjar.com *.hotjar.io *.linkedin.com *.mktoresp.com *.mktoutil.com *.mutinyhq.io *.onetrust.com *.pingdom.net *.segment.com *.segment.io *.sentry.io *.mutinyhq.com *.mutinyhq.io *.mutinycdn.com adservice.google.com api.amplitude.com api.company-target.com api.madkudu.com api.segment.io app.clearbit.com app.getsentry.com backend.getbeamer.com cdn.cookielaw.org d.adroll.com in.hotjar.com maps.googleapis.com prod-algolia-blog-subscription.herokuapp.com raw.githubusercontent.com stats.g.doubleclick.net us-central1-documentation-feedback.cloudfunctions.net user-data.mutinycdn.com vitals.vercel-insights.com wss:\/\/*.hotjar.com www.google-analytics.com www.google.com analytics.funnelfuel.io tag-logger.demandbase.com api.c99.ai ; worker-src 'self' blob: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.algolia.com *.algolia.io *.algolia.net *.algolianet.com algolia.com algolia.io algolia.net algolianet.com blob: data: cdn.weglot.com *.3lift.com *.adroll.com *.affilae.com *.arcade.software *.bidr.io *.casalemedia.com *.clarity.ms *.clearbit.com *.company-target.com *.datadoghq.com *.doubleclick.net *.js.driftt.com *.facebook.com *.getbeamer.com *.googleoptimize.com *.googletagmanager.com *.hotjar.com *.licdn.com *.linkedin.com *.marketo.com *.mktoresp.com *.mutinycdn.com *.onetrust.com *.outbrain.com *.pendo.io *.pingdom.net *.pubmatic.com *.reddit.com *.rlcdn.com *.rubiconproject.com *.sitespect.com *.taboola.com *.twitter.com ajax.googleapis.com amplify.outbrain.com api.amplitude.com api.madkudu.com api.segment.io attr.ml-api.io bat.bing.com browser.sentry-cdn.com cdn.amplitude.com cdn.bizible.com cdn.cookielaw.org cdn.jsdelivr.net cdn.madkudu.com cdn.segment.com cdn.segment.io cdnjs.cloudflare.com client-registry.mutinycdn.com client.mutinycdn.com connect.facebook.net fonts.googleapis.com fonts.gstatic.com getbeamer.com js.driftt.com js.sentry-cdn.com js.stripe.com maxcdn.bootstrapcdn.com munchkin.marketo.net res.cloudinary.com s.ml-attr.com secure.adnxs.com secure.gravatar.com snap.licdn.com static.ads-twitter.com stats.g.doubleclick.net t.co tag.clearbitscripts.com tag.demandbase.com tr.outbrain.com tracking.g2crowd.com user-data.mutinycdn.com www.datadoghq-browser-agent.com www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.redditstatic.com www.welcometothejungle.com x.clearbitjs.com m.servedby-buysellads.com paapi9371.d41.co api.c99.ai analytics.funnelfuel.io v2.d41.co ; report-uri https:\/\/algolia.report-uri.com\/r\/t\/csp\/wizard","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/unric.org https:\/\/*.unric.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/unric.org https:\/\/*.unric.org https:\/\/e4k4c4x9.delivery.rocketcdn.me https:\/\/static.cloudflareinsights.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.youtube.com https:\/\/s.ytimg.com https:\/\/i.ytimg.com https:\/\/www.instagram.com https:\/\/platform.instagram.com https:\/\/graph.instagram.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/graph.facebook.com https:\/\/platform.twitter.com https:\/\/cdn.syndication.twimg.com https:\/\/syndication.twitter.com https:\/\/pbs.twimg.com https:\/\/open.spotify.com https:\/\/embed.podcasts.apple.com https:\/\/w.soundcloud.com https:\/\/widget.sndcdn.com https:\/\/api.soundcloud.com https:\/\/api-v2.soundcloud.com https:\/\/www.podbean.com https:\/\/player.podbean.com https:\/\/www.flickr.com https:\/\/live.staticflickr.com https:\/\/api.flickr.com https:\/\/combo.staticflickr.com https:\/\/player.vimeo.com https:\/\/f.vimeocdn.com https:\/\/www.tiktok.com https:\/\/www.threads.net https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/maps.googleapis.com https:\/\/www.recaptcha.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.kaltura.com https:\/\/cdnapisec.kaltura.com; style-src 'self' 'unsafe-inline' https:\/\/unric.org https:\/\/*.unric.org https:\/\/e4k4c4x9.delivery.rocketcdn.me https:\/\/fonts.googleapis.com https:\/\/platform.twitter.com https:\/\/ton.twimg.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/a-v2.sndcdn.com; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/e4k4c4x9.delivery.rocketcdn.me data:; img-src 'self' data: blob: https: http:; connect-src 'self' https:\/\/*.unric.org https:\/\/cloudflareinsights.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/www.instagram.com https:\/\/graph.instagram.com https:\/\/graph.facebook.com https:\/\/api.twitter.com https:\/\/api.flickr.com https:\/\/open.spotify.com https:\/\/api.soundcloud.com https:\/\/api-v2.soundcloud.com https:\/\/wis.sndcdn.com https:\/\/www.recaptcha.net https:\/\/www.google.com https:\/\/cdn.kaltura.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/www.instagram.com https:\/\/platform.instagram.com https:\/\/www.facebook.com https:\/\/platform.twitter.com https:\/\/syndication.twitter.com https:\/\/open.spotify.com https:\/\/embed.podcasts.apple.com https:\/\/w.soundcloud.com https:\/\/www.podbean.com https:\/\/player.podbean.com https:\/\/www.flickr.com https:\/\/live.staticflickr.com https:\/\/anchor.fm https:\/\/player.megaphone.fm https:\/\/embed.acast.com https:\/\/www.tiktok.com https:\/\/www.threads.net https:\/\/www.google.com https:\/\/www.recaptcha.net https:\/\/maps.googleapis.com https:\/\/cdnapisec.kaltura.com; child-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/www.instagram.com https:\/\/platform.twitter.com https:\/\/www.google.com; media-src 'self' https: data: blob:; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-dvMyfDUVGNnUh6ocfSSaOQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src * 'self' data: blob: 'unsafe-inline' 'unsafe-eval';  report-uri \/csp-report-endpoint;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-VhT5c5apghjM-uOp1tx2JQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self';report-uri \/csp.php","count":1},{"content-security-policy-report-only":" default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com chat.bncenlinea.com:8000 ajax.googleapis.com 341d26ed8226.bncenlinea.com ajax.aspnetcdn.com cdn.jsdelivr.net cdnjs.cloudflare.com d3i9pllfrk5tet.cloudfront.net d3q4nr72nuserl.cloudfront.net maxcdn.bootstrapcdn.com s3.amazonaws.com www.googletagmanager.com s3.amazonaws.com;style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com d3i9pllfrk5tet.cloudfront.net d3q4nr72nuserl.cloudfront.net;font-src 'self' d3i9pllfrk5tet.cloudfront.net fonts.gstatic.com fonts.googleapis.com; img-src 'self' data: s3.amazonaws.com d3i9pllfrk5tet.cloudfront.net d3q4nr72nuserl.cloudfront.net;connect-src 'self' ajax.aspnetcdn.com cdn.jsdelivr.net cdnjs.cloudflare.com cloudfront.net 341d26ed8226.bncenlinea.com www.google-analytics.com;","count":1},{"content-security-policy-report-only":" base-uri 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'nonce-EpuK1OMKFIlno1ubvF4HqA=='","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-e1uVYniOGSvPx-LHc0otjg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" base-uri 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.transcend.io js.stripe.com s.ytimg.com tagmanager.google.com transcend-cdn.com www.google-analytics.com www.googletagmanager.com www.mozilla.org www.youtube.com; upgrade-insecure-requests; img-src 'self' blog.mozilla.org data: images.ctfassets.net www.google-analytics.com www.googletagmanager.com www.mozilla.org; frame-src 'self' accounts.firefox.com gtm.mozilla.org js.stripe.com www.google-analytics.com www.googletagmanager.com www.youtube.com; media-src 'self' assets.mozilla.net videos.cdn.mozilla.net www.mozilla.org; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' cdn.transcend.io transcend-cdn.com www.mozilla.org; font-src 'self' www.mozilla.org; form-action 'self' https:\/\/abdri3ttkb.execute-api.us-east-2.amazonaws.com https:\/\/accounts.firefox.com\/ https:\/\/basket.mozilla.org; default-src 'self' *.mozilla.org; object-src 'none'; connect-src 'self' cdn.transcend.io gtm.mozilla.org https:\/\/abdri3ttkb.execute-api.us-east-2.amazonaws.com https:\/\/accounts.firefox.com\/ https:\/\/basket.mozilla.org o1069899.ingest.sentry.io o1069899.sentry.io region1.google-analytics.com telemetry.transcend.io telemetry.us.transcend.io transcend-cdn.com www.google-analytics.com www.googletagmanager.com www.mozilla.org\/submit\/bedrock\/","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss:\/\/*.dathost.net https:\/\/*.dathost.net https:\/\/www.googletagmanager.com https:\/\/*.cookieyes.com https:\/\/cdn-cookieyes.com https:\/\/analytics.ahrefs.com https:\/\/widget.trustpilot.com https:\/\/*.clarity.ms https:\/\/c.bing.com\/ https:\/\/beacon-v2.helpscout.net https:\/\/beaconapi.helpscout.net https:\/\/d3hb14vkzrxvla.cloudfront.net https:\/\/d33v4339jhl8k0.cloudfront.net https:\/\/cdnjs.cloudflare.com https:\/\/*.js.stripe.com https:\/\/js.stripe.com https:\/\/api.stripe.com https:\/\/hooks.stripe.com https:\/\/maps.googleapis.com https:\/\/*.gravatar.com https:\/\/s3.dathost.net https:\/\/www.paypalobjects.com https:\/\/fonts.gstatic.com https:\/\/media.forgecdn.net https:\/\/avatars.steamstatic.com https:\/\/accounts.google.com https:\/\/challenges.cloudflare.com https:\/\/i.gyazo.com https:\/\/i.imgur.com https:\/\/i.ytimg.com https:\/\/*.youtube.com https:\/\/fonts.googleapis.com https:\/\/use.typekit.net https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.google.ae https:\/\/www.google.at https:\/\/www.google.az https:\/\/www.google.ba https:\/\/www.google.be https:\/\/www.google.bg https:\/\/www.google.by https:\/\/www.google.ca https:\/\/www.google.ch https:\/\/www.google.co.id https:\/\/www.google.co.il https:\/\/www.google.co.in https:\/\/www.google.co.jp https:\/\/www.google.co.kr https:\/\/www.google.co.nz https:\/\/www.google.co.th https:\/\/www.google.co.uk https:\/\/www.google.co.ve https:\/\/www.google.co.za https:\/\/www.google.com https:\/\/www.google.com.ar https:\/\/www.google.com.at https:\/\/www.google.com.au https:\/\/www.google.com.bg https:\/\/www.google.com.bh https:\/\/www.google.com.br https:\/\/www.google.com.co https:\/\/www.google.com.cy https:\/\/www.google.com.hk https:\/\/www.google.com.kh https:\/\/www.google.com.lb https:\/\/www.google.com.mm https:\/\/www.google.com.mx https:\/\/www.google.com.pe https:\/\/www.google.com.ph https:\/\/www.google.com.pk https:\/\/www.google.com.qa https:\/\/www.google.com.sg https:\/\/www.google.com.tj https:\/\/www.google.com.tr https:\/\/www.google.com.tw https:\/\/www.google.com.ua https:\/\/www.google.com.vn https:\/\/www.google.cz https:\/\/www.google.de https:\/\/www.google.dk https:\/\/www.google.ee https:\/\/www.google.es https:\/\/www.google.fi https:\/\/www.google.fr https:\/\/www.google.gr https:\/\/www.google.hr https:\/\/www.google.hu https:\/\/www.google.ie https:\/\/www.google.is https:\/\/www.google.it https:\/\/www.google.kz https:\/\/www.google.lt https:\/\/www.google.lv https:\/\/www.google.md https:\/\/www.google.mk https:\/\/www.google.mn https:\/\/www.google.nl https:\/\/www.google.no https:\/\/www.google.pl https:\/\/www.google.pt https:\/\/www.google.ro https:\/\/www.google.ru https:\/\/www.google.rs https:\/\/www.google.se https:\/\/www.google.sk https:\/\/www.googleadservices.com; report-uri \/internal-api\/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/www.googletagmanager.com https:\/\/js.maxmind.com https:\/\/*.captcha-sdk.awswaf.com https:\/\/*.sdk.awswaf.com https:\/\/*.google-analytics.com https:\/\/*.googleadservices.com https:\/\/*.doubleclick.net https:\/\/connect.facebook.net https:\/\/analytics.tiktok.com https:\/\/snap.licdn.com https:\/\/sc-static.net https:\/\/cdn.shopify.com https:\/\/assets.prod.eero.com\/2026.5.11; style-src 'self' 'unsafe-inline'; connect-src 'self' https:\/\/o80279.ingest.us.sentry.io https:\/\/dataplane.rum.us-west-2.amazonaws.com https:\/\/cognito-identity.us-west-2.amazonaws.com https:\/\/api-js.mixpanel.com https:\/\/prod.spline.design https:\/\/graphql.contentful.com https:\/\/*.myshopify.com https:\/\/geoip.maxmind.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/*.google-analytics.com https:\/\/*.googleadservices.com https:\/\/*.doubleclick.net https:\/\/connect.facebook.net https:\/\/analytics.tiktok.com https:\/\/snap.licdn.com https:\/\/*.snapchat.com https:\/\/cdn.shopify.com https:\/\/assets.prod.eero.com\/2026.5.11 https:\/\/contentful.prod.eero.com; img-src 'self' data: https:\/\/images.ctfassets.net https:\/\/cdn.shopify.com https:\/\/d2vw57jh8139vw.cloudfront.net https:\/\/*.google-analytics.com https:\/\/*.doubleclick.net https:\/\/www.facebook.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/contentful.prod.eero.com; media-src 'self' https:\/\/videos.ctfassets.net https:\/\/assets.ctfassets.net https:\/\/downloads.ctfassets.net https:\/\/contentful.prod.eero.com; frame-src 'self' https:\/\/consentcdn.cookiebot.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com https:\/\/*.captcha-sdk.awswaf.com https:\/\/*.sdk.awswaf.com https:\/\/*.snapchat.com; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-to csp-endpoint; report-uri https:\/\/eero-e0.ingest.us.sentry.io\/api\/1290158\/security\/?sentry_key=de73dba95aab41c699869bbaa820ce92","count":1},{"content-security-policy-report-only":" default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn-web.zinio.com https:\/\/js-agent.newrelic.com https:\/\/*.nr-data.net https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/*.paypal.com https:\/\/www.paypalobjects.com https:\/\/*.braintreegateway.com https:\/\/*.cardinalcommerce.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.zdassets.com https:\/\/*.zendesk.com https:\/\/*.smooch.io https:\/\/*.twilio.com wss:\/\/*.zendesk.com wss:\/\/api.smooch.io wss:\/\/voice-js.roaming.twilio.com https:\/\/zinio-sjc.gravityrd-services.com https:\/\/*.zopim.com https:\/\/recaptcha.net https:\/\/www.gstatic.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/sleeknotecustomerscripts.sleeknote.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/app.vwo.com https:\/\/apis.google.com https:\/\/accounts.google.com\/gsi\/client https:\/\/*.kaptcha.com;style-src 'self' 'unsafe-inline' https:\/\/*.audiencemedia.com data: https:\/\/app.vwo.com https:\/\/use.fontawesome.com https:\/\/accounts.google.com\/gsi\/style;img-src 'self' data: blob: https:\/\/*.ziniopro.com https:\/\/*.audiencemedia.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/google.com https:\/\/*.paypal.com https:\/\/*.braintreegateway.com https:\/\/static.zdassets.com https:\/\/*.zendesk.com https:\/\/media.smooch.io https:\/\/*.zdusercontent.com https:\/\/v2assets.zopim.io https:\/\/discover.zinio.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/analytics.sleeknote.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/*.kaptcha.com;media-src 'self' https:\/\/static.zdassets.com;connect-src 'self' webpack: https:\/\/*.audiencemedia.com https:\/\/*.ziniopro.com https:\/\/*.nr-data.net https:\/\/googleads.g.doubleclick.net https:\/\/adservice.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/google.com https:\/\/cdn.jsdelivr.net https:\/\/*.braintree-api.com https:\/\/*.braintreegateway.com https:\/\/*.cardinalcommerce.com https:\/\/www.paypal.com wss:\/\/widget-mediator.zopim.com https:\/\/*.zdassets.com https:\/\/*.zendesk.com https:\/\/*.smooch.io https:\/\/*.twilio.com wss:\/\/*.zendesk.com wss:\/\/api.smooch.io wss:\/\/voice-js.roaming.twilio.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/analytics.google.com https:\/\/www.google.com https:\/\/*.googletagmanager.com https:\/\/collector.datacloud.zinio.com https:\/\/www.facebook.com https:\/\/cdnjs.cloudflare.com https:\/\/analytics.sleeknote.com https:\/\/fonts.googleapis.com https:\/\/images.sleeknote.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/sleeknotecustomerscripts.sleeknote.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/sdk.iad-07.braze.com https:\/\/use.fontawesome.com https:\/\/accounts.google.com\/gsi\/ https:\/\/*.kaptcha.com collector.datacloud.zinio.com;font-src 'self' https:\/\/*.audiencemedia.com https:\/\/fonts.gstatic.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/use.fontawesome.com;frame-src 'self' https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/*.paypal.com https:\/\/*.braintreegateway.com https:\/\/recaptcha.net https:\/\/www.facebook.com https:\/\/web.facebook.com https:\/\/*.sleeknote.com https:\/\/app.vwo.com https:\/\/accounts.google.com\/gsi\/;frame-ancestors 'none';child-src 'self' https:\/\/*.kaptcha.com;base-uri 'self';form-action 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' https:\/\/*.google.com; require-trusted-types-for 'script'; trusted-types sanitizer unsafe dompurify scriptHelper","count":1},{"content-security-policy-report-only":" default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.scene7.com *.amazon-adsystem.com *.appdemostore.com *.atdmt.com *.avocet.io *.blubrry.com *.clicktale.net *.craftyclicks.co.uk  *.chatcora.natwest.com *.doubleclick.net *.everesttech.net *.facebook.com *.facebook.net *.fca.org.uk *.google.co.uk *.google.com *.googleadservices.com *.jwpcdn.com *.liveperson.net *.linkedin.com *.lpsnmedia.net *.natwest.com *.neolane.net *.nwolb.com *.omguk.com *.omtrdc.net *.pinimg.com *.pinterest.com *.raptmedia.com *.snapchat.com *.userzoom.com *.youtube.com *.ytimg.com analytics.twitter.com api.swiftype.com dcs.demdex.net dpm.demdex.net fast.demdex.net fast.rbs.demdex.net jwpltx.com rbs.demdex.net sc-static.net static.ads-twitter.com t.co www.brightedge.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uz *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com.af *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sb *.google.com.sg *.google.com.sl *.google.com.tj *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.es *.google.fi *.google.fr *.google.ge *.google.gg *.google.gm *.google.gp *.google.gr *.google.gy *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.la *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc*.google.se *.google.sh *.google.si *.google.sk *.google.sn *.google.so *.google.tg *.google.tm *.google.tn *.google.tt adservice.google.ro *.googleapis.com *.live.hdexternal.co.uk *.hdddirectsolutions.co.uk fonts.gstatic.com *.everesttech.net *.everestjs.net cdn.cookielaw.org cdn-apple.com; upgrade-insecure-requests; report-uri https:\/\/natwestpersonal.report-uri.com\/r\/t\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" default-src 'self' https:; base-uri https:\/\/www.elysee.fr; block-all-mixed-content; child-src *; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/www.elysee.fr https:\/\/admin.elysee.fr https:\/\/www.elysee.fr; form-action 'self'; frame-ancestors 'none'; img-src https:\/\/stats.g.doubleclick.net data: https:\/\/www.elysee.fr https:\/\/admin.elysee.fr https:\/\/www.elysee.fr https:\/\/captcha.liveidentity.com https:\/\/*.tile.openstreetmap.org; plugin-types video\/*; script-src 'unsafe-inline' https:\/\/www.elysee.fr https:\/\/isho.elysee.fr https:\/\/admin.elysee.fr https:\/\/www.elysee.fr https:\/\/captcha.liveidentity.com https:\/\/platform.twitter.com https:\/\/www.instagram.com; style-src https:\/\/fonts.googleapis.com 'unsafe-inline' https:\/\/www.elysee.fr https:\/\/admin.elysee.fr https:\/\/www.elysee.fr","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.yelp.com\/csp_report_only?id=ac9507ceffdbbba4&page=csp_report_frame_directives%2Cfull_site_ssl_csp_report_directives&policy_hash=41d0c45536d2a082f11d1cd0e00fde7f&site=www&timestamp=1778722407; frame-ancestors 'self' https:\/\/*.yelp.com; default-src https:; img-src https: data: blob:; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; font-src data: https:; child-src https: yelp-webview:\/\/* yelp:\/\/* data:; object-src 'none'; worker-src blob: https:; base-uri 'self'; form-action https:","count":1},{"content-security-policy-report-only":" report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-gElT4WZZ2ktHpnHX--ogew' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/pagesense-collect.zoho.com https:\/\/stats.g.doubleclick.net https:\/\/translate.googleapis.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; font-src 'self' data: https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/connect.facebook.net https:\/\/m.facebook.com https:\/\/maps.google.com https:\/\/maps.googleapis.com https:\/\/mobile.facebook.com https:\/\/platform.twitter.com https:\/\/static.addtoany.com https:\/\/web.facebook.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com; img-src 'self' data: blob: https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/fonts.gstatic.com https:\/\/pagesense-collect.zoho.com https:\/\/*.fbcdn.net https:\/\/stats.g.doubleclick.net https:\/\/translate.google.com https:\/\/translate.googleapis.com https:\/\/www.gcis.gov.za https:\/\/www.google.com https:\/\/www.google.co.za https:\/\/www.googletagmanager.com https:\/\/www.gov.za https:\/\/www.gstatic.com https:\/\/www.publicsectormanager.gov.za https:\/\/www.sanews.gov.za https:\/\/www.vukuzenzele.gov.za https:\/\/*.openstreetmap.org https:\/\/*.ytimg.com https:\/\/www.google-analytics.com; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https:\/\/*.google-analytics.com https:\/\/cdn.pagesense.io https:\/\/connect.facebook.net https:\/\/maps.googleapis.com https:\/\/platform.twitter.com https:\/\/static.addtoany.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/platform.twitter.com; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; report-uri https:\/\/www.gov.za\/system\/reporting\/default; report-to default","count":1},{"content-security-policy-report-only":" base-uri 'none'; font-src 'self' https: data:; form-action https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/www.facebook.com; frame-ancestors 'self'; img-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/ads-twitter.com https:\/\/ads-api.twitter.com https:\/\/analytics.twitter.com https:\/\/mautic.netcup.news https:\/\/px.ads.linkedin.com 'self' blob: data: https: https:\/\/www.captcha.eu; object-src 'none'; script-src-attr 'none'; style-src 'self' 'unsafe-inline' https:\/\/www.captcha.eu; script-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com https:\/\/*.onetrust.com https:\/\/measure.netcup.com https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com https:\/\/cdn.brevo.com\/js\/sdk-loader.js https:\/\/www.captcha.eu 'self' 'wasm-unsafe-eval' 'nonce-B6PRPtBMiUSt\/6hLTsDijyGT'; child-src blob: https:\/\/td.doubleclick.net; connect-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/ads-twitter.com https:\/\/ads-api.twitter.com https:\/\/analytics.twitter.com https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com https:\/\/*.onetrust.com https:\/\/www.google.com https:\/\/in-automate.brevo.com https:\/\/measure.netcup.com https:\/\/google.com https:\/\/px.ads.linkedin.com https:\/\/*.clarity.ms\/ 'self' https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/www.captcha.eu https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/cdn.cookielaw.org https:\/\/adservice.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.redditstatic.com https:\/\/pixel-config.reddit.com https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/bat.bing.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com; frame-src https:\/\/td.doubleclick.net https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/measure.netcup.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com\/ https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com; script-src-elem https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/cdn.brevo.com\/js\/sdk-loader.js https:\/\/sibautomation.com\/sa.js https:\/\/sibforms.com\/ https:\/\/www.googleadservices.com https:\/\/www.redditstatic.com 'self' 'unsafe-inline' https:\/\/*.googletagmanager.com https:\/\/static.ads-twitter.com https:\/\/snap.licdn.com https:\/\/bat.bing.com https:\/\/connect.facebook.net https:\/\/*.clarity.ms https:\/\/googleads.g.doubleclick.net https:\/\/cdn.cookielaw.org https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/measure.netcup.com https:\/\/www.youtube.com https:\/\/pagead2.googlesyndication.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com; worker-src blob:; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net self data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de https:\/\/store.plumrocket.com pal-test.adyen.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.paypal.com self *.doubleclick.net *.criteo.com *.easydmp.net *.snapchat.com https:\/\/store.plumrocket.com https:\/\/accounts.google.com checkoutshopper-test.adyen.com pal-test.adyen.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com self *.bing.com *.paypal.com *.google.fr *.electrodepot.fr *.electrodepot.be *.electrodepot.es *.cookielaw.org *.snapchat.com checkoutshopper-test.adyen.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com self sc-static.net *.abtasty.com *.jsdelivr.net *.gstatic.com *.facebook.net *.tiktok.com *.googleapis.com *.easydmp.net *.vzbl.eu *.aticdn.net *.m1by1.com *.woosmap.com *.doubleclick.net *.cookielaw.org *.snapchat.com *.valiuz.com *.mediarithmics.com *.prediggo.services https:\/\/accounts.google.com checkoutshopper-test.adyen.com 'self' 'unsafe-eval' 'nonce-bTF3dTB2OTQzbTAzd2p4ZnJ5c2FwbmFhaDhiaW91dXM=' 'sha256-W5akSSK6LD5BjIlNICMcXaUObQSRAaj6bs7JHADURBA=' 'sha256-3qVqeAdyxxTdPkkRzqapjGkAUYLahxSrB7Mdup+GPQ0=' 'sha256-2rvfFrggTCtyF5WOiTri1gDS8Boibj4Njn0e+VCBmDI=' 'sha256-p8MCfMHqrovsjRYU9z0bU17dd0z81k\/fVbGrtBBiM9g=' 'sha256-0pk2s4oXwBELlC6IBVb3nNaM2PjfjwI2N6OGIX5lx8Y=' 'sha256-nkEZknO0IxNxY\/CkTMBhjNhwPvglpYumjx31B4fjkY8='; style-src *.adobe.com fonts.googleapis.com self *.gstatic.com *.electrodepot.fr *.electrodepot.be *.electrodepot.es *.snapchat.com https:\/\/accounts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.adyen.com *.google.com google.com payments-eu.amazon.com *.paypal.com self *.snapchat.com *.cookielaw.org *.abtasty.com *.googleapis.com *.vzbl.eu *.criteo.com *.easydmp.net *.xiti.com *.valiuz.com *.doubleclick.net *.mediarithmics.com https:\/\/accounts.google.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.electrodepot.fr *.electrodepot.be *.electrodepot.es *.bing.com *.criteo.net *.snapchat.com *.netvigie.com *.xiti.com *.valiuz.com *.googletagmanager.com *.google.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' *.signnow.com; script-src 'report-sample' 'self' *.bing.com *.cloudflare.com googleads.g.doubleclick.net *.stripe.com run.pstmn.io *.signnow.com *.google.com www.google.com *.googletagmanager.com *.gstatic.com *.upsellit.com *.intercom.io *.paypal.com *.recaptcha.net *.checkout.com infird.com *.gstatic.cn *.braintreegateway.com *.intercomcdn.com *.smartlook.com widget.intercom.io *.clarity.ms static.ads-twitter.com a.quora.com secure.rocketgate.com *.pdffiller.com widget.trustpilot.com applepay.cdn-apple.com ajax.googleapis.com ct.capterra.com js.zi-scripts.com www.dropbox.com stats.wp.com; style-src 'report-sample' 'self' *.googleapis.com *.signnow.com *.pdffiller.com *.google.com cdnjs.cloudflare.com cdn.airslate-pmnt-hub.com; object-src 'none'; base-uri 'self'; connect-src 'self' *.ingest.sentry.io *.ingest.us.sentry.io *.signnow.com *.google-analytics.com *.google.com *.googleadservices.com *.smartlook.cloud *.braintreegateway.com *.bing.com bat.bing.com *.intercom.io *.googleapis.com *.checkout.com *.usrsprt.com *.braintree-api.com *.infrateam.net *.recaptcha.net *.googletagmanager.com google.com *.paypal.com *.clarity.ms *.pdffiller.com js.zi-scripts.com *.cdn77.org www.google.de www.google.co.uk www.google.fr www.google.es www.google.it www.google.pt www.google.nl www.google.be www.google.at www.google.ch www.google.se www.google.dk www.google.fi www.google.no www.google.ie www.google.ro www.google.pl www.google.co.in www.google.co.za www.google.co.ug www.google.co.zw www.google.co.zm www.google.ba www.google.tn www.google.mw www.google.tl www.google.sc www.google.com.et www.google.com.jm www.google.com.sl www.google.com.uy www.google.ca www.google.cl www.google.gr www.google.co.th www.google.com.ar www.google.com.co www.google.com.ph www.google.com.pr www.google.com.mt; font-src 'self' fonts.gstatic.com fonts.intercomcdn.com *.signnow.com r2cdn.perplexity.ai cdn.scite.ai static.rakuten.com *.intercomcdn.com applepay.cdn-apple.com *.pdffiller.com cdn.airslate-pmnt-hub.com; frame-src 'self' *.signnow.com signnow.com *.statuspage.io *.airslate.com *.stripe.com *.google.com *.googletagmanager.com *.pdffiller.com www.youtube.com *.braintreegateway.com *.paypal.com *.altaflow.com *.recaptcha.net *.checkout.com challenges.cloudflare.com widget.trustpilot.com signnow.sjv.io ssl.kaptcha.com; img-src 'self' blob: data: *.google.com *.bing.com *.analytics.google.com www.google.com.co *.intercomcdn.com *.google.de *.google.ca googleads.g.doubleclick.net img.youtube.com *.signnow.com stats.g.doubleclick.net *.google-analytics.com i.ytimg.com *.paypal.com *.googletagmanager.com *.rakuten.com *.doubleclick.net *.gstatic.com *.pdffiller.com *.airslate-pmnt-hub.com analytics.twitter.com t.co bat.bing.net q.quora.com s.w.org www.google.fr www.google.es www.google.it www.google.pt www.google.at www.google.ch www.google.se www.google.dk www.google.fi www.google.ie www.google.ro www.google.ee www.google.lt www.google.al www.google.am www.google.mk www.google.is www.google.co.in www.google.co.th www.google.co.cr www.google.co.ve www.google.co.tz www.google.co.ao www.google.co.bw www.google.ps www.google.ht www.google.sr www.google.rw www.google.com.tr www.google.com.sg www.google.com.pk www.google.com.ng www.google.com.gh www.google.com.et www.google.com.eg www.google.com.cy www.google.com.mt www.google.com.my www.google.com.kh www.google.co.uk www.google.co.za www.google.be www.google.cl www.google.gr www.google.co.il www.google.co.kr www.google.co.id www.google.co.ke www.google.co.mz www.google.lk www.google.lv www.google.ae www.google.bs www.google.com.ar www.google.com.au www.google.com.br www.google.com.do www.google.com.hk www.google.com.jm www.google.com.mx www.google.com.ph www.google.com.pr www.google.com.qa www.google.com.sa www.google.com.ua www.google.com.uy www.google.com.vn; manifest-src 'self' *.signnow.com; media-src 'self' *.signnow.com static.rakuten.com; worker-src 'self' *.signnow.com *.pdffiller.com blob:; report-uri https:\/\/csp-collector.signnow.com\/csp-report;","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=PAMIWZWlwjAE32MHiBi5ljCD9ozwNbTapn6nmh7BAFQ-1778727894.792873-1.0.1.1-PhNQKyd0NakyhvMpwXD15ZDsE0xCxnp8RsYIuxRznK3h5n4JNB.a0_mkG85SGxA5ISUK6TsCrc9UOSHmJVKP_.bGyFuq0qTqB8y2LU1l7XTdRP7tEypPpGr0eLTW37Tz_nXHpl.8QtUK_h0ljikLlulegQUD.PfzpIXwfgX1XSM; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.typo3.com https:\/\/*.typo3.org https:\/\/*.typo3.community; script-src 'self' 'nonce-JW4a1KHC4cszaHEPnkirs-F6z7P6D9FEqG_pR24_N3XtJF3gQEkdaA' https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/*.typo3.com https:\/\/*.typo3.org https:\/\/*.typo3.community https:\/\/*.usercentrics.eu https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/*.googleusercontent.com https:\/\/www.google.com https:\/\/www.google.de https:\/\/my.typo3.org https:\/\/translate.google.com https:\/\/fonts.gstatic.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/ https:\/\/*.usercentrics.eu https:\/\/open.spotify.com https:\/\/*.google.com; style-src-elem 'self' 'nonce-JW4a1KHC4cszaHEPnkirs-F6z7P6D9FEqG_pR24_N3XtJF3gQEkdaA' https:\/\/*.usercentrics.eu https:\/\/fonts.googleapis.com 'sha256-47DEQpj8HBSa+\/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-qpPKhzMFkMiirjWjPurV6cjuOjQ9FoLd7uN4fNsVRgo=' 'sha256-TRl8JAZebd3YtH6TZcu8kfonvqVF+OKsaGJ0G7U307g=' 'sha256-gSkVI6xXOH1kRz+tSaq\/SWXkzrcr2osWi5gG30rvWHo=' 'sha256-\/RjbedBQLIFCuvmQMF8SoKFxKnlqZ5KhkPT3IrJDW44=' 'report-sample'; script-src-elem 'self' 'nonce-JW4a1KHC4cszaHEPnkirs-F6z7P6D9FEqG_pR24_N3XtJF3gQEkdaA' https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/cdn.typo3.com\/ https:\/\/*.usercentrics.eu https:\/\/*.googletagmanager.com https:\/\/app.mailjet.com https:\/\/open.spotify.com\/embed https:\/\/*.embed-cdn.spotifycdn.com https:\/\/maps.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com blob: 'sha256-X1DZ06RTPik7itxvM8C+isx9eTyVr\/S32SPzKSvPwC8=' 'sha256-7nyb6QYODe8q9C2KMh5zaMIAolsyBx8bbjhwwClxvnc=' 'report-sample'; font-src 'self' https:\/\/*.typo3.com https:\/\/*.typo3.org https:\/\/*.typo3.community https:\/\/fonts.gstatic.com data: moz-extension:; connect-src 'self' https:\/\/*.typo3.com https:\/\/*.typo3.org https:\/\/*.typo3.community https:\/\/*.usercentrics.eu https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/*.google-analytics.com https:\/\/maps.googleapis.com https:\/\/*.gstatic.com data: blob:; report-uri https:\/\/typo3.org\/@http-reporting?csp=report&requestTime=1778720561506546&requestHash=4762ae4c17e2003c9f48d17d9fef7ae0e1a20937","count":1},{"content-security-policy-report-only":" script-src 'unsafe-eval' 'unsafe-inline' https: 'nonce-5ee1687808df0d118ab5e4454bdd9c40' 'strict-dynamic'; report-uri \/api\/fb\/cspLogs; script-src-attr 'sha256-bwK6T5wZVTANitXbrTsel7kl\/PyCjCd\/Dq5Qoz3imjM=' 'unsafe-hashes';","count":1},{"content-security-policy-report-only":" script-src 'self'; report-uri \/record-browser-reports; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' https: data: blob:; media-src 'self' https: blob:; connect-src 'self' https: wss:; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.quechoisir.org *.qccdn.fr *.cloudflare.com *.tagcommander.com *.commander1.com *.trustcommander.net *.aticdn.net *.xiti.com *.bing.com *.google.com *.youtube.com *.youtu.be www.youtube-nocookie.com *.facebook.com *.kameleoon.io *.kameleoon.eu *.xiti.com *.aticdn.net *.facebook.net flo.uri.sh public.flourish.studio wss:\/\/dl1.quechoisir.org  wss:\/\/dl2.quechoisir.org wss:\/\/dl.quechoisir.org upgrade-insecure-requests; report-uri https:\/\/www.quechoisir.org\/csp-violation-report-endpoint\/; report-to csp-endpoint>","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.sugarondemand.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.avery.com https:\/\/*.osano.com https:\/\/analytics.tiktok.com https:\/\/www.google-analytics.com https:\/\/s.pinimg.com https:\/\/*.bazaarvoice.com https:\/\/*.dynamicyield.com https:\/\/js.squarecdn.com https:\/\/*.usablenet.com https:\/\/www.googletagmanager.com https:\/\/*.livechatinc.com https:\/\/unpkg.com\/web-vitals\/dist\/web-vitals.iife.js https:\/\/*.google.com https:\/\/*.debugbear.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/picturefill\/3.0.3\/picturefill.min.js https:\/\/cdn.jsdelivr.net\/npm\/jquery@3.5.1\/dist\/jquery.slim.min.js https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@4.1.3\/dist\/js\/bootstrap.min.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/tether\/1.4.0\/js\/tether.min.js https:\/\/*.salesloft.com https:\/\/*.bc0a.com https:\/\/*.attn.tv https:\/\/*.lrkt-in.com https:\/\/connect.facebook.net https:\/\/www.gstatic.com https:\/\/ct.pinterest.com https:\/\/*.curalate.com https:\/\/www.redditstatic.com https:\/\/*.doubleclick.net https:\/\/*.bing.com https:\/\/cdn.dashhudson.com\/web\/js\/board-carousel-embed.js https:\/\/cdn.jsdelivr.net\/npm\/swiper@11\/ https:\/\/*.cloudinary.com https:\/\/ajax.googleapis.com\/ajax\/libs\/jquery\/3.2.1\/jquery.min.js https:\/\/cdn.jsdelivr.net\/npm\/popper.js@1.16.1\/dist\/umd\/popper.min.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/lightbox2\/2.11.5\/js\/lightbox-plus-jquery.min.js 'wasm-unsafe-eval' https:\/\/*.glance.net https:\/\/*.glancecdn.net https:\/\/*.amazon-adsystem.com https:\/\/container.pepperjam.com https:\/\/cdn.lgrckt-in.com\/logger-1.min.js *.udev1a.net *.usablenet.com https:\/\/cdn.jsdelivr.net\/npm\/beerslider@1.0.3\/dist\/BeerSlider.js; style-src 'self' 'unsafe-inline' https:\/\/*.avery.com https:\/\/fonts.googleapis.com https:\/\/*.dynamicyield.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/font-awesome\/4.7.0\/css\/font-awesome.min.css https:\/\/*.typekit.net https:\/\/cdn.jsdelivr.net\/npm\/swiper@11\/swiper-bundle.min.css https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/lightbox2\/2.11.5\/css\/lightbox.min.css https:\/\/*.glance.net https:\/\/*.glancecdn.net https:\/\/avery-static-tailwind.s3.us-east-1.amazonaws.com\/ *.udev1a.net *.usablenet.com https:\/\/cdn.jsdelivr.net\/npm\/beerslider@1.0.3\/dist\/BeerSlider.css https:\/\/googletagmanager.com https:\/\/tagmanager.google.com; img-src 'self' data: https:\/\/*.avery.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.afterpay.com https:\/\/*.bazaarvoice.com https:\/\/*.doubleclick.net https:\/\/*.usablenet.com https:\/\/www.facebook.com https:\/\/*.dynamicyield.com https:\/\/*.livechatinc.com https:\/\/s3.amazonaws.com https:\/\/*.gstatic.com https:\/\/*.sugarondemand.com https:\/\/i.ytimg.com https:\/\/*.reddit.com https:\/\/*.bing.com https:\/\/*.cloudfront.net https:\/\/likeshop.me https:\/\/images.dashsocial.com https:\/\/images.dashhudson.com https:\/\/*.google.com https:\/\/*.glance.net https:\/\/*.glancecdn.net https:\/\/tvspix.com https:\/\/arttrk.com https:\/\/*.attentivemobile.com; font-src 'self' data: https:\/\/*.avery.com https:\/\/fonts.gstatic.com https:\/\/*.dynamicyield.com https:\/\/cdnjs.cloudflare.com https:\/\/*.squarecdn.com https:\/\/*.bazaarvoice.com https:\/\/*.typekit.net https:\/\/likeshop.me https:\/\/*.glance.net https:\/\/*.glancecdn.net; connect-src 'self' https:\/\/*.avery.com https:\/\/www.googletagmanager.com https:\/\/*.dynamicyield.com https:\/\/*.doubleclick.net https:\/\/dy-api.com https:\/\/www.google-analytics.com https:\/\/*.osano.com https:\/\/ct.pinterest.com https:\/\/analytics.tiktok.com https:\/\/*.bazaarvoice.com https:\/\/*.salesloft.com https:\/\/*.lrkt-in.com https:\/\/*.bc0a.com https:\/\/events.attentivemobile.com https:\/\/*.attn.tv https:\/\/*.afterpay.com https:\/\/server-side-tagging-ykzfrilmoq-uc.a.run.app https:\/\/*.amplitude.com https:\/\/*.google.com https:\/\/*.salsify.com https:\/\/salsify-ecdn.com https:\/\/*.curalate.com https:\/\/ls.chatid.com\/events https:\/\/*.reddit.com https:\/\/www.redditstatic.com https:\/\/*.debugbear.com https:\/\/*.bing.com https:\/\/www.googleadservices.com https:\/\/api.likeshop.me\/gallery-more https:\/\/www.facebook.com *.livechatinc.com wss:\/\/*.glance.net https:\/\/*.glance.net https:\/\/*.glancecdn.net https:\/\/direct-collect.dy-api.com https:\/\/*.amazon-adsystem.com https:\/\/ara.paa-reporting-advertising.amazon https:\/\/analytics-ipv6.tiktokw.us https:\/\/google.com https:\/\/r.lgrckt-in.com\/i https:\/\/*.braintreegateway.com https:\/\/*.braintree-api.com https:\/\/static.dy-api.com; frame-src 'self' https:\/\/*.avery.com https:\/\/ct.pinterest.com https:\/\/*.google.com https:\/\/*.dynamicyield.com https:\/\/*.doubleclick.net https:\/\/*.livechatinc.com https:\/\/*.afterpay.com https:\/\/*.attn.tv https:\/\/www.facebook.com https:\/\/salsify-ecdn.com https:\/\/www.youtube.com https:\/\/server-side-tagging-ykzfrilmoq-uc.a.run.app https:\/\/www.googletagmanager.com https:\/\/*.amazon-adsystem.com https:\/\/*.cloudinary.com https:\/\/*.sugarondemand.com https:\/\/*.glance.net https:\/\/*.braintreegateway.com; frame-ancestors 'self' https:\/\/*.avery.com https:\/\/*.google.com; worker-src 'self' blob:; object-src 'none'; report-uri \/_api\/csp-report; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src  'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.galvia.ai https:\/\/helper.portsmouth.galvia.ai www-embed-player.js *.cookiebot.com *.cookiefirst.com *.google-analytics.com www.instagram.com *.facebook.net *.tiktok.com *.ads-twitter.com *.twitter.com lf16-tiktok-web.ttwstatic.com cdn.unibuddy.co *.googletagmanager.com bat.bing.com w.soundcloud.com s.yimg.com sc-static.net snap.licdn.com www.googleadservices.com *.doubleclick.net siteimproveanalytics.com www.youtube.com *.hotjar.com *.linkedin.com service.force.com *.salesforceliveagent.com universityofportsmouth.my.salesforce.com *.formstack.com *.googleapis.com cdn.jsdelivr.net www.google.ie sfapi.formstack.io az416426.vo.msecnd.net discoveruni.gov.uk *.discoveruni.gov.uk *.matterport.com webteamuop.github.io *.port.ac.uk *.secure.force.com portsmouthuni.h5p.com *.go-mpulse.net js-agent.newrelic.com *.algolia.net *.jquery.com bot.ivy.ai bam.nr-data.net *.force.com *.clarity.ms dev.visualwebsiteoptimizer.com artsthread.com tr.snapchat.com tags.srv.stackadapt.com https:\/\/rv-vepple-embed.web.app https:\/\/builder.lift.acquia.com universityofportsmouth.my.salesforce-sites.com vimeo.com https:\/\/player.vimeo.com universityofportsmouth--chatbotdv2.sandbox.my.salesforce.com universityofportsmouth--chatbotdv2.sandbox.my.salesforce-sites.com universityofportsmouth--chatbotdv2.sandbox.lightning.force.com universityofportsmouth.tfaforms.net universityofportsmouth--qa.sandbox.my.site.com https:\/\/*.sandbox.lightning.force.com https:\/\/*.sandbox.my.salesforce.com universityofportsmouth.my.site.com universityofportsmouth.my.salesforce-scrt.com  https:\/\/d8ejoa1fys2rk.cloudfront.net https:\/\/js-agent.newrelic.com; object-src 'self' https:\/\/discoveruni.gov.uk; style-src 'self' 'unsafe-inline'  https:\/\/helper.portsmouth.galvia.ai modernizr.min.js *.googleapis.com platform.twitter.com lf16-tiktok-web.ttwstatic.com  *.force.com static.formstack.com formsprod.azureedge.net sfapi.formstack.io port.formstack.com *.cookiefirst.com webteamuop.github.io *.port.ac.uk *.googletagmanager.com artsthread.com tags.srv.stackadapt.com *.visualwebsiteoptimizer.com app.vwo.com cdn.pushcrew.com s3.amazonaws.com universityofportsmouth.my.salesforce-sites.com embed.tawk.to *.tawk.to cdn.jsdelivr.net builder.lift.acquia.com *.formstack.io universityofportsmouth--chatbotdv2.sandbox.my.salesforce-sites.com universityofportsmouth.my.salesforce.com https:\/\/universityofportsmouth--qa.sandbox.my.site.com universityofportsmouth.tfaforms.net universityofportsmouth.my.site.com https:\/\/cdnjs.cloudflare.com; img-src  'self' data: *.google-analytics.com i.vimeocdn.com i.ytimg.com *.googletagmanager.com jadserve.postrelease.com bat.bing.com sp.analytics.yahoo.com *.siteimproveanalytics.io *.facebook.com *.facebook.net *.twitter.com t.co *.doubleclick.net googleads.g.doubleclick.net *.linkedin.com uks-prd-xp2-cd.azurewebsites.net ormsprod.azureedge.net port.formstack.com maps.gstatic.com *.googleapis.com lh3.ggpht.com www.google.ie *.cookiefirst.com formsprod.azureedge.net discoveruni.gov.uk *.force.com *.universityofportsmouth.my.salesforce.com *.salesforce.com *.port.ac.uk bot.ivy.ai *.clarity.ms *.bing.com dev.visualwebsiteoptimizer.com *.visualwebsiteoptimizer.com cdn.pushcrew.com chart.googleapis.com wingify-assets.s3.amazonaws.com app.vwo.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google eat2mpk5ajg.exactdn.com *.eat2mpk5ajg.exactdn.com blob: https:\/\/egopbtuk8gz.exactdn.com *.egopbtuk8gz.exactdn.com *.frontdoorcdn.formstack.io https:\/\/frontdoorcdn.formstack.io images.artsthread.com *.google.co.uk https:\/\/cdn.galvia.ai\/portsmouth\/nellie-helper.js https:\/\/helper.portsmouth.galvia.ai https:\/\/*.ivy-cdn.com; media-src 'self'; frame-src 'self'  https:\/\/www.googletagmanager.com https:\/\/helper.portsmouth.galvia.ai player.vimeo.com www.youtube.com *.linkedin.com portsmouthuni.h5p.com w.soundcloud.com viewer.joomag.com *.cookiebot.com www.instagram.com *.facebook.com *.tiktok.com *.twitter.com embed.acast.com unibuddy.co popcard.unibuddy.co tr.snapchat.com *.doubleclick.net view.genial.ly service.force.com *.hotjar.com *.matterport.com webteamuop.github.io universityofportsmouth.force.com *.port.ac.uk *.secure.force.com open.spotify.com *.google.com port.cloud.panopto.eu bot.ivy.ai app.nearpod.com *.visualwebsiteoptimizer.com universityofportsmouth.my.salesforce-sites.com *.tawk.to https:\/\/cdn.galvia.ai\/portsmouth\/nellie-helper.js universityofportsmouth.my.salesforce.com https:\/\/*.sandbox.lightning.force.com https:\/\/*.sandbox.my.salesforce.com https:\/\/universityofportsmouth--qa.sandbox.my.site.com https:\/\/universityofportsmouth--qa.sandbox.my.site.com https:\/\/universityofportsmouth.my.site.com https:\/\/outlook.office365.com https:\/\/discoveruni.gov.uk; frame-ancestors 'self' portsmouthuni.h5p.com; child-src 'self' blob:; font-src 'self' data: fonts.gstatic.com use.typekit.net *.modernizr.min.js  static.formstack.com fonts.googleapis.com bot.ivy.ai cdn.scite.ai embed.tawk.to *.tawk.to res-1.cdn.office.net https:\/\/cdnjs.cloudflare.com; connect-src  'self' *.google-analytics.com www.googletagmanager.com marketing.port.ac.uk sentry10.bynder.cloud www.ucas.com *.tiktok.com tr.snapchat.com *.doubleclick.net s.yimg.com *.linkedin.com *.secure.force.com sfapi.formstack.io *.googleapis.com *.algolia.net *.cookiefirst.com ohpuem12fk-3.algolianet.com *.facebook.com vc.hotjar.io dc.services.visualstudio.com prod-discoveruni.azure-api.net cdn.linkedin.oribi.io webteamuop.github.io *.algolianet.com *.go-mpulse.net bam.nr-data.net *.akstat.io *.akamaihd.net *.hotjar.com plugin.ucads.ucweb.com *.clarity.ms tags.srv.stackadapt.com *.visualwebsiteoptimizer.com app.vwo.com *.port.ac.uk vimeo.com universityofportsmouth.my.salesforce-sites.com artsthread.com eu.perz-api.cloudservices.acquia.io *.google.com va.tawk.to embed.tawk.to *.tawk.to wss:\/\/*.tawk.to insights.algolia.io virtual.port.ac.uk *.virtual.port.ac.uk *.analytics.pangle-ads.com https:\/\/api.portsmouth.rvhosted.com eat2mpk5ajg.exactdn.com *.eat2mpk5ajg.exactdn.com https:\/\/google.com blob: https:\/\/analytics.pangle-ads.com https:\/\/egopbtuk8gz.exactdn.com *.egopbtuk8gz.exactdn.com universityofportsmouth--chatbotdv2.sandbox.my.salesforce-sites.com https:\/\/*.sandbox.lightning.force.com https:\/\/*.sandbox.my.salesforce.com https:\/\/universityofportsmouth--qa.sandbox.my.salesforce-scrt.com https:\/\/universityofportsmouth.my.site.com https:\/\/*.my.site.com https:\/\/cdn.jsdelivr.net https:\/\/universityofportsmouth.my.salesforce-scrt.com https:\/\/fonts.gstatic.com https:\/\/universityofportsmouth.my.salesforce.com https:\/\/d.la11-core1.sfdc-cehfhs.salesforceliveagent.com https:\/\/universityofportsmouth.tfaforms.net *.jquery.com code.jquery.com https:\/\/bot.ivy.ai https:\/\/cdn.galvia.ai\/portsmouth\/portia-helper.js","count":1},{"content-security-policy-report-only":" font-src *.force.com https:\/\/content.instrumentation.getconga.com https:\/\/optimize.google.com 'self' https:\/\/stats.g.doubleclick.net https:\/\/opengraph.io https:\/\/xcelnew--xeteam3.sandbox.my.site.com https:\/\/www.gstatic.com http:\/\/api.ipstack.com https:\/\/www.google.ca https:\/\/xcelnew.my.site.com https:\/\/composer.congamerge.com https:\/\/idsync.rlcdn.com https:\/\/assets.adobedtm.com https:\/\/www.google.com *.medallia.com https:\/\/www.googleoptimize.com https:\/\/analytics.google.com https:\/\/fonts.gstatic.com\/ https:\/\/events.api.boomtrain.com http:\/\/adobedtm.com blob: https:\/\/accounts.google.com https:\/\/20844768p.rfihub.com https:\/\/insight.adsrvr.org https:\/\/region1.analytics.google.com https:\/\/20844767p.rfihub.com https:\/\/20844766p.rfihub.com *.kargo.com https:\/\/20844765p.rfihub.com https:\/\/data.instrumentation.getconga.com https:\/\/ssl.gstatic.com http:\/\/doubleclick.net https:\/\/xcelnew--c.vf.force.com https:\/\/xcelnew.my.salesforce-scrt.com https:\/\/pdx-col.eum-appdynamics.com https:\/\/people.api.boomtrain.com https:\/\/fonts.gstatic.com https:\/\/cdn.appdynamics.com *.kampyle.com https:\/\/twin-iq.kickfire.com http:\/\/kickfire.com https:\/\/fonts.googleapis.com https:\/\/ad.doubleclick.net https:\/\/beacon.lynx.cognitivlabs.com https:\/\/tagmanager.google.com https:\/\/tags.tiqcdn.com https:\/\/a.rfihub.com https:\/\/td.doubleclick.net https:\/\/www.google.co.in https:\/\/xcelnew--xeteam7.sandbox.my.salesforce.com https:\/\/www.google.com.ph https:\/\/www.googletagmanager.com storage.cloud.kargo.com https:\/\/www.google-analytics.com *.salesforce.com data: https:\/\/*.my.site.com; report-to sfdc-csp-ep; report-uri https:\/\/xcelnew.lightning.force.com\/_\/ContentDomainCSPNoAuth?tenantId=00D1U0000011ttV&networkId=0DM2R000000CbkT&type=communities","count":1},{"content-security-policy-report-only":" child-src 'self' blob:; connect-src 'self' *.adentifi.com *.adobeaemcloud.com *.agkn.com *.amazon-adsystem.com *.analytics.google.com *.awsapprunner.com *.awswaf.com *.azurefd.net *.bing.com *.contentsquare.net *.doubleclick.net *.facebook.com *.facebook.net *.google-analytics.com *.google.com *.lexus.com *.linkedin.com *.omtrdc.net *.rlcdn.com *.scene7.com *.teads.tv *.toyota.com *.turn.com *.undertone.com *.yimg.com adserv.mobi alb.reddit.com ara.paa-reporting-advertising.amazon at.alicdn.com bat.bing-int.com bat.bing.net browser-intake-datadoghq.com cm.everesttech.net conv-pix.adstk.io conversions-config.reddit.com ct.pinterest.com data: doh.cq0.co dpm.demdex.net dsp.tk0x1.com evnt.byspotify.com fonts.gstatic.com gdpr.loopme.com i18n.contentsquare.com insight.adsrvr.org kcc0.com lciapi.ninthdecimal.com login.microsoftonline.com maps.googleapis.com maps.gstatic.com match.adsrvr.org pagead2.googlesyndication.com peornia-comargers.icu pixel-config.reddit.com pixel.logtrackback.com pixel.quantserve.com pixels.spotify.com pt.ispot.tv px.gumgum.com rum.hlx.page s-a.innovid.com s.pinimg.com snap.licdn.com sp.analytics.yahoo.com tagging-staging.shiftdigitalapps.io tagging.shiftdigitalapps.io tags.srv.stackadapt.com tags.w55c.net tk0x1.com toyota.demdex.net tr.snapchat.com tr6.snapchat.com www.googleadservices.com www.googletagmanager.com www.pinterest.com www.redditstatic.com www.youtube.com zen-dco.innovid.com; default-src 'self' *.lexus.com login.microsoftonline.com; font-src 'self' *.lexus.com *.linkedin.com *.toyota.com assets.alicdn.com at.alicdn.com data: fonts.googleapis.com fonts.gstatic.com login.microsoftonline.com snap.licdn.com; frame-src 'self' *.amazon-adsystem.com *.bing.com *.contentsquare.net *.doubleclick.net *.ep-mimecast.snapchat.com *.facebook.com *.flashtalking.com *.google.com *.lexus.com *.teads.tv ct.pinterest.com insight.adsrvr.org lciapi.ninthdecimal.com login.microsoftonline.com m.youtube.com match.adsrvr.org rtr.innovid.com toyota.demdex.net tr.snapchat.com www.googletagmanager.com www.youtube-nocookie.com www.youtube.com; img-src 'self' *.adentifi.com *.adobeaemcloud.com *.adstk.io *.agkn.com *.amazon-adsystem.com *.azurefd.net *.bing.com *.cognitivlabs.com *.contentsquare.net *.doubleclick.net *.facebook.com *.facebook.net *.flashtalking.com *.google.com *.inventoryrsc.com *.lexus.com *.linkedin.com *.rlcdn.com *.scene7.com *.teads.tv *.toyota.com *.tribalfusion.com *.turn.com *.tvsquared.com *.undertone.com *.yimg.com abs.twimg.com accretivemedia.go2cloud.org ade.googlesyndication.com adserv.mobi ag.innovid.com alb.reddit.com analytics.twitter.com bat.bing.net cm.everesttech.net ct.pinterest.com data: dpm.demdex.net dsp.tk0x1.com fonts.gstatic.com hb.yahoo.net i.ytimg.com images.inventoryservices.lexusdealerdigital.com img.alicdn.com insight.adsrvr.org jadserve.postrelease.com kcc0.com lciapi.ninthdecimal.com lexus.assets.shiftdigitalinventory.com lexus.com log.pinterest.com login.microsoftonline.com maps.googleapis.com maps.gstatic.com match.adsrvr.org pagead2.googlesyndication.com pbs.twimg.com peornia-comargers.icu pippio.com pixel-ssn.quantserve.com pixel.logtrackback.com pixel.quantserve.com pr-bh.ybp.yahoo.com pt.ispot.tv px.gumgum.com rtr.innovid.com s-a.innovid.com snap.licdn.com sp.analytics.yahoo.com tagging-staging.shiftdigitalapps.io tagging.shiftdigitalapps.io tags.srv.stackadapt.com tags.w55c.net tk0x1.com trkn.us twittercounter.com ups.analytics.yahoo.com www.google-analytics.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.pinterest.com www.youtube.com yt3.ggpht.com zen-dco.innovid.com; media-src 'self' *.doubleclick.net *.lexus.com dts.innovid.com m.youtube.com pdst.fm s-static.innovid.com www.googleadservices.com www.youtube-nocookie.com www.youtube.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.agkn.com *.amazon-adsystem.com *.awswaf.com *.azureedge.net *.azurefd.net *.bing.com *.contentsquare.com *.contentsquare.net *.doubleclick.net *.facebook.net *.google.com *.linkedin.com *.rlcdn.com *.teads.tv *.toyota.com *.tribalfusion.com *.turn.com *.tvsquared.com *.yimg.com accretivemedia.go2cloud.org adserv.mobi assets.adobedtm.com bat.bing-int.com c.gumgum.com cdn.pdst.fm ct.pinterest.com dts.innovid.com g.alicdn.com i.loopme.me js.adsrvr.org js.adstk.io login.microsoftonline.com maps.googleapis.com pagead2.googlesyndication.com peornia-comargers.icu pixel.byspotify.com pixel.mathtag.com rules.quantcount.com rum.hlx.page s-static.innovid.com s.pinimg.com sc-static.net scripts.inmarkethub.com secure.quantserve.com snap.licdn.com static.ads-twitter.com tagging-staging.shiftdigitalapps.io tagging.shiftdigitalapps.io tags.srv.stackadapt.com tr.snapchat.com www.google-analytics.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.redditstatic.com www.youtube-nocookie.com www.youtube.com; style-src 'self' 'unsafe-inline' *.lexus.com *.toyota.com fonts.googleapis.com tags.srv.stackadapt.com www.youtube.com; worker-src 'self' 'unsafe-inline' *.lexus.com blob: data:;upgrade-insecure-requests; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubd963f598149f172b4b36c022bf30d5d5&dd-evp-origin=content-security-policy&ddsource=csp-report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-3ZzqShRw8rU7Hb94JyRomA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ISRwKhw0s0LgjsK7AHfr' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'report-sample';report-uri https:\/\/csp.withgoogle.com\/csp\/scfe","count":1},{"content-security-policy-report-only":" base-uri 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'nonce-FN8+XkR\/Z3hCoWI75BREiQ=='","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/cdn.cookielaw.org https:\/\/*.adobedtm.com https:\/\/googleads.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https:\/\/*.stackadapt.com https:\/\/*.facebook.net https:\/\/*.googletagmanager.com https:\/\/*.licdn.com https:\/\/siteimproveanalytics.com https:\/\/bat.bing.com https:\/\/go.tetrapak.com https:\/\/go-cn.tetrapak.com https:\/\/pi.pardot.com https:\/\/maps.googleapis.com https:\/\/www.youtube.com https:\/\/api.map.baidu.com https:\/\/*.srv.stackadapt.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/72177.global.siteimproveanalytics.io https:\/\/s7g10.scene7.com https:\/\/smetrics.tetrapak.com; media-src https:\/\/s7g10.scene7.com; frame-src 'self' https:\/\/*.tetrapak.com https:\/\/tetrapak.demdex.net https:\/\/s7g10.scene7.com https:\/\/*.publit.com https:\/\/www.youtube.com; img-src https:\/\/*.bdimg.com https:\/\/googletagmanager.com https:\/\/px.ads.linkedin.com https:\/\/bat.bing.com https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/www.googletagmanager.com https:\/\/miao.baidu.com https:\/\/tags.srv.stackadapt.com https:\/\/bat.bing.com https:\/\/px.ads.linkedin.com https:\/\/www.google-analytics.com https:\/\/translate.googleapis.com https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/smetrics.tetrapak.com; base-uri 'self';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Fz8dJC8Q1VAZxW6u9vJeRw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-CDtOAB1u9OExC0rBR8CtyA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; frame-src 'self' www.youtube.com challenges.cloudflare.com td.doubleclick.net outlook.office365.com fast.wistia.net fast.wistia.com; worker-src 'self' blob:; child-src 'self' blob: www.youtube.com; script-src 'self' https: 'strict-dynamic' 'unsafe-inline' wasm-eval fast.wistia.net fast.wistia.com 'nonce-kkWdF4vezu5M0ydYbhRRpQ=='; style-src 'self' https: 'unsafe-inline'; connect-src 'self' https: wss: https:\/\/browser-intake-datadoghq.com; base-uri 'none'; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub43c47d1757c13d9f6887ac3594ead3ae&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Aharvest-profit%2Cenv%3Aprod","count":1},{"content-security-policy-report-only":" default-src 'self' media1.jpc.de www.jpc.de; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; script-src 'self' media1.jpc.de www.jpc.de 'nonce-RH3Yvfouy3N7pgCBAAK6\/T7bQzwBhhjFTzInbZQUsXwldsL4A7P8bmCvKni1sOWaqSzMj\/V00dJ7UXvHt9O1ng==' 'report-sample'; style-src 'self' media1.jpc.de www.jpc.de 'report-sample' 'unsafe-inline'; font-src 'self' media1.jpc.de www.jpc.de; img-src 'self' media1.jpc.de www.jpc.de data:; connect-src 'self' media1.jpc.de www.jpc.de https:\/\/use.jpc.de; report-uri \/csp\/; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' https: http: 'nonce-MTNjZjU0YTItOTY0My00MGY3LWFjZjItYThjZGUzMDRjZDQw' 'strict-dynamic'; script-src-elem 'unsafe-inline' https:\/\/yamap.com https:\/\/www.googletagmanager.com https:\/\/js.stripe.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https: blob: data:; object-src 'none'; form-action 'self'; connect-src 'self' https:\/\/*; report-uri https:\/\/zk6bsphzgvpliawi65sbwjdx6m0xhmnc.lambda-url.ap-northeast-1.on.aws\/; frame-src https:\/\/docs.google.com\/forms;","count":1},{"content-security-policy-report-only":" default-src 'self' *.commerzbank.de; script-src 'self' *.commerzbank.de 'unsafe-inline' 'unsafe-eval' https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/googleads.g.doubleclick.net extend.vimeocdn.com www.facebook.com connect.facebook.net; style-src 'self' *.commerzbank.de 'unsafe-inline' 'unsafe-eval' https:\/\/googletagmanager.com https:\/\/tagmanager.google.com; frame-src 'self' *.commerzbank.de blob: https:\/\/www.googletagmanager.com https:\/\/*.fls.doubleclick.net player.vimeo.com; worker-src 'self' *.commerzbank.de blob:; connect-src 'self' *.commerzbank.de https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/ad.doubleclick.net https:\/\/*.g.doubleclick.net https:\/\/*.google.de https:\/\/*.google.bg https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com vimeo.com www.facebook.com connect.facebook.net https:\/\/bf71104dpj.bf.dynatrace.com\/bf; font-src 'self' *.commerzbank.de data:; img-src 'self' *.commerzbank.de https: data: https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/*.google-analytics.com https:\/\/ad.doubleclick.net https:\/\/*.g.doubleclick.net https:\/\/google.com https:\/\/*.google.com https:\/\/*.google.de https:\/\/*.google.bg https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/ade.googlesyndication.com https:\/\/adservice.google.com i.vimeocdn.com www.facebook.com connect.facebook.net; media-src 'self' *.commerzbank.de data:; base-uri 'self'; report-uri https:\/\/tp.commerzbank.de\/csp;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'nonce-V4JUUIz9+sSbgSzlU9tTzQ==' 'strict-dynamic' https: 'unsafe-inline'; style-src 'self' 'unsafe-inline' blob: https:\/\/app.getbeamer.com https:\/\/assets.openlearning.com https:\/\/*.ssl.cf4.rackcdn.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/*.openlearning.com https:\/\/oluploadslive.blob.core.windows.net https:\/\/front-us-rest.ably.io https:\/\/api.amplitude.com https:\/\/api.hubapi.com https:\/\/api.hubspot.com https:\/\/api.ipify.org https:\/\/backend.getbeamer.com https:\/\/chat.frontapp.com https:\/\/www.facebook.com https:\/\/find.userpilot.io https:\/\/forms.hubspot.com https:\/\/iframe.ly https:\/\/in.hotjar.com https:\/\/learningtime.servicebus.windows.net https:\/\/pythonutilityfunctions.azurewebsites.net https:\/\/python-util-funcs-c2dzg6bdbrdbd0g6.australiaeast-01.azurewebsites.net https:\/\/sentry.io https:\/\/stats.g.doubleclick.net https:\/\/us-west-1-chat-server.frontapp.com https:\/\/vc.hotjar.io https:\/\/www.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/static.userguiding.com https:\/\/metrics.userguiding.com wss:\/\/analytex.userpilot.io wss:\/\/front-us-realtime.ably.io wss:\/\/*.openlearning.com; font-src 'self' data: https:\/\/*.ssl.cf4.rackcdn.com https:\/\/assets.openlearning.com https:\/\/cdnjs.cloudflare.com https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com; frame-src 'self' https:; img-src 'self' data: blob: https:; manifest-src 'self' https:\/\/*.ssl.cf4.rackcdn.com; media-src 'self' https:\/\/dev-uploads.openlearning.com https:\/\/uploads.openlearning.com https:\/\/qencode.blob.core.windows.net; worker-src 'none'; child-src blob:;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=MXtAF2xyFSWKrEXTMxWuRNSqsDLPy0gV0n5mGJ4LwdE-1778726788.9914212-1.0.1.1-cUz4NDkET3eIq0hK4YpnpFSgcB6IEFXmppCmM_QhWwZaLgFgHkOBa.4X_etOGGnqweBQhQoPbwY15RtLXG5VD3ko3g2RCVVCRSygTn_R1qVaDklM_7PGXXkdjHMPY6HKhVC0wQ6brqS5lToP0HeUXQfyX4xjrdRArgY9TaU5q0DkJabAnVrdWyrVOcEsw1nB; report-to cf-fcydvknyrnubelcy","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.ie *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.ie *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.ie *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B%3F710a%3Ac%3F05(rbpv27.%3D1my%7D-19e2469ee92-0x704#pd","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/stylecaster.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com *.google.com *.youtube.com maps.googleapis.com *.seeedstudio.com static-cdn.seeedstudio.com media-cdn.seeedstudio.com relstatic-cdn.seeedstudio.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com *.twitter.com *.google.com *.youtube.com maps.googleapis.com googleads.g.doubleclick.net *.seeedstudio.com stats.g.doubleclick.net *.facebook.com disqus.com *.disqus.com *.taboola.com seeedstudio.us11.list-manage.com static-cdn.seeedstudio.com relstatic-cdn.seeedstudio.com *.sandbox.braintree-api.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.meetanshi.com googleads.g.doubleclick.net *.seeedstudio.com stats.g.doubleclick.net *.facebook.com disqus.com *.disqus.com *.taboola.com https:\/\/bid.g.doubleclick.net seeedstudio.us11.list-manage.com *.sandbox.braintree-api.com *.paypal.com *.certcapture.com; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.google.com\/ *.meetanshi.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com *.twitter.com *.google.com maps.googleapis.com *.facebook.com disqus.com *.disqus.com https:\/\/bid.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net *.taboola.com seeedstudio.us11.list-manage.com *.seeedstudio.com static-cdn.seeedstudio.com relstatic-cdn.seeedstudio.com *.sandbox.braintree-api.com *.weltpixel.com *.certcapture.com *.oscato.com; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/www.magezon.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.meetanshi.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.seeedstudio.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.google.com maps.googleapis.com *.google.com.tw bat.bing.com *.facebook.com *.linkedin.com disqus.com *.disqus.com *.amazonaws.com *.taboola.com *.scorecardresearch.com *.viglink.com p.adsymptotic.com static-cdn.seeedstudio.com media-cdn.seeedstudio.com relstatic-cdn.seeedstudio.com static.cloudflareinsights.com *.gstatic.com *.certcapture.com https:\/\/hnd.stats.paypal.com *.oscato.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ chimpstatic.com downloads.mailchimp.com *.list-manage.com *.avada.io *.google.com\/ *.meetanshi.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.google.com maps.googleapis.com bazaar-upgrade.seeed.local bat.bing.com connect.facebook.net snap.licdn.com stats.g.doubleclick.net disqus.com *.disqus.com *.disquscdn.com seeedsite.disqus.com *.taboola.com *.scorecardresearch.com *.seeedstudio.com static-cdn.seeedstudio.com media-cdn.seeedstudio.com relstatic-cdn.seeedstudio.com retcode.alicdn.com *.sandbox.braintree-api.com static.cloudflareinsights.com https:\/\/www.googletagmanager.com tagmanager.google.com *.certcapture.com https:\/\/assets.optile.net *.oscato.com utt.impactcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com downloads.mailchimp.com *.fontawesome.com unsafe-inline *.seeedstudio.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.google.com *.youtube.com maps.googleapis.com static-cdn.seeedstudio.com media-cdn.seeedstudio.com relstatic-cdn.seeedstudio.com nwzimg.wezhan.net *.sandbox.braintree-api.com *.paypal.com tagmanager.google.com *.certcapture.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/get.geojs.io *.avada.io *.meetanshi.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.seeedstudio.com *.twitter.com *.twimg.com *.google.com *.youtube.com maps.googleapis.com googleads.g.doubleclick.net stats.g.doubleclick.net *.facebook.com disqus.com *.disqus.com https:\/\/bid.g.doubleclick.net *.taboola.com static-cdn.seeedstudio.com media-cdn.seeedstudio.com relstatic-cdn.seeedstudio.com retcode.alicdn.com arms-retcode.aliyuncs.com\/ *.sandbox.braintree-api.com static.cloudflareinsights.com mc.yandex.ru https:\/\/www.google-analytics.com *.certcapture.com *.oscato.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob:  https:\/\/widget.trustpilot.com https:\/\/access.worldpay.com https:\/\/accounts.google.com https:\/\/api.livechatinc.com https:\/\/appleid.cdn-apple.com https:\/\/cdn.livechatinc.com https:\/\/connect.facebook.net https:\/\/content.legendtrading.com https:\/\/g.alicdn.com https:\/\/gcaptcha4.geetest.com https:\/\/gcaptcha4.geevisit.com https:\/\/gcaptcha4.gsensebot.com https:\/\/pixel.betweenx.com https:\/\/ramp.osl-pay.com https:\/\/scripts.clarity.ms https:\/\/*.google-analytics.com https:\/\/static.ads-twitter.com https:\/\/static.bitunix.com https:\/\/static.bitunix.site https:\/\/static.bitunix.top https:\/\/static.cloudflareinsights.com https:\/\/static.geetest.com https:\/\/static.geevisit.com https:\/\/static.zdassets.com https:\/\/unpkg.com https:\/\/www.clarity.ms https:\/\/www.googletagmanager.com https:\/\/www.redditstatic.com https:\/\/www.youtube.com; style-src 'self' 'unsafe-inline' https:\/\/accounts.google.com https:\/\/fonts.googleapis.com https:\/\/static.bitunix.com https:\/\/static.bitunix.site https:\/\/static.bitunix.top https:\/\/static.geetest.com https:\/\/static.geevisit.com https:\/\/unpkg.com https:\/\/www.gstatic.com; img-src 'self' blob: data: https:\/\/bitunix.zendesk.com *.google.com.sg *.google.co.jp *.google.com.tw *.google.com.vn *.google.at *.google.ch *.google.co.uk *.google.co.in *.google.de https:\/\/img.bitunix.site https:\/\/*.bitunix.com *.google.com https:\/\/alb.reddit.com https:\/\/analytics.twitter.com https:\/\/bitunix-public.oss-ap-northeast-1.aliyuncs.com https:\/\/c.bing.com https:\/\/c.clarity.ms https:\/\/cdn.onramper.com https:\/\/cdn4ads.com https:\/\/cdnjs.cloudflare.com https:\/\/connect.facebook.net https:\/\/fonts.gstatic.com https:\/\/img.bgstatic.com https:\/\/img.meimaobing.top https:\/\/lh7-rt.googleusercontent.com https:\/\/mdn.alipayobjects.com https:\/\/public.multiexc.com https:\/\/secure.gravatar.com https:\/\/ssl.google-analytics.com https:\/\/static.geetest.com https:\/\/static.geevisit.com https:\/\/stats.g.doubleclick.net https:\/\/t.co https:\/\/web.facebook.com https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com; font-src 'self' data: https:\/\/at.alicdn.com https:\/\/cdnjs.cloudflare.com https:\/\/fonts.cdnfonts.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/static.bitunix.com https:\/\/static.bitunix.site https:\/\/static.bitunix.top https:\/\/unpkg.com https:\/\/use.typekit.net; connect-src 'self' blob: data: *.google.de https:\/\/analytics.google.com https:\/\/region1.analytics.google.com https:\/\/*.google-analytics.com https:\/\/*.bitunix.com wss:\/\/*.bitunix.com https:\/\/*.clarity.ms *.google.com https:\/\/analytics.twitter.com https:\/\/*.zouliangbu.com https:\/\/api.legendtrading.com https:\/\/api.livechatinc.com https:\/\/api.sumsub.com https:\/\/bitunix-public.oss-ap-northeast-1.aliyuncs.com https:\/\/bitunix.zendesk.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.livechatinc.com https:\/\/cdnjs.cloudflare.com https:\/\/ekr.zdassets.com https:\/\/firebaseremoteconfig.googleapis.com https:\/\/logs.browser-intake-datadoghq.com https:\/\/m1.openfpcdn.io https:\/\/oss-ap-northeast-1.aliyuncs.com https:\/\/pixel-config.reddit.com https:\/\/ramp.osl-pay.com https:\/\/secure.livechatinc.com https:\/\/stats.g.doubleclick.net https:\/\/t.co https:\/\/unpkg.com https:\/\/web.facebook.com https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/www.redditstatic.com https:\/\/www.tradingview.com; frame-src 'self' blob: https:\/\/secure.livechatinc.com https:\/\/widget.trustpilot.com https:\/\/access.worldpay.com https:\/\/accounts.google.com https:\/\/api.sumsub.com https:\/\/centinelapi.cardinalcommerce.com https:\/\/m.youtube.com https:\/\/otc.legendtrading.com https:\/\/ramp.osl-pay.com https:\/\/support.bitunix.com https:\/\/www.youtube.com; frame-ancestors 'self'; object-src 'none'; form-action 'self'; media-src 'self' https:\/\/bitunix-public.oss-ap-northeast-1.aliyuncs.com https:\/\/static.bitunix.com https:\/\/static.bitunix.top; worker-src 'self' blob: data: https:\/\/static.bitunix.com; report-uri https:\/\/report.zouliangbu.com\/api\/2\/security\/?sentry_key=e784459051447738c4fa6df2e7fa4287;","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' 'sha256-Tzu6+wuu1SjTdVaXJEV6PivtY9mRqZb0xhhm2BLRAOA=' 'sha256-7IyttL+tUqfo+WQfAWL3v6YMknUKo9ajmbpNtuTjMN0=' 'sha256-3hfUlZv\/u0yM7A3uB3JvxOvBYAe8qn24uA4O2An1VRY=' 'sha256-MV1RuepqvbyT5NhbRPeSj1juoiQBimzZ\/wO2CMs3kus=' 'sha256-ABZr65Zok8xacqLFUeZR+42Msgxys7C+6WB+vtacJb8=' 'sha256-bHVKPlpu6EceFvLitpQwu5mjjCOghOO0EQqqS41Qn6Q=' 'sha256-wxehmTJycT+YLBVHLN3bWj\/zTcxemiqmfRQzTQW8ir4=' 'sha256-xCJKn7hMM9SELWl17uBsfarS81wpzMEJEmq9eKBxtzs=' 'sha256-+2rXXU3laxTDtQNsImGyQ1X64rn4ISQLNShnWzx821g=' 'sha256-\/J1Ywi0oxHQHCpzRvtKWWe4P+hIt7HcIaSwR9c4c5Rs=' 'sha256-39X4GDwTjoEuiHC\/2kJYF7mNFjiDloAgzPDJAZFmXUA=' 'sha256-4H8OjgRPgGcbXIWnunILQFptlaDulDAprEkdWAmd5rs=' 'sha256-6ncdpKw08Cc1EFsSeeLsVjAIaYvgm1rBcI4cNp12+Qw=' 'sha256-7PIxQkJpqFtF3ibD6pIWa3xB9NioZz\/ynQRYzL0\/GQk=' 'sha256-7gtkfRfWNDeobU0B\/hfsPp2BIWvoaQl9Qnyy5LiRnxs=' 'sha256-FCJSELYJJqB55vIG3t\/ph5fM8YdnNvdK1wyBgKoLBv8=' 'sha256-FTGWq2sxofS5L8Yq87ilEpDqn9l5NkLK0cc3sd7OvnM=' 'sha256-IHOzCHp\/\/Jl1lFsowvMxAPGD+T7zlnWM2mFk53CcUCQ=' 'sha256-Lbd7CfEvDCWYMyHY0+sXbfaSIJoSyADQN1msRc5GDNI=' 'sha256-UIJOLWy\/Osv+QGQ4imdRlRujM6eUI1MSyU7o0yUPUZY=' 'sha256-ZdDTEfl8xrGn7iZ\/2mMDizDIe6JRmep2vz9STHJi4Zs=' 'sha256-av+IGVQJsQwpqceEC0sQFA8e9C8QabH8uLcfyhwM7SQ=' 'sha256-eVK40NIq3UGWc8qEju5kUvLu1HgsUzj88BW49m\/q4j0=' 'sha256-ggRYfkK\/3LVUNlNZMQmNN9BFxap4CrJfPbtZ6v2xbjo=' 'sha256-grcTsfRWbkeUhSuDjdKCkH5D8wGl\/7m\/mQ40fxHu0mw=' 'sha256-jFtAwO73SFINACr8TD6icHqaE8VW008cFmXWwD0f9fM=' 'sha256-r217nY7GmxmFONoUAdkKv3HkplOIco6U4dEWu4mrSIs=' 'sha256-u24cgm8XlTjNvJyJKe51ekUDI8IYMtxoJZ\/6Obf\/+y0=' 'sha256-xGfPUma\/ZEUO\/hLpxJqIvAXja0IQ6z6bdVSim0NgRs0=' 'report-sample' https:\/\/*.doubleclick.net https:\/\/*.cdn4.forter.com https:\/\/*.google.com https:\/\/*.googleadservices.com https:\/\/*.googlesyndication.com https:\/\/*.googletagservices.com https:\/\/*.nr-data.net https:\/\/*.yahoo.com https:\/\/api.bounceexchange.com https:\/\/assets.bounceexchange.com https:\/\/at1.listrakbi.com https:\/\/bat.bing.com https:\/\/bam.nr-data.net https:\/\/cdn.attn.tv https:\/\/cdn.browsiprod.com https:\/\/connect.facebook.net https:\/\/code.jquery.com https:\/\/cdn.jsdelivr.net https:\/\/content.linkedin.com https:\/\/cdn.listrakbi.com https:\/\/connect.nosto.com https:\/\/cdn.roirevolution.com https:\/\/f.clarity.ms https:\/\/googleads.g.doubleclick.net https:\/\/graph.facebook.com https:\/\/geoipwebservice.com https:\/\/google-analytics.com https:\/\/googletagmanager.com https:\/\/guarantee-cdn.com https:\/\/js.facebook.com https:\/\/js-agent.newrelic.com https:\/\/platform.linkedin.com https:\/\/query.yahooapis.com https:\/\/r.bing.com https:\/\/r.webeyez.com https:\/\/static.cloudflareinsights.com https:\/\/ssl.google-analytics.com https:\/\/snap.licdn.com https:\/\/static-exp1.licdn.com https:\/\/services.listrak.com https:\/\/s1.listrakbi.com https:\/\/s.pinimg.com https:\/\/sec.webeyez.com https:\/\/s.yimg.com https:\/\/tag.bounceexchange.com https:\/\/tagmanager.google.com https:\/\/www.clarity.ms https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/sdk.helloextend.com\/extend-sdk-client\/v1\/extend-sdk-client.min.js https:\/\/cdn1.affirm.com\/js\/v2\/affirm.js https:\/\/*.clarity.ms\/s\/0.6.34\/clarity.js;frame-ancestors 'self' *.yahoo.com s.yimg.com;frame-src https:\/\/www.affirm.com\/ https:\/\/creatives.attn.tv\/ https:\/\/r.webeyez.com\/ https:\/\/assets.bounceexchange.com\/;block-all-mixed-content;style-src 'self' 'report-sample' 'unsafe-inline' *.licdn.com *.google.com *.bing.com code.jquery.com cdn.jsdelivr.net cdn.listrakbi.com www.googletagmanager.com;object-src *.googlesyndication.com;child-src 'self' blob: *.googlesyndication.com *.google.com *.facebook.com *.doubleclick.net connect.facebook.net www.googletagmanager.com;base-uri 'self' *.yahoo.com;form-action 'self' *.google.com *.facebook.com connect.facebook.net;worker-src 'self' blob: www.google.com; report-to default","count":1},{"content-security-policy-report-only":" base-uri 'self';  default-src 'self';  img-src 'self' data: https:  img.part-kom.ru mc.yandex.ru;  font-src 'self' data: https:;  style-src 'self' 'unsafe-inline' https:;  script-src 'self' 'unsafe-inline' 'unsafe-eval' http: mc.yandex.ru yastatic.net;  connect-src 'self' https: wss: mc.yandex.ru livechatv2.chat2desk.com;  media-src 'self' https: livechatv2.chat2desk.com;  frame-src 'self' https: wss: b2b.part-kom.ru mc.yandex.ru smartcaptcha.yandexcloud.net;  report-uri https:\/\/part-kom.ru\/-\/reporting-api\/;  report-to default;","count":1},{"content-security-policy-report-only":" script-src 'nonce-AaTgxor92+2jUww+O0QEcA==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=d7f01e6c-bfc2-483e-8694-2c8d4848c8e7; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" report-uri \/report-violation; form-action 'self' https:\/\/*.formlabs.com https:\/\/*.marketo.com https:\/\/www.facebook.com\/tr\/; base-uri 'self'; object-src https:\/\/formlabs.com https:\/\/*.formlabs.com http:\/\/localhost:3001; frame-ancestors https:\/\/partneruniversity-formlabs.talentlms.com https:\/\/university-formlabs.talentlms.com https:\/\/internal-formlabs.talentlms.com https:\/\/formlabs.com https:\/\/*.formlabs.com https:\/\/dental.formlabs.com https:\/\/careers.formlabs.com http:\/\/localhost:3000; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" connect-src 'self' https:\/\/checkoutshopper-live.adyen.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleoptimize.com https:\/\/*.hotjar.com https:\/\/*.mparticle.com https:\/\/beacon.krxd.net https:\/\/*.tre.se https:\/\/vercel.live https:\/\/api.usabilla.com https:\/\/dc.services.visualstudio.com https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/api.customersaas.com https:\/\/vc.hotjar.io wss:\/\/ws.hotjar.com https:\/\/cdn.linkedin.oribi.io https:\/\/adservice.google.com https:\/\/fonts.gstatic.com https:\/\/content.hotjar.io https:\/\/*.optimizely.com https:\/\/region1.google-analytics.com wss:\/\/ws-us3.pusher.com; default-src 'self' https:\/\/*.tre.se; font-src 'self' data: https:\/\/static.customersaas.com https:\/\/vercel.live https:\/\/assets.vercel.com; frame-src 'self' https:\/\/checkoutshopper-live.adyen.com https:\/\/6142836.fls.doubleclick.net https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/widget.trustpilot.com https:\/\/d6tizftlrpuof.cloudfront.net https:\/\/vercel.live https:\/\/www.youtube.com https:\/\/cdn.krxd.net https:\/\/cloud.epost.tre.se https:\/\/coverage.tre.se https:\/\/cdn.jobylon.com\/ https:\/\/tre.workbuster.com https:\/\/vars.hotjar.com https:\/\/td.doubleclick.net; img-src 'self' data: https:\/\/checkoutshopper-live.adyen.com https:\/\/6142836.fls.doubleclick.net https:\/\/www.facebook.com https:\/\/clients1.google.com https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com https:\/\/beacon.krxd.net https:\/\/*.tre.se https:\/\/d6tizftlrpuof.cloudfront.net https:\/\/vercel.live http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net https:\/\/jslog.krxd.net\/ https:\/\/t.co https:\/\/w.usabilla.com https:\/\/www.google-analytics.com\/collect https:\/\/www.google.se https:\/\/www.google.dk https:\/\/i.ytimg.com https:\/\/img.youtube.com https:\/\/new-collect.albacross.com https:\/\/d35v9wsdymy32b.cloudfront.net https:\/\/px.ads.linkedin.com https:\/\/ad.doubleclick.net https:\/\/vercel.com blob:; manifest-src 'self'; media-src 'self' https:\/\/videos.ctfassets.net; object-src 'none'; report-uri https:\/\/www.tre.se\/logger\/csp-report; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/static.customersaas.com https:\/\/clients1.google.com https:\/\/www.googleoptimize.com https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com https:\/\/*.hotjar.com https:\/\/*.mparticle.com https:\/\/widget.trustpilot.com https:\/\/d6tizftlrpuof.cloudfront.net https:\/\/vercel.live https:\/\/www.youtube.com https:\/\/*.adtr.io https:\/\/*.krxd.net https:\/\/adtr.io https:\/\/analytics.twitter.com https:\/\/api.usabilla.com https:\/\/az416426.vo.msecnd.net\/scripts\/a\/ai.0.js https:\/\/bat.bing.com https:\/\/cdn.bannerflow.com https:\/\/cdn.tre.se https:\/\/cdnn.tre.se https:\/\/connect.facebook.net https:\/\/cse.google.com https:\/\/gtm.adt313.net\/jsTag  https:\/\/hi3gscriptbucket.blob.core.windows.net https:\/\/rules.quantcount.com https:\/\/s.ytimg.com https:\/\/secure.quantserve.com https:\/\/ssl.google-analytics.com https:\/\/static.ads-twitter.com https:\/\/tagmanager.google.com https:\/\/w.usabilla.com\/ https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/serve.albacross.com https:\/\/tre.workbuster.com https:\/\/region1.analytics.google.com https:\/\/cdn.amplitude.com https:\/\/treva.boost.ai; style-src 'report-sample' 'self' 'unsafe-inline' https:\/\/static.customersaas.com https:\/\/www.google.com https:\/\/d6tizftlrpuof.cloudfront.net https:\/\/vercel.live https:\/\/d1r5etm691cejh.cloudfront.net;","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.at *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.at *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.at *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B170%600e3b15(rbpv5%3F.%7Fd%7F%3B1-19e241fb426-0x605#pd","count":1},{"content-security-policy-report-only":" default-src 'self' adobedtm.com *.adobedtm.com adroll.com *.adroll.com ads-twitter.com *.ads-twitter.com afterpay.com *.afterpay.com apxprogrammatic.com *.apxprogrammatic.com bazaarvoice.com *.bazaarvoice.com bing.com *.bing.com boldchat.com *.boldchat.com braintree-api.com *.braintree-api.com braintreegateway.com *.braintreegateway.com brcdn.com *.brcdn.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org demdex.net *.demdex.net dotomi.com *.dotomi.com doubleclick.net *.doubleclick.net facebook.net *.facebook.net fullstory.com *.fullstory.com genpt.com *.genpt.com google-analytics.com *.google-analytics.com google.ca *.google.ca google.com *.google.com googleadservices.com *.googleadservices.com googletagmanager.com *.googletagmanager.com fonts.gstatic.com iesnare.com *.iesnare.com jst.ai *.jst.ai klaviyo.com *.klaviyo.com livechatinc.com *.livechatinc.com maps.googleapis.com *.maps.googleapis.com maxmind.com *.maxmind.com micpn.com *.micpn.com mmapiws.com *.mmapiws.com napaonline.com *.napaonline.com netmng.com *.netmng.com newrelic.com *.newrelic.com nr-data.net *.nr-data.net omtrdc.net *.omtrdc.net onetrust.com *.onetrust.com paypal.com *.paypal.com paypalobjects.com *.paypalobjects.com pinterest.com *.pinterest.com rakuten.com *.rakuten.com repairpal.com *.repairpal.com rfihub.net *.rfihub.net scene7.com *.scene7.com sentry-cdn.com *.sentry-cdn.com signifyd.com *.signifyd.com skyword.com *.skyword.com smartystreets.com *.smartystreets.com twitter.com *.twitter.com vibescm.com *.vibescm.com vimeo.com *.vimeo.com wp.com *.wp.com youtube.com *.youtube.com localhost *.localhost; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=dgI87fVDxNVLjUeAlg1LT6MFQO9LleYLAvfTSYWSXXw-1778722681.9016352-1.0.1.1-xljB.i1ZhFvoBZaZohlj6bPDSEIPvdYAx4kvzSaKHiLNjF9MK5uWpBoQCjY0.mOneQ4us8uF4vCMvKI4bFRtTFPQuO1JINNpXnn9UkxwF58BEatdsTmbYJs1rVIytwVYYQubbt8sJ2D6nMbnAQKW82A9l6oLzm1KuX3GZhwGfeiTgy2jeiSpu.LCEkWO5rdo; report-to cf-vxuayhynwogmlpll","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/hollywoodlife.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-6djUXoM-RF7SuR511N0r2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self';  script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: *.hs-analytics.net *.hs-banner.com *.hs-scripts.com *.hsadspixel.net *.hscollectedforms.net *.hsforms.com *.hsforms.net *.hsleadflows.net *.hubspot.com *.hubspot.net *.hubspotfeedback.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.usemessages.com *.hotjar.com https:\/\/js.hubspot.com *.hs-sites.com https:\/\/*.clearbit.com https:\/\/*.clearbitjs.com https:\/\/*.clearbitscripts.com https:\/\/*.g.doubleclick.net https:\/\/app.revenuehero.io https:\/\/community.traefik.io https:\/\/feedback-eu1.hubapi.com https:\/\/feedback.hubapi.com https:\/\/js-eu1.hscta.net https:\/\/js.hscta.net https:\/\/px.ads.linkedin.com https:\/\/r2.leadsy.ai https:\/\/s3-us-west-2.amazonaws.com https:\/\/9xgnrndqve.execute-api.us-west-2.amazonaws.com https:\/\/snap.licdn.com https:\/\/static.ads-twitter.com https:\/\/static.hsappstatic.net https:\/\/traefik.github.io https:\/\/traefik.io https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/x.clearbitjs.com https:\/\/b-code.liadm.com https:\/\/cdn.jsdelivr.net https:\/\/connect.facebook.net https:\/\/platform.twitter.com;  style-src 'self' 'unsafe-inline' *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net https:\/\/7052064.fs1.hubspotusercontent-na1.net https:\/\/cdn2.hubspot.net https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com https:\/\/traefik.io https:\/\/www.gstatic.com https:\/\/cdn.jsdelivr.net;  object-src 'none';  base-uri 'self';  child-src 'self' https:\/\/*.hsforms.com;  connect-src 'self' *.liadm.com *.hs-sites.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com *.hubapi.com *.hubspot.com https:\/\/*.google.com https:\/\/www.google.co.in https:\/\/www.google.ca https:\/\/www.google.co.jp https:\/\/www.google.co.kr https:\/\/www.google.co.uk https:\/\/www.google.co.id https:\/\/www.google.co.za https:\/\/www.google.co.tz https:\/\/www.google.co.ma https:\/\/www.google.nl https:\/\/www.google.de https:\/\/www.google.at https:\/\/www.google.es https:\/\/www.google.se https:\/\/www.google.az https:\/\/www.google.so https:\/\/www.google.lk https:\/\/www.google.com.br https:\/\/www.google.com.au https:\/\/www.google.com.sg https:\/\/www.google.com.hk https:\/\/www.google.com.co https:\/\/www.google.com.pe https:\/\/www.google.com.uy https:\/\/www.google.com.eg https:\/\/www.google.ae https:\/\/www.google.al https:\/\/www.google.ba https:\/\/www.google.be https:\/\/www.google.by https:\/\/www.google.ch https:\/\/www.google.cl https:\/\/www.google.co.cr https:\/\/www.google.co.il https:\/\/www.google.co.nz https:\/\/www.google.co.th https:\/\/www.google.co.uz https:\/\/www.google.co.ve https:\/\/www.google.com.ar https:\/\/www.google.com.bd https:\/\/www.google.com.do https:\/\/www.google.com.gh https:\/\/www.google.com.mx https:\/\/www.google.com.ng https:\/\/www.google.com.np https:\/\/www.google.com.ph https:\/\/www.google.com.pk https:\/\/www.google.com.tr https:\/\/www.google.com.tw https:\/\/www.google.com.ua https:\/\/www.google.com.vn https:\/\/www.google.cz https:\/\/www.google.dk https:\/\/www.google.fr https:\/\/www.google.gr https:\/\/www.google.hr https:\/\/www.google.hu https:\/\/www.google.ie https:\/\/www.google.iq https:\/\/www.google.it https:\/\/www.google.kz https:\/\/www.google.lt https:\/\/www.google.lv https:\/\/www.google.no https:\/\/www.google.pl https:\/\/www.google.pt https:\/\/www.google.ro https:\/\/www.google.rs https:\/\/www.google.ru https:\/\/www.google.si https:\/\/www.google.sk https:\/\/www.google.tn https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/s3-us-west-2.amazonaws.com https:\/\/9xgnrndqve.execute-api.us-west-2.amazonaws.com https:\/\/www.googleadservices.com https:\/\/*.hotjar.com wss:\/\/*.hotjar.com https:\/\/*.analytics.google.com https:\/\/*.hotjar.io https:\/\/*.clearbit.com https:\/\/*.clearbitjs.com https:\/\/*.clearbitscripts.com https:\/\/*.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/*.google-analytics.com https:\/\/*.traefik.io https:\/\/api.github.com https:\/\/app.clearbit.com https:\/\/app.revenuehero.io https:\/\/containous.ghost.io https:\/\/storage.ghost.io https:\/\/google.com https:\/\/pagead2.googlesyndication.com https:\/\/ingesteer.services-prod.nsvcs.net https:\/\/js-eu1.hscta.net https:\/\/js.hscta.net https:\/\/js.hsforms.net https:\/\/pro.ip-api.com https:\/\/px.ads.linkedin.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/static.scarf.sh https:\/\/static.hsappstatic.net https:\/\/*.ingest.de.sentry.io https:\/\/alocdn.com;  font-src 'self' data: https:\/\/cdnjs.cloudflare.com https:\/\/fonts.gstatic.com https:\/\/use.typekit.net https:\/\/cdn.jsdelivr.net;  frame-src 'self' *.hs-sites-eu1.com *.hs-sites.com *.hsforms.com *.hsforms.net *.hubspot.com *.hubspot.net https:\/\/*.g.doubleclick.net https:\/\/app.netlify.com https:\/\/community.traefik.io https:\/\/play-eu1.hubspotvideo.com https:\/\/play.hubspotvideo.com https:\/\/px.ads.linkedin.com https:\/\/traefik.io https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com;  img-src 'self' blob: data: https:;  form-action 'self' https:\/\/*.hsforms.com;  manifest-src 'self' https:\/\/traefik.io;  media-src 'self' data: https:\/\/ssl.gstatic.com;  worker-src 'self'; report-uri https:\/\/o4511099878637568.ingest.de.sentry.io\/api\/4511134031937616\/security\/?sentry_key=64999a84abc3469206792e982d195c43; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self'; frame-src 'self' https:\/\/replicate-search-prototype-production.replicate.workers.dev https:\/\/www.googletagmanager.com; worker-src https:\/\/static.replicateassets.com; connect-src 'self' https:\/\/api.replicate.com https:\/\/stream.replicate.com https:\/\/replicate.delivery https:\/\/*.replicate.delivery https:\/\/api.us.svix.com https:\/\/*.sentry.io https:\/\/*.usepylon.com https:\/\/*.posthog.com https:\/\/pylon-avatars.s3.us-west-1.amazonaws.com https:\/\/d3vl36l12sfx26.cloudfront.net https:\/\/og.replicateassets.com https:\/\/static.replicateassets.com https:\/\/*.pusher.com https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.replicatestatus.com https:\/\/replicate-search-prototype-production.replicate.workers.dev https:\/\/replicate-search.replicate-search.workers.dev; font-src 'self' data: https:\/\/*.usepylon.com https:\/\/*.posthog.com https:\/\/pylon-avatars.s3.us-west-1.amazonaws.com https:\/\/d31rfu1d3w8e4q.cloudfront.net https:\/\/d3vl36l12sfx26.cloudfront.net https:\/\/fonts.replicateassets.com https:\/\/*.pusher.com https:\/\/fonts.gstatic.com https:\/\/replicate-search-prototype-production.replicate.workers.dev; img-src 'self' blob: data: https:\/\/replicate.delivery https:\/\/*.replicate.delivery https:\/\/og.replicateassets.com https:\/\/static.replicateassets.com https:\/\/d31rfu1d3w8e4q.cloudfront.net https:\/\/d3vl36l12sfx26.cloudfront.net https:\/\/*.githubusercontent.com https:\/\/github.com https:\/\/www.googletagmanager.com https:\/\/ssl.gstatic.com https:\/\/www.gstatic.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/replicate-search-prototype-production.replicate.workers.dev https:\/\/replicateassets.com\/cdn-cgi\/image\/; media-src 'self' https:\/\/replicate.delivery https:\/\/*.replicate.delivery https:\/\/static.replicateassets.com https:\/\/d31rfu1d3w8e4q.cloudfront.net https:\/\/d3vl36l12sfx26.cloudfront.net https:\/\/*.sentry.io https:\/\/replicate-search-prototype-production.replicate.workers.dev https:\/\/replicateassets.com\/cdn-cgi\/media\/; script-src 'report-sample' 'self' 'nonce-YmZkMWJhNjQtOGU1MC00YTY1LWI3ZGMtMzY5MGYzM2I5M2Qw' https:\/\/*.usepylon.com https:\/\/*.posthog.com https:\/\/pylon-avatars.s3.us-west-1.amazonaws.com https:\/\/d31rfu1d3w8e4q.cloudfront.net https:\/\/d3vl36l12sfx26.cloudfront.net https:\/\/static.replicateassets.com https:\/\/*.pusher.com https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/*.googletagmanager.com https:\/\/replicate-search-prototype-production.replicate.workers.dev https:\/\/challenges.cloudflare.com; style-src 'self' https:\/\/*.usepylon.com https:\/\/*.posthog.com https:\/\/pylon-avatars.s3.us-west-1.amazonaws.com https:\/\/d31rfu1d3w8e4q.cloudfront.net https:\/\/d3vl36l12sfx26.cloudfront.net https:\/\/static.replicateassets.com https:\/\/*.pusher.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/fonts.googleapis.com https:\/\/replicate-search-prototype-production.replicate.workers.dev; frame-ancestors 'self'; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubff54dddb981c8cd140e740408494c84d&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env%3Aproduction","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.stripe.com https:\/\/connect.facebook.net https:\/\/www.googletagmanager.com https:\/\/snap.licdn.com https:\/\/challenges.cloudflare.com https:\/\/www.gstatic.com https:\/\/import-cdn.default.com https:\/\/www.dubcdn.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' https: wss:; frame-src 'self' https:\/\/js.stripe.com https:\/\/hooks.stripe.com https:\/\/m.stripe.network https:\/\/challenges.cloudflare.com https:\/\/www.youtube.com https:\/\/app.dub.co https:\/\/connect.facebook.net; worker-src 'self' blob: https:\/\/cdn.jsdelivr.net; media-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' connect.facebook.net platform.linkedin.com platform.twitter.com cdn.matomo.cloud cdn.gtranslate.net translate.google.com translate.googleapis.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-yx5crGjXrLQpqWLXBLUXXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-s3sLtPBZD_HrUBn94nsuFw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" img-src 'self' data: www.firefox.com www.google-analytics.com www.googletagmanager.com www.mozilla.org; default-src 'self' www.firefox.com; connect-src 'self' basket.mozilla.org cdn.transcend.io gtm-dev.springfield.moz.works gtm.firefox.com gtm.springfield.moz.works https:\/\/accounts.firefox.com\/ https:\/\/basket.mozilla.org o1069899.ingest.sentry.io o1069899.ingest.us.sentry.io o1069899.sentry.io region1.google-analytics.com telemetry.transcend.io telemetry.us.transcend.io transcend-cdn.com www.firefox.com www.google-analytics.com www.googletagmanager.com; frame-src 'self' accounts.firefox.com www.google-analytics.com www.googletagmanager.com www.youtube-nocookie.com www.youtube.com; font-src 'self' www.firefox.com; style-src 'self' 'unsafe-inline' cdn.transcend.io transcend-cdn.com www.firefox.com; media-src 'self' assets.mozilla.net videos.cdn.mozilla.net www.firefox.com www.mozilla.org; upgrade-insecure-requests; frame-ancestors 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.transcend.io s.ytimg.com tagmanager.google.com transcend-cdn.com www.firefox.com www.google-analytics.com www.googletagmanager.com www.youtube.com; base-uri 'none'; form-action 'self' https:\/\/accounts.firefox.com\/ https:\/\/basket.mozilla.org; object-src 'none'","count":1},{"content-security-policy-report-only":" default-src adtrafficquality.google *.adtrafficquality.google ajax.googleapis.com *.ajax.googleapis.com jsdelivr.net *.jsdelivr.net 'self' altmetric.com *.altmetric.com bootstrapcdn.com *.bootstrapcdn.com cloudflare.com *.cloudflare.com cloudflareinsights.com *.cloudflareinsights.com d1bxh8uas1mnw7.cloudfront.net *.d1bxh8uas1mnw7.cloudfront.net d3js.org *.d3js.org dimensions.ai *.dimensions.ai doubleclick.net *.doubleclick.net facebook.net *.facebook.net google-analytics.com *.google-analytics.com google.com *.google.com google.com.co *.google.com.co googleadservices.com *.googleadservices.com googletagmanager.com *.googletagmanager.com gstatic.com *.gstatic.com instagram.com *.instagram.com plu.mx *.plu.mx translate.googleapis.com *.translate.googleapis.com twitter.com *.twitter.com udea.edu.co *.udea.edu.co unpkg.com *.unpkg.com; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=S89PX7V9r2iukeqpg9D5JzfeQH74PvbHyIhrNADizQI-1778722818.9717343-1.0.1.1-l3X7P15P750j48F8HQjYseA88x_Fs3lSeoDLzOWcJgDGP_j2uxiTp59XIMHYh9xwvzpCd4F5nMH0U_ce0E8Spvd_pRV0Qz5_IuF6j06fQHOQgoN2itoo9i8TZFTvJy6zCenmKXoh.UwS_qC6XpVCm4U_mTtZXAcj5gaYEmKHWYXWNVn37iacZyTfz3m5n.XxCgzh.qSkqVJSiwCNLnQs0Q; report-to cf-ytkzhxjhfdntckus","count":1},{"content-security-policy-report-only":" default-src 'self' image.spreadshirtmedia.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.com ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com *.google-analytics.com *.analytics.google.com *.zdassets.com sanalytics.spreadshirt.com *.spreadshirt.com ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io\/ *.google-analytics.com *.analytics.google.com wss:\/\/*.zendesk.com *.spreadshirt.com ; font-src 'self' https: data: *.spreadshirt.com ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.com ; object-src 'none' ; media-src image.spreadshirtmedia.com ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.com ; report-uri https:\/\/csp.spreadshirts.net\/csp\/reportOnly ;","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.nl *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.nl *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.nl *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B170%600e3b15(rbpv5%3F.1d%60g2-19e24304876-0x1607#pd","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-rkQsscJhnE1IxGpCjP2C5A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Nc1qqk5zIrJ0rJWET0nmi2p2QLSPnESYsOzFNOFvJ4Y-1778726343.3085532-1.0.1.1-3xEOnP4bwaMt1xL_8w1t0Ldl4tMsuqvsizU4puetSA11POlnAMfC7.O7lxPz11keqMexL1nnHzl9jK6DOFBKYgzAqx2sZAVAI6l8AIi0wYOc1MZ8cv7annBZg4KFduqQBLjm9ZtfF4YctNBPECqk3GeQ3hcRo7_3q064FdMDbmPxOTHpmtchU8MTuYLH3kLoznEG7q9yMqGwnUNUNKxkYA; report-to cf-xejutwijeapgvhuz","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.blogher.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: 'unsafe-inline' 'unsafe-eval' data: ; report-uri https:\/\/booklog.report-uri.io\/r\/default\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-e2zryJw-o08CbmkO2m7z8Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.firstcitizens.com;                 script-src 'self' https:\/\/*.firstcitizens.com https:\/\/cdn.cookielaw.org https:\/\/assets.adobedtm.com https:\/\/acrobatservices.adobe.com https:\/\/cds-sdkcfg.onlineaccess1.com https:\/\/www.googletagmanager.com https:\/\/s.go-mpulse.net https:\/\/connect.facebook.net https:\/\/bat.bing.com https:\/\/snap.licdn.com https:\/\/js-cdn.dynatrace.com https:\/\/googleads.g.doubleclick.net https:\/\/td.doubleclick.net https:\/\/www.googleadservices.com https:\/\/px.ads.linkedin.com https:\/\/edge.adobedc.net https:\/\/www.facebook.com https:\/\/px4.ads.linkedin.com https:\/\/siteimproveanalytics.com https:\/\/www.clarity.ms https:\/\/www.google.com https:\/\/google.com https:\/\/2884.global.siteimproveanalytics.io https:\/\/c.go-mpulse.net https:\/\/zndhwk2nlgcbvdel3-firstcitizensbank.siteintercept.qualtrics.com https:\/\/t.contentsquare.net https:\/\/munchkin.marketo.net https:\/\/siteintercept.qualtrics.com https:\/\/296-cpx-295.mktoresp.com https:\/\/894-itd-344.mktoresp.com https:\/\/284-lbb-572.mktoresp.com https:\/\/151-fhs-046.mktoresp.com https:\/\/412-tmw-562.mktoresp.com https:\/\/u.clarity.ms https:\/\/c.contentsquare.net https:\/\/173bf10e.akstat.io https:\/\/k-aus1.contentsquare.net https:\/\/trial-eum-clientnsv4-s.akamaihd.net https:\/\/eyaqbbekafz5ajqacqnryaaabbtmzouy-p2jke9-59ac193c4-clienttons-s.akamaihd.net https:\/\/daaisiixzsmj6zwmxkma-p2jke9-1aa48d9c7-clientnsv4-s.akamaihd.net https:\/\/assets.sitescdn.net https:\/\/answers.yext-pixel.com https:\/\/analytics.google.com https:\/\/embed-ssl.wistia.com https:\/\/pipedream.wistia.com https:\/\/js.sentry-cdn.com https:\/\/distillery.wistia.com https:\/\/embed-cloudfront.wistia.com https:\/\/srm.bf.contentsquare.net https:\/\/www.gstatic.com https:\/\/app.fintelconnect.com https:\/\/browser.sentry-cdn.com https:\/\/*.cit.com https:\/\/answers-embed.firstcitizens.com.pagescdn.com https:\/\/info.onewestbank.com https:\/\/rum.hlx.page https:\/\/script.crazyegg.com https:\/\/js.adsrvr.org https:\/\/bat.bing.com https:\/\/scripts.clarity.ms https:\/\/dvract3a1itr1.cloudfront.net https:\/\/c.amazon-adsystem.com https:\/\/s.amazon-adsystem.com https:\/\/ad.doubleclick.net;                 connect-src 'self' https:\/\/*.firstcitizens.com https:\/\/cdn.cookielaw.org https:\/\/analytics.google.com https:\/\/answers.yext-pixel.com https:\/\/ad.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/adobedc.demdex.net https:\/\/viewlicense.adobe.io https:\/\/www.google.com https:\/\/www.google-analytics.com https:\/\/dpm.demdex.net https:\/\/edge.adobedc.net https:\/\/px.ads.linkedin.com https:\/\/siteintercept.qualtrics.com https:\/\/cds-sdkcfg.onlineaccess1.com https:\/\/prod-cdn.us.yextapis.com https:\/\/ipapi.co https:\/\/api.openweathermap.org https:\/\/296-cpx-295.mktoutil.com https:\/\/script.crazyegg.com https:\/\/tracking.crazyegg.com https:\/\/pagestates-tracking.crazyegg.com https:\/\/assets-tracking.crazyegg.com https:\/\/insight.adsrvr.org https:\/\/dayintegrationintern.tt.omtrdc.net https:\/\/www.googleadservices.com https:\/\/business.linkedin.com https:\/\/openknowledge.worldbank.org https:\/\/acrobatservices.adobe.com https:\/\/assets.sitescdn.net https:\/\/bat.bing.com https:\/\/scripts.clarity.ms https:\/\/smetrics.firstcitizens.com https:\/\/browser.sentry-cdn.com https:\/\/mpc-prod-2-1053047382554.us-central1.run.app https:\/\/demo-1.conversionsapigateway.com https:\/\/graph.facebook.com https:\/\/c.amazon-adsystem.com https:\/\/s.amazon-adsystem.com https:\/\/fls.doubleclick.net https:\/\/api.ipdata.co https:\/\/6jk6d9jp92.execute-api.us-east-2.amazonaws.com https:\/\/ara.paa-reporting-advertising.amazon;                 worker-src 'self';                 style-src 'self' https:\/\/*.firstcitizens.com https:\/\/fonts.googleapis.com https:\/\/assets.sitescdn.net;                 style-src-elem 'self' https:\/\/*.firstcitizens.com https:\/\/assets.sitescdn.net https:\/\/*.cit.com https:\/\/info.onewestbank.com https:\/\/fonts.googleapis.com https:\/\/www.googletagmanager.com;                 img-src 'self' https:\/\/*.firstcitizens.com https:\/\/cdn.cookielaw.org https:\/\/2884.global.siteimproveanalytics.io px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/cm.everesttech.net https:\/\/dpm.demdex.net https:\/\/www.linkedin.com https:\/\/www.googletagmanager.com https:\/\/www.facebook.com https:\/\/googleads.g.doubleclick.net https:\/\/*.cit.com https:\/\/www.google.com https:\/\/google.com https:\/\/info.onewestbank.com https:\/\/siteintercept.qualtrics.com https:\/\/fonts.gstatic.com https:\/\/ad.doubleclick.net https:\/\/insight.adsrvr.org https:\/\/ib.adnxs.com https:\/\/cm.g.doubleclick.net https:\/\/match.adsrvr.org https:\/\/pixel.rubiconproject.com https:\/\/www.googleadservices.com https:\/\/c.amazon-adsystem.com https:\/\/s.amazon-adsystem.com https:\/\/fls.doubleclick.net;                 frame-src 'self' https:\/\/*.firstcitizens.com https:\/\/acrobatservices.adobe.com https:\/\/td.doubleclick.net https:\/\/firstcitizens.demdex.net https:\/\/www.google.com https:\/\/www.citrail.com https:\/\/answers-embed.firstcitizens.com.pagescdn.com https:\/\/*.cit.com https:\/\/info.onewestbank.com https:\/\/www.googletagmanager.com https:\/\/insight.adsrvr.org https:\/\/privacyportaluat.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/match.adsrvr.org https:\/\/fintactix.com https:\/\/14741597.fls.doubleclick.net https:\/\/fast.wistia.net https:\/\/15758689.fls.doubleclick.net https:\/\/ad.doubleclick.net;                 frame-ancestors 'self' https:\/\/www.google.com https:\/\/9808-sbx.btbanking.com https:\/\/*.firstcitizens.com https:\/\/*.fcbint.net https:\/\/bostonprivate--full.sandbox.my.salesforce.com https:\/\/bostonprivate.my.salesforce.com;                 media-src 'self';                 font-src 'self';","count":1},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-inline' https:\/\/challenges.cloudflare.com https:\/\/cdnjs.cloudflare.com; style-src https: 'unsafe-inline'; frame-src https: https:\/\/challenges.cloudflare.com; connect-src https: https:\/\/challenges.cloudflare.com https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.hs-scripts.com https:\/\/*.hubapi.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-nUrVGy7rp6KEJ+Ya5hwiRA==' 'unsafe-eval' cdn.sidefx.com static.sidefx.com media.sidefx.com d2wvmrjymyrujw.cloudfront.net *.googleapis.com www.gstatic.com www.google.com cse.google.com *.facebook.net api.instagram.com cdnjs.cloudflare.com unpkg.com cdn.jsdelivr.net *.googletagmanager.com tagmanager.google.com www.google-analytics.com stats.g.doubleclick.net analytics.google.com vimeo.com *.vimeo.com *.vimeocdn.com *.newrelic.com *.nr-data.net www.youtube.com www.paypal.com www.sandbox.paypal.com sidefx.bamboohr.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com forms.copper.com; frame-src 'self' data: static.sidefx.com media.sidefx.com www.google.com connect.facebook.net www.facebook.net www.facebook.com docs.google.com maps.google.com www.youtube.com lists.sidefx.com *.vimeo.com *.vimeocdn.com www.sandbox.paypal.com www.paypal.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com; style-src 'self' 'unsafe-inline' cdn.sidefx.com static.sidefx.com d2wvmrjymyrujw.cloudfront.net media.sidefx.com fonts.googleapis.com www.google.com tagmanager.google.com *.vimeocdn.com www.gstatic.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com; font-src 'self' data: cdn.sidefx.com static.sidefx.com media.sidefx.com fonts.gstatic.com; img-src 'self' data: cdn.sidefx.com static.sidefx.com media.sidefx.com d2wvmrjymyrujw.cloudfront.net *.cdninstagram.com *.gravatar.com www.facebook.com static.lulu.com www.gstatic.com ssl.gstatic.com www.googleapis.com i.ytimg.com *.vimeocdn.com www.paypal.com t.paypal.com www.paypalobjects.com placekitten.com http:\/\/dummyimage.com resources.bamboohr.com connect.facebook.com connect.facebook.net placehold.co *.google.com www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net; connect-src 'self' *.google-analytics.com *.google.com *.googletagmanager.com stats.g.doubleclick.net www.facebook.com ig.instant-tokens.com graph.instagram.com vimeo.com www.sandbox.paypal.com www.paypal.com sidefx.bamboohr.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com forms.copper.com; media-src www.sidefx.com cdn.sidefx.com static.sidefx.com media.sidefx.com d2wvmrjymyrujw.cloudfront.net; report-uri \/csp-report\/","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.artforum.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.prizepicks.com https:\/\/*.cloudflare.com https:\/\/*.cloudflareinsights.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https:\/\/*.prizepicks.com https:\/\/*.google-analytics.com https:\/\/*.cloudflareinsights.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.hotjar.com *.amplitude.com *.ads-twitter.com use.typekit.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.segment.com *.doubleclick.net sc-static.net *.google.com *.gstatic.com *.googlesyndication.com connect.facebook.net js.stripe.com cdn.seon.io www.redditstatic.com analytics.tiktok.com bat.bing.com *.checkout.com; font-src 'self' data: fonts.gstatic.com use.typekit.net frontend-assets.sorare.tech frontend-assets.sorare.com frontend-assets.sorare.dev; media-src 'self' *.ctfassets.net frontend-assets.sorare.com frontend-assets.sorare.tech frontend-assets.sorare.dev assets.sorare.com assets.sorare.tech assets.sorare.dev; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net use.typekit.net use.fontawesome.com blob:; connect-src *; img-src * data:; frame-src *; manifest-src 'self' https:\/\/sorare.cloudflareaccess.com; object-src 'none'; worker-src blob:;","count":1},{"content-security-policy-report-only":" default-src 'self'; frame-src 'self' https:\/\/datawrapper.dwcdn.net https:\/\/js.chargebee.com https:\/\/js.stripe.com https:\/\/datawrapper-test.chargebee.com https:\/\/www.youtube.com https:\/\/platform.twitter.com; worker-src blob:; connect-src 'self' data: https:\/\/ifconfig.me\/ip wss:\/\/ws.datawrapper.de https:\/\/pwk.datawrapper.de https:\/\/js.chargebee.com https:\/\/*.cloudfront.net https:\/\/*.sentry.io https:\/\/*.gstatic.com https:\/\/static.dwcdn.net https:\/\/datawrapper.dwcdn.net https:\/\/comments.datawrapper.de https:\/\/staging-chart-tests.s3.eu-central-1.amazonaws.com https:\/\/fonts.googleapis.com\/ https:\/\/app.datawrapper.de https:\/\/api.fontsource.org\/v1\/fonts\/ https:\/\/i.datawrapper.de  app.datawrapper.de ; font-src 'self' data: https:\/\/static.dwcdn.net https:\/\/fonts.gstatic.com https:\/\/fonts.dwcdn.net ; img-src * data: blob:; media-src * data:; script-src 'self' 'unsafe-eval' https:\/\/appsforoffice.microsoft.com https:\/\/datawrapper.dwcdn.net https:\/\/pwk.datawrapper.de 'nonce-2piCSFcPKX2VK4Di7ZxCcw=='; script-src-elem 'self' https:\/\/pwk.datawrapper.de https:\/\/js.chargebee.com https:\/\/js.stripe.com https:\/\/appsforoffice.microsoft.com https:\/\/platform.twitter.com https:\/\/pt.dwcdn.net https:\/\/datawrapper.dwcdn.net\/ https:\/\/pwk.datawrapper.de https:\/\/app.datawrapper.de https:\/\/comments.datawrapper.de  'nonce-2piCSFcPKX2VK4Di7ZxCcw=='; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/datawrapper.dwcdn.net https:\/\/static.dwcdn.net https:\/\/pt.dwcdn.net; style-src-elem 'self' 'unsafe-inline' https:\/\/static.dwcdn.net https:\/\/js.chargebee.com https:\/\/fonts.googleapis.com https:\/\/pt.dwcdn.net https:\/\/datawrapper.dwcdn.net https:\/\/js.chargebee.com\/assets\/; report-uri %%CSP_REPORT_URI%%","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' 'wasm-unsafe-eval' *.bytescm.com *.bytetos.com *.ibytedapm.com *.zijieapi.com *.snssdk.com *.bytedance.com *.bytedance.net *.pstatp.com *.bytednsdoc.com *.bytegoofy.com *.byted-static.com *.yhgfb-cn-static.com data: blob: 'report-sample' 'nonce-6743341e2180e8ed5847849a47fa9b0b-argus' 'strict-dynamic'; connect-src 'self' *.idouyinvod.com:* *.volcsiriusbd.com:* *.volcsirius.com:* *.tt.x.bsgslb.cn:* *.dy.zzcdnx.com:* *.qc.bsccdn.net:* *.smtcdns.com:* *.ugslb.com:* *.livehwc3.cn:* *.smtcdns.net:* *.bytefcdnrd.com:* *.ksyungslb.com:* *.ksyungslb2.com:* *.ourdvsss.com:* *.tbcache.com:* *.jomodns.com:* *.douyincdn.com:* *.ixigua.com:* *.bdxigualive.com:* *.pstatp.com:* *.douyinliving.com:* *.picovr.com:* *.huoshanlive.com:* *.ihuoshanlive.com:* *.volccdn.com:* *.bestv.com.cn:* *.bytefcdn.com:* *.douyinvod.com:* *.qnqcdn.net:* *.weilayun.com:* *.saxysec.com:* *.saxyit.com:* *.saxydc.com:* *.sjxysec.com:* *.sjxydc.com:* *.hiecheimaetu.com:* *.ppio.cloud:* *.vegslb.com:* *.xsj.wasu.tv:* *.zebracdn.com:* *.volctranscdn.com:* *.hizhecheng.com:* *.sealaly.net:* *.souajki.net:* *.souajki.com:* *.souajki.cn:* *.siomxity.cn:* *.siomxity.com:* *.siomxity.net:* *.uochly.cn:* *.smogfly.cloud:* *.smogfly.club:* *.iquaveizeeru.com:* *.ietheivaicai.com:* *.bytescm.com *.bytetos.com *.ibytedapm.com *.zijieapi.com *.snssdk.com *.bytedance.com *.bytedance.net *.pstatp.com *.bytednsdoc.com *.bytegoofy.com *.byted-static.com *.yhgfb-cn-static.com; frame-ancestors 'self'; upgrade-insecure-requests ;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/cdn.tagdeliver.com https:\/\/cookie-cdn.cookiepro.com https:\/\/static.chartbeat.com https:\/\/www.npttech.com https:\/\/cdn.piano.io https:\/\/api-eu.piano.io https:\/\/cdn.cxense.com https:\/\/comcluster.cxense.com https:\/\/id.cxense.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/www.facebook.net https:\/\/staticxx.facebook.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/va.vercel-scripts.com https:\/\/securepubads.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/ep2.adtrafficquality.google https:\/\/apis.google.com https:\/\/snap.licdn.com https:\/\/sitepixel.blis.com https:\/\/berrythompson.innocraft.cloud; connect-src 'self' https:\/\/*.googleapis.com https:\/\/*.firebaseio.com wss:\/\/*.firebaseio.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/securepubads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/ep1.adtrafficquality.google https:\/\/ep2.adtrafficquality.google https:\/\/www.google.com https:\/\/www.facebook.com https:\/\/www.facebook.net https:\/\/graph.facebook.com https:\/\/connect.facebook.net https:\/\/mpc2-prod-26-is5qnl632q-uc.a.run.app https:\/\/px.ads.linkedin.com https:\/\/content-api.slowdownwiseup.co.uk https:\/\/cdn.slowdownwiseup.co.uk https:\/\/cookie-cdn.cookiepro.com https:\/\/geolocation.onetrust.com https:\/\/privacyportal.cookiepro.com https:\/\/cdn.tagdeliver.com https:\/\/log.tagdeliver.com https:\/\/uc.tagdeliver.com https:\/\/mab.chartbeat.com https:\/\/comcluster.cxense.com https:\/\/tr.blismedia.com https:\/\/berrythompson.innocraft.cloud https:\/\/api-eu.piano.io https:\/\/api-eu.piano.io https:\/\/c2-eu.piano.io https:\/\/ping.chartbeat.net https:\/\/ingress.pressreader.com https:\/\/vitals.vercel-insights.com; frame-src 'self' https:\/\/api-eu.piano.io https:\/\/api-eu.piano.io https:\/\/www.facebook.com https:\/\/the-observer-live.firebaseapp.com https:\/\/ep1.adtrafficquality.google https:\/\/ep2.adtrafficquality.google https:\/\/cm.g.doubleclick.net https:\/\/www.google.com https:\/\/cdn.cxense.com https:\/\/*.safeframe.googlesyndication.com https:\/\/flo.uri.sh; img-src 'self' data: https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.google.co.uk https:\/\/www.google.fr https:\/\/www.google.ie https:\/\/www.google.com.au https:\/\/www.facebook.com https:\/\/www.facebook.net https:\/\/staticxx.facebook.com https:\/\/ping.chartbeat.net https:\/\/cdn.slowdownwiseup.co.uk https:\/\/pagead2.googlesyndication.com https:\/\/tpc.googlesyndication.com https:\/\/ep1.adtrafficquality.google https:\/\/cookie-cdn.cookiepro.com https:\/\/px.ads.linkedin.com https:\/\/comcluster.cxense.com; media-src 'self' https:\/\/the-observer-bucket.eu-central-1.linodeobjects.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; report-uri \/api\/csp-report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-0t0DmQJM7qgW-O9w4mMx5w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' addevent.com cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/challenges.cloudflare.com https:\/\/polyfill-fastly.io static.addtoany.com; style-src 'self' addtocalendar.com cdn.jsdelivr.net fonts.googleapis.com https:\/\/cdnjs.cloudflare.com","count":1},{"content-security-policy-report-only":" default-src https:\/\/www.honeybadger.io; connect-src 'self' data: https:\/\/*.savvycal.com\/ https:\/\/*.frontapp.com\/ https:\/\/*.fontawesome.com\/ https:\/\/*.typekit.net\/ https:\/\/*.honeybadger.io https:\/\/*.convertkit.com\/ https:\/\/*.convertexperiments.com\/ https:\/\/*.profitwell.com https:\/\/*.usefathom.com\/ https:\/\/*.wistia.com\/ https:\/\/fg8vvsvnieiv3ej16jby.litix.io https:\/\/pipedream.wistia.com\/mput https:\/\/embedwistia-a.akamaihd.net\/ https:\/\/cdnjs.cloudflare.com; font-src 'self' data: https:\/\/use.typekit.net https:\/\/cdnjs.cloudflare.com https:\/\/*.fontawesome.com; frame-src https:\/\/savvycal.com\/ https:\/\/player.vimeo.com https:\/\/platform.twitter.com https:\/\/syndication.twitter.com https:\/\/fast.wistia.com; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.gstatic.com\/ https:\/\/*.savvycal.com\/ https:\/\/*.frontapp.com\/ https:\/\/*.fontawesome.com\/ https:\/\/*.typekit.net\/ https:\/\/*.profitwell.com https:\/\/*.usefathom.com\/ https:\/\/*.honeybadger.io\/ https:\/\/*.convertkit.com\/ https:\/\/*.convertexperiments.com\/ https:\/\/gist.github.com https:\/\/*.wistia.com https:\/\/cdn.syndication.twimg.com https:\/\/platform.twitter.com https:\/\/fast.wistia.com\/ https:\/\/identity.netlify.com\/v1\/netlify-identity-widget.js https:\/\/cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' blob: https:\/\/*.gstatic.com\/ https:\/\/*.fontawesome.com https:\/\/*.typekit.net https:\/\/github.githubassets.com\/ https:\/\/platform.twitter.com https:\/\/ton.twimg.com https:\/\/cdnjs.cloudflare.com; media-src 'self' data: https:\/\/embedwistia-a.akamaihd.net https:\/\/*.wistia.com; manifest-src https:\/\/www.honeybadger.io ; report-uri https:\/\/api.honeybadger.io\/v1\/browser\/csp?api_key=c2f13350&report_only=true&env=production","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.vibe.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" object-src 'self' *.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fundraiseup.com *.googletagmanager.com *.sumo.com *.sumome.com *.google-analytics.com *.newrelic.com *.addtoany.com *.nr-data.net blob: data: https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.fundraiseup.com *.googletagmanager.com *.sumo.com *.sumome.com *.google-analytics.com *.newrelic.com *.addtoany.com *.nr-data.net *.facebook.com s3.amazonaws.com cdn-images.mailchimp.com connect.facebook.net snap.licdn.com *.google.com *.gstatic.com blob: data: cdn-cookieyes.com js.stripe.com *.hotjar.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn-images.mailchimp.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src-attr 'self' 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'none'; connect-src 'self' https:\/\/c.amazon-adsystem.com https:\/\/s.amazon-adsystem.com https:\/\/ara.paa-reporting-advertising.amazon https:\/\/script.crazyegg.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-http-intake.logs.datadoghq.com https:\/\/*.consumertrack.com https:\/\/*.gobankingrates.com https:\/\/ad.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/*.analytics.google.com https:\/\/analytics.google.com https:\/\/www.google.com https:\/\/google.com https:\/\/*.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/*.googletagmanager.com  https:\/\/*.moneylion.com https:\/\/*.moneylion.io https:\/\/*.litix.io https:\/\/*.mux.com https:\/\/siteintercept.qualtrics.com https:\/\/pixel-config.reddit.com https:\/\/app.securiti.ai https:\/\/cdn-prod.securiti.ai https:\/\/api.segment.com https:\/\/cdn.segment.com https:\/\/api.segment.io https:\/\/cds.taboola.com https:\/\/pips.taboola.com https:\/\/psb.taboola.com https:\/\/trc-events.taboola.com https:\/\/insight.adsrvr.org https:\/\/js.adsrvr.org https:\/\/analytics-ipv6.tiktokw.us https:\/\/analytics.tiktok.com; font-src 'self' data: https:\/\/fonts.gstatic.com  https:\/\/*.moneylion.com; frame-ancestors 'none'; frame-src 'self' https:\/\/s.amazon-adsystem.com https:\/\/challenges.cloudflare.com https:\/\/*.consumertrack.com https:\/\/*.gobankingrates.com https:\/\/www.googletagmanager.com  https:\/\/*.moneylion.com https:\/\/insight.adsrvr.org https:\/\/match.adsrvr.org https:\/\/www.youtube.com; img-src 'self' blob: data: https:\/\/s3.amazonaws.com https:\/\/images.ctfassets.net https:\/\/*.consumertrack.com https:\/\/*.gobankingrates.com https:\/\/ad.doubleclick.net https:\/\/cm.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/adservice.google.com https:\/\/www.google.com https:\/\/google.com https:\/\/*.google-analytics.com https:\/\/ade.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/ssl.gstatic.com https:\/\/www.gstatic.com  https:\/\/*.moneylion.com https:\/\/*.litix.io https:\/\/image.mux.com https:\/\/alb.reddit.com https:\/\/trc.taboola.com https:\/\/analytics.tiktok.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/i.ytimg.com; media-src 'self' blob: https:\/\/videos.ctfassets.net https:\/\/moneylion.nyc3.cdn.digitaloceanspaces.com https:\/\/*.consumertrack.com https:\/\/*.gobankingrates.com  https:\/\/*.moneylion.com https:\/\/*.mux.com; object-src 'none'; report-to csp-endpoint; script-src 'self' 'nonce-\/6rFc3QpCoDHVVz3AKD44A==' 'strict-dynamic' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https:\/\/*.consumertrack.com https:\/\/*.gobankingrates.com https:\/\/fonts.googleapis.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com  https:\/\/*.moneylion.com https:\/\/cdn-prod.securiti.ai","count":1},{"content-security-policy-report-only":" script-src 'nonce-+RF05XeK8ty5vVty379zpw==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=d2919e26-4dfd-421e-b887-e5e50602c1ea; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" default-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com; script-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com 'unsafe-inline'; report-uri \/1\/batch\/2\/OE\/mid=ATVPDKIKX0DER:sid=138-8031532-3944947:rid=RFH78WHKP9MWRY03TE2T:sn=kdp.amazon.com","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/stage.lovdata.no https:\/\/smia.lovdata.no\/","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' *.drmartens.com *.adyen.com *.google.com *.onetrust.com *.monetate.net js-agent.newrelic.com *.cloudflare.com static.cloudflareinsights.com *.paypal.com *.klaviyo.com js.afterpay.com cdn.attraqt.io *.forter.com dlthst9q2beh8.cloudfront.net d2nww8zpyj5pk0.cloudfront.net d2w2nqfk3z9hdt.cloudfront.net *.global-e.com www.googletagmanager.com www.google-analytics.com x.klarnacdn.net js.klarna.com assets.ntcacdn.net cdn-widgetsrepository.yotpo.com staticw2.yotpo.com www.recaptcha.net maps.googleapis.com www.googleadservices.com googleads.g.doubleclick.net pagead2.googlesyndication.com ad.doubleclick.net www.gstatic.com connect.facebook.net connect.facebook.net static.srcspot.com analytics.tiktok.com cdn.userway.org bat.bing.com *.attn.tv c.amazon-adsystem.com photorankstatics-a.akamaihd.net widgets.olapic-cdn.com s.pinimg.com ct.pinterest.com *.contentsquare.net tr.snapchat.com sc-static.net *.upsellit.com tag.rmp.rakuten.com www.redditstatic.com api.myunidays.com cdn.unidays.world rum-static.pingdom.net *.storystream.ai ucarecdn.com; worker-src 'self'; report-uri \/cdn-cgi\/script_monitor\/report?m=etPBkPbgIbZWV9V7MtUlEWNqhmbH6gRl.H9gii.qLUU-1778721481.2650628-1.0.1.1-wREYcYsxEt7OyFoSM.qF.uc0_ycQBpyAisvWgTbvp5T2U_vqjyy22cM1cHAW9XuC5Mt_up6YNv1HA6hteU0U.cq5IvWQonMdPlVWvmHrFCAGFFrQjX6PmZAB_sNUUQqu3vHegte61dWeP0ui30sNqcKi6SNvc1t6GLzdOFi.K7V94o8h.nDCJQxkslUZ0xk8.tPPRwea8fHSNFqR3usWRA; report-to cf-gxqcenumiulydrcr","count":1},{"content-security-policy-report-only":" default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' wss: chrome-extension: moz-extension:; report-uri \/__csp-report","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-xlDXXDLCKVA7_M-RW-jq5Q' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:; script-src-elem 'self' https: 'unsafe-inline' blob:; style-src 'self' https: 'unsafe-inline' data: blob:; style-src-elem 'self' https: 'unsafe-inline' data: blob:; img-src 'self' https: data: blob:; font-src 'self' https: data: blob: chrome-extension: moz-extension: ms-browser-extension: safari-extension:; connect-src 'self' https: data: wss: blob: https:\/\/analytics.formassembly.com; frame-ancestors 'self'; form-action 'self' https:; worker-src 'self' blob:; report-uri \/api_v2\/csp\/report","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/www.madavi.de; font-src 'self' data: https:\/\/www.madavi.de; img-src 'self' insecure.madavi.de https:\/\/www.madavi.de; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.ampproject.org https:\/\/www.madavi.de; style-src 'self' 'unsafe-inline' https:\/\/www.madavi.de; report-uri https:\/\/www.madavi.de\/wp-json\/wpcsp\/v1\/route\/LogPolicyViolation?_wpnonce=e1d1c19396","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/*.flybreeze.com https:\/\/googleads.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/growthbook-production.flybreeze.com https:\/\/dx.mountain.com https:\/\/gs.mountain.com https:\/\/px.mountain.com https:\/\/www.googletagmanager.com https:\/\/cdn.gladly.com https:\/\/pixel.mathtag.com https:\/\/js.adsrvr.org https:\/\/cdn.uplift-platform.com https:\/\/tag.uplift.com https:\/\/cdn.uplift.com https:\/\/analytics.tiktok.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/bat.bing.com https:\/\/pixel.byspotify.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/cdnjs.cloudflare.com https:\/\/www.gstatic.com https:\/\/ads.nextdoor.com https:\/\/www.redditstatic.com https:\/\/app.termly.io https:\/\/script.gethovr.com https:\/\/www.securitytrfx.com https:\/\/socialladder.rkiapps.com; style-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/www.gstatic.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/cdnjs.cloudflare.com; connect-src 'self' https:\/\/*.flybreeze.com https:\/\/*.nr-data.net https:\/\/www.googletagmanager.com https:\/\/www.redditstatic.com https:\/\/cdn.gladly.com https:\/\/flybreeze.gladly.com https:\/\/socialladder.rkiapps.com https:\/\/*.amazonaws.com; img-src 'self' https:\/\/*.flybreeze.com https:\/\/googleads.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/www.gstatic.com https:\/\/cdn.gladly.com https:\/\/flybreeze.gladly.com https:\/\/www.redditstatic.com https:\/\/s.pinimg.com https:\/\/pixel.mathtag.com https:\/\/analytics.tiktok.com https:\/\/bat.bing.com https:\/\/pixel.byspotify.com https:\/\/ct.pinterest.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/www.securitytrfx.com; object-src 'none'; media-src 'self'; frame-src 'self' https:\/\/*.flybreeze.com https:\/\/www.googletagmanager.com https:\/\/www.redditstatic.com https:\/\/www.securitytrfx.com; frame-ancestors 'self' https:\/\/go.flybreeze.dev https:\/\/crewapp-staging.flybreeze.team https:\/\/clerk.docs.flybreeze.dev https:\/\/docs.flybreeze.dev https:\/\/flight-info.flybreeze.team; manifest-src 'self'; report-uri https:\/\/csp-flybreeze.domdog.io\/report-uri\/flybreeze.com\/1\/1-4; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'nonce-eb46d569cbab46732afe729842d628ea' *.fontawesome.com *.klaviyo.com connect.facebook.com analytics.tiktok.com www.youtube.com","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-b2tR5Rh4P6eAVtZ6mHm3pw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.sportico.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors *.unionesarda.it s.clickiocdn.com *.ampproject.org *.google.com; report-uri \/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-cXp8oNe4fnI8xsRU95MOjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'nonce-cc67e6f2bb1e486e3bfcf05d096be720' 'self'; object-src 'self'; frame-ancestors 'none'; base-uri 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data https:\/\/images.ctfassets.net; script-src 'self' 'self' 'unsafe-inline' https:\/\/browser.sentry-cdn.com\/ https:\/\/europcar.adding-sst.dev\/ https:\/\/sdk.privacy-center.org\/ https:\/\/*.europcar.com https:\/\/*.goldcar.com; connect-src 'self' sentry.io *.sentry.io https:\/\/*.europcar.com https:\/\/*.goldcar.com; report-uri https:\/\/f7b20c2f87f95d7d60d819766c53e983@o274321.ingest.us.sentry.io\/1887943; report-to https:\/\/f7b20c2f87f95d7d60d819766c53e983@o274321.ingest.us.sentry.io\/1887943","count":1},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: 'self' data:; font-src https: 'self' data:;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-DcQfOVfS-FL0KwWjXv1tTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-OBERHivNxye0Q94E2x5tYA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src *.kuajingmaihuo.com *.cdnfe.com wss:\/\/seller.kuajingmaihuo.com *.jumio.ai blob: data: 'unsafe-eval' 'unsafe-inline'; report-uri \/api\/sec-csp\/110000010\/report","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=7OCk159MMAl2BmDnxdVVk2sZyDSo30wISUArjmzPzlk-1778722722.0581098-1.0.1.1-E3SSrT1YoG3.I5TVLhI.RHg6jU7zwaehh55_pv.HhhDA97ynIwYwmxTGcnYac8YhFshM4ZiIDsW9PtuslJCSrdTXdQAHvDEcS4tH9EaRoRexgLWD3Z1cmJLOt15Umvnyar.uQkmpUvDS1UPIGnGlOthvmrHV4dWzHd4WSxlnhf33RHEm5SBFHm2elnNbPnwt; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self';  base-uri 'self';  object-src 'none';  form-action 'self';  frame-ancestors 'self' https:\/\/app.contentstack.com https:\/\/*.contentstack.com;  script-src 'report-sample' 'self'    https:\/\/api.datasteam.io    https:\/\/bas.my.site.com    https:\/\/bat.bing.com    https:\/\/bigassfans.jotform.com    https:\/\/cdn-scripts.signifyd.com    https:\/\/cdn-widgetsrepository.yotpo.com    https:\/\/cdn.optimizely.com    https:\/\/cdn1.affirm.com    https:\/\/fast.wistia.com    https:\/\/googleads.g.doubleclick.net    https:\/\/h64.online-metrix.net    https:\/\/imgs.signifyd.com    https:\/\/js.adsrvr.org    https:\/\/maps.googleapis.com    https:\/\/schedule.zoominfo.com    https:\/\/static.klaviyo.com    https:\/\/static.zip.co    https:\/\/tags.clickagy.com    https:\/\/ws-assets.zoominfo.com    https:\/\/www.google.com    https:\/\/www.googletagmanager.com    https:\/\/www.gstatic.com;  style-src 'report-sample' 'self'    https:\/\/bas.my.site.com    https:\/\/fonts.googleapis.com    https:\/\/p.typekit.net    https:\/\/static.klaviyo.com    https:\/\/use.typekit.net;  img-src 'self' data:    https:\/\/aorta.clickagy.com    https:\/\/arttrk.com    https:\/\/baf-components.vercel.app    https:\/\/bat.bing.com    https:\/\/c.az.contentsquare.net    https:\/\/cdn-assets.affirm.com    https:\/\/fast.wistia.com    https:\/\/googleads.g.doubleclick.net    https:\/\/imgs.signifyd.com    https:\/\/insight.adsrvr.org    https:\/\/maps.gstatic.com    https:\/\/p.yotpoapi.com    https:\/\/w2txo5aay72edbfvk5vttw2iroublbcesxwkwjodcca70f743d31d725sac.d.aa.online-metrix.net    https:\/\/www.facebook.com    https:\/\/www.google.com    https:\/\/www.googletagmanager.com    https:\/\/www.gstatic.com;  connect-src 'self'    https:\/\/a.klaviyo.com    https:\/\/ad.doubleclick.net    https:\/\/analytics.google.com    https:\/\/aorta.clickagy.com    https:\/\/api-cdn.yotpo.com    https:\/\/bam.nr-data.net    https:\/\/bas.my.salesforce-scrt.com    https:\/\/bat.bing.com    https:\/\/c.az.contentsquare.net    https:\/\/cdn-assets.affirm.com    https:\/\/distillery.wistia.com    https:\/\/dp.signifyd.com    https:\/\/embed-cloudfront.wistia.com    https:\/\/fast.a.klaviyo.com    https:\/\/fast.wistia.com    https:\/\/featureassets.org    https:\/\/imgs.signifyd.com    https:\/\/insight.adsrvr.org    https:\/\/logx.optimizely.com    https:\/\/pay.google.com    https:\/\/pipedream.wistia.com    https:\/\/pixels.spotify.com    https:\/\/prodregistryv2.org    https:\/\/static-forms.klaviyo.com    https:\/\/statsigapi.net    https:\/\/ws.zoominfo.com    https:\/\/www.affirm.com    https:\/\/www.google.com    https:\/\/www.googleadservices.com    https:\/\/www.googletagmanager.com    https:\/\/www.paypal.com;  frame-src 'self'    https:\/\/a27947990225.cdn.optimizely.com    https:\/\/bas.my.site.com    https:\/\/h.online-metrix.net    https:\/\/imgs.signifyd.com    https:\/\/insight.adsrvr.org    https:\/\/match.adsrvr.org    https:\/\/www.affirm.com    https:\/\/www.facebook.com    https:\/\/www.google.com    https:\/\/www.googletagmanager.com    https:\/\/www.paypal.com    https:\/\/*.fls.doubleclick.net    https:\/\/*.doubleclick.net;  font-src 'self' data: https:\/\/use.typekit.net;  media-src 'self';  manifest-src 'self';  worker-src 'self';  report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' *.ctfassets.net *.trackjs.com *.demdex.net; font-src 'self' *.gstatic.com; img-src 'self' *.ctfassets.net *.trackjs.com costalimited.d3.sc.omtrdc.net *.gstatic.com data: *.onetrust.com cm.everesttech.net *.googleapis.com; connect-src 'self' *.go-mpulse.net cdn-ukwest.onetrust.com trial-eum-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net *.akstat.io *.demdex.net costalimited.d3.sc.omtrdc.net *.onetrust.io *.trackjs.com maps.googleapis.com; script-src 'self'; script-src-elem 'self' 'unsafe-inline' assets.adobedtm.com *.go-mpulse.net cdn-ukwest.onetrust.com maps.googleapis.com fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline'; style-src 'self'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com; script-src-attr 'self' 'unsafe-inline'; frame-ancestors 'self'; report-to https:\/\/costa.report-uri.com\/r\/t\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self' *.fabfitfun.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fabfitfun.com *.recurly.com *.amazonaws.com *.ada.support www.dwin1.com *.google-analytics.com *.doubleclick.net www.googleadservices.com www.googletagmanager.com *.hcaptcha.com hcaptcha.com *.exitintel.com *.facebook.net *.facebook.com *.tiktok.com *.cookielaw.org *.segment.com *.tvsquared.com *.onetrust.com *.adsrvr.org sc-static.net *.zdassets.com *.crrnt.app *.pixlee.com *.roeyecdn.com *.amplitude.com *.bing.com *.googleapis.com *.exitintel.com *.jsdelivr.net *.datadoghq-browser-agent.com *.gladly.com *.braintreegateway.com *.paypal.com *.cloudflare.com *.hotjar.com *.clarity.ms accessibilityserver.org *.userway.org *.tryamped.com *.pinimg.com *.ads-twitter.com *.amped.io *.visualwebsiteoptimizer.com *.amazon-adsystem.com blob:; style-src * 'unsafe-inline' data: blob:; connect-src *; frame-src *; img-src * 'unsafe-inline' data: blob:; font-src * 'unsafe-inline' data: blob:; media-src * blob:; object-src 'none';","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.googletagmanager.com https:\/\/polyfill.io https:\/\/www.youtube.com https:\/\/iframe.dacast.com https:\/\/vimeo.com https:\/\/player.vimeo.com https:\/\/cdn.usefathom.com\/script.js https:\/\/cc.cdn.civiccomputing.com\/9\/cookieControl-9.x.min.js https:\/\/analytics.ahrefs.com\/analytics.js https:\/\/wttc.activehosted.com 'nonce-3Jv3ivNUIF+FDM0niiXcRgc7CXN98rgNRKh\/HrCIdpE='; img-src 'self' https:; connect-src 'self' https:; frame-src 'self' https:\/\/www.google.com https:\/\/www.youtube.com https:\/\/iframe.dacast.com https:\/\/vimeo.com https:\/\/player.vimeo.com https:\/\/gtm-knbshpt-zmy5y.uc.r.appspot.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com\/css2 https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/fonts.bunny.net; font-src 'self' https: data:","count":1},{"content-security-policy-report-only":" default-src 'none'; form-action 'none'; frame-ancestors 'none'; report-uri https:\/\/fastspring.report-uri.com\/r\/d\/csp\/wizard","count":1},{"content-security-policy-report-only":" worker-src https: 'unsafe-inline'; report-uri https:\/\/api.mp.pl\/csp-violation\/","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.pl *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.pl *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.pl *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B%3F710a%3Ac%3F05(rbpv50.w%602%60f-19e244cf0b1-0x1707#pd","count":1},{"content-security-policy-report-only":" default-src 'self' cedars.okta.com myportal.cshs.org *.oktacdn.com; connect-src 'self' cedars.okta.com cedars-admin.okta.com myportal.cshs.org *.oktacdn.com *.mixpanel.com *.mapbox.com cedars.kerberos.okta.com cedars.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' cedars.okta.com myportal.cshs.org *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' cedars.okta.com myportal.cshs.org *.oktacdn.com; frame-src 'self' cedars.okta.com cedars-admin.okta.com myportal.cshs.org login.okta.com *.vidyard.com com-okta-authenticator: api-98a8a037.duosecurity.com; img-src 'self' cedars.okta.com myportal.cshs.org *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' cedars.okta.com myportal.cshs.org data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https:\/\/*.csmc.edu https:\/\/csmc.iv.navvis.com https:\/\/*.cloud.infor.com https:\/\/fpdc-test.csmc.edu https:\/\/*.rhythm360.io","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.craft.cloud https:\/\/tlt-cdn.prd.teamleader.eu https:\/\/cdn.segment.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/js.hsforms.net https:\/\/js.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js.hscta.net https:\/\/js.usemessages.com https:\/\/fast.wistia.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.craft.cloud; font-src 'self' https:\/\/cdn.craft.cloud; img-src 'self' data: blob: https:\/\/cdn.craft.cloud https:\/\/fast.wistia.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/stats.g.doubleclick.net https:\/\/track.hubspot.com https:\/\/forms.hsforms.com; connect-src 'self' https:\/\/tlt-cdn.prd.teamleader.eu https:\/\/api.segment.io https:\/\/cdn.segment.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/js.hsforms.net https:\/\/api.hubspot.com https:\/\/forms.hubspot.com https:\/\/track.hubspot.com https:\/\/js.hs-analytics.net https:\/\/js.usemessages.com https:\/\/fast.wistia.com https:\/\/embedwistia-a.akamaihd.net; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/fast.wistia.com https:\/\/js.hsforms.net https:\/\/forms.hsforms.com https:\/\/meetings.hubspot.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com; worker-src 'self' blob:; media-src 'self' https:\/\/fast.wistia.com https:\/\/embedwistia-a.akamaihd.net blob:; manifest-src 'self'; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/forms.hubspot.com https:\/\/forms.hsforms.com; upgrade-insecure-requests ; report-uri https:\/\/teamleader.uriports.com\/reports\/report; report-to default;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-EQ4PBB3Jh4mUYIpwmrhnzA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com; script-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com 'unsafe-inline'; report-uri \/1\/batch\/2\/OE\/mid=AF2M0KC94RCEA:sid=132-6049039-9274309:rid=SPP1SE3N8FG2A8W9YGSW:sn=www.acx.com","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.jsdelivr.net https:\/\/*.cloudflare.com https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/*.mczbf.com https:\/\/*.kdukvh.com https:\/\/*.emjcd.com https:\/\/*.jdoqocy.com https:\/\/*.dotomi.com https:\/\/*.cj.com https:\/\/*.sjwoe.com https:\/\/*.clarity.ms https:\/\/onelinksmartscript.appsflyer.com https:\/\/*.apple-mapkit.com https:\/\/embed.reddit.com https:\/\/static.zdassets.com https:\/\/platform.twitter.com https:\/\/www.instagram.com https:\/\/widget.trustpilot.com https:\/\/unpkg.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/*.cloudflare.com https:\/\/*.googleoptimize.com https:\/\/*.googletagmanager.com https:\/\/www.gstatic.com https:\/\/fonts.googleapis.com; img-src 'self' data: https:\/\/cdn.jsdelivr.net https:\/\/*.cloudflare.com https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/storage.googleapis.com https:\/\/fonts.gstatic.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/purecatamphetamine.github.io http:\/\/purecatamphetamine.github.io https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/*.clarity.ms https:\/\/googleads.g.doubleclick.net https:\/\/*.googleusercontent.com https:\/\/storage.googleapis.com https:\/\/secure.gravatar.com https:\/\/*.apple-mapkit.com https:\/\/syndication.twitter.com https:\/\/s0.wp.com https:\/\/*.bing.com; font-src 'self' data: https:\/\/cdn.jsdelivr.net https:\/\/fonts.gstatic.com https:\/\/s0.wp.com https:\/\/applepay.cdn-apple.com; worker-src 'self'; frame-src 'self' https:\/\/www.youtube.com https:\/\/*.googletagmanager.com https:\/\/embed.reddit.com https:\/\/platform.twitter.com https:\/\/www.instagram.com https:\/\/widget.trustpilot.com; connect-src 'self' https:\/\/cdn.jsdelivr.net https:\/\/*.cloudflare.com https:\/\/lown4qvbisme2qafgzvjetqzzy0tbyyr.lambda-url.us-west-2.on.aws https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/www.google.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/*.mczbf.com https:\/\/*.kdukvh.com https:\/\/*.emjcd.com https:\/\/*.jdoqocy.com https:\/\/*.dotomi.com https:\/\/*.cj.com https:\/\/*.sjwoe.com https:\/\/www.facebook.com https:\/\/*.clarity.ms https:\/\/*.apple-mapkit.com https:\/\/*.mydnsip.com https:\/\/www.googleadservices.com https:\/\/engagements.appsflyer.com https:\/\/meta.veepn.com https:\/\/ekr.zdassets.com; media-src 'self'; frame-ancestors 'self'; object-src 'none'; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' www.youtube.com *.stripe.com *.addthis.com; script-src 'self' assets.sutori.com *.twitter.com *.twimg.com 'unsafe-inline' *.stripe.com apis.google.com 'unsafe-eval' maps.googleapis.com *.crisp.chat *.crisp.im www.youtube.com *.ytimg.com *.addthis.com *.addthisedge.com data: z.moatads.com *.pinterest.com *.iubenda.com cdn.thinglink.me http:\/\/ajax.googleapis.com\/ajax\/libs\/jquery\/1.11.3\/jquery.min.js https:\/\/www.thinglink.com *.instagram.com connect.facebook.net *.imgur.com *.flickr.com blob: cdn.headwayapp.co risk.clearbit.com teams.microsoft.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/lamejs\/1.2.0\/lame.min.js; script-src-elem assets.sutori.com *.twitter.com *.twimg.com 'unsafe-inline' *.googletagmanager.com *.stripe.com https:\/\/apis.google.com\/ accounts.google.com 'unsafe-eval' maps.googleapis.com *.crisp.chat *.crisp.im www.youtube.com *.ytimg.com *.addthis.com *.addthisedge.com data: z.moatads.com *.pinterest.com *.iubenda.com cdn.thinglink.me http:\/\/ajax.googleapis.com\/ajax\/libs\/jquery\/1.11.3\/jquery.min.js https:\/\/www.thinglink.com *.instagram.com connect.facebook.net *.imgur.com *.flickr.com blob: cdn.headwayapp.co risk.clearbit.com teams.microsoft.com play.vidyard.com challenges.cloudflare.com; worker-src blob: data:; font-src 'self' data: assets.sutori.com fonts.gstatic.com https:\/\/client.crisp.chat; connect-src 'self' https:\/\/www.googleapis.com wss:\/\/www.sutori.com assets.sutori.com s3.amazonaws.com\/assets.sutori.com *.google-analytics.com *.stripe.com accounts.google.com maps.googleapis.com api.amplitude.com wss:\/\/*.crisp.chat https:\/\/*.crisp.chat *.addthis.com https:\/\/syndication.twitter.com\/settings https:\/\/*.wikipedia.org geo.query.yahoo.com *.flickr.com risk.clearbit.com login.microsoftonline.com blob:; img-src 'self' data: * maps.googleapis.com https:\/\/maps.gstatic.com\/mapfiles\/api-3\/images\/ https:\/\/csi.gstatic.com\/ https:\/\/i.ytimg.com *.addthis.com *.pinterest.com *.iubenda.com; style-src 'self' assets.sutori.com platform.twitter.com 'unsafe-inline' accounts.google.com *.googleapis.com https:\/\/client.crisp.chat *.iubenda.com cdn.thinglink.me https:\/\/ton.twimg.com cdn.headwayapp.co; media-src 'self' assets.sutori.com https:\/\/client.crisp.chat blob:; child-src 'self' * https:\/\/www.sutori.com *.stripe.com https:\/\/www.google.com\/ https:\/\/www.youtube-nocookie.com\/embed\/ https:\/\/www.youtube.com\/embed\/ *.addthis.com *.pinterest.com blob:; manifest-src assets.sutori.com;","count":1},{"content-security-policy-report-only":" default-src 'self';img-src 'self' data: https:\/\/flickr.com https:\/\/*.flickr.com https:\/\/s.gravatar.com https:\/\/s.gravatar.com\/avatar https:\/\/secure.gravatar.com\/avatar https:\/\/i1.wp.com\/cdn.auth0.com\/avatars https:\/\/cdn.auth0.com\/avatars https:\/\/g.stripe.com\/ https:\/\/ssl.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/pbs.twimg.com\/profile_images\/ https:\/\/farm66.static.flickr.com https:\/\/www.google-analytics.com https:\/\/tpc.googlesyndication.com https:\/\/pbs.twimg.com https:\/\/securepubads.g.doubleclick.net https:\/\/*.amazon-adsystem.com https:\/\/fundingchoicesmessages.google.com https:\/\/*.3lift.com https:\/\/ams-pageview-public.s3.amazonaws.com https:\/\/www.google.com https:\/\/syndication.twitter.com https:\/\/image8.pubmatic.com https:\/\/googleads.g.doubleclick.net https:\/\/*.googleusercontent.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';frame-src https:\/\/js.stripe.com https:\/\/platform.twitter.com\/ https:\/\/syndication.twitter.com\/ https:\/\/tpc.googlesyndication.com\/ https:\/\/*.safeframe.googlesyndication.com\/ https:\/\/www.google.com\/ https:\/\/googleads.g.doubleclick.net\/;connect-src 'self' https: https:\/\/securepubads.g.doubleclick.net\/pagead\/ppub_config https:\/\/bam.nr-data.net\/events\/1\/cb925c8058;object-src none;script-src 'self' 'unsafe-inline' report-sample https:\/\/js.stripe.com\/v3\/ https:\/\/code.jquery.com\/jquery-1.12.4.min.js https:\/\/code.jquery.com\/jquery-3.4.1.slim.min.js https:\/\/code.jquery.com\/jquery-migrate-1.4.1.min.js https:\/\/cdn.jsdelivr.net\/npm\/popper.js@1.16.0\/dist\/umd\/popper.min.js https:\/\/stackpath.bootstrapcdn.com\/bootstrap\/4.4.1\/js\/bootstrap.min.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/validate.js\/0.13.1\/validate.min.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/underscore.js\/1.8.3\/underscore-min.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/list.js\/1.5.0\/list.min.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.googletagmanager.com\/ https:\/\/ssl.google-analytics.com\/ga.js https:\/\/js-agent.newrelic.com\/nr-spa-1184.min.js https:\/\/fundingchoicesmessages.google.com https:\/\/bam.nr-data.net https:\/\/securepubads.g.doubleclick.net https:\/\/www.googletagservices.com https:\/\/adservice.google.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/tether\/1.4.0\/js\/tether.min.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/popper.js\/1.12.9\/umd\/popper.min.js https:\/\/cdn.jsdelivr.net\/npm\/clipboard@2.0.8\/dist\/clipboard.min.js https:\/\/platform.twitter.com\/widgets.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/howler\/2.1.1\/howler.min.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/validator\/10.9.0\/validator.min.js https:\/\/*.safeframe.googlesyndication.com\/ https:\/\/*.googlesyndication.com\/ https:\/\/platform.twitter.com\/js\/ https:\/\/cdn.ampproject.org http:\/\/www.google-analytics.com https:\/\/adservice.google.be https:\/\/adservice.google.ca https:\/\/adservice.google.co.id https:\/\/adservice.google.co.mz https:\/\/adservice.google.co.th https:\/\/adservice.google.co.uk https:\/\/adservice.google.co.za https:\/\/adservice.google.com.au https:\/\/adservice.google.com.ec https:\/\/adservice.google.com.hk https:\/\/adservice.google.com.ng https:\/\/adservice.google.com.np https:\/\/adservice.google.com.ph https:\/\/adservice.google.com.sa https:\/\/adservice.google.de https:\/\/adservice.google.es https:\/\/adservice.google.fi https:\/\/adservice.google.fr https:\/\/adservice.google.ie https:\/\/adservice.google.it https:\/\/adservice.google.lk https:\/\/adservice.google.lt https:\/\/adservice.google.nl https:\/\/adservice.google.no https:\/\/adservice.google.rs https:\/\/googleads.g.doubleclick.net;script-src-attr none;style-src 'self' https: 'unsafe-inline' report-sample;report-uri https:\/\/5f9d927665d1a16209ba908c.endpoint.csper.io","count":1},{"content-security-policy-report-only":" default-src 'self' dev-5847984.okta.com sso.app.elationemr.com *.oktacdn.com; connect-src 'self' dev-5847984.okta.com dev-5847984-admin.okta.com sso.app.elationemr.com *.oktacdn.com *.mixpanel.com *.mapbox.com dev-5847984.kerberos.okta.com https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' dev-5847984.okta.com sso.app.elationemr.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' dev-5847984.okta.com sso.app.elationemr.com *.oktacdn.com; frame-src 'self' dev-5847984.okta.com dev-5847984-admin.okta.com sso.app.elationemr.com login.okta.com *.vidyard.com; img-src 'self' dev-5847984.okta.com sso.app.elationemr.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' dev-5847984.okta.com sso.app.elationemr.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https:\/\/elationemr.com","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com *.narvar.com *.narvar.qa *.sitevibes.com sitevibes.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net *.acquiadam.net *.acquiadamcdn.net data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.adyen.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.sitevibes.com sitevibes.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.google.com flexreceipts.go2cloud.org 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.adyen.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.affirm.com *.affirm.ca *.sitevibes.com sitevibes.com *.trustpilot.com *.yotpo.com *.acquiadam.net *.acquiadamcdn.net https:\/\/oc-cdn-ocprod.azureedge.net\/livechatwidget\/ https:\/\/community.511tactical.com\/ https:\/\/locator.511tactical.com\/ *.doubleclick.net *.liadm.com assets.bounceexchange.com flexreceipts.go2cloud.org https:\/\/tally.so\/ *.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.adyen.com *.tiktok.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.affirm.com *.affirm.ca https:\/\/s3.amazonaws.com\/idme\/ https:\/\/www.unifaunonline.se https:\/\/*.tile.openstreetmap.org\/ *.narvar.com *.narvar.qa *.sitevibes.com sitevibes.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.acquiadam.net *.acquiadamcdn.net *.dynamicyield.com *.riskified.com https:\/\/oc-cdn-ocprod.azureedge.net\/livechatwidget\/ *.511tactical.com *.usablenet.com *.cookielaw.org *.bing.com *.googlesyndication.com *.contextweb.com *.creativecdn.com *.bouncex.net *.pippio.com *.nextdoor.com *.linkedin.com *.twitter.com *.x.com t.co *.lightboxcdn.com *.cdnwidget.com *.attentivemobile.com *.cartfulsolutions.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.adyen.com https:\/\/rum.hlx.page *.tiktok.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com https:\/\/api.unifaun.com *.sitevibes.com sitevibes.com *.trustpilot.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net *.acquiadam.net *.acquiadamcdn.net *.dynamicyield.com *.riskified.com https:\/\/oc-cdn-ocprod.azureedge.net\/livechatwidget\/ *.googleapis.com https:\/\/unpkg.com *.cookielaw.org *.clarity.ms js-agent.newrelic.com bam.nr-data.net *.bing.com *.boomtrain.com *.bounceexchange.com *.rezync.com *.nextdoor.com *.pinterest.com s.pinimg.com *.liadm.com *.lightboxcdn.com *.usablenet.com *.wknd.ai *.cartfulsolutions.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com *.sitevibes.com sitevibes.com *.trustpilot.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net *.acquiadam.net *.acquiadamcdn.net https:\/\/oc-cdn-ocprod.azureedge.net\/livechatwidget\/ *.typekit.net *.googletagmanager.com https:\/\/tagmanager.google.com *.bounceexchange.com *.lightboxcdn.com *.cartfulsolutions.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.narvar.com *.narvar.qa *.acquiadam.net *.acquiadamcdn.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.adyen.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.tiktok.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com *.sitevibes.com sitevibes.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com *.acquiadam.net *.acquiadamcdn.net *.dynamicyield.com *.riskified.com *.trustpilot.com *.googleapis.com *.cookielaw.org *.clarity.ms bam.nr-data.net *.bing.org *.bing.com *.boomtrain.com *.creativecdn.com *.attentivemobile.com *.tiktokw.us *.linkedin.com *.pinterest.com *.spotify.com *.cartfulsolutions.com 'self' 'unsafe-inline'; child-src flexreceipts.go2cloud.org http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/a4f7e632-ca01-49b1-9c8a-cdf130c36284.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/o4507018827071488.ingest.us.sentry.io\/api\/4510343205421056\/security\/?sentry_key=1faef7d9a5760350ce11e10419c510e3&sentry_release=v0.1.9; report-to csp-endpoint-v2","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-U9tcaaDyejCzLIAvt2E1Sg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.imbox.io *.tradedoubler.com *.unbxdapi.com a.imgstatics.com analytics.tiktok.com cdn-sitegainer.com cdn-widgetsrepository.yotpo.com cdn.adt356.com cdn.adt357.net cdn.adt376.net cdn.adt393.com cdn.stape.io chat.kindlycdn.com connect.facebook.net connect.getflowbox.com consent.cookiebot.com consentcdn.cookiebot.com files.imbox.io gtm.ginatricot.com js.klarna.com kindly-imbox.web.app load.gtm.ginatricot.com maps.googleapis.com maps.gstatic.com modules.ecomid.com rum-static.pingdom.net scripts.clarity.ms staticw2.yotpo.com t.myvisitors.se www.clarity.ms www.googletagmanager.com; connect-src 'self' *.apm.westeurope.azure.elastic-cloud.com *.getflowbox.com *.googleapis.com *.imbox.io *.symplify.com *.tiktokw.us a.getflowbox.com analytics.google.com analytics.tiktok.com api.depict.ai api.ecomid.com apiv2.imbox.io business-api.tiktok.com c.clarity.ms cdn.adt356.com cdn.adt357.net cdn.adt376.net cdn.adt393.com cdn.stape.io chat.kindlycdn.com consent.cookiebot.com consentcdn.cookiebot.com d.clarity.ms eu.klarnaevt.com events.ecomid.com googleads.g.doubleclick.net graph.facebook.com gtm.ginatricot.com in.ginatricot.com js.klarna.com load.gtm.ginatricot.com log.adtraction.fail maps.googleapis.com on.ginatricot.com region1.analytics.google.com region1.google-analytics.com rum-collector-2.pingdom.net recommendations.unbxd.io search.unbxd.io staticw2.yotpo.com stats.g.doubleclick.net tracker.unbxdapi.com wss:\/\/ws.depict.ai www.clarity.ms www.facebook.com www.google.com www.google.se www.google-analytics.com www.googleadservices.com; img-src 'self' data: blob: *.googleapis.com *.doubleclick.net adservice.google.com cdn-widgetsrepository.yotpo.com cdn.flbx.io consentcdn.cookiebot.com ginatricot-cms.imgix.net ginatricot-craftcms-qa.imgix.net ginatricot-pim.imgix.net ginatricotpc.imgix.net maps.googleapis.com maps.gstatic.com staticw2.yotpo.com www.clarity.ms www.facebook.com www.google.com www.google.se; frame-src 'self' *.imbox.io *.tradedoubler.com a.imgstatics.com consentcdn.cookiebot.com gtm.ginatricot.com js.klarna.com modules.ecomid.com www.facebook.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps.gstatic.com modules.ecomid.com staticw2.yotpo.com x.klarnacdn.net; font-src 'self' data: chat.kindlycdn.com maps.gstatic.com fonts.gstatic.com staticw2.yotpo.com x.klarnacdn.net; media-src 'self' ginatricot-cms.imgix.net ginatricot-pim.imgix.net; worker-src 'self' blob:; manifest-src 'self'; form-action 'self' www.facebook.com;","count":1},{"content-security-policy-report-only":" default-src 'self' motul.com *.cdninstagram.com *.elfsightcdn.com; script-src 'self' 'unsafe-eval' *.axept.io *.elfsight.com https:\/\/*.googletagmanager.com *.hotjar.com *.facebook.net 'unsafe-inline' *.googleapis.com *.channelsight.com js.monitor.azure.com *.explorify.com *.elfsightcdn.com *.youtube.com; img-src 'self' staging-cms.motul.com axeptio.imgix.net www.google.com *.gstatic.com data: *.elfsight.com *.facebook.com *.elfsightcdn.com *.googleapis.com *.hotjar.com *.cdninstagram.com *.motul.com *.amazonaws.com *.channelsight.com cscoreproweustor.blob.core.windows.net motul.incony.de *.explorify.com https:\/\/i.ytimg.com\/ https:\/\/*.googleusercontent.com\/places https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com; child-src 'self' motul.com *.hotjar.com *.youtube.com https:\/\/*.googletagmanager.com *.youtube-nocookie.com;; style-src 'self' 'unsafe-inline' *.elfsight.com *.googleapis.com *.channelsight.com *.explorify.com; font-src 'self' *.gstatic.com *.hotjar.com *.channelsight.com *.explorify.com data:; report-uri \/api\/v2\/security-headers; connect-src 'self' *.axept.io axeptio.imgix.net *.spinque.com *.elfsight.com *.facebook.net https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com  https:\/\/*.googletagmanager.com https:\/\/*.google.com *.hotjar.com *.googleapis.com *.azurewebsites.net *.motul.com *.hotjar.io wss:\/\/ws4.hotjar.com *.channelsight.com https:\/\/cms.motul.com\/search\/api; frame-ancestors 'self' *.motul.com https:\/\/cms.motul.com","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/static.hotjar.com https:\/\/snap.licdn.com https:\/\/js.monitor.azure.com https:\/\/js.qualified.com https:\/\/cdn.hockeystack.com https:\/\/*.marketo.com https:\/\/*.bizible.com https:\/\/*.vwo.com https:\/\/*.drift.com https:\/\/*.demandbase.com https:\/\/*.conductor.com https:\/\/*.seismic.com; connect-src 'self' https:\/\/*.marketo.com https:\/\/*.bizible.com https:\/\/*.google-analytics.com https:\/\/*.hotjar.com https:\/\/*.qualified.com https:\/\/*.demandbase.com https:\/\/*.vwo.com https:\/\/*.hockeystack.com https:\/\/*.drift.com https:\/\/*.conductor.com https:\/\/*.seismic.com; img-src 'self' data: https:\/\/*.googleusercontent.com https:\/\/*.gravatar.com https:\/\/*.marketo.com https:\/\/*.bizible.com https:\/\/*.qualified.com https:\/\/*.hockeystack.com https:\/\/*.conductor.com https:\/\/*.seismic.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http:\/\/*.files.wordpress.com wss:\/\/www.goldderby.com; report-uri https:\/\/pmcuri.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline' blob:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src 'self' ws: https:\/\/suggestions.dadata.ru https:\/\/www.google.com; worker-src blob:; report-uri \/csp-report","count":1},{"content-security-policy-report-only":" report-uri https:\/\/endpoint2.collection.us2.sumologic.com\/receiver\/v1\/http\/ZaVnC4dhaV3VOE24ov0vchYgO3uoxKHdePxnKoFiICkeq1Vt2reRBEg4zYmpS2XL1UJS-0Ova9gUiV2PUH3EvuXcIOdrBPvAUgkIP-ZRbRMryNUY6YGqAQ== ; block-all-mixed-content ; default-src 'report-sample' 'self' https:\/\/*.videoask.com https:\/\/*.videoask.live ; script-src 'report-sample' 'self' 'unsafe-eval' https:\/\/*.videoask.com https:\/\/*.videoask.live 'unsafe-inline' https:\/\/js.stripe.com https:\/\/www.dropbox.com https:\/\/*.calendly.com https:\/\/*.oncehub.com https:\/\/cdn.amplitude.com https:\/\/cdn.cookielaw.org https:\/\/cdn.rollbar.com https:\/\/cdn.segment.com https:\/\/connect.facebook.net https:\/\/fast.wistia.com https:\/\/script.crazyegg.com https:\/\/snap.licdn.com https:\/\/snippet.growsumo.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/cdn.optimizely.com https:\/\/js.partnerstack.com https:\/\/edge.fullstory.com https:\/\/a.quora.com https:\/\/static.ads-twitter.com https:\/\/analytics.tiktok.com https:\/\/tags.srv.stackadapt.com ; base-uri 'report-sample' 'self' ; img-src 'report-sample' 'self' data: blob: android-webview-video-poster: https: ; media-src 'report-sample' 'self' blob: data: https: ; connect-src 'report-sample' 'self' blob: https:\/\/*.videoask.com https:\/\/*.videoask.live wss:\/\/*.videoask.live wss:\/\/*.videoask.com https:\/\/videoask-media-dev.s3-accelerate.amazonaws.com https:\/\/videoask-media-prod.s3-accelerate.amazonaws.com https:\/\/videoask-uploads-dev.s3-accelerate.amazonaws.com https:\/\/videoask-uploads-prod.s3-accelerate.amazonaws.com https:\/\/videoask-uploads-dev.s3.amazonaws.com https:\/\/videoask-uploads-prod.s3.amazonaws.com https:\/\/videoask.eu.auth0.com https:\/\/dev-videoask.eu.auth0.com https:\/\/*.launchdarkly.com https:\/\/*.pexels.com https:\/\/*.wistia.com https:\/\/embedwistia-a.akamaihd.net https:\/\/api.rollbar.com https:\/\/api.segment.io https:\/\/api.amplitude.com https:\/\/*.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/*.crazyegg.com https:\/\/p.adsymptotic.com https:\/\/www.facebook.com https:\/\/track.segmetrics.io https:\/\/*.google.com https:\/\/rs.fullstory.com https:\/\/cdn.segment.com https:\/\/edge.fullstory.com https:\/\/js.partnerstack.com https:\/\/grsm.io https:\/\/cdn.cookielaw.org https:\/\/*.onetrust.com https:\/\/*.contentful.com https:\/\/videoask.zendesk.com https:\/\/*.optimizely.com https:\/\/region1.google-analytics.com https:\/\/analytics.tiktok.com https:\/\/partnerlinks.io ; style-src 'report-sample' 'self' https:\/\/font.typeform.com 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/tagmanager.google.com https:\/\/cdn.cookielaw.org https:\/\/cdn.quilljs.com ; font-src 'report-sample' 'self' data: https:\/\/font.typeform.com https:\/\/fonts.gstatic.com ; frame-src 'report-sample' 'self' https:\/\/*.videoask.com https:\/\/*.videoask.live https:\/\/calendly.com https:\/\/app.acuityscheduling.com https:\/\/*.oncehub.com https:\/\/js.stripe.com https:\/\/videoask.eu.auth0.com https:\/\/dev-videoask.eu.auth0.com https:\/\/*.wistia.com https:\/\/www.facebook.com https:\/\/*.doubleclick.net https:\/\/6g4qf7txd07m.statuspage.io https:\/\/*.optimizely.com ; frame-ancestors * ; object-src 'none' ;","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.googleapis.com https:\/\/*.google.com https:\/\/google.com https:\/\/googleads.g.doubleclick.net https:\/\/*.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/*.hubspot.com https:\/\/app.hubspot.com https:\/\/api.hubspot.com https:\/\/*.hs-scripts.com https:\/\/js-na1.hs-scripts.com https:\/\/*.hs-banner.com https:\/\/js.hs-banner.com https:\/\/*.hscollectedforms.net https:\/\/forms.hscollectedforms.net https:\/\/*.hs-analytics.net https:\/\/*.hsadspixel.net https:\/\/*.website-files.com https:\/\/cdn.prod.website-files.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/assets.calendly.com https:\/\/*.linkedin.com https:\/\/get.geojs.io https:\/\/api.hubapi.com https:\/\/api.murf.ai https:\/\/login.murf.ai https:\/\/murf.ai https:\/\/d3e54v103j8qbb.cloudfront.net https:\/\/www.googletagmanager.com https:\/\/js.hscollectedforms.net https:\/\/js.hsadspixel.net https:\/\/js.hs-analytics.net https:\/\/js.usemessages.com https:\/\/snap.licdn.com https:\/\/tracking.g2crowd.com https:\/\/tracking-api.g2.com https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/api.factors.ai https:\/\/app.factors.ai https:\/\/*.clarity.ms https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/www.gstatic.com https:\/\/cdn.embedly.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/*.googleapis.com https:\/\/*.google.com https:\/\/google.com https:\/\/googleads.g.doubleclick.net https:\/\/*.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/*.hubspot.com https:\/\/app.hubspot.com https:\/\/*.hs-scripts.com https:\/\/js-na1.hs-scripts.com https:\/\/*.website-files.com https:\/\/cdn.prod.website-files.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/assets.calendly.com https:\/\/*.linkedin.com https:\/\/login.murf.ai https:\/\/d3e54v103j8qbb.cloudfront.net https:\/\/www.googletagmanager.com https:\/\/js.hscollectedforms.net https:\/\/js.hsadspixel.net https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.usemessages.com https:\/\/snap.licdn.com https:\/\/tracking.g2crowd.com https:\/\/www.googleadservices.com https:\/\/app.factors.ai https:\/\/*.clarity.ms https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/connect.facebook.net https:\/\/www.gstatic.com https:\/\/cdn.embedly.com; style-src 'self' 'unsafe-inline' https:\/\/*.googleapis.com https:\/\/*.google.com https:\/\/accounts.google.com https:\/\/*.website-files.com https:\/\/cdn.prod.website-files.com https:\/\/assets.calendly.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/www.gstatic.com https:\/\/cdn.embedly.com; font-src 'self' data: https:; img-src 'self' data: https: blob:; media-src 'self' data: blob: https:\/\/murf.ai; connect-src 'self' blob: data: https:\/\/*.googleapis.com https:\/\/*.google.com https:\/\/google.com https:\/\/stats.g.doubleclick.net https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/*.hubspot.com https:\/\/app.hubspot.com https:\/\/api.hubspot.com https:\/\/*.hs-scripts.com https:\/\/*.hs-banner.com https:\/\/js.hs-banner.com https:\/\/*.hscollectedforms.net https:\/\/forms.hscollectedforms.net https:\/\/*.linkedin.com https:\/\/get.geojs.io https:\/\/api.hubapi.com https:\/\/api.murf.ai https:\/\/login.murf.ai https:\/\/murf.ai https:\/\/cdn.prod.website-files.com https:\/\/tracking-api.g2.com https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/api.factors.ai https:\/\/*.clarity.ms https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/cdn.embedly.com https:\/\/webflow.com; frame-src 'self' https:\/\/*.google.com https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/*.doubleclick.net https:\/\/*.hubspot.com https:\/\/app.hubspot.com https:\/\/assets.calendly.com https:\/\/calendly.com https:\/\/login.murf.ai https:\/\/cdn.embedly.com; report-uri https:\/\/o4504603155759104.ingest.us.sentry.io\/api\/4509798552305664\/security\/?sentry_key=05d6eb750229178df61a908e1a0ed8fd; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-UHPAihOZ-Tr523xPlaGy1A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/*.clerk.accounts.dev https:\/\/clerk.multimango.com https:\/\/codimango.com https:\/\/*.codimango.com https:\/\/challenges.cloudflare.com https:\/\/vercel.live https:\/\/cdn.tailwindcss.com; style-src 'self' 'unsafe-inline'; img-src 'self' https:\/\/www.multimango.com https:\/\/cdn.multimango.com https:\/\/multidatastore.s3.us-west-2.amazonaws.com https:\/\/multidatastore-public.s3.us-west-2.amazonaws.com https:\/\/multidatastore.s3.amazonaws.com https:\/\/img.clerk.com https:\/\/*.clerk.accounts.dev https:\/\/*.fbcdn.net https:\/\/*.xx.fbcdn.net https:\/\/*.cdninstagram.com data: blob:; font-src 'self'; connect-src 'self' https:\/\/*.clerk.accounts.dev https:\/\/*.clerk.com https:\/\/clerk.multimango.com https:\/\/codimango.com https:\/\/*.codimango.com https:\/\/*.ingest.us.sentry.io https:\/\/vitals.vercel-insights.com wss:\/\/*.clerk.accounts.dev https:\/\/multidatastore.s3.us-west-2.amazonaws.com https:\/\/multidatastore-public.s3.us-west-2.amazonaws.com https:\/\/multidatastore-private.s3.us-west-2.amazonaws.com wss:\/\/generativelanguage.googleapis.com https:\/\/*.xx.fbcdn.net https:\/\/interngraph.intern.facebook.com blob:; media-src 'self' https:\/\/www.multimango.com https:\/\/cdn.multimango.com https:\/\/multidatastore.s3.us-west-2.amazonaws.com https:\/\/multidatastore-public.s3.us-west-2.amazonaws.com https:\/\/multidatastore-private.s3.us-west-2.amazonaws.com https:\/\/multidatastore.s3.amazonaws.com https:\/\/*.fbcdn.net https:\/\/*.xx.fbcdn.net data: blob:; frame-src 'self' https:\/\/vercel.live https:\/\/*.vercel.live https:\/\/challenges.cloudflare.com https:\/\/player.vimeo.com https:\/\/multidatastore.s3.us-west-2.amazonaws.com https:\/\/*.mangobox.net https:\/\/*.eks-prod.cf.aws.metafb.cloud; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https:\/\/navibot.dev https:\/\/*.navibot.dev https:\/\/codimango.com https:\/\/*.codimango.com; report-uri https:\/\/o4510087753367552.ingest.us.sentry.io\/api\/4510087754874880\/security\/?sentry_key=e5a485f5ca405a5cd10839703abda58a","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com *.googleadservices.com *.googleapis.com static.quiq-cdn.com *.fontawesome.com *.rezync.com *.nothingbundtcakes.com tags-prod.nothingbundtcakes.com *.toasttab.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.google.com *.braintreegateway.com *.paypal.com google.com www.googletagmanager.com *.rezync.com static.quiq-cdn.com *.quiq-api.com *.googleadservices.com *.doubleclick.net *.vimeo.com *.facebook.com *.nothingbundtcakes.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleadservices.com *.google.com *.google.com.ca *.google.com.co *.googleapis.com *.vimeo.com *.cdn-apple.com *.cookielaw.org *.usablenet.com *.usablenet.dev *.doubleclick.net *.contentsquare.net *.nothingbundtcakes.com *.pmg.com *.pinimg.com *.adroll.com *.facebook.net *.bing.com *.redditstatic.com *.amazonaws.com *.cognitivlabs.com *.reddit.com *.facebook.com *.adnxs.com *.magentosite.cloud *.monetate.net *.rfihub.com *.eyeota.net *.rezync.com *.attn.tv *.yimg.com *.boomtrain.com *.linkedin.com *.yahoo.com *.pubmatic.com *.openx.net *.media.net *.rtactivate.com *.casalemedia.com *.rlcdn.com *.addthis.com *.tremorhub.com *.bidswitch.net *.adsrvr.org *.prf.hn prf.hn *.taggrs.io taggrs.io *.ml314.com static.quiq-cdn.com *.quiq-api.com ml314.com *.tapad.com tapad.com tags-prod.nothingbundtcakes.com *.toasttab.com images.unsplash.com plus.unsplash.com *.cloudinary.com *.cloudfront.net *.imgix.net cdn.bfldr.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io assets.adobedtm.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.gstatic.com https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.attn.tv events.attentivemobile.com *.googleadservices.com *.googleapis.com *.cookielaw.org *.usablenet.com static.quiq-cdn.com *.quiq-api.com *.usablenet.dev *.contentsquare.net *.nothingbundtcakes.com *.pmg.com *.pinimg.com *.adroll.com *.facebook.net *.bing.com *.redditstatic.com *.tiktok.com *.bttrack.com *.adsrvr.org *.pinterest.com *.facebook.com *.magentosite.cloud *.monetate.net *.appboycdn.com *.rfihub.com *.everesttech.net *.eyeota.net *.rezync.com *.yimg.com *.boomtrain.com *.yahoo.com *.kargo.com *.licdn.com *.inpwrd.net bttrack.com *.adnxs.com *.rfihub.net cdn.bttrack.com tags-prod.nothingbundtcakes.com *.toasttab.com https:\/\/gateway.moneris.com https:\/\/gatewayt.moneris.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.googleadservices.com *.googleapis.com *.fontawesome.com static.quiq-cdn.com *.usablenet.com *.usablenet.dev *.rezync.com *.nothingbundtcakes.com tags-prod.nothingbundtcakes.com *.toasttab.com https:\/\/gateway.moneris.com https:\/\/gatewayt.moneris.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.magento.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.attn.tv events.attentivemobile.com *.googleadservices.com *.googleapis.com *.vimeo.com static.quiq-cdn.com *.cdn-apple.com *.cookielaw.org *.onetrust.com *.usablenet.com *.usablenet.dev *.contentsquare.net *.doubleclick.net *.nothingbundtcakes.com *.pmg.com *.pinimg.com *.adroll.com *.facebook.net *.bing.com *.redditstatic.com *.tiktok.com *.bttrack.com *.adsrvr.org *.amazonaws.com *.cognitivlabs.com *.reddit.com *.pinterest.com *.facebook.com *.adnxs.com *.gstatic.com *.rlcdn.com *.magentosite.cloud *.monetate.net *.everesttech.net *.eyeota.net *.rezync.com *.yimg.com *.boomtrain.com *.yahoo.com *.kargo.com *.linkedin.com *.quiq-api.com tags-prod.nothingbundtcakes.com *.toasttab.com images.unsplash.com plus.unsplash.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/*.jobcloud.ch https:\/\/*.jobs.ch https:\/\/*.jobup.ch; base-uri 'self'; connect-src * data: 'self'; default-src 'self' https:; font-src 'self' https: data:; form-action 'self'; frame-src 'self' https:; img-src * data: blob: 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' https: * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; require-trusted-types-for 'script'; worker-src 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.lge.co.kr https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com *.datadoghq-browser-agent.com *.googletagmanager.com *.doubleclick.net *.facebook.net *.criteo.com *.creativecdn.com *.naver.net *.pstatic.net *.daangn.com *.stclab.com *.google.com *.creativecdn.com *.google-analytics.com *.simpli.fi *.sauceflex.com *.facebook.com *.google.co.kr  *.widerplanet.com *.daumcdn.net *.useinsider.com *.attractt.com *.criteo.net; connect-src 'self' *.lge.co.kr https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com *.datadoghq-browser-agent.com *.googletagmanager.com *.doubleclick.net *.facebook.net *.criteo.com *.creativecdn.com *.naver.net *.pstatic.net *.daangn.com *.stclab.com *.google.com *.creativecdn.com *.google-analytics.com *.simpli.fi *.sauceflex.com *.facebook.com *.google.co.kr *.widerplanet.com *.daumcdn.net *.useinsider.com *.attractt.com *.criteo.net;","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/youtube-marketing\/about_youtube","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; base-uri 'none'; report-uri https:\/\/o38422.ingest.sentry.io\/api\/1381643\/security\/?sentry_key=035194ae1605493c99dd66c2a7b2ca98;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-GmX6yxYEHn74kaOJgpmE5A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/fonts.googleapis.com;        script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.stripe.com https:\/\/ connect.facebook.net\/ https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/api.sardine.ai https:\/\/static.zdassets.com\/ https:\/\/ekr.zdassets https:\/\/ekr.zendesk.com https:\/\/*.zopim.com wss:\/\/demonifty.zendesk.com wss:\/\/*.zopim.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/edge.fullstory.com\/s\/ https:\/\/static.ads-twitter.com\/uwt.js https:\/\/sc-static.net\/ https:\/\/googleads.g.doubleclick.net\/ https:\/\/tr.snapchat.com;        style-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https:\/\/fonts.googleapis.com *.live-video.net;        script-src-elem 'self' 'unsafe-inline' https:\/\/js.stripe.com https:\/\/api.dev.sardine.ai https:\/\/edge.fullstory.com https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/connect.facebook.net https:\/\/static.ads-twitter.com\/uwt.js https:\/\/sc-static.net\/scevent.min.js https:\/\/www.google.com\/recaptcha\/ https:\/\/static.zdassets.com\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/tr.snapchat.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/api.sardine.ai https:\/\/unpkg.com\/@google\/model-viewer\/dist\/model-viewer.min.js https:\/\/www.youtube.com https:\/\/www.googleoptimize.com https:\/\/www.clarity.ms *.live-video.net;        img-src https: blob: data:;        connect-src https:\/\/browser-intake-datadoghq.com https:\/\/www.niftygateway.com https:\/\/niftygateway.com https:\/\/analytics.google.com https:\/\/*.clarity.ms https:\/\/niftygateway.zendesk.com https:\/\/api.niftygateway.com https:\/\/odysseymarket.niftygateway.com https:\/\/api.sandbox.niftygateway.com https:\/\/stats.g.doubleclick.net https:\/\/www.facebook.com\/tr\/ https:\/\/www.google-analytics.com https:\/\/www.clarity.ms wss:\/\/widget-mediator.zopim.com https:\/\/nifty-qa100.service.aws-qa.sd.gem.link https:\/\/demonifty.zendesk.com https:\/\/ekr.zdassets.com https:\/\/encrypted-tbn0.gstatic.com\/images https:\/\/lh3.googleusercontent.com https:\/\/tr.snapchat.com https:\/\/eth-goerli.alchemyapi.io https:\/\/search-api-staging.s-niftygateway-001-use1.svc.gem.link https:\/\/search-api.niftygateway.com https:\/\/search-api-dev.d-niftygateway-001-use1.svc.gem.link https:\/\/ipfs.io https:\/\/rs.fullstory.com https:\/\/session-replay.browser-intake-datadoghq.com https:\/\/eth-mainnet.alchemyapi.io https:\/\/api.cloudinary.com\/v1_1\/nifty_gateway\/auto\/upload https:\/\/openseauserdata.com https:\/\/rum.browser-intake-datadoghq.com https:\/\/api.x.immutable.com https:\/\/i.seadn.io https:\/\/cdn.optimizely.com https:\/\/img.seadn.io https:\/\/storage.opensea.io https:\/\/api.opensea.io https:\/\/sdk.iad-03.braze.com *.live-video.net ;        font-src https:\/\/fonts.gstatic.com https:\/\/use.typekit.net\/ 'self';        object-src 'self';        media-src https:\/\/media.niftygateway.com https:\/\/static.zdassets.com https:\/\/openseauserdata.com https:\/\/storage.opensea.io https:\/\/res.cloudinary.com blob:;        frame-src https:\/\/js.stripe.com https:\/\/www.google.com https:\/\/api.sardine.ai https:\/\/api.dev.sardine.ai https:\/\/tr.snapchat.com\/ https:\/\/www.youtube.com https:\/\/webusprd01.ihsmtaxsolutions.com\/Nifty\/ https:\/\/td.doubleclick.net\/;        frame-ancestors 'self';        worker-src blob:;","count":1},{"content-security-policy-report-only":" default-src 'self' *.klarna.com *.klarnaservices.com *.paypal.com *.paypalobjects.com *.afterpay.com *.cash.app *.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.facebook.com *.facebook.net *.doubleclick.net *.amazon-adsystem.com *.bazaarvoice.com *.amplience.net cdn.cookielaw.org *.fullstory.com *.abtasty.com *.evergage.com *.sentry.io *.tiktok.com *.bing.com *.creativecdn.com *.mountain.com *.wisepops.com *.forter.com *.sitevibes.com *.thrive.today *.pbbl.co *.attn.tv *.ipredictive.com *.algolia.net *.algolianet.com *.onetrust.com *.pinterest.com *.adroll.com *.jsdelivr.net *.cloudfront.net *.typekit.net; script-src 'self' js.klarna.com x.klarnacdn.net *.paypal.com *.afterpay.com *.cash.app *.squarecdn.com *.google.com *.googletagmanager.com *.facebook.net 'unsafe-inline' cdn.cookielaw.org *.fullstory.com *.abtasty.com *.evergage.com *.googleapis.com storage.googleapis.com *.mountain.com loader.wisepops.com *.thrive.today *.pbbl.co *.attn.tv *.ipredictive.com *.jsdelivr.net *.cloudfront.net *.my.site.com www.gstatic.com apps.bazaarvoice.com *.forter.com *.clarity.ms *.adroll.com s.pinimg.com cdn.evgnet.com wisepops.net app.sitevibes.com analytics.tiktok.com bat.bing.com tags.creativecdn.com www.upsellit.com; connect-src 'self' *.afterpay.com *.cash.app api.lab.amplitude.com *.klarna.com *.paypal.com api.radar.io *.google-analytics.com *.googletagmanager.com *.fullstory.com cdn.cookielaw.org *.evergage.com *.sentry.io *.tiktok.com *.bing.com *.creativecdn.com *.mountain.com *.forter.com *.sitevibes.com *.google.com analytics.google.com *.abtasty.com api.cquotient.com *.thrive.today *.attn.tv *.ipredictive.com *.algolia.net *.algolianet.com *.onetrust.com *.my.salesforce-scrt.com *.my.site.com 1.1.1.1 shoecarnivalproduction.cdn.content.amplience.net maps.googleapis.com apps.bazaarvoice.com ixfd-api.bc0a.com *.bc0a.com *.clarity.ms *.adroll.com stats.g.doubleclick.net pagead2.googlesyndication.com events.attentivemobile.com api.addressy.com www.facebook.com ad.doubleclick.net googleads.g.doubleclick.net ct.pinterest.com www.googleadservices.com analytics-ipv6.tiktokw.us cdn0.forter.com cdn3.forter.com d1rk8r7fwbocot.cloudfront.net d3banl4fzuxsjl.cloudfront.net d2o5idwacg3gyw.cloudfront.net edge.fullstory.com rs.fullstory.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' *.my.site.com d13vs86ckfnvoz.cloudfront.net cdn.jsdelivr.net app.sitevibes.com fonts.googleapis.com *.typekit.net use.typekit.net *.cash.app; frame-src 'self' *.afterpay.com *.cash.app *.pbbl.co tcapi.io *.pinterest.com creatives.attn.tv services.sheerid.com *.my.site.com www.google.com www.paypal.com www.googletagmanager.com www.facebook.com ad.ipredictive.com; frame-ancestors 'self'; img-src * data: blob:; font-src * data:; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=1u3lu31HRSKa7amfmpP2K8mu0gCcLOMk88_7ow9iK4Y-1778729688-1.0.1.1-JU9xlrEXhmTVa3cmVKkyJtpExx5BM6.QYqYjnwASGZQ2a3I86z0P78C4DUN31I8x5gT3ioUbdX5W2LBdxN7lWnUtDos2elGC.fEW8nRPCIBv3teNSiA40Y5TzYYIrPBobMdk4B1LrcrUqVqLIjbIfaErshRVTmSyVQond.DokgA5LjbGwY6tAGPDkZJIAjlnBrcSNgOoVofXJmBLhMlj5w; report-to cf-hcnkzolmbbyhggeh","count":1},{"content-security-policy-report-only":" default-src 'self' 'nonce-G3dFQvcmjRHcwEnjq1lkNzOD1tf3yVWBGE3wTjlze3I='; connect-src 'self' 'nonce-G3dFQvcmjRHcwEnjq1lkNzOD1tf3yVWBGE3wTjlze3I=' *.hotjar.com *.hotjar.io c.amazon-adsystem.com *.wistia.net *.wistia.com js.monitor.azure.com snap.licdn.com www.googletagmanager.com www.google.com *.doubleclick.net analytics.google.com *.givchariot.com d.adroll.com dc.services.visualstudio.com insight.adsrvr.org *.linkedin.com s.amazon-adsystem.com doublethedonation.com js.monitor.azure.com; font-src 'self' 'nonce-G3dFQvcmjRHcwEnjq1lkNzOD1tf3yVWBGE3wTjlze3I=' data: cdn.givechariot.com fast.wistia.net doublethedonation.com; frame-src 'self' 'nonce-G3dFQvcmjRHcwEnjq1lkNzOD1tf3yVWBGE3wTjlze3I=' *.adsrvr.org *.adroll.com www.googletagmanager.com www.gstatic.com *.doubleclick.net *.wistia.net *.ceros.com wwp.mysalesforce-sites.com www.careerarc.com www.google.com www.youtube.com wwp.my.salesforce-sites.com; img-src 'self' 'nonce-G3dFQvcmjRHcwEnjq1lkNzOD1tf3yVWBGE3wTjlze3I=' data: *.adroll.com *.doubleclick.net *.lightboxcdn.com *.wistia.com *.wistia.net ad.ipredictive.com analytics.twitter.com bat.bing.com cdn.givechariot.com cdn.jsdelivr.net doublethedonation.com fast.wistia.net *.adsrvr.org media.sabio.us *.collect.igodigital.com p1.parsely.com px.adentifi.com *.linkedin.com t.co um.simpli.fi woundedwarriorprojectsite.secure.force.com wwp.my.salesforce-sites.com www.facebook.com *.google.com www.googleadservices.com www.googletagmanager.com x.bidswitch.net media.sabio.us aa.agkn.com ads.stickyadstv.com analytics.twitter.com attrk.com bat.bing.com bcp.crwdcntrl.net ce.lijit.com cs.admanmedia.com dsum-sec.casalemedia.com eb2.3lift.com fei.pro-market.net ib.adnxs.com idsync.rlcdn.com image2.pubmatic.com loadm.exelator.com ml314.com *.igodigital.com pippio.com pixel.locker2.com pixel.rubiconproject.com pixel.tapad.com ps.eyeota.net px.adentifi.com s.ad.smaato.net simplifi.partners.tremorhub.com sync.1rx.io sync.bfmio.com sync.intentiq.com sync.outbrain.com sync.taboola.com trkn.us ups.analytics.yahoo.com us-u.openx.net arttrk.com media.sabio.us um.simpli.fi; script-src 'self' 'nonce-G3dFQvcmjRHcwEnjq1lkNzOD1tf3yVWBGE3wTjlze3I=' *.hotjar.com bat.bing.com *.salesforceliveagent.com cdn.givechariot.com connect.facebook.net *.wistia.com *.wistia.net *.adroll.com tag.simpli.fi www.google.com www.googleadservices.com *.googletagmanager.com *.google-analytics.com *.lightboxcdn.com  www.youtube.com *.collect.igodigital.com aa.trkn.us browser.sentry-cdn.com cdn.c212.net cdn.parsely.com doublethedonation.com *.doubleclick.net js.adsrvr.org js.monitor.azure.com script.crazyegg.com snap.licdn.com tags.wdsvc.net *.ceros.com www.gstatic.com www.youtube.com; style-src 'self' 'nonce-G3dFQvcmjRHcwEnjq1lkNzOD1tf3yVWBGE3wTjlze3I=' cdn.givechariot.com *.wistia.com *.wistia.net js.adsrvr.org s.adroll.com www.googletagmanager.com www.lightboxcdn.com doublethedonation.com;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src * data: blob:;","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: js.datadome.co ct.captcha-delivery.com *.onetrust.com *.googletagmanager.com *.cookielaw.org *.qualtrics.com *.salesforce.com *.en25.com *.segment.com *.amplitude.com *.salesforceliveagent.com *.sandbox.my.site.com reuters.my.site.com dd.reutersconnect.com; script-src-elem 'self' 'unsafe-inline' blob: www.datadoghq-browser-agent.com *.thomsonreuters.com reuters.my.site.com *.sandbox.my.site.com *.cookielaw.org *.amplitude.com *.segment.com *.googletagmanager.com js.datadome.co js.zuora.com ssl.p.jwpcdn.com ct.captcha-delivery.com dd.reutersconnect.com; connect-src 'self' api-js.datadome.co *.onetrust.com *.cookielaw.org wss:\/\/*.rcp-api.reutersconnect.com *.reuters.com *.reutersconnect.com *.qualtrics.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.segment.io *.amplitude.com *.thomsonreuters.com *.segment.com browser-intake-datadoghq.com *.sandbox.my.salesforce-scrt.com reuters.my.salesforce-scrt.com cdn.jwplayer.com drmtd540xpi1f.cloudfront.net d3cgfqae8o6oiw.cloudfront.net d1qvkrpvk32u24.cloudfront.net d2tpo79pi2fb76.cloudfront.net d1uprxlryo4sfl.cloudfront.net d1s0weg9xjt2n5.cloudfront.net *.token.awswaf.com cdn.flagship.io events.flagship.io; frame-src 'self' geo.captcha-delivery.com *.onetrust.com *.salesforce.com *.sandbox.my.site.com reuters.my.site.com *.thomsonreuters.com d1hbvbum0y1xmw.cloudfront.net *.reuters.com player.vimeo.com; worker-src 'self' blob: https:\/\/*.reutersconnect.com; report-uri https:\/\/reuters.report-uri.com\/r\/t\/csp\/reportOnly; report-to report-uri","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' https:\/\/*.assets.post.at https:\/\/*.azureedge.net https:\/\/bpanel.streamdiver.com https:\/\/webcast.a1.net https:\/\/*.gstatic.com; report-to default;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/canny.io https:\/\/*.datagrail.io https:\/\/solve-widget.forethought.ai; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:\/\/www.googletagmanager.com https:\/\/fonts.gstatic.com https:\/\/*.recraft.ai https:\/\/static.recraft.ai; font-src 'self' https:\/\/fonts.gstatic.com data: https:\/\/static.recraft.ai; media-src 'self' blob: data: https:\/\/*.recraft.ai https:\/\/static.recraft.ai https:\/\/reexternal.blob.core.windows.net; connect-src 'self' https:\/\/*.recraft.ai wss:\/\/*.recraft.ai https:\/\/*.ingest.sentry.io https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.amplitude.com https:\/\/api.canny.io https:\/\/fonts.gstatic.com https:\/\/static.recraft.ai https:\/\/solve-widget.forethought.ai https:\/\/reexternal.blob.core.windows.net; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.youtube.com https:\/\/changelog-widget.canny.io https:\/\/solve-widget.forethought.ai; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; report-uri https:\/\/api.recraft.ai\/csp-report","count":1},{"content-security-policy-report-only":" base-uri 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'nonce-Wp5afqdGa5k0IMFrT0VxhQ=='","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.ch *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.ch *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.ch *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B170%600e3b15(rbpv747(%3F5wkm-19e24469625-0x1706#pd","count":1},{"content-security-policy-report-only":" default-src 'self' *.booztlet.com; script-src 'self' data: blob: bat.bing.com t.contentsquare.net geolocation.onetrust.com *.datadoghq.eu *.g.doubleclick.net cdn.taggstar.com cdn.cookielaw.org www.googletagmanager.com chat.kindlycdn.com *.sleeknote.com www.google.com *.hotjar.com www.snapengage.com 7276579.collect.igodigital.com *.trustpilot.com static.cloudflareinsights.com *.liveshopper.net sleeknotestaticcontent.sleeknote.com cdn.avo.app *.criteo.com track.adform.net *.klarnacdn.net *.criteo.net connect.facebook.net maps.googleapis.com *.hotjar.io cdn.noibu.com www.googleoptimize.com *.datadog.eu *.booztcdn.com *.kronor.io www.datadoghq-browser-agent.com *.google-analytics.com www.googleadservices.com s2.adform.net dev.visualwebsiteoptimizer.com svht.tradedoubler.com sdk.privacy-center.org analytics.tiktok.com sleeknotecustomerscripts.sleeknote.com 'unsafe-eval' 'unsafe-inline'; font-src 'self' *.booztcdn.com fonts.gstatic.com *.booztlet.com *.booztx.com chat.kindlycdn.com fonts.googleapis.com data: ; img-src optimize.google.com https: data: blob: 'unsafe-inline'; connect-src 'self' data: *.visualwebsiteoptimizer.com *.datadoghq.eu *.kronor.io wss:\/\/*.kronor.io *.google-analytics.com www.googleadservices.com www.googleoptimize.com api.mkmediaworks.com www.googletagmanager.com api.taggstar.com bat.bing.com *.contentsquare.net kronor.io api.liveshopper.net analytics.tiktok.com cdn.avo.app wss:\/\/kronor.io input.noibu.com *.hotjar.com www.google.com www.googleadservices.com stats.g.doubleclick.net www.facebook.com geolocation.onetrust.com *.datadog.eu cdn.cookielaw.org *.hotjar.io *.hotjar.com browser-intake-datadoghq.eu wss:\/\/input.noibu.com pagead2.googlesyndication.com *.booztlet.com *.sleeknote.com *.klarnacdn.net *.trustpilot.com *.g.doubleclick.net www.snapengage.com ws.hotjar.com chat.kindlycdn.com *.booztcdn.com www.datadoghq-browser-agent.com *.booztlet.com *.browser-intake-datadoghq.eu dev.visualwebsiteoptimizer.com; child-src 'self' www.googletagmanager.com *.freshchat.com fpt.booztlet.com *.google-analytics.com *.criteo.net www.booztlet.com www.facebook.com *.trustpilot.com blob: ; frame-src 'self' *.kronor.io *.criteo.com *.criteo.com *.sleeknote.com www.googletagmanager.com www.facebook.com *.trustpilot.com *.klarnacdn.net *.hotjar.com connect.facebook.net; style-src 'self' *.sleeknote.com *.booztlet.com cdn.taggstar.com *.booztcdn.com *.kronor.io chat.kindlycdn.com data: blob: 'unsafe-inline'; manifest-src 'self' *.booztlet.com; media-src 'self' data: *.booztcdn.com *.booztlet.com storage.googleapis.com; frame-ancestors 'self' ; report-uri \/csp-report\/; report-to csp-reports","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-tyPdVvb0rBmuZBjFiLbhxw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.google.com\/ https:\/\/cse.google.com\/ https:\/\/www.eventbrite.com\/ https:\/\/player.vimeo.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.gstatic.com https:\/\/fonts.googleapis.com\/ https:\/\/cdn.curator.io\/ https:\/\/www.juicer.io\/ https:\/\/www.google-analytics.com\/ https:\/\/js.hsforms.net\/ https:\/\/cdn.cookielaw.org\/ https:\/\/js.adsrvr.org\/ https:\/\/connect.facebook.net\/ https:\/\/analytics.tiktok.com\/ https:\/\/snap.licdn.com\/ cdnjs.cloudflare.com https:\/\/static.addtoany.com https:\/\/unpkg.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:\/\/www.google.com\/ https:\/\/cse.google.com\/ https:\/\/www.eventbrite.com\/ https:\/\/player.vimeo.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.gstatic.com https:\/\/fonts.googleapis.com\/ https:\/\/cdn.curator.io\/ https:\/\/www.juicer.io\/ https:\/\/www.google-analytics.com\/ https:\/\/js.hsforms.net\/ https:\/\/cdn.cookielaw.org\/ https:\/\/js.adsrvr.org\/ https:\/\/connect.facebook.net\/ https:\/\/analytics.tiktok.com\/ https:\/\/snap.licdn.com\/ cdnjs.cloudflare.com https:\/\/static.addtoany.com https:\/\/unpkg.com; style-src 'self' 'unsafe-inline' https:\/\/www.google.com\/ https:\/\/cse.google.com\/ https:\/\/www.eventbrite.com\/ https:\/\/player.vimeo.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.gstatic.com https:\/\/fonts.googleapis.com\/ https:\/\/cdn.curator.io\/ https:\/\/www.juicer.io\/ https:\/\/www.google-analytics.com\/ https:\/\/js.hsforms.net\/ https:\/\/cdn.cookielaw.org\/ https:\/\/js.adsrvr.org\/ https:\/\/connect.facebook.net\/ https:\/\/analytics.tiktok.com\/ https:\/\/snap.licdn.com\/ cdnjs.cloudflare.com; style-src-attr 'self' 'unsafe-inline'; frame-ancestors 'self' https:\/\/www.google.com\/ https:\/\/cse.google.com\/ https:\/\/www.eventbrite.com\/ https:\/\/player.vimeo.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.gstatic.com https:\/\/fonts.googleapis.com\/ https:\/\/cdn.curator.io\/ https:\/\/www.juicer.io\/ https:\/\/www.google-analytics.com\/ https:\/\/js.hsforms.net\/ https:\/\/cdn.cookielaw.org\/ https:\/\/js.adsrvr.org\/ https:\/\/connect.facebook.net\/ https:\/\/analytics.tiktok.com\/ https:\/\/snap.licdn.com\/","count":1},{"content-security-policy-report-only":" frame-ancestors 'none'; report-uri https:\/\/csp.some.porn\/csp-report; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/cdnjs.cloudflare.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/s7.addthis.com https:\/\/googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net 'unsafe-inline'; img-src 'self' data: https:\/\/www.google.com https:\/\/widgets.guidestar.org https:\/\/googleads.g.doubleclick.net https:\/\/www.googletagmanager.com; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/cdn.jsdelivr.net; connect-src 'self' https:\/\/www.google.com; object-src 'none'; frame-src https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net; base-uri 'self';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https:\/\/*.gstatic.com *.fontawesome.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.adp.com *.googleapis.com data: *.espssl.com maxcdn.bootstrapcdn.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.adyen.com api.bazaarvoice.com stg.api.bazaarvoice.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.facebook.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.adyen.com *.wesupply.xyz https:\/\/wesupplylabs.com guarantee-cdn.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.burpee.com *.criteo.net *.criteo.com *.freshchat.com *.doubleclick.net *.paypalobjects.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * js.mollie.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.ftcdn.net *.behance.net *.paypal.com *.typekit.net *.gstatic.com *.adyen.com https:\/\/*.gstatic.com https:\/\/images.unsplash.com guarantee-cdn.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.clarity.ms *.doubleclick.net *.bing.com *.alocdn.com *.google-analytics.com *.google.com.br *.google.com *.google.com.ua *.google.de www.facebook.com *.rlcdn.com *.criteo.com *.espssl.com *.burpee.com *.listrakbi.com *.linksynergy.com *.securedvisit.com *.bazaarvoice.com connect.facebook.net graph.facebook.com business.facebook.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/www.mollie.com https:\/\/redchamps.com *.hsforms.net *.hsforms.com 'self' data: https:\/\/maps.gstatic.com *.googletagmanager.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com js-agent.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com *.googleapis.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.cloudflare.com guarantee-cdn.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com *.jsdelivr.net *.adp.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.rapidspike.com *.facebook.com *.googleoptimize.com *.listrakbi.com *.rkdms.com *.amplitude.com *.trustpilot.com *.googletagmanager.com *.googleadservices.com data: *.bing.com *.criteo.net *.rmtag.com *.facebook.net *.doubleclick.net *.linksynergy.com *.clarity.ms *.datadome.co *.datadome.com *.criteo.com *.rakuten.com *.freshchat.com *.securedvisit.com *.burpee.com cdn.cookielaw.org *.cookielaw.org www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com js.mollie.com *.hsforms.net *.hsforms.com *.gstatic.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/fonts.googleapis.com\/ *.fontawesome.com display.ugc.bazaarvoice.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.listrakbi.com *.trustpilot.com *.googleapis.com data: *.freshchat.com *.espssl.com *.cloudflare.com *.adp.com assets.braintreegateway.com maxcdn.bootstrapcdn.com *.gstatic.com tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.adyen.com *.googleapis.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.facebook.com *.listrakbi.com *.paypalobjects.com *.clarity.ms *.rapidspike.com *.google-analytics.com *.doubleclick.net data: *.algolia.io *.revcontent.com *.datadome.co *.datadome.com *.adp.com *.amplitude.com *.bing.com *.bazaarvoice.com *.burpee.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https:\/\/reporting-api.gannettinnovation.com","count":1},{"content-security-policy-report-only":" base-uri 'self';connect-src 'self' https:\/\/www.google-analytics.com https:\/\/*.googleapis.com https:\/\/api.rudderlabs.com https:\/\/hosted.rudderlabs.com https:\/\/rudderstack.taskade.cloud https:\/\/api.stripe.com https:\/\/checkout.stripe.com https:\/\/sentry.io wss: https:\/\/cn2bi8ujy8.execute-api.us-east-1.amazonaws.com https:\/\/taskade-files.s3.us-east-1.amazonaws.com https:\/\/files.taskade.com https:\/\/vimeo.com https:\/\/fast.wistia.com https:\/\/*.loom.com https:\/\/www2.profitwell.com https:\/\/api.canny.io https:\/\/companion.taskade.com;default-src 'self';form-action 'self';media-src 'self' https:\/\/js.driftqa.com https:\/\/files.taskade.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/ajax.cloudflare.com https:\/\/challenges.cloudflare.com https:\/\/js.driftt.com https:\/\/widget.drift.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/checkout.stripe.com https:\/\/js.stripe.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.com https:\/\/r.wdfl.co https:\/\/public.profitwell.com https:\/\/cdn.firstpromoter.com https:\/\/canny.io https:\/\/pa.taskade.com https:\/\/unicorn.taskade.workers.dev https:\/\/static.cloudflareinsights.com;object-src 'none';img-src 'self' data: https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.stripe.com https:\/\/files.taskade.com https:\/\/unpkg.com https:\/\/i.ytimg.com https:\/\/*.sndcdn.com https:\/\/i.vimeocdn.com https:\/\/*.wistia.com https:\/\/cdn.loom.com https:\/\/*.figma.com https:\/\/images.typeform.com https:\/\/*.whimsical.com https:\/\/companion.taskade.com;style-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com;font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com;frame-src https:\/\/js.driftt.com https:\/\/widget.drift.com https:\/\/checkout.stripe.com https:\/\/hooks.stripe.com https:\/\/js.stripe.com https:\/\/call.taskade.com https:\/\/docs.taskade.com https:\/\/*.youtube.com https:\/\/*.soundcloud.com https:\/\/player.vimeo.com https:\/\/*.loom.com https:\/\/*.figma.com https:\/\/*.invisionapp.com https:\/\/*.typeform.com https:\/\/*.whimsical.com;report-uri \/webhooks\/csp-report;report-to \/webhooks\/csp-report;frame-ancestors 'none'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-dU4k4x3HTG4r8YF1DWSZ1A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/app.datadoghq.com\/; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubce3f3f19a3c7fcb81c0e6b27dbde95e1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env%3Agrow-monolith-prod; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" report-uri \/upload\/csp\/csp.php; report-to csp-endpoints","count":1},{"content-security-policy-report-only":" default-src 'self';           script-src 'nonce-2a093fdfb28c54323b2b442d4881e87c' 'report-sample' 'strict-dynamic' https: 'self';           style-src  'report-sample' 'unsafe-inline' 'self' https:\/\/fonts.googleapis.com https:\/\/access.nagich.co.il;           object-src 'none';           base-uri 'self';           connect-src 'self' https:\/\/ad.doubleclick.net https:\/\/bat.bing.com https:\/\/www.facebook.com https:\/\/www.googleadservices.com https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/trc-events.taboola.com https:\/\/cdn.cookielaw.org https:\/\/cdn.nagich.co.il https:\/\/cds.taboola.com https:\/\/pips.taboola.com https:\/\/www.google.com https:\/\/bat.bing.net https:\/\/geolocation.onetrust.com https:\/\/privacyportal-eu.onetrust.com;           font-src 'self' data: https:\/\/fonts.gstatic.com;           frame-src 'self' https:\/\/www.google.com https:\/\/appleid.apple.com https:\/\/www.facebook.com https:\/\/15974513.fls.doubleclick.net https:\/\/play.bingoblitz.com;           img-src * data: blob:;           manifest-src 'self';           media-src 'self' https:\/\/gnocchi-cdn-nc.bingoblitz.com https:\/\/www.bingoblitz.com;           report-uri https:\/\/bb-api-dsa.playtika.com\/client-event-stream\/non-authenticated\/events;           worker-src 'none';","count":1},{"content-security-policy-report-only":" default-src https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com https:\/\/*.paa-reporting-advertising.amazon https:\/\/*.twitch.tv https:\/\/*.amazongamestudios.com https:\/\/*.amazongames.com https:\/\/*.awsstatic.com https:\/\/amazonwebservices.d2.sc.omtrdc.net https:\/\/amazongamestudios.d2.sc.omtrdc.net https:\/\/*.viddler.com https:\/\/*.ctfassets.net https:\/\/chat.amazon.eu https:\/\/chat.amazon.co.jp https:\/\/sentry.amazongames.com https:\/\/d13pe3bn1jpqwf.cloudfront.net; script-src 'nonce-4b19494627b4459792a72b593b89913d'  https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com https:\/\/*.paa-reporting-advertising.amazon https:\/\/*.twitch.tv https:\/\/*.amazongamestudios.com https:\/\/*.amazongames.com https:\/\/*.awsstatic.com https:\/\/amazonwebservices.d2.sc.omtrdc.net https:\/\/amazongamestudios.d2.sc.omtrdc.net https:\/\/*.viddler.com https:\/\/*.ctfassets.net https:\/\/chat.amazon.eu https:\/\/chat.amazon.co.jp https:\/\/sentry.amazongames.com https:\/\/d13pe3bn1jpqwf.cloudfront.net; style-src 'self' 'nonce-4b19494627b4459792a72b593b89913d'  https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com https:\/\/*.paa-reporting-advertising.amazon https:\/\/*.twitch.tv https:\/\/*.amazongamestudios.com https:\/\/*.amazongames.com https:\/\/*.awsstatic.com https:\/\/amazonwebservices.d2.sc.omtrdc.net https:\/\/amazongamestudios.d2.sc.omtrdc.net https:\/\/*.viddler.com https:\/\/*.ctfassets.net https:\/\/chat.amazon.eu https:\/\/chat.amazon.co.jp https:\/\/sentry.amazongames.com https:\/\/d13pe3bn1jpqwf.cloudfront.net; img-src 'self' data:  https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com https:\/\/*.paa-reporting-advertising.amazon https:\/\/*.twitch.tv https:\/\/*.amazongamestudios.com https:\/\/*.amazongames.com https:\/\/*.awsstatic.com https:\/\/amazonwebservices.d2.sc.omtrdc.net https:\/\/amazongamestudios.d2.sc.omtrdc.net https:\/\/*.viddler.com https:\/\/*.ctfassets.net https:\/\/chat.amazon.eu https:\/\/chat.amazon.co.jp https:\/\/sentry.amazongames.com https:\/\/d13pe3bn1jpqwf.cloudfront.net https:\/\/*.twimg.com https:\/\/player.twitch.tv\/ https:\/\/*.ytimg.com; media-src 'self' data:  https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com https:\/\/*.paa-reporting-advertising.amazon https:\/\/*.twitch.tv https:\/\/*.amazongamestudios.com https:\/\/*.amazongames.com https:\/\/*.awsstatic.com https:\/\/amazonwebservices.d2.sc.omtrdc.net https:\/\/amazongamestudios.d2.sc.omtrdc.net https:\/\/*.viddler.com https:\/\/*.ctfassets.net https:\/\/chat.amazon.eu https:\/\/chat.amazon.co.jp https:\/\/sentry.amazongames.com https:\/\/d13pe3bn1jpqwf.cloudfront.net https:\/\/*.twimg.com https:\/\/player.twitch.tv\/ https:\/\/www.youtube.com https:\/\/youtube.com https:\/\/*.googlevideo.com; frame-src https:\/\/www.youtube.com https:\/\/youtube.com https:\/\/*.googlevideo.com https:\/\/*.twimg.com https:\/\/player.twitch.tv\/  https:\/\/*.amazon.com https:\/\/*.media-amazon.com https:\/\/*.ssl-images-amazon.com https:\/\/*.amazon-adsystem.com https:\/\/*.paa-reporting-advertising.amazon https:\/\/*.twitch.tv https:\/\/*.amazongamestudios.com https:\/\/*.amazongames.com https:\/\/*.awsstatic.com https:\/\/amazonwebservices.d2.sc.omtrdc.net https:\/\/amazongamestudios.d2.sc.omtrdc.net https:\/\/*.viddler.com https:\/\/*.ctfassets.net https:\/\/chat.amazon.eu https:\/\/chat.amazon.co.jp https:\/\/sentry.amazongames.com https:\/\/d13pe3bn1jpqwf.cloudfront.net; report-uri https:\/\/www.amazon.com\/1\/batch\/2\/OE\/mid=ATVPDKIKX0DER:sid=130-8256121-9110546:rid=04E5A4C6D6D141A4B235:sn=www.amazongamestudios.com","count":1},{"content-security-policy-report-only":" base-uri 'none'; font-src 'self' https: data:; form-action https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/www.facebook.com; frame-ancestors 'self'; img-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/ads-twitter.com https:\/\/ads-api.twitter.com https:\/\/analytics.twitter.com https:\/\/mautic.netcup.news https:\/\/px.ads.linkedin.com 'self' blob: data: https: https:\/\/www.captcha.eu; object-src 'none'; script-src-attr 'none'; style-src 'self' 'unsafe-inline' https:\/\/www.captcha.eu; script-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com https:\/\/*.onetrust.com https:\/\/measure.netcup.com https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com https:\/\/cdn.brevo.com\/js\/sdk-loader.js https:\/\/www.captcha.eu 'self' 'wasm-unsafe-eval' 'nonce-70mTPosAPX7Ev2qBSiLxx\/Rm'; child-src blob: https:\/\/td.doubleclick.net; connect-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/ads-twitter.com https:\/\/ads-api.twitter.com https:\/\/analytics.twitter.com https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com https:\/\/*.onetrust.com https:\/\/www.google.com https:\/\/in-automate.brevo.com https:\/\/measure.netcup.com https:\/\/google.com https:\/\/px.ads.linkedin.com https:\/\/*.clarity.ms\/ 'self' https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/www.captcha.eu https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/cdn.cookielaw.org https:\/\/adservice.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.redditstatic.com https:\/\/pixel-config.reddit.com https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/bat.bing.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com; frame-src https:\/\/td.doubleclick.net https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/measure.netcup.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com\/ https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com; script-src-elem https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/cdn.brevo.com\/js\/sdk-loader.js https:\/\/sibautomation.com\/sa.js https:\/\/sibforms.com\/ https:\/\/www.googleadservices.com https:\/\/www.redditstatic.com 'self' 'unsafe-inline' https:\/\/*.googletagmanager.com https:\/\/static.ads-twitter.com https:\/\/snap.licdn.com https:\/\/bat.bing.com https:\/\/connect.facebook.net https:\/\/*.clarity.ms https:\/\/googleads.g.doubleclick.net https:\/\/cdn.cookielaw.org https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/measure.netcup.com https:\/\/www.youtube.com https:\/\/pagead2.googlesyndication.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com; worker-src blob:; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self';      child-src 'self';      connect-src 'self';      font-src 'self' https:\/\/fonts.gstatic.com;      img-src 'self' data: https:\/\/natgenagency.com;      manifest-src 'none';      media-src 'none';      object-src 'none';      script-src 'self';      script-src-elem 'self';      script-src-attr 'self';      style-src 'self';      style-src-elem 'self' https:\/\/fonts.googleapis.com;      style-src-attr 'self';      worker-src blob:;      form-action *;      frame-ancestors 'self';      report-uri https:\/\/natgenagency.com\/CspReport;      report-to https:\/\/natgenagency.com\/CspReport;","count":1},{"content-security-policy-report-only":" default-src 'none'; font-src 'self' fonts.gstatic.com data:; img-src * 'self' data: https: https:\/\/*.usepylon.com https:\/\/pylon-avatars.s3.us-west-1.amazonaws.com https:\/\/d3vl36l12sfx26.cloudfront.net; script-src 'self' 'unsafe-inline' *.clickhouse-dev.com:* *.clickhouse-staging.com:* *.clickhouse.cloud:* clickhouse.com discover.clickhouse.com statuspage.incident.io www.recaptcha.net recaptcha.net munchkin.marketo.net www.google.com google.com *.googletagmanager.com *.licdn.com www.gstatic.com js.stripe.com *.fullstory.com vercel.live https:\/\/widget.usepylon.com; style-src 'self' 'unsafe-inline' clickhouse.com discover.clickhouse.com fonts.googleapis.com vercel.live https:\/\/*.usepylon.com; object-src 'none'; worker-src 'self' blob:; connect-src 'self' 'unsafe-inline' clickhouse.com discover.clickhouse.com wss: *.clickhouse-dev.com:* *.clickhouse-staging.com:* *.clickhouse.cloud:* statuspage.incident.io www.recaptcha.net recaptcha.net *.us-east-2.amazonaws.com *.google-analytics.com *.linkedin.oribi.io *.mktoresp.com s3.eu-west-1.amazonaws.com *.fullstory.com *.auth0.com vercel.live https:\/\/*.usepylon.com wss:\/\/*.pusher.com; frame-src *.clickhouse-dev.com:* *.clickhouse-staging.com:* *.clickhouse.cloud:* clickhouse.com discover.clickhouse.com www.recaptcha.net recaptcha.net https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/js.stripe.com https:\/\/player.vimeo.com *.auth0.com vercel.live; frame-ancestors 'none';","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* *.google.com *.cybersource.com up.cybersource.com;         frame-src 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* *.googletagmanager.com *.google.com *.signifyd.com *.cookiebot.com *.online-metrix.net *.paypal.com *.facebook.com *.fls.doubleclick.net *.clinch.co *.cloudflare.com *.xanderdev.com showmetheparts.com *.showmetheparts.com www.youtube.com *.jasonindustrial.com *.listrak.com *.quantummetric.com *.tractorsupply.com *.countingdownto.com *.cybersource.com;         default-src 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* blob: *.google.com um.simpli.fi d.adroll.com www.ruralking.com *.ruralking.com *.quantummetric.com *.cybersource.com;         child-src 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* *.google.com *.quantummetric.com blob:;         script-src 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* 'unsafe-inline' 'unsafe-eval' *.cnstrc.com cnstrc.com *.sezzle.com *.bazaarvoice.com *.signifyd.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.quantummetric.com *.cookiebot.com *.listrakbi.com *.flippenterprise. *.smg.com *.gleamjs.io *.curalate.com polyfill-fastly.net *.polyfill-fastly.net *.lt02.net *.listrak.com *.online-metrix.netnet analytics.freespee.com beacon.krxd.net cm.g.doubleclick.net dpm.demdex.net in.treasuredata.com io.narrative.io lex.33across.com ml314.com pixel.tapad.com s-cs.send.microad.jp stags.bluekai.com us-u.openx.net barracuda.com *.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com *.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com *.pubmatic.com snap.licdn.com sync.outbrain.com *.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net *.cloudflareinsights.com *.online-metrix.net *.paypal.com *.bing.com *.hotjar.com *.google.com *.simpli.fi *.amplitude.com *.zdassets.com *.clinch.co *.googlesyndication.com *.clarity.ms *.gleam.io *.cloudflare.com blob: *.flippenterprise.net *.adnxs.com *.certcapture.com *.ruralking.com gleam.io www.ruralking.com *.zendesk.com *.kyc.red *.jquery.com *.cloudfront.net *.bootstrapcdn.com *.tiles.mapbox.com *.cybersource.com testup.cybersource.com;         connect-src 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* 'unsafe-inline' 'unsafe-eval' *.cnstrc.com cnstrc.com *.sezzle.com *.bazaarvoice.com *.signifyd.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.quantummetric.com *.cookiebot.com *.listrakbi.com *.smg.com *.gleamjs.io *.curalate.com polyfill-fastly.net *.polyfill-fastly.net *.lt02.net *.listrak.com *.online-metrix.netnet analytics.freespee.com beacon.krxd.net cm.g.doubleclick.net dpm.demdex.net in.treasuredata.com io.narrative.io lex.33across.com ml314.com pixel.tapad.com s-cs.send.microad.jp stags.bluekai.com us-u.openx.net barracuda.com *.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com *.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com *.pubmatic.com snap.licdn.com sync.outbrain.com *.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net *.cloudflareinsights.com *.online-metrix.net *.paypal.com *.bing.com *.hotjar.com *.google.com *.simpli.fi *.amplitude.com *.zdassets.com *.clinch.co *.googlesyndication.com *.clarity.ms *.gleam.io *.cloudflare.com blob: *.flippenterprise.net *.adnxs.com *.certcapture.com *.ruralking.com *.googleadservices.com *.zendesk.com *.bf.dynatrace.com *.doubleclick.net *.bing.net *.hotjar.io *.flippback.com *.flipp.com www.ruralking.com um.simpli.fi wss:\/\/*.hotjar.com wss:\/\/pod-13-sunco-ws.zendesk.com wss:\/\/*.zendesk.com *.cloudfront.net *.mapbox.com;         style-src 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* *.googleapis.com *.googletagmanager.com 'unsafe-inline' *.cdnfonts.com *.listrakbi.com *.gleam.io *.flippenterprise.net *.quantummetric.com app.certcapture.com *.cloudfront.net *.jsdelivr.net *.tiles.mapbox.com;         font-src 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* *.gstatic.com *.cdnfonts.com *.smg.com *.bazaarvoice.com *.cloudflare.com *.walmartimages.com *.amazonaws.com *.espssl.com data: *.cloudfront.net *.jsdelivr.net;         img-src 'self' aws.ruralking.cloud:* *.aws.ruralking.cloud:* https: data:;","count":1},{"content-security-policy-report-only":" default-src 'self'; child-src 'self' blob:; connect-src 'self' *.thuisarts.nl *.readspeaker.com bynder.nhg.org *.cloudfront.net https:\/\/*.ingest.de.sentry.io *.contentsquare.net *.contentsquare.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com; font-src 'self' data: https:\/\/themes.googleusercontent.com; frame-src 'self' *.readspeaker.com https:\/\/consentcdn.cookiebot.com; img-src 'self' data: *.thuisarts.nl *.readspeaker.com https:\/\/bynder.nhg.org *.contentsquare.net; media-src 'self' *.thuisarts.nl *.readspeaker.com; script-src 'self' 'report-sample' *.readspeaker.com *.thuisarts.nl *.cloudfront.net *.contentsquare.net app.contentsquare.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com cdn-eu.readspeaker.com https:\/\/d8ejoa1fys2rk.cloudfront.net; style-src * 'report-sample' 'unsafe-inline'; base-uri 'self'; form-action 'self' *.thuisarts.nl https:\/\/nhglsk-staging.netlify.app; frame-ancestors 'self' *.asterisque.nl *.cnsconnect.nl *.crsinternet.nl *.curasoft.nl *.dataleaf.eu *.eposzilos.nl *.extenzo.nu *.healthconnected.nl *.omnihis.nl *.oscarecd.nl *.portavita.eu *.portavita.nl *.promedico-asp.aw *.promedico-asp.nl *.topicus-hap.nl *.prescriptor.nl *.digitalis.nl *.clinicalrules.nl *.caresharing.eu *.vandenhoogenhoff.com *.brickshuisarts.nl *.promedico-huisarts.nl brickshuisarts.nl","count":1},{"content-security-policy-report-only":" child-src 'none';connect-src 'self' *.e78.co.uk *.civiccomputing.com *.azure.com *.msecnd.net *.vo.msecnd.net *.gstatic.com *.googletagmanager.com *.googleadservices.com *.google.com *.googlesyndication.com *.search.windows.net *.googleapis.com cdnjs.cloudflare.com stackpath.bootstrapcdn.com *.google-analytics.com *.services.visualstudio.com *.hotjar.com *.hotjar.io wss:\/\/*.hotjar.com *.kustomerapp.com;default-src 'self' stackpath.bootstrapcdn.com *.hotjar.com *.hotjar.io *.googleapis.com *.gstatic.com *.vo.msecnd.net *.services.visualstudio.com *.kustomerapp.com;font-src 'self' use.typekit.net www.google.com google.com ajax.googleapis.com fonts.googleapis.com fonts.gstatic.com stackpath.bootstrapcdn.com;form-action 'self';frame-ancestors 'self';frame-src 'self' *.youtube-nocookie.com *.amazon-adsystem.com *.google.com *.youtube.com *.hotjar.com *.hotjar.io vimeo.com *.vimeo.com *.trustpilot.com www.facebook.com *.publitas.com givp.nl *.kustomerapp.com;img-src 'self' e78-bp-dev-cdn-e4bdb8gjgsgdfqbq.z01.azurefd.net i.ytimg.com online.swagger.io *.google-analytics.com *.google.com *.gstatic.com *.kustomerapp.com;manifest-src 'self';media-src 'self' e78-bp-dev-cdn-e4bdb8gjgsgdfqbq.z01.azurefd.net;object-src 'unsafe-eval';script-src 'self' *.e78.co.uk e78-bp-dev-cdn-e4bdb8gjgsgdfqbq.z01.azurefd.net *.doubleclick.net *.googleadservices.com *.googletagmanager.com *.google.com *.hotjar.com *.hotjar.io *.google-analytics.com *.vo.msecnd.net *.msecnd.net *.services.visualstudio.com cdn.jsdelivr.net *.googleapis.com *.trustpilot.com connect.facebook.net *.azure.com *.gstatic.com cdnjs.cloudflare.com stackpath.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval' *.kustomerapp.com;style-src 'self' e78-bp-dev-cdn-e4bdb8gjgsgdfqbq.z01.azurefd.net p.typekit.net use.typekit.net www.google.com google.com ajax.googleapis.com cdnjs.cloudflare.com fonts.googleapis.com stackpath.bootstrapcdn.com 'unsafe-inline' *.kustomerapp.com;block-all-mixed-content;upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.vogue.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" object-src * ; report-uri https:\/\/www.sunlife.ca\/slfreporting\/reportUri","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https:\/\/webcachex-eu.datareporter.eu; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/*.openstreetmap.org blob: https:\/\/youtube.com https:\/\/*.youtube.com https:\/\/liwest.at\/ https:\/\/*.liwest.at\/ https:\/\/*.hubspot.com https:\/\/www.facebook.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/px.ads.linkedin.com *.px.ads.linkedin.com https:\/\/*.hsforms.com https:\/\/alb.reddit.com bat.bing.com https:\/\/www.google.at https:\/\/www.google.de https:\/\/www.googletagmanager.com https:\/\/maps.wien.gv.at https:\/\/fonts.gstatic.com https:\/\/webcache-eu.datareporter.eu https:\/\/webcachex-eu.datareporter.eu https:\/\/maps.googleapis.com https:\/\/*.econda-monitor.de; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https:\/\/*.frcapi.com\/ https:\/\/*.liwest.at\/ https:\/\/liwest-penalty-shootout.supernice.games https:\/\/liwest-gscheit-digital.supernice.games https:\/\/liwest-gscheit-digital-2.supernice.games https:\/\/liwest-qots.web.app https:\/\/liwest-tron.web.app https:\/\/*.google.com https:\/\/liwest-spendenaktion.web.app https:\/\/www.googletagmanager.com https:\/\/liwest.speedtestcustom.com https:\/\/forms-eu1.hsforms.com https:\/\/aax-eu.amazon-adsystem.com; connect-src 'self' data: https:\/\/*.openstreetmap.org https:\/\/*.friendlycaptcha.eu https:\/\/*.datareporter.eu https:\/\/*.hsforms.com https:\/\/hubspot-forms-static-embed-eu1.s3.amazonaws.com https:\/\/*.econda-monitor.de https:\/\/px.ads.linkedin.com https:\/\/analytics.tiktok.com https:\/\/*.hubapi.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/*.hubspot.com https:\/\/pixel-config.reddit.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/pixels.spotify.com https:\/\/*.etracker.com https:\/\/*.etracker.de https:\/\/analytics-ipv6.tiktokw.us https:\/\/www.google.com https:\/\/www.google.at https:\/\/l.ecn-ldr.de https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/maps.wien.gv.at https:\/\/api.opendkm.at https:\/\/static.hsappstatic.net https:\/\/www.googletagmanager.com https:\/\/api.ipgeolocation.io https:\/\/srv.doris.at https:\/\/maps.googleapis.com https:\/\/c.amazon-adsystem.com https:\/\/aax-eu.amazon-adsystem.com https:\/\/ara.paa-reporting-advertising.amazon; script-src-elem 'self' 'report-sample' 'unsafe-inline' inline https:\/\/youtube.com https:\/\/*.youtube.com https:\/\/*.datareporter.eu https:\/\/*.webcachex-eu.datareporter.eu https:\/\/cdnjs.cloudflare.com https:\/\/*.googletagmanager.com https:\/\/*.hsforms.net https:\/\/*.vimeo.com https:\/\/tracknet.twyn.com https:\/\/l.ecn-ldr.de https:\/\/api.ipify.org https:\/\/connect.facebook.net https:\/\/bat.bing.com https:\/\/analytics.tiktok.com https:\/\/js-eu1.hsadspixel.net https:\/\/googleads.g.doubleclick.net https:\/\/*.etracker.com https:\/\/*.etracker.de https:\/\/pixel.byspotify.com https:\/\/js-eu1.hs-scripts.com https:\/\/js-eu1.hs-banner.com https:\/\/static.hsappstatic.net https:\/\/js-eu1.hs-analytics.net https:\/\/js-eu1.hs-banner.net https:\/\/js-eu1.hubspot.com https:\/\/snap.licdn.com https:\/\/www.redditstatic.com https:\/\/maps.googleapis.com https:\/\/*.econda-monitor.de https:\/\/c.amazon-adsystem.com; style-src 'self' 'report-sample' https:\/\/*.datareporter.eu; worker-src blob: 'report-sample'; font-src 'self' data: https:\/\/fonts.gstatic.com; style-src-elem 'self' 'report-sample' 'unsafe-inline' inline https:\/\/webcache.datareporter.eu https:\/\/webcache-eu.datareporter.eu https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/www.googletagmanager.com; report-uri https:\/\/www.liwest.at\/@http-reporting?csp=report&requestTime=1778726026393548&requestHash=849a4a56116802bf47ba3a3127d7d8d4e6d724a3","count":1},{"content-security-policy-report-only":" block-all-mixed-content","count":1},{"content-security-policy-report-only":" default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.amazon-adsystem.com *.appdemostore.com *.atdmt.com *.avocet.io *.blubrry.com *.clicktale.net *.craftyclicks.co.uk *.chatcora.natwest.com   *.doubleclick.net *.everesttech.net *.facebook.com *.facebook.net *.fca.org.uk *.google.co.uk *.google.com *.google.ie *.googleadservices.com *.jwpcdn.com *.liveperson.net *.linkedin.com *.lpsnmedia.net *.neolane.net *.omguk.com *.omtrdc.net *.pinimg.com *.pinterest.com *.snapchat.com *.ulsterbank.co.uk *.ulsterbank.com *.ulsterbankanytimebanking.co.uk *.userzoom.com *.youtube.com *.ytimg.com analytics.twitter.com api.swiftype.com dcs.demdex.net dpm.demdex.net fast.demdex.net fast.rbs.demdex.net jwpltx.com rbs.demdex.net sc-static.net static.ads-twitter.com t.co www.brightedge.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https:\/\/ulsterbankni.report-uri.com\/r\/t\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.appdynamics.com col.eum-appdynamics.com fonts.gstatic.com ajax.googleapis.com www.googleapis.com fonts.googleapis.com use.fontawesome.com www.w3schools.com home.textkernel.nl staging.textkernel.nl www.dropbox.com apis.google.com www.google.com html5shim.googlecode.com media.readspeaker.com s7.addthis.com d2sl310zdnr3q6.cloudfront.net www.google-analytics.com https:\/\/apps.knollenstein.com https:\/\/appsdev.knollenstein.com font.visma.com *.easycruit.com m.addthis.com api-public.addthis.com flowanalytic.site networkanalytics.xyz knowledge-and-support-center.visma.net m.addthisedge.com apply.indeed.com content.googleapis.com commondatastorage.googleapis.com themes.googleusercontent.com www.googletagmanager.com fast.fonts.net db.onlinewebfonts.com hello.myfonts.net cdnjs.cloudflare.com d1fc8wv8zag5ca.cloudfront.net connect.facebook.net emea3.recruitmentplatform.com tag.goldenbees.fr s.ytimg.com www.findizer.fr webfonts.zohostatic.com platform.linkedin.com zgao.nl cdn.ontame.io *.ziggeo.com *.amazonaws.com api-eu-west-1.ziggeo.com embed-cdn-eu-west-1.ziggeo.com embed-eu-west-1.ziggeo.com assets.ziggeo.com hc-cdn.visma.net cdn.wootric.com production.wootric.com eligibility.wootric.com *.onetrust.com cdn.cookielaw.org https:\/\/storage.googleapis.com\/snowplow-cto-office-tracker-bucket\/3.1.1\/sp.js https:\/\/snowplow.visma.com\/com.snowplowanalytics.snowplow\/tp2 *.sharethis.com www.gstatic.com easycruit.com; img-src 'self' data: * 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/easycruit.com\/api\/logging\/v1\/csp-report","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-YKf0mQuyhxzMTMDQNHp-TQ' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' ; report-uri https:\/\/events.ocdn.eu\/v2\/csp-report?_ac=events&_fv=www.forbes.pl::PROD_V2","count":1},{"content-security-policy-report-only":" default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.amazon-adsystem.com *.appdemostore.com *.atdmt.com *.avocet.io *.blubrry.com *.clicktale.net *.craftyclicks.co.uk *.chatcora.natwest.com  *.doubleclick.net *.everesttech.net *.facebook.com *.facebook.net *.fca.org.uk *.google.co.uk *.google.com *.googleadservices.com *.jwpcdn.com *.liveperson.net *.linkedin.com *.lpsnmedia.net *.neolane.net *.omguk.com *.omtrdc.net *.pinimg.com *.pinterest.com *.raptmedia.com *.rbos.com *.rbs.co.uk *.rbs.com *.rbsdigital.com *.supportcentre-rbs.co.uk *.snapchat.com *.userzoom.com *.youtube.com *.ytimg.com analytics.twitter.com api.swiftype.com dcs.demdex.net dpm.demdex.net fast.demdex.net fast.rbs.demdex.net jwpltx.com rbs.demdex.net sc-static.net search-rbs.co.uk static.ads-twitter.com t.co www.brightedge.com *.everesttech.net *.everestjs.net cdn.cookielaw.org; upgrade-insecure-requests; report-uri https:\/\/rbspersonal.report-uri.com\/r\/t\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; upgrade-insecure-requests; report-uri https:\/\/5b99b19026a35ad04db5bcf778a03938.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" script-src 'strict-dynamic' 'nonce-vAoDoWtqYZsV4PmyB6k+1A==' 'unsafe-eval' 'self' https:\/\/assets.torob.com https:\/\/tapi.bale.ai https:\/\/www.googletagmanager.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/www.goftino.com https:\/\/posthog.torob.ir https:\/\/www.gstatic.com; script-src-elem 'strict-dynamic' 'nonce-vAoDoWtqYZsV4PmyB6k+1A==' 'unsafe-eval' 'self' https:\/\/assets.torob.com https:\/\/tapi.bale.ai https:\/\/www.googletagmanager.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/www.goftino.com https:\/\/posthog.torob.ir https:\/\/www.gstatic.com; script-src-attr 'unsafe-inline'; style-src 'self' https:\/\/assets.torob.com\/ https:\/\/cdn.goftino.com 'unsafe-inline'; frame-ancestors 'self' https:\/\/*.bale.ai; object-src 'none'; base-uri 'none'; img-src http: https: data: blob:; worker-src 'self' blob:; report-uri https:\/\/sentry.torob.ir\/api\/5\/security\/?sentry_key=f93c967608d0a62ff84a3620cd0bf0e9; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/connect.facebook.net https:\/\/*.stripe.com https:\/\/*.braintreegateway.com https:\/\/api.consentjs.datagrail.io https:\/\/*.consentjs.datagrail.io https:\/\/*.youtube.com https:\/\/s.ytimg.com https:\/\/*.weeecdn.com https:\/\/*.weeecdn.net https:\/\/*.tiktok.com https:\/\/*.clarity.ms https:\/\/*.cloudfront.net https:\/\/*.awswaf.com https:\/\/*.unpkg.com https:\/\/*.paypal.com; frame-src https:\/\/*.stripe.com https:\/\/hooks.stripe.com https:\/\/assets.braintreegateway.com https:\/\/*.youtube.com https:\/\/*.google.com https:\/\/*.facebook.com https:\/\/*.tiktok.com https:\/\/*.datagrail.io https:\/\/api.consentjs.datagrail.io https:\/\/*.mathtag.com https:\/\/*.paypal.com https:\/\/*.braintreegateway.com; style-src 'self' 'unsafe-inline'; connect-src 'self' https:\/\/*.sayweee.com https:\/\/*.sayweee.net; img-src 'self' data: https: https:\/\/*.masgusto.com https:\/\/*.googletagmanager.com https:\/\/*.sayweee.com https:\/\/*.sayweee.net https:\/\/*.weeecdn.com https:\/\/*.weeecdn.net; report-uri https:\/\/api.sayweee.net\/ec\/bff\/report\/csp-violation; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" report-uri \/csp-log.php; report-to csp-log-endpoint; default-src 'none'; img-src 'self' data: https:\/\/werbung.leipzig.de\/ https:\/\/data.leipzig.de\/ https:\/\/static.leipzig.de\/ https:\/\/www.gstatic.com\/images\/; script-src 'self' 'unsafe-inline' https:\/\/cdn.captchafox.com\/ https:\/\/www.leipzig.de\/ https:\/\/static.leipzig.de\/ https:\/\/werbung.leipzig.de\/delivery\/ https:\/\/vrweb15.linguatec.org\/VoiceReaderWeb15User\/player20\/scripts\/ https:\/\/dev.lehst.de\/ https:\/\/static.conword.io\/; style-src 'self' 'unsafe-inline' https:\/\/cdn.captchafox.com\/ https:\/\/static.leipzig.de\/ https:\/\/vrweb15.linguatec.org\/VoiceReaderWeb15User\/player\/styles\/ https:\/\/dev.lehst.de\/; font-src 'self' https:\/\/static.leipzig.de\/ https:\/\/fonts.gstatic.com\/; media-src 'self' https:\/\/static.leipzig.de\/ https:\/\/vrweb15.linguatec.org\/VoiceReaderWeb15User\/player20\/scripts\/; connect-src 'self' https:\/\/api.captchafox.com\/ https:\/\/cdn.captchafox.com\/ https:\/\/vrweb15.linguatec.org\/VoiceReaderWeb15WebService\/ https:\/\/dev.lehst.de\/ https:\/\/www.leipzig.de\/; frame-src https:\/\/www.youtube-nocookie.com\/embed\/ https:\/\/tnv.leipzig.de https:\/\/s-leipzig.maps.arcgis.com https:\/\/geo.leipzig.de https:\/\/geoportal.leipzig.de https:\/\/www.blitzvideoserver.de https:\/\/tportal.toubiz.de https:\/\/kwis-web.leipzig.de; frame-ancestors 'self' https:\/\/*.leipzig.de\/;","count":1},{"content-security-policy-report-only":" upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'nonce-f5DiYpDY1SAIGcjBMgvb6qskX' 'strict-dynamic' 'report-sample'; report-uri https:\/\/blenderartists.org\/csp_reports; frame-ancestors 'self'; manifest-src 'self'","count":1},{"content-security-policy-report-only":" default-src  'self' blob: data: 'unsafe-inline' 'unsafe-eval' fonts.gstatic.com embed.geckochat.io fonts.geckoform.com api.geckochat.io app.geckoform.com www.google.com analytics.google.com www.googletagmanager.com *.doubleclick.net *.6sc.co *.6sense.com *.crazyegg.com *.wistia.com *.vimeo.com *.youtube.com youtube.com ytimg.com *.ytimg.com youtube-nocookie.com *.youtube-nocookie.com *.widen.net widencdn.net *.widencdn.net *.jsdelivr.net *.facebook.net facebook.net *.facebook.com *.linkedin.com *.adsymptotic.com *.nr-data.net *.adnxs.com *.fullcircleinsights.com *.lightwidget.com lightwidget.com *.bing.com *.unibuddy.co *.visualwebsiteoptimizer.com app.vwo.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' blob: www.youtube.com www.googletagmanager.com embed.geckochat.io cdn.jsdelivr.net cdn.unibuddy.co *.doubleclick.net *.visualwebsiteoptimizer.com app.vwo.com cdn.pushcrew.com; style-src  'unsafe-inline' 'self' fonts.googleapis.com fonts.geckoform.com embed.geckochat.io *.visualwebsiteoptimizer.com cdn.pushcrew.com; img-src  'unsafe-inline' 'unsafe-eval' 'self' data: humbercollege.widen.net www.google.com www.google.ca www.googletagmanager.com widget-assets.geckochat.io *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io cdn.pushcrew.com; font-src 'self' data: fonts.gstatic.com embed.geckochat.io fonts.geckoform.com;","count":1},{"content-security-policy-report-only":" connect-src analytics.tiktok.com *.google-analytics.com 'self' 'unsafe-inline' wss:;default-src 'self' 'unsafe-inline' wss:;form-action 'self' 'unsafe-inline' wss:;frame-src *.soundcloud.com 'self' 'unsafe-inline' 'unsafe-eval' *.cookiebot.com *.wearekura.com *.google-analytics.com;img-src *.siteimproveanalytics.io analytics.tiktok.com *.google-analytics.com 'self' 'unsafe-inline' 'unsafe-eval' *.cookiebot.com *.wearekura.com *.google-analytics.com;object-src 'none';script-src *.googletagmanager.com siteimproveanalytics.com analytics.tiktok.com 'self' 'unsafe-inline' 'unsafe-eval' *.cookiebot.com *.wearekura.com *.google-analytics.com;style-src 'self' 'unsafe-inline' 'unsafe-eval' *.cookiebot.com *.wearekura.com *.google-analytics.com 'self' 'unsafe-inline' wss:","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; base-uri 'self'; form-action 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https:\/\/usercontent.mobileread.org\/csp-report","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'report-sample' 'nonce-mJk0h5yE5ueqDf3uAzMeEw=='; style-src 'unsafe-inline' *; default-src 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io; media-src *; base-uri 'none'; img-src blob: data: *; frame-ancestors 'none'; font-src 'self' data:; worker-src 'none'; object-src 'none'","count":1},{"content-security-policy-report-only":" default-src 'self' *.acadiau.ca; img-src 'self' *.acadiau.ca *.index.digital *.sitescout.com *.gstatic.com *.bc0a.com *.fontawesome.com *.picsum.photos picsum.photos *.twimg.com *.facebook.com *.twitter.com *.google.ca *.google.com www.google-analytics.com wl-pixel.index.digital pixel.sitescout.com s3.amazonaws.com *.b0e8.com *.siteimproveanalytics.io; font-src 'self' *.fontawesome.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com *.gstatic.com cdn.jsdelivr.net; style-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jsdelivr.net *.fontawesome.com *.twimg.com *.twitter.com *.googleapis.com widget.alongside.com 'unsafe-inline'; script-src 'self' *.acadiau.ca *.google.com *.googleapis.com *.fontawesome.com acuityplatform.com *.jquery.com *.bootstrapcdn.com *.cloudflare.com *.jsdelivr.net *.facebook.net *.google-analytics.com *.technolutions.net *.twitter.com *.twimg.com widget.alongside.com *.instagram.com *.cloudflare.com e.issuu.com *.pixel.ad *.hotjar.com *.bc0a.com *.b0e8.com theta360.com *.tiktok.com *.googletagmanager.com siteimproveanalytics.com 'unsafe-inline'; connect-src 'self' *.hotjar.com *.doubleclick.net www.google-analytics.com *.doubleclick.com *.sitescout.com *.doubleclick.n ka-p.fontawesome.com; frame-src 'self' *.livestream.com *.hotjar.com *.youtube.com *.vimeo.com *.twitter.com *.issuu.com *.facebook.com *.instagram.com *.sitescout.com theta360.com; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/www.googletagmanager.com https:\/\/js-eu1.hsforms.net https:\/\/js-eu1.hs-scripts.com https:\/\/sc.lfeeder.com https:\/\/video.helloretail.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; img-src 'self' data: https:; frame-src https:\/\/capture.navattic.com https:\/\/www.youtube-nocookie.com https:\/\/video.helloretail.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com; connect-src 'self' https:\/\/api.hsforms.com https:\/\/forms-eu1.hsforms.com https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googletagmanager.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com; object-src 'none'; base-uri 'self'","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net betano.com *.betano.com betano.de *.betano.de betgenius.com *.betgenius.com bing.com *.bing.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org creativecdn.com *.creativecdn.com facebook.net *.facebook.net gmlinteractive.com *.gmlinteractive.com googletagmanager.com *.googletagmanager.com kaizengaming.com *.kaizengaming.com optimove.net *.optimove.net sportradar.com *.sportradar.com sportradarserving.com *.sportradarserving.com cloudflareinsights.com *.cloudflareinsights.com app.delivery *.app.delivery clarity.ms *.clarity.ms lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com *.brandinsight.tech *.taboola.com *.fullstory.com *.geocomply.com *.kameleoon.io *.kameleoon.eu *.ads-twitter.com *.google-analytics.com *.jsdelivr.net *.kwai.net *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.pa4r.com res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=CuXML7Dboq_rAyqHEjhRQiuTCXhDzsgXyOJ6ikXOH_0-1778721061.0456734-1.0.1.1-r6Jwf6DXuZaPt9ayl.0t0pIg6x5AE.w5Er3hUra8xaFCl.WXqVXxxK2GrVnXz_EKFHFaM5MyONI20F6DviNcQuoh5gjdYhXGylXXc52Qbn25RZDHSKwRK22w2F1JAD5ss5C5fwwAdGTr9m7BXXYE9SJXJKo4k2PeUqfp_1HbbkGTrAN4LNz4xIwz.VGVeNTN; report-to cf-wgybennrnfxjnfih","count":1},{"content-security-policy-report-only":" default-src 'self' blob: https:\/\/data.stbuttons.click\/data https:\/\/challenges.cloudflare.com https:\/\/vod-progressive-ak.vimeocdn.com https:\/\/cdn.simplecast.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/apps.sitecore.net https:\/\/stackpath.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com http:\/\/ajax.googleapis.com https:\/\/maps.googleapis.com https:\/\/geoip-js.com https:\/\/www.google-analytics.com https:\/\/cdn.siteimprove.net https:\/\/player.simplecast.com https:\/\/cdnjs.cloudflare.com https:\/\/my2.siteimprove.com https:\/\/id.siteimprove.com https:\/\/unpkg.com https:\/\/platform-api.sharethis.com https:\/\/l.sharethis.com\/ https:\/\/player.vimeo.com https:\/\/extend.vimeocdn.com https:\/\/vod-progressive.akamaized.net https:\/\/download-video.akamaized.net https:\/\/cdn.yoshki.com https:\/\/download-video-ak.vimeocdn.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https:\/\/cdn.cookielaw.org https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/61281927.global.siteimproveanalytics.io\/ https:\/\/cdn.yoshki.com https:\/\/61281927.global.siteimproveanalytics.io\/ https:\/\/l.sharethis.com; style-src 'self' https:\/\/fonts.googleapis.com https:\/\/stackpath.bootstrapcdn.com https:\/\/cdn.jsdelivr.net https:\/\/unpkg.com 'unsafe-inline'; font-src 'self' data: https:\/\/fonts.gstatic.com 'unsafe-inline'; block-all-mixed-content; script-src 'self' https:\/\/buttons-config.sharethis.com https:\/\/challenges.cloudflare.com https:\/\/cdn.cookielaw.org https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/js.maxmind.com https:\/\/cdnjs.cloudflare.com\/polyfill\/ https:\/\/siteimproveanalytics.com https:\/\/www.google-analytics.com https:\/\/platform-api.sharethis.com https:\/\/extend.vimeocdn.com https:\/\/cdn.siteimprove.net http:\/\/ajax.googleapis.com https:\/\/code.jquery.com https:\/\/cdn.jsdelivr.net https:\/\/unpkg.com https:\/\/stackpath.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https:\/\/cdn.cookielaw.org https:\/\/l.sharethis.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/data.stbuttons.click\/data https:\/\/region1.google-analytics.com\/g\/collect https:\/\/www.googletagmanager.com\/td; frame-ancestors 'self' https:\/\/www.independentsector.org; report-uri https:\/\/233122823c47f119af0143cbea7853d6.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.gstatic.com https:\/\/pi.pardot.com https:\/\/cdn.pardot.com https:\/\/snap.licdn.com https:\/\/connect.facebook.net https:\/\/widget.instabot.io https:\/\/widgetapi.instabot.io https:\/\/addevent.com https:\/\/cdn.addevent.com https:\/\/cookie-cdn.cookiepro.com https:\/\/kit.fontawesome.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.evgnet.com https:\/\/d2i34c80a0ftze.cloudfront.net https:\/\/d2iiunr5ws5ch1.cloudfront.net https:\/\/d2wy8f7a9ursnm.cloudfront.net https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/tag.demandbase.com https:\/\/amd.sellingsimplified.net https:\/\/explore.parexel.com https:\/\/lottie.host https:\/\/assets2.lottiefiles.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/www.clarity.ms https:\/\/clarity.ms https:\/\/bat.bing.com https:\/\/sidebar.bugherd.com https:\/\/www.bugherd.com https:\/\/static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' 'report-sample' https:\/\/fonts.googleapis.com https:\/\/translate.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/d2iiunr5ws5ch1.cloudfront.net https:\/\/form.asana.com https:\/\/lottie.host https:\/\/assets2.lottiefiles.com; img-src 'self' data: blob: https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.gstatic.com https:\/\/*.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/*.linkedin.com https:\/\/*.licdn.com https:\/\/*.facebook.com https:\/\/*.fbcdn.net https:\/\/*.ytimg.com https:\/\/*.youtube.com https:\/\/*.twitter.com https:\/\/*.twimg.com https:\/\/cookie-cdn.cookiepro.com https:\/\/static.instabot.io https:\/\/tag.demandbase.com https:\/\/*.demandbase.com https:\/\/lottie.host https:\/\/*.lottiefiles.com https:\/\/d2iiunr5ws5ch1.cloudfront.net https:\/\/*.bugherd.com https:\/\/*.amazonaws.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/ka-p.fontawesome.com https:\/\/cdnjs.cloudflare.com https:\/\/d2iiunr5ws5ch1.cloudfront.net https:\/\/at.alicdn.com; connect-src 'self' https:\/\/analytics.google.com https:\/\/www.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/region1.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/ad.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/adservice.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.google.com https:\/\/*.google.com https:\/\/*.google.co.uk https:\/\/*.google.de https:\/\/*.google.fr https:\/\/*.google.es https:\/\/*.google.it https:\/\/*.google.nl https:\/\/*.google.co.jp https:\/\/*.google.com.au https:\/\/px.ads.linkedin.com https:\/\/cdn.linkedin.oribi.io https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/ws.hotjar.com https:\/\/widget.instabot.io https:\/\/widgetapi.instabot.io https:\/\/static.instabot.io https:\/\/chat.instabot.io https:\/\/livechat.instabot.io wss:\/\/chat.instabot.io https:\/\/cookie-cdn.cookiepro.com https:\/\/geolocation.onetrust.com https:\/\/privacyportal.cookiepro.com https:\/\/tag.demandbase.com https:\/\/tag-logger.demandbase.com https:\/\/segments.company-target.com https:\/\/api.company-target.com https:\/\/amd.sellingsimplified.net https:\/\/st.fullcircleinsights.com https:\/\/*.clarity.ms https:\/\/ipinfo.io https:\/\/geodata.solutions https:\/\/maps.googleapis.com https:\/\/sessions.bugsnag.com https:\/\/notify.bugsnag.com https:\/\/www.bugherd.com wss:\/\/ws-mt1.pusher.com wss:\/\/ws.pusherapp.com https:\/\/lottie.host https:\/\/assets2.lottiefiles.com https:\/\/cdn.jsdelivr.net https:\/\/ka-p.fontawesome.com https:\/\/cloudflareinsights.com https:\/\/static.cloudflareinsights.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/insight.adsrvr.org https:\/\/td.doubleclick.net https:\/\/s.company-target.com https:\/\/vars.hotjar.com https:\/\/www.podbean.com https:\/\/player.simplecast.com https:\/\/form.asana.com https:\/\/content.cdntwrk.com https:\/\/explore.parexel.com https:\/\/lottie.host https:\/\/sidebar.bugherd.com https:\/\/d1eoo1tc6rr5e.cloudfront.net; media-src 'self' https:\/\/download-video.akamaized.net https:\/\/player.vimeo.com https:\/\/mcdn.podbean.com https:\/\/www.youtube.com https:\/\/lottie.host https:\/\/assets2.lottiefiles.com; object-src 'none'; frame-ancestors 'self'; form-action 'self' https:\/\/pi.pardot.com https:\/\/explore.parexel.com; base-uri 'self'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-2gFzZREAzoUfNv5bnrYL3Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-f7xiDZACq3-54hQE8c_w9w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' *.antpedia.com v.antwebinar.com hmcdn.baidu.com hm.baidu.com m.baidu.com jspassport.ssl.qhimg.com *.google-analytics.com zz.bdstatic.com s.ssl.qhres.com sp0.baidu.com s.360.cn c.mipcdn.com wpa.qq.com res.wx.qq.com mp.weixin.qq.com msite.baidu.com ae.bdstatic.com share.baidu.com bdimg.share.baidu.com *.alicdn.com *.cn-hangzhou.log.aliyuncs.com *.dns-detect.alicdn.com browser.sentry-cdn.com push.zhanzhang.baidu.com po.srf.baidu.com toutong.baidu.com static.bshare.cn cdn.jsdelivr.net sentry.io *.googleapis.com *.cnzz.com api.map.baidu.com *.uc.cn uc.gre *.gstatic.com *.ucweb.com bshare.optimix.cn s2.pstatp.com *.googlesyndication.com *.googleadservices.com *.googletagmanager.com *.qhres2.com 'unsafe-inline' 'unsafe-eval'; img-src * data: ; frame-src https:\/\/*.qq.com https:\/\/*.antpedia.com https:\/\/*.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/*.google.com webcompt:; report-uri https:\/\/www.antpedia.com\/scp-report\/index.php;","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.yelp.com\/csp_report_only?id=ee15b8e896b89db4&page=csp_report_frame_directives%2Cfull_site_ssl_csp_report_directives&policy_hash=41d0c45536d2a082f11d1cd0e00fde7f&site=www&timestamp=1778722840; frame-ancestors 'self' https:\/\/*.yelp.com; default-src https:; img-src https: data: blob:; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; font-src data: https:; child-src https: yelp-webview:\/\/* yelp:\/\/* data:; object-src 'none'; worker-src blob: https:; base-uri 'self'; form-action https:","count":1},{"content-security-policy-report-only":" default-src 'self';  script-src 'self' 'unsafe-inline' 'unsafe-eval'    cdn.jsdelivr.net    js.stripe.com    *.criteo.com    *.simonsignal.com    www.facebook.com    connect.facebook.net    bat.bing.com    *.clarity.ms    *.vibe.co    www.google-analytics.com    cdn.cookielaw.org    *.optimizely.com    cdnjs.cloudflare.com    cdn.debugbear.com    googleads.g.doubleclick.net    d229tanlyij0i7.cloudfront.net    d3cv1fywnihry0.cloudfront.net      a61aa9fd029d.cdn4.forter.com    js-agent.newrelic.com    ui.powerreviews.com    payment.searshomeservices.com    tags.fullcontact.com    www.googletagmanager.com    www.paypal.com    cdn.id5-sync.com    mpsnare.iesnare.com    d-code.liadm.com    8quntm5h1h.execute-api.us-east-1.amazonaws.com;  frame-src 'self'    js.stripe.com    payment.searshomeservices.com    offers.searshomeservices.com    www.googletagmanager.com    i.liadm.com    gum.criteo.com    gumi.criteo.com    www.paypal.com    c.searspartsdirect.com    www.facebook.com    connect.facebook.net    a25563730275.cdn.optimizely.com;  connect-src * data: blob: 'unsafe-inline';  img-src * data: blob: 'unsafe-inline';  media-src * data: blob: 'unsafe-inline';  style-src * data: blob: 'unsafe-inline';  font-src * data: blob: 'unsafe-inline';  worker-src * data: blob: 'unsafe-inline';  base-uri 'self';  form-action 'self'    www.facebook.com;  frame-ancestors 'self';  report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' blob: data: https:\/\/*.rerrkvifj.com https:\/\/*.ccchch.com https:\/\/*.lbank.com https:\/\/*.lbk.pub https:\/\/*.lbank.info https:\/\/*.lturkey.com https:\/\/*.lbkpro.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'wasm-eval' https:\/\/cdn.jsdelivr.net https:\/\/*.alicdn.com https:\/\/*.livechatinc.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/js.admediasales.com https:\/\/accounts.google.com https:\/\/appleid.cdn-apple.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.geetest.com https:\/\/*.google.com https:\/\/sepolia.drpc.org https:\/\/*.cloudflareinsights.com https:\/\/*.geevisit.com https:\/\/*.adjust.com https:\/\/*.gsensebot.com https:\/\/*.facebook.net https:\/\/*.forter.com https:\/\/*.simplex.com https:\/\/developers.kakao.com https:\/\/*.rerrkvifj.com https:\/\/*.lbank.com https:\/\/risk.checkout.com https:\/\/*.twitter.com https:\/\/*.youtube.com https:\/\/*.telegram.org; style-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/*.alicdn.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com https:\/\/*.gstatic.com https:\/\/*.geetest.com https:\/\/*.rerrkvifj.com https:\/\/*.lbank.com https:\/\/*.lbank.net https:\/\/*.lbank.zone; font-src 'self' data: https:\/\/*.alicdn.com https:\/\/fonts.gstatic.com https:\/\/accounts.google.com https:\/\/cdnjs.cloudflare.com https:\/\/migaku-public-data.migaku.com https:\/\/gw.alipayobjects.com https:\/\/use.typekit.net https:\/\/cdn.jsdelivr.net https:\/\/www.slant.co https:\/\/cdn.scite.ai https:\/\/*.aliyuncs.com https:\/\/cdn.megabonus.com https:\/\/cdn.fastdic.com https:\/\/*.rerrkvifj.com https:\/\/*.lbank.com https:\/\/*.rerrkvifj.com; img-src 'self' data: https: blob: android-webview-video-poster: https:\/\/*.google-analytics.com https:\/\/accounts.google.com https:\/\/*.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/*.geetest.com https:\/\/testqrc.bitgetapp.com https:\/\/*.lbank.com https:\/\/*.lbank.net https:\/\/*.lbank.zone https:\/\/*.ierpifvid.com https:\/\/*.rerrkvifj.com; connect-src 'self' blob: data: https:\/\/aladdin.lbkpro.net https:\/\/*.livechatinc.com wss:\/\/*.livechatinc.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/sensors-data-access.lbkwork.com https:\/\/*.forter.com https:\/\/accounts.google.com https:\/\/appleid.cdn-apple.com https:\/\/stats.g.doubleclick.net https:\/\/*.googleapis.com https:\/\/eth.merkle.io https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/*.geetest.com https:\/\/cdnjs.cloudflare.com https:\/\/*.alicdn.com https:\/\/binance.llamarpc.com https:\/\/js.admediasales.com https:\/\/track.uc.cn https:\/\/*.google.com https:\/\/gc.kis.v2.scr.kaspersky-labs.com https:\/\/*.oss-cn-hongkong.aliyuncs.com https:\/\/adscool.net https:\/\/api.trongrid.io https:\/\/arb1.arbitrum.io https:\/\/infragrid.v.network https:\/\/eth.llamarpc.com https:\/\/*.hongnuoyy.com https:\/\/*.bitunix.com https:\/\/*.okx.com https:\/\/mainnet.base.org https:\/\/rpc.genesys.network https:\/\/*.adjust.com https:\/\/*.adjust.world https:\/\/eth-mainnet.nodereal.io https:\/\/ethereum-rpc.publicnode.com https:\/\/go.getblock.io https:\/\/www.tradingview.com https:\/\/*.googletagmanager.com https:\/\/siteperformancetest.net https:\/\/wtp.siteperformancetest.net https:\/\/flagcdn.com https:\/\/*.telegram.org https:\/\/mainnet.helius-rpc.com https:\/\/sentry-uit.line-apps.com https:\/\/1rpc.io https:\/\/*.lbkwork.com wss:\/\/*.lbkwork.com https:\/\/*.lbank.com wss:\/\/*.lbank.com https:\/\/*.lbank.zone https:\/\/*.rerrkvifj.com uuapi.rerrkvifj.com wss:\/\/*.rerrkvifj.com https:\/\/*.ierpifvid.com wss:\/\/*.ierpifvid.com https:\/\/*.lbank.zone https:\/\/*.rrrhhr.com https:\/\/*.ccchch.com https:\/\/*.lbkpro.net https:\/\/*.lbank.info https:\/\/*.lbk.pub; worker-src 'self' blob:; frame-src 'self' blob: https:\/\/secure.livechatinc.com https:\/\/tracking.nexxustrk.pro https:\/\/auctera.gotrackier.com https:\/\/www.youtube.com https:\/\/accounts.google.com https:\/\/appleid.cdn-apple.com https:\/\/cdn.jsdelivr.net https:\/\/*.google.com https:\/\/media.openxglobal.com https:\/\/api.sumsub.com https:\/\/social.rockettrack.pro https:\/\/playsala.com https:\/\/data.trckr.pro https:\/\/*.simplex.com https:\/\/*.simplexcc.com https:\/\/risk.checkout.com https:\/\/*.telegram.org https:\/\/*.twitter.com https:\/\/*.youtube.com https:\/\/*.lbank.com https:\/\/*.lbank.zone https:\/\/*.lbktech.com https:\/\/www.lbankwidgets.com; object-src 'none'; media-src 'self' blob: data: https:\/\/*.rerrkvifj.com https:\/\/*.ierpifvid.com https:\/\/*.lbank.com; base-uri 'self'; form-action 'self' https:\/\/checkout.simplexcc.com; report-uri https:\/\/aladdin.lbkpro.net\/h5\/submit\/csp-report;","count":1},{"content-security-policy-report-only":" default-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: play.google.com admin.google.com accounts.google.com www.google.com drive.google.com translate.google.com translate.googleapis.com www.edmonton.ca edmonton.ca data.edmonton.ca maps.edmonton.ca gis.edmonton.ca transforming.edmonton.ca webdocs.edmonton.ca portal-onecity.edmonton.ca coewebops.com www.youtube.com edmonton.box.com edmonton.app.box.com edmonton.box.com cdn01.boxcdn.net api.box.com public.boxcloud.com www.boxcdn.net www.boxcloud.com maps.googleapis.com fonts.googleapis.com www.googletagmanager.com cdn.ckeditor.com cdn.rawgit.com cdn.datatables.net cdn.siteimprove.net www.siteimprove.com my2.siteimprove.com identity.siteimprove.com cdnjs.cloudflare.com cdn.jsdelivr.net svc.webspellchecker.net momentjs.com connect.facebook.net www.facebook.net unpkg.com www.google-analytics.com *.youtube.com fonts.gstatic.com maps.gstatic.com www.gstatic.com maxcdn.bootstrapcdn.com www.pingdom.net siteimproveanalytics.com www.siteimproveanalytics.com script.crazyegg.com code.jquery.com pagestates-tracking.crazyegg.com tracking.crazyegg.com assets-tracking.crazyegg.com www.escribemeetings.com www.tfaforms.com api.recollect.net assets.ca.recollect.net recollect-images.global.ssl.fastly.net recollect.a.ssl.fastly.net prismjs.net prismjs.com cdn.curator.io api.curator.io curator-assets.b-cdn.net www.facebook.com www.youtube-nocookie.com www.escribemeetings.com www.ytimg.com media1.giphy.com wdi-prod.yellowdev.net www.datatables.net visionservicerequests.rehrigpacific.com cdn.honey.io player.vimeo.com walkinto.in pwm-image.trendmicro.com ajax.aspnetcdn.com calendar.google.com portal.edmonton.ca infird.com www.google.ca feedback.coewebops.com region1.google-analytics.com w.soundcloud.com stackpath.bootstrapcdn.com www.global.siteimproveanalytics.io public.tableau.com edmonton.maps.arcgis.com cdn-uicons.flaticon.com overbridgenet.com ka-p.fontawesome.com use.fontawesome.com kit.fontawesome.com 550744.global.siteimproveanalytics.io ajax.googleapis.com sheets.googleapis.com curatorio.s3.amazonaws.com assets.us.recollect.net pub-edmonton.escribemeetings.com sc-static.net i.ytimg.com api.privacy-protector-adblocker.com dl.boxcloud.com *.global.siteimproveanalytics.io cdn.toolszen.com 3001.scriptcdn.net www.slant.co cdn.megabonus.com api.mapbox.com; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" default-src 'none'; form-action 'none'; frame-ancestors 'none'; connect-src 'self' web-analytics.intelliscapesolutions.com analytics.intelliscapesolutions.com; font-src 'self' fonts.gstatic.com; frame-src www.google.com; img-src 'self' web-analytics.intelliscapesolutions.com analytics.intelliscapesolutions.com; manifest-src 'self'; script-src-elem 'self' 'unsafe-inline' donorbox.org web-analytics.intelliscapesolutions.com analytics.intelliscapesolutions.com www.google.com www.gstatic.com cdn.jsdelivr.net static.cloudflareinsights.com; script-src 'unsafe-eval' 'self' 'unsafe-inline' donorbox.org web-analytics.intelliscapesolutions.com analytics.intelliscapesolutions.com www.google.com www.gstatic.com; style-src-attr 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' fonts.googleapis.com; report-uri https:\/\/intelliscape.report-uri.com\/r\/d\/csp\/wizard","count":1},{"content-security-policy-report-only":" img-src 'data' data: https:\/\/assets.eetgroup.com https:\/\/cdne-clientresources-cdn-eet-prod-lcd.azureedge.net https:\/\/content.eetgroup.com https:\/\/content-media.eetgroup.com https:\/\/fonts.gstatic.com https:\/\/img.youtube.com https:\/\/inishop.com https:\/\/media.eetgroup.com https:\/\/product-images.eetgroup.com https:\/\/www.eetgroup.com https:\/\/www.google.dk https:\/\/www.googletagmanager.com; script-src 'eval' 'unsafe-inline' 'wasm-eval'; connect-src https:\/\/api.eetgroup.com https:\/\/cdn.jsdelivr.net https:\/\/cdne-clientresources-cdn-eet-prod-lcd.azureedge.net https:\/\/consentcdn.cookiebot.com https:\/\/content.eetgroup.com https:\/\/func-eetdis-wl-test.azurewebsites.net https:\/\/maps.googleapis.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/vimeo.com https:\/\/www.google.com https:\/\/www.google.dk https:\/\/www.googletagmanager.com; font-src https:\/\/cdne-clientresources-cdn-eet-prod-lcd.azureedge.net https:\/\/use.typekit.net; script-src-elem https:\/\/cdne-clientresources-cdn-eet-prod-lcd.azureedge.net https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/storageeetprodlcd.blob.core.windows.net https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com 'inline' 'unsafe-inline'; style-src-elem https:\/\/cdne-clientresources-cdn-eet-prod-lcd.azureedge.net 'inline' 'unsafe-inline'; frame-src https:\/\/consentcdn.cookiebot.com https:\/\/form.jotform.com https:\/\/player.vimeo.com https:\/\/www.google.com; media-src https:\/\/media.eetgroup.com; style-src-attr 'inline'; default-src 'self'; report-uri \/csp-report; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com 'unsafe-inline' data: https:\/\/www.googletagmanager.com maxcdn.bootstrapcdn.com apps.mypurecloud.com use.typekit.net *.silencershop.com *.klaviyo.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.authorize.net *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.credova.com *.authorize.net *.webeyez.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.credova.com * *.authorize.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com https:\/\/www.youtube.com https:\/\/c.paypal.com\/ https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ magefan.com cm.magefan.com store.paradoxlabs.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.silencershop.com *.signifyd.com *.online-metrix.net\/ data.adxcel-ec2.com engine.gettopple.com trkn.us *.cloudfront.net *.klaviyo.com https:\/\/b.stats.paypal.com\/ https:\/\/slc.stats.paypal.com\/ https:\/\/c.paypal.com\/ https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com *.gstatic.com tagmanager.google.com https:\/\/www.googletagmanager.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.credova.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ cdn.jsdelivr.net *.authorize.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.silencershop.com apps.usw2.pure.cloud *.signifyd.com delivery.gettopple.com *.online-metrix.net d14jnfavjicsbe.cloudfront.net sleeknotecustomerscripts.sleeknote.com sleeknotestaticcontent.sleeknote.com sec.webeyez.com widget.trustpilot.com *.klaviyo.com *.fontawesome.com *.google-analytics.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net https:\/\/c.paypal.com https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com https:\/\/static.klaviyo.com cdn.jsdelivr.net maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com apps.mypurecloud.com use.typekit.net p.typekit.net *.silencershop.com *.klaviyo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.googleapis.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com *.credova.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ api.addressy.com *.authorize.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.silencershop.com *.signifyd.com invitejs.trustpilot.com send.webeyez.com sec.webeyez.com *.klaviyo.com *.google-analytics.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net https:\/\/payments.sandbox.braintree-api.com\/ https:\/\/origin-analytics-sand.sandbox.braintree-api.com\/ https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/smartsolutions.report-uri.com\/r\/d\/csp\/reportOnly; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-vfViS4cGfGw_qVGeoOPg_Q' cdn.jsdelivr.net; style-src-elem 'self' 'nonce-vfViS4cGfGw_qVGeoOPg_Q' cdn.jsdelivr.net; style-src-attr 'unsafe-inline'; font-src 'self' cdn.jsdelivr.net; img-src 'self' data:","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/www.bing.com https:\/\/www.google.at https:\/\/www.google.de https:\/\/*.search.yahoo.com; report-uri https:\/\/tudorwatch.com\/csp-reports\/?req_id=c5e13df","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/apis.google.com https:\/\/va.vercel-scripts.com https:\/\/vercel.live https:\/\/betterstack.net https:\/\/*.betterstack.net https:\/\/*.betterstack.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com; img-src 'self' data: blob: https:; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/use.typekit.net; connect-src 'self' https: wss: data:; frame-src 'self' https:\/\/*.firebaseapp.com https:\/\/accounts.google.com https:\/\/myaccount.google.com https:\/\/www.google.com https:\/\/apis.google.com https:\/\/vercel.live; worker-src 'self' blob:; manifest-src 'self'; media-src 'self' blob: https: data:; frame-ancestors 'self'; form-action 'self' https:\/\/*.firebaseapp.com https:\/\/accounts.google.com; base-uri 'none'; object-src 'none'; report-uri \/api\/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self' image.spreadshirtmedia.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.net ; img-src 'self' data: https: image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com *.google-analytics.com *.analytics.google.com *.zdassets.com sanalytics.spreadshirt.net *.spreadshirt.net ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io\/ dpm.demdex.net *.google-analytics.com *.analytics.google.com wss:\/\/*.zendesk.com *.spreadshirt.net ; font-src 'self' https: data: *.spreadshirt.net ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.net ; object-src 'none' ; media-src image.spreadshirtmedia.net ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.net ; report-uri https:\/\/csp.spreadshirts.net\/csp\/reportOnly ;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-KTWlBdYIwj7LBk-yrt0UgA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src 'self'; script-src 'self' https:\/\/maps.googleapis.com https:\/\/googletagmanager.com https:\/\/munchkin.marketo.net https:\/\/script.crazyegg.com https:\/\/www.influ2.com https:\/\/bat.bing.com https:\/\/ws.zoominfo.com https:\/\/www.clickcease.com https:\/\/tracking.g2crowd.com https:\/\/go.qgenda.com https:\/\/cdn.bizible.com https:\/\/j.6sc.co https:\/\/googleads.g.doubleclick.net; connect-src 'self' https:\/\/maps.googleapis.com https:\/\/script.crazyegg.com https:\/\/761-yjz-981.mktoresp.com https:\/\/www.google-analytics.com https:\/\/t.influ2.com https:\/\/c.6sc.co https:\/\/ipv6.6sc.co https:\/\/stats.g.doubleclick.net  https:\/\/tracking.g2crowd.com https:\/\/ws.zoominfo.com https:\/\/realtime.ramblechat.com;  img-src 'self'  https:\/\/www.google.com https:\/\/bat.bing.com;  font-src 'self'  https:\/\/fonts.gstatic.com;  frame-src 'self' https:\/\/td.doubleclick.net;  object-src 'self'; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" script-src 'self' *.adyen.com *.allsaints.com *.bing.com *.cquotient.com *.forter.com *.g.doubleclick.net *.global-e.com *.google-analytics.com *.google.com *.googleapis.com *.googlesyndication.com *.gstatic.com *.klarnaservices.com *.parcellab.com *.pcapredict.com *.scarabresearch.com *.squarecdn.com *.tribalfusion.com *.yotpo.com access.myunidays.com ajax.cloudflare.com allsaints.api.highstreetapp.com analytics.tiktok.com api.soreto.com appleid.cdn-apple.com assets.ntcacdn.net cdn-ukwest.onetrust.com cdn.jsdelivr.net cdn.optimizely.com cdnapisec.kaltura.com challenges.cloudflare.com chat.digitalgenius.com code.jquery.com connect.facebook.net ct.pinterest.com d.ratepay.com dnn0yrbagrg.cloudfront.net duvgq8bw.cloudfront.net edge.eu.fullstory.com js-agent.newrelic.com js.klarna.com lottingem.com platform.communicatorcorp.com player.vimeo.com rgneujpc.micpn-eu.com s.pinimg.com sc-static.net secured-pixel.com services.postcodeanywhere.co.uk static.cloudflareinsights.com statse.webtrendslive.com t.contentsquare.net tag.rmp.rakuten.com tags.creativecdn.com tr.snapchat.com tracker.marinsm.com unpkg.com widgets.trustedshops.com www.googletagmanager.com www.paypal.com www.recaptcha.net www.redditstatic.com x.klarnacdn.net; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=RkYHz06.RYINGDALdsEOvYDzy8r.BIB.fduitZo_KQc-1778722674.757048-1.0.1.1-ZZhoPbA5Cgi5EPhClopWLiszfdVQBH2LYeYQ4535p0mA0orYf1YCfjhvYVvoQxjRWCFVZvveTsI0XTMqbdU8aYgBB7Ymf8YLadDIzvBjH3MgUWQLziI1U32Tie3koKFx0ObJSAAddTaXmzYCA44n6Wtw0T.cd22GGm6m8sgVn0nMktRS9BjEhrUWpVa6iDjsPYsuApffMd8cE5OgbiNSxA; report-to cf-egwqgfjmkvvmrave","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/*.fontawesome.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googletagmanager.com https:\/\/*.googleapis.com; style-src 'self' 'unsafe-inline'; font-src 'self' https:\/\/*.fontawesome.com\/; img-src 'self' https:\/\/*.googletagmanager.com data:; frame-src 'self' https:\/\/*.youtube.com; connect-src 'self' https:\/\/*.fontawesome.com\/ https:\/\/*.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app 'self' data: *.doubleclick.net *.facebook.com *.bing.com *.bing.net *.abtasty.com *.alicdn.com *.bootstrapcdn.com *.cdnfonts.com *.fontawesome.com *.googleusercontent.com *.slant.co zip-co-media.s3.ap-southeast-2.amazonaws.com *.zip.co *.qantas.com unpkg.com *.cloudflare.com *.totaltools.com.au *.afterpay.com *.zipmoney.com.au *.zohocdn.com *.jsdelivr.net *.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app *.doubleclick.net *.facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com js.mollie.com *.googletagmanager.com zip.co static.zip.co sandbox.zip.co zipmoney.com.au sandbox.zipmoney.com.au checkout.gb.zip.co checkout.quadpay.com checkout-sandbox.quadpay.com www.xtento.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com res.cloudinary.com https:\/\/images.unsplash.com magefan.com cm.magefan.com *.disqus.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/www.mollie.com *.abtasty.com *.adroll.com *.adsrvr.org *.bing.com *.clarity.ms *.googleusercontent.com *.online-metrix.net *.openstreetmap.org *.quantcount.com *.quantserve.com *.signifyd.com *.unbxdapi.com *.zip.co *.afterpay.com *.tapad.com *.rubiconproject.com x.bidswitch.net pixel.tapad.com *.rlcdn.com *.openx.net *.yahoo.com *.pubmatic.com s3.amazonaws.com *.casalemedia.com *.adnxs.com *.amazon-adsystem.com *.stackadapt.com *.spotify.com *.sharethis.com *.bluekai.com *.contextweb.com *.kargo.com *.twitter.com *.addthis.com www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cd www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.ag www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.cz www.google.de www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ge www.google.gr www.google.gy www.google.hn www.google.hr www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.mu www.google.mv www.google.mw www.google.nl www.google.no www.google.nr www.google.pl www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.si www.google.sk www.google.sn www.google.so www.google.sr www.google.tg www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vu www.google.ws link.totaltools.com.au render.barcodes.systems *.bing.net www.google.ad www.google.as www.google.co.mz www.google.com.cu www.google.com.vn www.google.cv www.google.dj www.google.ga www.google.gl www.google.gm www.google.ht www.google.sh www.google.td zip.co *.microsofttranslator.com *.totaltools.com.au 127.0.0.1 www.google.cf www.google.com.af www.google.com.gi www.google.com.ng www.google.com.ni www.google.com.tj www.google.dm www.google.fm www.google.gg *.baidu.com *.crwdcntrl.net *.google-analytics.com *.googleadservices.com *.jquery.com *.linksynergy.com *.paypalobjects.com *.scorecardresearch.com *.ytimg.com google.com www.google.nu *.alicdn.com *.imgur.com www.google.bi www.google.li www.google.ne www.google.pn www.google.sm www.google.st static.zdassets.com ttonlinehelp.zendesk.com *.jsdelivr.net *.adform.net *.agkn.com *.amazon.com *.bidr.io *.clickagy.com *.criteo.com *.everesttech.net *.exelator.com *.icons8.com *.lijit.com *.linkedin.com *.mathtag.com *.rezync.com *.rfihub.com *.simpli.fi *.sitescout.com *.taboola.com *.contentsquare.net *.cursors-4u.net *.demdex.net *.googleapis.com *.inmobi.com *.liadm.com braze-images.com *.contentsquare.com *.smartadserver.com t.zip.co static.zipmoney.com.au static.zip.co www.xtento.com cdn.xtento.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app *.google.bg *.googletagmanager.com www.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com js.appboycdn.com *.plugins.emarsys.net *.scarabresearch.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.disqus.com https:\/\/cdn.jsdelivr.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com connect.facebook.net graph.facebook.com business.facebook.com js.mollie.com https:\/\/platform.cloud.coveo.com https:\/\/api.cloud.coveo.com https:\/\/search.cloud.coveo.com cdn-4.convertexperiments.com *.abtasty.com *.addthis.com *.adroll.com *.adsrvr.org *.bing.com *.clarity.ms d21gpk1vhmjuf5.cloudfront.net d3mewz86hy02zo.cloudfront.net *.emarsys.net *.online-metrix.net *.pricespider.com *.quantcount.com *.quantserve.com *.signifyd.com *.wufoo.com *.zip.co *.zdassets.com nexuspublications.com.au *.jsdelivr.net https:\/\/unpkg.com *.cloudflare.com *.microsofttranslator.com *.totaltools.com.au 127.0.0.1 googletagmanager.com unpkg.com *.fullstory.com *.googleadservices.com *.hotjar.com *.zipmoney.com.au sc-static.net rum.hlx.page translate.google.cn nominatim.openstreetmap.org api.smooch.io *.smooch.io assets.zendesk.com ttonlinehelp.zendesk.com *.coveo.com *.segment.com localhost *.cloudflareinsights.com *.nosto.com *.trackedlink.net *.appboycdn.com *.contentsquare.net *.disqometer.com *.googleapis.com *.contentsquare.com https:\/\/hosted.mastersoftgroup.com\/harmony\/rest\/v2\/address\/find https:\/\/hosted.mastersoftgroup.com\/harmony\/rest\/au\/generateID static.zipmoney.com.au static.zip.co zip.co www.xtento.com cdn.xtento.com https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com https:\/\/cdn.jsdelivr.net assets.braintreegateway.com *.abtasty.com *.fontawesome.com *.typekit.net *.zip.co *.bing.com https:\/\/unpkg.com unpkg.com *.totaltools.com.au 127.0.0.1 *.bigcommerce.com *.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.gstatic.com *.zdassets.com *.google.com youtube.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.afterpay.com *.afterpay-beta.com *.afterpaycdn.com *.squarecdn.com *.cash.app api.lab.amplitude.com *.google-analytics.com *.facebook.com *.facebook.net *.braze.com *.scarabresearch.com *.eservice.emarsys.net https:\/\/maps.googleapis.com https:\/\/player.vimeo.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/platform.cloud.coveo.com https:\/\/api.cloud.coveo.com https:\/\/search.cloud.coveo.com *.abtasty.com *.addthis.com *.adroll.com *.adsrvr.org *.amplitude.com *.bing.com *.bing.net *.clarity.ms *.doubleclick.net *.emarsys.net *.gstatic.com *.pricespider.com *.quantcount.com *.quantserve.com *.samsung.com *.typekit.net *.unbxd.io *.zipmoney.com.au *.zip.co d21gpk1vhmjuf5.cloudfront.net d3mewz86hy02zo.cloudfront.net *.mastersoftgroup.com *.zendesk.com *.zopim.com wss:\/\/widget-mediator.zopim.com www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.bj www.google.bs www.google.bt www.google.ca www.google.cg www.google.ch www.google.ci www.google.cl www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ma www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.ve www.google.co.za www.google.co.zm www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bn www.google.com.bo www.google.com.br www.google.com.co www.google.com.cy www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.mm www.google.com.mx www.google.com.my www.google.com.na www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sv www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vn www.google.cz www.google.de www.google.dk www.google.ee www.google.es www.google.fi www.google.fr www.google.ge www.google.gr www.google.gy www.google.hr www.google.hu www.google.ie www.google.im www.google.iq www.google.it www.google.jo www.google.kg www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.mn www.google.mu www.google.mv www.google.mw www.google.nl www.google.no www.google.nr www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.se www.google.si www.google.tl www.google.to www.google.tt www.google.vu *.zdassets.com nominatim.openstreetmap.org www.google.bf www.google.by www.google.cd www.google.cm www.google.co.ao www.google.co.bw www.google.co.ls www.google.co.mz www.google.co.vi www.google.co.zw www.google.com.ag www.google.com.bh www.google.com.bz www.google.com.cu www.google.com.do www.google.com.lb www.google.com.mt www.google.com.sl www.google.com.vc www.google.dj www.google.dz www.google.gm www.google.hn www.google.ki www.google.kz www.google.la www.google.sh www.google.sk www.google.sr www.google.tg www.google.ws zip.co 127.0.0.1 www.google.ad www.google.com.ng www.google.com.tj www.google.ga www.google.is www.google.ml www.google.rw www.google.sc www.google.sn www.google.so www.google.tn *.alicdn.com *.googleadservices.com *.hotjar.com *.jquery.com www.google.as www.google.co.uz www.google.com.af www.google.com.ly www.google.com.ni www.google.com.py www.google.dm www.google.ht www.google.je www.google.nu www.google.ps *.openstreetmap.org *.signifyd.com *.totaltools.com.au rum.hlx.page www.google.bi www.google.fm www.google.gg www.google.li www.google.ne www.google.sm www.google.td *.baidu.com *.gstatic-cache.com *.coveo.com *.linkedin.com *.mixpanel.com *.segment.com *.segment.io localhost www.google.com.gi www.google.cv totaltoolsnonproduction1b9a600cn.org.coveo.com totaltoolsproduction1tptz1hbe.org.coveo.com totaltoolsnonproduction1b9a600cn.analytics.org.coveo.com totaltoolsproduction1tptz1hbe.analytics.org.coveo.com platform-au.cloud.coveo.com *.gclb.goog *.contentsquare.net *.disqometer.com *.googleapis.com *.hotjar.io server-side-tagging-au-524581253881.australia-southeast1.run.app unpkg.com www.google.tm wss:\/\/ttonlinehelp.zendesk.com *.contentsquare.com dpe0djwch8671.cloudfront.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.adroll.com *.clarity.ms *.doubleclick.net *.google.com 'self' 'unsafe-inline'; report-uri https:\/\/f4c824ea-9c0b-4131-a2e2-886e99df7154.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src *; script-src 'self' 'nonce-TWtjTWlHdW5TVnhLNnA0YlNib2FOa0VuaHJDdFBmQ2Z0NUwxNG9tdlF4'; object-src *; style-src 'self' 'nonce-TWtjTWlHdW5TVnhLNnA0YlNib2FOa0VuaHJDdFBmQ2Z0NUwxNG9tdlF4' 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-KXD0U1NPIwBOD8Ld9uP3iw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.paddle.com connect.facebook.net mc.yandex.com mc.yandex.ru quantcast.mgr.consensu.org rules.quantcount.com secure.quantserve.com ssl.google-analytics.com translate.google.com translate.googleapis.com translate-pa.googleapis.com www.google-analytics.com www.googletagmanager.com cmp.auslogics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.paddle.com use.fontawesome.com www.iubenda.com translate.googleapis.com; img-src 'self' data: cms.quantserve.com mc.webvisor.org mc.yandex.by mc.yandex.com mc.yandex.com.tr mc.yandex.fr mc.yandex.kz mc.yandex.ru mc.yandex.ua mc.yandex.uz pixel.quantcount.com pixel.quantserve.com ssl.google-analytics.com ssl.gstatic.com translate.google.com translate.googleapis.com www.facebook.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.uz *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.af *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.gh *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.gy *.google.hn *.google.hr *.google.ht *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.ru *.google.se *.google.si *.google.sk *.google.sm *.google.sn *.google.sr *.google.tn *.google.tt *.google.td *.google.je *.google.ws *.google.rw *.google.co.mz *.google.sc *.google.tm *.google.ga *.google.tg *.google.com.ag *.google.co.in *.google.ad *.google.ml *.google.cg www.google-analytics.com www.googletagmanager.com www.gstatic.com yastatic.net; connect-src 'self' audit-tcfv2.quantcast.mgr.consensu.org code.jquery.com mc.yandex.by mc.yandex.com mc.yandex.com.tr mc.yandex.fr mc.yandex.kz mc.yandex.md mc.yandex.ru mc.yandex.ua mc.yandex.uz quantcast.mgr.consensu.org translate.googleapis.com www.google-analytics.com stats.g.doubleclick.net est.quantcast.mgr.consensu.org *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.uz *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.af *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.gh *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.gy *.google.hn *.google.hr *.google.ht *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.ru *.google.se *.google.si *.google.sk *.google.sm *.google.sn *.google.sr *.google.tn *.google.tt *.google.td *.google.je *.google.ws *.google.rw *.google.co.mz *.google.sc *.google.tm *.google.ga *.google.tg *.google.com.ag *.google.co.in *.google.ad *.google.ml *.google.cg cmp.auslogics.com; font-src 'self' fonts.gstatic.com use.fontawesome.com; object-src 'self'; media-src 'self'; form-action 'self'; frame-src 'self' m.youtube.com mc.yandex.com web.facebook.com www.facebook.com *.google.com www.googletagmanager.com www.youtube.com youtube.com; child-src 'self' www.facebook.com; worker-src 'self'; manifest-src 'self'; report-uri \/secure-headers\/report\/r\/d\/csp\/enforce; block-all-mixed-content; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" base-uri 'self'; child-src https:\/\/share.intercom.io https:\/\/intercom-sheets.com https:\/\/www.intercom-reporting.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.net; connect-src 'self' https:\/\/*.cliniko.com https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/api.honeybadger.io https:\/\/*.intercom.io wss:\/\/*.intercom.io https:\/\/uploads.intercomcdn.com https:\/\/uploads.intercomusercontent.com; default-src 'self'; font-src 'self' data: https:\/\/*.cloudfront.net https:\/\/js.intercomcdn.com; form-action 'self' https:\/\/intercom.help https:\/\/api-iam.intercom.io; frame-ancestors 'none'; img-src 'self' data: https:; manifest-src 'self'; media-src https:\/\/js.intercomcdn.com; script-src 'self' 'report-sample' 'unsafe-eval' 'unsafe-inline' https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/app.intercom.io https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline'; report-uri https:\/\/fa4a51a09d12751e5d532cfce80751aa.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com google.com *.intercomcdn.com *.intercom.io *.zdassets.com *.tiktok.com *.bing.com *.jsdelivr.net *.scarabresearch.com *.facebook.net *.storyblok.com *.vercel-scripts.com *.vercel.app *.ggmgastro.com *.ggmgastro.cz *.ggmgastro.xyz *.ggmgastro.fyi *.ggmgastro.dev *.vercel.com *.vercel.live vercel.live vercel.app *.cookiefirst.com *.beslist.nl *.pinterest.com *.smarketer.de *.doubleclick.net *.googleapis.com *.kk-resources.com *.pinimg.com *.clarity.ms googletagmanager.com *.googletagmanager.com *.google-analytics.com *.paypal.com *.adyen.com unpkg.com *.unpkg.com *.hotjar.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.cookiefirst.com *.adyen.com *.google-analytics.com googletagmanager.com *.googletagmanager.com *.google.com google.com *.googleadservices.com; object-src 'none'; base-uri 'self'; connect-src 'self' *.google.com google.com *.googleadservices.com *.doubleclick.net wss:\/\/*.intercom.io *.intercom.io *.zdassets.com *.tiktok.com *.tiktokw.us *.ggmgastro.com *.ggmgastro.cz *.ggmgastro.xyz *.ggmgastro.fyi *.ggmgastro.dev *.adyen.com *.cookiefirst.com *.beslist.nl *.pinterest.com *.algolia.net *.algolia.io *.bing.net *.smarketer.de *.googleapis.com *.clarity.ms *.scarabresearch.com *.googlesyndication.com *.google.com *.google.de *.google-analytics.com *.analytics.google.com googletagmanager.com *.googletagmanager.com *.paypal.com *.bing.com *.kelkoogroup.net *.facebook.com *.emarsys.net; font-src 'self' 'unsafe-inline' data:; frame-src 'self' *; img-src 'self' data: *.ggmgastro.com *.ggmgastro.cz *.ggmgastro.xyz *.ggmgastro.fyi *.ggmgastro.dev *.intercomcdn.com *.intercomassets.com *.zendesk.com *.cookiefirst.com *.adyen.com *.bynder.com ggm.bynder.com *.orbitvu.co *.youtube.com *.ytimg.com *.twgdns.com *.gstatic.com *.bing.net *.facebook.com *.facebook.net *.google.com google.com *.google.de *.paypalobjects.com *.storyblok.com *.doubleclick.net googletagmanager.com *.googletagmanager.com *.bing.com; manifest-src 'self'; media-src 'self'; worker-src 'self'; frame-ancestors 'self' https:\/\/app.storyblok.com","count":1},{"content-security-policy-report-only":" frame-ancestors *.sbazar.cz 'self' *.seznam.cz *.sdn.cz https:\/\/pay.google.com https:\/\/connect-js.stripe.com https:\/\/js.stripe.com; script-src *.sbazar.cz 'self' 'unsafe-inline' 'unsafe-eval' *.seznam.cz *.sdn.cz *.szn.cz *.pszn.cz *.im.cz *.mapy.cz *.mapy.com https:\/\/gacz.hit.gemius.pl https:\/\/scz.hit.gemius.pl https:\/\/ls.hit.gemius.pl https:\/\/login.szn.cz https:\/\/notifikace.seznam.cz https:\/\/www.googletagmanager.com https:\/\/region1.google-analytics.com https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/widget.packeta.com https:\/\/connect-js.stripe.com https:\/\/js.stripe.com *.adform.net *.adnxs.com *.adnxs-simple.com *.adsafeprotected.com *.consensu.org *.doubleclick.net *.doubleverify.com *.googlesyndication.com *.googletagservices.com *.imedia.cz *.imedia.dev.dszn.cz *.pliing.com *.pubmatic.com *.sbeta.cz *.sdn.szn.cz *.serving-sys.com *.sklik.cz ads.celtra.com *.2mdn.net ams.creativecdn.com cdn.id5-sync.com tags.crwdcntrl.net id5-sync.com\/gm\/v3 dis.criteo.com tracker.adnami.io script.adnami.io macro.adnami.io assets.adnami.io functions.adnami.io directive.adnami.io rmb.adnami.io https:\/\/www.sbazar.cz https:\/\/c.imedia.cz https:\/\/im.cz https:\/\/chat.sbazar.cz *.seznam.dev.dszn.cz *.seznam.test.dszn.cz; report-uri https:\/\/sentry.pszn.cz\/api\/232\/security\/?sentry_key=c74f7db661ae4cad8d94282c184d08f9","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' https:\/\/*.danskespil.dk https:\/\/www.googletagmanager.com https:\/\/app.varify.io https:\/\/sc-static.net https:\/\/1984danskespil.boost.ai; frame-ancestors 'self'; report-uri \/scapi\/danskespil\/security\/csp\/testreport; report-to csp-ro-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests; report-to csp","count":1},{"content-security-policy-report-only":" font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: oct8necdneu.azureedge.net *.trustedshops.com *.analytrix-tool.it *.convalytrix.it *.caast.tv *.efarma.dna-ai.dnafactory.it *.hotjar.com https:\/\/fonts.gstatic.com *.klarnacdn.net https:\/\/widgets.trustedshops.com *.yotpo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com sis-t.redsys.es:* sis.redsys.es sis-t.sermepa.es:* sis.sermepa.es * *.reskyt.com *.bing.com *.pinterest.com *.creativecdn.com *.tiktok.com *.t.co *.twitter.co *.doubleclick.net t.co *.twitter.com *.byspotify.com *.syndigo.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.googleapis.com https:\/\/www.salesmanago.pl https:\/\/api.clerk.io https:\/\/cdn.clerk.io 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.adyen.com *.vimeo.com *.oct8ne.com * *.cookiebot.com *.cookiebot.eu *.reskyt.com *.bing.com *.pinterest.com *.creativecdn.com *.tiktok.com *.t.co *.twitter.co *.doubleclick.net t.co *.twitter.com *.byspotify.com *.syndigo.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com *.klarna.com shein.m2e.cloud *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.adyen.com maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https:\/\/images.unsplash.com *.google.com *.google.es *.google.com.br *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net oct8necdneu.azureedge.net *.trustedshops.com *.bynder.com analytics.tiktok.com *.clerk.io assets.atida.com connect.facebook.net *.cookiebot.eu efarma-supercraft.s3.eu-south-1.amzonaws.com dwin1.com facebook.com google.com google.it googletagmanager.com *.doubleclick.net yotpo.com *.zdassets.com gastatic.com *.yotpo.com *.analytrix-tool.it *.convalytrix.it *.efarma.dna-ai.dnafactory.it *.atida.com *.dosfarma.com *.facebook.com *.zenaps.com *.awin1.com *.reskyt.com *.bing.com *.pinterest.com *.creativecdn.com *.tiktok.com *.t.co t.co *.twitter.co *.twitter.com *.cloudfront.net *.byspotify.com *.cookiebot.com *.googlesyndication.com *.syndigo.com *.assets.efarma.com efarma-supercraft.s3.eu-south-1.amazonaws.com *.efarma.com *.bing.net *.usercentrics.eu *.hotjar.com *.content.aimatch.com *.efarma.req-api.cruxo.io *.mastercard.com *.visa.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.ggpht https:\/\/cdn.clerk.io *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js polyfill.io *.google.com *.google.es *.google.com.br *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.cookiebot.com *.oct8ne.com *.trustedshops.com *.analytrix-tool.it *.convalytrix.it *.caast.tv *.efarma.dna-ai.dnafactory.it *.clerk.io *.cloudfront.net *.zdassets.com *.zendesk.com *.api.smooch.io *.connectif.cloud *.atida.com *.dosfarma.com *.newrelic.com *.nr-data.net *.dwin1.com *.pinimg.com *.ads-twitter.com *.tiktok.com *.kk-resources.com *.bing.com *.creativecdn.com *.facebook.net *.googlesyndication.com *.awin1.com *.zenaps.com *.facebook.com *.wepowerconnections.com *.sciencebehindecommerce.com *.reskyt.com *.pinterest.com *.t.co *.twitter.co *.doubleclick.net t.co *.twitter.com *.byspotify.com *.syndigo.com *.cookiebot.eu stapecdn.com *.efarma.com *.hotjar.com *.content.aimatch.com *.efarma.req-api.cruxo.io *.mastercard.com *.visa.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com cdn.scalapay.com b2c-cdn.scalapay.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io widget.freshworks.com m2epro.freshdesk.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.trustedshops.com *.analytrix-tool.it *.convalytrix.it *.caast.tv *.efarma.dna-ai.dnafactory.it *.googletagmanager.com *.reskyt.com *.bing.com *.pinterest.com *.creativecdn.com *.tiktok.com *.t.co *.twitter.co *.doubleclick.net t.co *.twitter.com *.byspotify.com *.syndigo.com *.hotjar.com *.mastercard.com *.visa.com unsafe-inline assets.braintreegateway.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io widget.freshworks.com m2epro.freshdesk.com https:\/\/fonts.googleapis.com *.klarnacdn.net https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adyen.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.google.com *.google.es *.google.com.br *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.oct8ne.com *.google.com\/pay *.analytrix-tool.it *.convalytrix.it *.clerk.io *.caast.tv *.efarma.dna-ai.dnafactory.it *.api.smooch.io *.zdassets.com *.zendesk.com *.connectif.cloud *.atida.com *.dosfarma.com *.algolia.io *.cookiebot.com *.cookiebot.eu *.nr-data.net google.com *.googlesyndication.com *.awin1.com *.zenaps.com *.facebook.com *.wepowerconnections.com *.sciencebehindecommerce.com *.reskyt.com *.bing.com *.pinterest.com *.creativecdn.com *.tiktok.com *.t.co *.twitter.co *.doubleclick.net t.co *.twitter.com *.byspotify.com *.syndigo.com *.bing.net *.efarma.com *.hotjar.com *.hotjar.io wss:\/\/ws.hotjar.com *.content.aimatch.com *.efarma.req-api.cruxo.io *.mastercard.com *.visa.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com widget.freshworks.com m2epro.freshdesk.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.yotpo.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.salesmanago.pl *.salesmanago.es *.salesmanago.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' *.mythad.com https:\/\/*.kwai-pro.com http:\/\/*.kwai-pro.com http:\/\/*.kwai.net https:\/\/*.kwai.net *.kwai.com *.snackvideo.in *.kwai.me *.kwai.app *.kwimgs.com *.yximgs.com *.cloudfront.net *.kuaishou.com https:\/\/*.gifshow.com http:\/\/*.gifshow.com https:\/\/log-sdk.ksapisrv.com https:\/\/www.googletagmanager.com https:\/\/gifshow-static.download.ks-cdn.com https:\/\/static3.avast.com https:\/\/translate.google.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com https:\/\/connect.facebook.net www.google-analytics.com hm.baidu.com m.snackvideo.com http:\/\/*.ap4r.com https:\/\/*.ap4r.com https:\/\/*.typekit.net http:\/\/*.typekit.net ak-sgp-pic.snackvideo.in tx-sgp-pic.snackvideo.in ws-sgp-pic.snackvideo.in g-us-kampic.golden49.net g-us-kamcdn.golden49.net m.kwai.com sentry.kuaishou.com https:\/\/cdn.jsdelivr.net https:\/\/at.alicdn.com https:\/\/www.facebook.com https:\/\/snap.licdn.com https:\/\/px.ads.linkedin.com https:\/\/cdn.linkedin.oribi.io https:\/\/www.linkedin.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.doubleclick.net asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;img-src http: https: asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;connect-src http: https: asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;report-uri https:\/\/csplog.kwai-pro.com\/log\/kwai\/wwwkwai","count":1},{"content-security-policy-report-only":" default-src 'self' primericaonline.okta.com login.primericaonline.com *.oktacdn.com *.primerica.com *.primericaonline.com cdn.cookielaw.org kit.fontawesome.com *.contentstack.io; connect-src 'self' primericaonline.okta.com primericaonline-admin.okta.com login.primericaonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com primericaonline.kerberos.okta.com primericaonline.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.primerica.com *.primericaonline.com cdn.cookielaw.org kit.fontawesome.com *.contentstack.io *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' primericaonline.okta.com login.primericaonline.com *.oktacdn.com *.primerica.com *.primericaonline.com cdn.cookielaw.org kit.fontawesome.com *.contentstack.io; style-src 'unsafe-inline' 'self' 'report-sample' primericaonline.okta.com login.primericaonline.com *.oktacdn.com *.primerica.com *.primericaonline.com cdn.cookielaw.org kit.fontawesome.com *.contentstack.io; frame-src 'self' primericaonline.okta.com primericaonline-admin.okta.com login.primericaonline.com login.okta.com *.vidyard.com com-okta-authenticator: *.primerica.com *.primericaonline.com cdn.cookielaw.org kit.fontawesome.com *.contentstack.io; img-src 'self' primericaonline.okta.com login.primericaonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: *.primerica.com *.primericaonline.com cdn.cookielaw.org kit.fontawesome.com *.contentstack.io blob:; font-src 'self' primericaonline.okta.com login.primericaonline.com data: *.oktacdn.com fonts.gstatic.com *.primerica.com *.primericaonline.com cdn.cookielaw.org kit.fontawesome.com *.contentstack.io; frame-ancestors 'self' https:\/\/mob.primericaonline.com https:\/\/*.primericaonline.com","count":1},{"content-security-policy-report-only":" default-src 'self'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.serpstat.com https:\/\/serpstat.com https:\/\/cdn.tiny.cloud https:\/\/www.dwin1.com https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/js.stripe.com https:\/\/connect.facebook.net https:\/\/apis.google.com https:\/\/accounts.google.com https:\/\/maps.googleapis.com https:\/\/*.amplitude.com https:\/\/*.sentry-cdn.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/accounts.google.com https:\/\/cdn.tiny.cloud https:\/\/*.serpstat.com https:\/\/serpstat.com; img-src 'self' data: blob: https:; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/*.serpstat.com https:\/\/serpstat.com; connect-src 'self' https: wss:; frame-src 'self' https:\/\/*.stripe.com https:\/\/www.youtube.com; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/*.stripe.com","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data:; media-src 'self'; connect-src 'self' wss:; frame-src 'self' *.cookiebot.com *.saleo.io; frame-ancestors 'self' https:\/\/*.tipalti.com; form-action 'self'; base-uri 'self'; object-src 'none'; report-uri https:\/\/tipalti.report-uri.com\/r\/d\/csp\/wizard;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.hotjar.com *.mavenoid.com *.klevu.com *.ksearchnet.com *.narvar.com *.narvar.qa *.onetrust.com www.worx.com worx.com *.signifyd.com *.onlineada.workers.dev maxaccess-api.onlineada.workers.dev *.maxaccess.io *.fontawesome.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de api.bazaarvoice.com stg.api.bazaarvoice.com www.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.sharethis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com s.amazon-adsystem.com *.hotjar.com www.facebook.com *.pinterest.com www.paypalobjects.com *.amc.demdex.net *.demdex.net *.cardinalcommerce.com *.authorize.net *.vimeo.com www.google.com *.ugc.bazaarvoice.com *.bazaarvoice.com *.api.bazaarvoice.com *.amazon-adsystem.com *.weltpixel.com mcstaging.worx.com tst.kaptcha.com *.adsrvr.org www.worx.com worx.com *.dap.akadns.net *.signifyd.com *.monetate.net ssl.kaptcha.com *.online-metrix.net *.captcha-delivery.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com * https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.sharethis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.affirm.com *.affirm.ca display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.bing.com *.adsrvr.org x.bidswitch.net pixel.advanseads *.fg8dgt.com www.facebook.com *.tremorhub.com *.reson8.com *.mathtag.com *.bluekai.com sync.search.spotxchange.com thrtle.com sync.go.sonobi.com *.demdex.net www.livehelpnow.net *.rubiconproject.net *.g.doubleclick.net tapestry.tapad.com segments.company-target.com simage2.pubmatic.com dsum.casalemedia.com ads.altitude-arena.com i.liadm.com *.listrakbi.com *.adobedtm.com *.sc.omtrdc.net *.everesttech.net *.magentocommerce.com *.sandbox.paypal.com *.ytimg.com *.swagger.io *.cloudfront.net *.bazaarvoice.com *.ugc.bazaarvoice.co *.rlcdn.com *.bfmio.com *.klevu.com *.ksearchnet.com *.narvar.com *.narvar.qa www.sandbox.paypal.com *.stats.paypal.com *.braintreegateway.com www.google.co.in *.cookielaw.org *.dap.akadns.net *.espssl.com *.s3.us-east-2.amazonaws.com *.pinterest.com *.hotjar.com www.emjcd.com *.dotomi.com *.worx.com worx.com *.five9.com *.nextdoor.com s3.amazonaws.com *.googleapis.com *.facebook.net *.eu.worx.com pippio.com *.adsymptotic.com *.openx.net *.agkn.com *.audrte.com *.krxd.net *.videohub.tv *.adxns.com *.media6degrees.com *.ads.linkedin.com *.scorecardresearch.com *.netseer.com *.us1.dyntrk.com *.insightexpressai.com *.mediawallahscript.com *.t.domdex.com *.services.xg4ken.com trkn.us *.mmsho.com *.narrative.io *.postrelease.com *.ispot.tv *.crsspxl.com *.bnmla.com *.acxiomapac.com *.y-medialink.com *.shopping.rakuten.com *.rtbiq.com *.ib-ibi.com *.signifyd.com *.monetate.net *.srv.stackadapt.com *.spotify.com *.rd.linksynergy.com um.simpli.fi cs.media.net *.addthis.com sync.ipredictive.com lrp.mxptint.net pixel.tapad.com epiv.cardlytics.com secure.adnxs.com www.entitytag.co.uk px.owneriq.net bttrack.com ssum.casalemedia.com usersync-b3.videoamp.com *.maxaccess.io *.online-metrix.net s3-us-west-2.amazonaws.com maps.googleapis.com maps.gstatic.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.pixriot.com *.storeimaging.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.sharethis.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com js-agent.newrelic.com bam.nr-data.net blueacornici.atlassian.net *.monetate.net www.livehelpnow.net js.klevu.com *.listrakbi.com *.facebook.net *.steelhousemedia.com *.adacado.com *.hotjar.com *.amazon-adsystem.com *.rlcdn.com *.adsrvr.org *.bidswitch.net *.adobedtm.com *.cardinalcommerce.com *.ccdc02.com *.authorize.net *.paypal.com *.ytimg.com *.bazaarvoice.com *.nexus.bazaarvoice.co *.ugc.bazaarvoice.com *.api.bazaarvoice.com *.iesnare.com *.atlassian.net polyfill.io *.fg8dgt.com *.ksearchnet.com *.sandbox.braintreegateway.com *.bing.com *.tiktok.com www.mczbf.com *.cookielaw.org *.maxaccess.io *.five9.com *.r.bidswitch.net *.dstillery.com *.media6degrees.com *.onlineada.workers.dev *.fullstory.com s.pinimg.com *.mavenoid.com *.cloudfront.net mcstaging.worx.com www.worx.com worx.com *.orderwave.com *.googleapis.com get.geojs.io *.g.doubleclick.net *.nextdoor.com code.jquery.com dap-dist.akamaized.net serviceconnection.pro *.blob.core.windows.net kalicube.pro *.jsdelivr.net *.dap.akadns.net sjwoe.com www.sjwoe.com *.narvar.com *.ads.linkedin.com www.googleoptimize.com *.signifyd.com *.datadome.co *.captcha-delivery.com *.schemaapp.com ct.pinterest.com cdnjs.cloudflare.com *.online-metrix.net kenwheeler.github.io maps.googleapis.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.sharethis.com display.ugc.bazaarvoice.com *.googleapis.com *.listrakbi.com *.mavenoid.com *.five9.com *.espssl.com *.typekit.net serviceconnection.pro *.onetrust.com www.worx.com worx.com *.signifyd.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com assets.braintreegateway.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.worx.com *.narvar.com *.narvar.qa 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.sharethis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com *.onetrust.com bam.nr-data.net *.listrakbi.com *.listrak.com *.hotjar.io *.g.doubleclick.net *.demdex.net *.sc.omtrdc.net *.cardinalcommerce.com *.amazonservices.com *.amazonservices.co.uk *.amazonservices.co.jp *.amazonservices.jp *.amazonservices.it *.amazonservices.fr *.amazonservices.es *.amazonservices.de *.bazaarvoice.com *.api.bazaarvoice.com *.klevu.com *.ksearchnet.com *.sandbox.braintreegateway.com *.tiktok.com *.cookielaw.org *.onlineada.workers.dev *.cloudfront.net *.execute-api.us-east-2.amazonaws.com *.five9.com *.fullstory.com www.mczbf.com *.pinterest.com *.ingest.sentry.io *.mavenoid.com *.googleapis.com surveystats.hotjar.io serviceconnection.pro kalicube.pro *.blob.core.windows.net www.facebook.com *.jsdelivr.net *.dap.akadns.net sjwoe.com www.sjwoe.com www.worx.com worx.com *.ads.linkedin.com www.googleoptimize.com www.livehelpnow.net *.signifyd.com *.monetate.net *.datadome.co *.cloudfunctions.net *.bing.com *.schemaapp.com *.google.co.in *.maxaccess.io s.amazon-adsystem.com ara.paa-reporting-advertising.amazon maps.googleapis.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.pixriot.com *.storeimaging.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'unsafe-eval' 'unsafe-inline' https: 'nonce-d36d3711ff20814916edc7ce' 'strict-dynamic' 'report-sample'  https:\/\/*.criteo.com https:\/\/static.criteo.net  https:\/\/*.facebook.com https:\/\/connect.facebook.net  https:\/\/*.hotjar.com js.braintreegateway.com assets.braintreegateway.com www.paypalobjects.com *.paypal.com songbird.cardinalcommerce.com *.googletagmanager.com ; worker-src 'self'; object-src 'none'; base-uri 'none'; frame-ancestors 'none'; report-uri https:\/\/csp.tourradar.com","count":1},{"content-security-policy-report-only":" default-src 'self'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=B1LVsGMe2gZTNl7jIkZVqPq5A2j94kz7UjG.7RckBJE-1778721819.784417-1.0.1.1-n9qzVpInl25q5.Uj7yfhajHbHwlqaliZMDiMELkAJ..iDM4NSzNkYSGy5s808oSkiU3OglUrtaMLXxgUcIEdT9_CUGwvf9VJlLgrqOTy9m24Shdh0WxNIwOHl8dXP4DEhzYXa3kSvOqThMI9bk3iwe5u8RSHFopdbDs96B66hRVwK8i4R.iauq0qHs1y_H2p; report-to cf-vfmruouagwlzrimt","count":1},{"content-security-policy-report-only":" default-src 'self' http: https: wss: data: blob: 'unsafe-inline'; connect-src 'self' *.mypurecloud.com.au lifeline.payments2us.com *.typeform.com stockist.co *.youtube.com *.spotify.com *.vimeo.com vimeo.com cdn.usefathom.com *.hotjar.com *.clarity.ms *.google.com *.googletagmanager.com *.googleapis.com *.google-analytics.com *.gstatic.com connect.facebook.net lifeline.serviceseeker.com.au us-central1-stockist-prod.cloudfunctions.net *.bugherd.com; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; img-src 'self' data: https:; font-src 'self' https: data:; style-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; connect-src 'self' https:; report-to csp-endpoint; report-uri https:\/\/csp-report.goglobal.travel\/v1\/csp-report;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com *.googleapis.com static.cloudflareinsights.com unpkg.com translate.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: www.google-analytics.com www.googletagmanager.com v1.sahistory.org.za http:\/\/v1.sahistory.org.za http:\/\/www.v1.sahistory.org.za https:\/\/v1.sahistory.org.za *.tile.openstreetmap.org unpkg.com http:\/\/www.sahistory.org.za http:\/\/sahistory.org.za https:\/\/www.sahistory.org.za translate.google.com translate.googleapis.com fonts.gstatic.com; media-src 'self'; frame-src 'self' www.youtube.com youtube.com; frame-ancestors 'self'; child-src 'self'; font-src 'self' fonts.gstatic.com data:; connect-src 'self' *.google-analytics.com www.google-analytics.com www.googletagmanager.com translate.googleapis.com; report-uri \/report-csp-violation; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" connect-src 'none'; font-src 'self'; frame-src 'none'; img-src 'self'; media-src 'none'; object-src 'none'; report-uri https:\/\/browser-intake-us3-datadoghq.com\/api\/v2\/logs?dd-api-key=pub073cc344e99148d91a146b4cfdfbd3e9&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Atrac-jobs-website%2Cenv%3Aprod%2Cversion%3A2026.2; script-src 'self' https:\/\/ajax.googleapis.com\/; style-src 'self'; worker-src 'none'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-zC0YnzAArWCTvwD8eT0n4A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" worker-src blob:; sandbox *.425.degree *.425degree.com 425degree.com www.425degree.com https:\/\/www.facebook.com *.facebook.com *.facebook.net *.tiktok.com https:\/\/browser-intake-datadoghq.com *.datadoghq.com; font-src *.cloudflare.com *.425degree.com *.fontawesome.com *.typekit.net *.trustedshops.com https:\/\/browser-intake-datadoghq.com *.datadoghq.com *.googleapis.com https:\/\/www.gstatic.com fonts.gstatic.com *.kxcdn.com maxcdn.bootstrapcdn.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action www.facebook.com https:\/\/browser-intake-datadoghq.com *.datadoghq.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com *.doubleclick.net *.infogram.com *.facebook.com *.googleadservices.com *.googlesyndication.com https:\/\/www.google.co.th *.kasikornbank.com *.googletagmanager.com *.pinterest.com *.425.degree *.425degree.com https:\/\/browser-intake-datadoghq.com *.datadoghq.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com facebook.com www.facebook.com *.kxcdn.com youtube.com www.youtube.com platform.twitter.com *.google.com *.addthis.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com https:\/\/www.google.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com *.cloudflare.com https:\/\/cdn.klarna.com *.425degree.com *.425.degree https:\/\/www.trustmarkthai.com\/ https:\/\/t.co https:\/\/www.google.co.th *.doubleclick.net *.facebook.com *.pinterest.com https:\/\/www.googletagmanager.com\/ *.googleadservices.com *.paypal.com *.vimeocdn.com https:\/\/s.ytimg.com *.usercentrics.eu *.clarity.ms www.clarity.ms *.bing.com https:\/\/browser-intake-datadoghq.com *.datadoghq.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com i.ytimg.com *.youtube.com validator.swagger.io *.googleapis.com *.gstatic.com *.cdninstagram.com *.kxcdn.com *.twitter.com *.google.com *.fbcdn.net ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com pinterest.com assets.pinterest.com syndication.twitter.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com *.cloudflare.com https:\/\/www.trustmarkthai.com\/ https:\/\/chimpstatic.com\/ *.twitter.com *.ads-twitter.com *.425.degree *.425degree.com https:\/\/googleads.g.doubleclick.net *.infogram.com *.facebook.com *.newrelic.com *.nr-data.net *.pinimg.com www.google-analytics.com *.googlesyndication.com *.trustedshops.com *.usercentrics.eu *.tiktok.com *.fullstory.com *.clarity.ms www.clarity.ms *.bing.com https:\/\/browser-intake-datadoghq.com *.datadoghq.com www.googleadservices.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com https:\/\/www.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.com *.gstatic.com cdn.ampproject.org connect.facebook.net googletagmanager.com *.kxcdn.com platform.twitter.com *.addthis.com *.addthisedge.com *.moatads.com chimpstatic.com downloads.mailchimp.com *.list-manage.com *.kasikornbank.com www.facebook.com graph.facebook.com business.facebook.com twitter.com https:\/\/www.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cloudflare.com *.425degree.com *.fontawesome.com *.typekit.net *.trustedshops.com *.usercentrics.eu https:\/\/browser-intake-datadoghq.com *.datadoghq.com fonts.googleapis.com *.googleapis.com *.google.com *.kxcdn.com *.gstatic.com downloads.mailchimp.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.425.degree *.425degree.com https:\/\/browser-intake-datadoghq.com *.datadoghq.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.cloudflare.com *.pinterest.com *.paypal.com *.tiktok.com *.fullstory.com *.clarity.ms www.clarity.ms *.bing.com https:\/\/browser-intake-datadoghq.com *.datadoghq.com https:\/\/www.trustmarkthai.com\/ https:\/\/t.co *.425.degree *.nr-data.net www.facebook.com www.google-analytics.com *.doubleclick.net www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com https:\/\/www.paypal.com\/xoplatform\/logger\/api\/logger cdn.ampproject.org *.kxcdn.com *.instagram.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.ototoy.jp; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/*.ototoy.jp https:\/\/bccks.jp https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/jquery.bootstrapvalidator\/ https:\/\/connect.facebook.net https:\/\/platform.instagram.com https:\/\/www.instagram.com https:\/\/code.jquery.com https:\/\/scdn.line-apps.com https:\/\/d.line-scdn.net https:\/\/embed.nicovideo.jp https:\/\/platform.twitter.com https:\/\/syndication.twitter.com https:\/\/player.vimeo.com https:\/\/platform.vine.co https:\/\/static-fe.payments-amazon.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com; style-src 'self' 'unsafe-inline' https:\/\/*.ototoy.jp https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/font-awesome\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/jquery.bootstrapvalidator\/ https:\/\/fonts.googleapis.com; img-src 'self' data: blob: *; font-src 'self' data: https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/font-awesome\/ https:\/\/fonts.gstatic.com; connect-src 'self' data: blob: https:\/\/*.ototoy.jp https:\/\/payments-fe.amazon.com https:\/\/api3.veritrans.co.jp https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.ad https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.al https:\/\/*.google.am https:\/\/*.google.co.ao https:\/\/*.google.com.ar https:\/\/*.google.as https:\/\/*.google.at https:\/\/*.google.com.au https:\/\/*.google.az https:\/\/*.google.ba https:\/\/*.google.com.bd https:\/\/*.google.be https:\/\/*.google.bf https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.bi https:\/\/*.google.bj https:\/\/*.google.com.bn https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.bs https:\/\/*.google.bt https:\/\/*.google.co.bw https:\/\/*.google.by https:\/\/*.google.com.bz https:\/\/*.google.ca https:\/\/*.google.cd https:\/\/*.google.cf https:\/\/*.google.cg https:\/\/*.google.ch https:\/\/*.google.ci https:\/\/*.google.co.ck https:\/\/*.google.cl https:\/\/*.google.cm https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.cr https:\/\/*.google.com.cu https:\/\/*.google.cv https:\/\/*.google.com.cy https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.dj https:\/\/*.google.dk https:\/\/*.google.dm https:\/\/*.google.com.do https:\/\/*.google.dz https:\/\/*.google.com.ec https:\/\/*.google.ee https:\/\/*.google.com.eg https:\/\/*.google.es https:\/\/*.google.com.et https:\/\/*.google.fi https:\/\/*.google.com.fj https:\/\/*.google.fm https:\/\/*.google.fr https:\/\/*.google.ga https:\/\/*.google.ge https:\/\/*.google.gg https:\/\/*.google.com.gh https:\/\/*.google.com.gi https:\/\/*.google.gl https:\/\/*.google.gm https:\/\/*.google.gr https:\/\/*.google.com.gt https:\/\/*.google.gy https:\/\/*.google.com.hk https:\/\/*.google.hn https:\/\/*.google.hr https:\/\/*.google.ht https:\/\/*.google.hu https:\/\/*.google.co.id https:\/\/*.google.ie https:\/\/*.google.co.il https:\/\/*.google.im https:\/\/*.google.co.in https:\/\/*.google.iq https:\/\/*.google.is https:\/\/*.google.it https:\/\/*.google.je https:\/\/*.google.com.jm https:\/\/*.google.jo https:\/\/*.google.co.jp https:\/\/*.google.co.ke https:\/\/*.google.com.kh https:\/\/*.google.ki https:\/\/*.google.kg https:\/\/*.google.co.kr https:\/\/*.google.com.kw https:\/\/*.google.kz https:\/\/*.google.la https:\/\/*.google.com.lb https:\/\/*.google.li https:\/\/*.google.lk https:\/\/*.google.co.ls https:\/\/*.google.lt https:\/\/*.google.lu https:\/\/*.google.lv https:\/\/*.google.com.ly https:\/\/*.google.co.ma https:\/\/*.google.md https:\/\/*.google.me https:\/\/*.google.mg https:\/\/*.google.mk https:\/\/*.google.ml https:\/\/*.google.com.mm https:\/\/*.google.mn https:\/\/*.google.com.mt https:\/\/*.google.mu https:\/\/*.google.mv https:\/\/*.google.mw https:\/\/*.google.com.mx https:\/\/*.google.com.my https:\/\/*.google.co.mz https:\/\/*.google.com.na https:\/\/*.google.com.ng https:\/\/*.google.com.ni https:\/\/*.google.ne https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.com.np https:\/\/*.google.nr https:\/\/*.google.nu https:\/\/*.google.co.nz https:\/\/*.google.com.om https:\/\/*.google.com.pa https:\/\/*.google.com.pe https:\/\/*.google.com.pg https:\/\/*.google.com.ph https:\/\/*.google.com.pk https:\/\/*.google.pl https:\/\/*.google.pn https:\/\/*.google.com.pr https:\/\/*.google.ps https:\/\/*.google.pt https:\/\/*.google.com.py https:\/\/*.google.com.qa https:\/\/*.google.ro https:\/\/*.google.ru https:\/\/*.google.rw https:\/\/*.google.com.sa https:\/\/*.google.com.sb https:\/\/*.google.sc https:\/\/*.google.se https:\/\/*.google.com.sg https:\/\/*.google.sh https:\/\/*.google.si https:\/\/*.google.sk https:\/\/*.google.com.sl https:\/\/*.google.sn https:\/\/*.google.so https:\/\/*.google.sm https:\/\/*.google.sr https:\/\/*.google.st https:\/\/*.google.com.sv https:\/\/*.google.td https:\/\/*.google.tg https:\/\/*.google.co.th https:\/\/*.google.com.tj https:\/\/*.google.tl https:\/\/*.google.tm https:\/\/*.google.tn https:\/\/*.google.to https:\/\/*.google.com.tr https:\/\/*.google.tt https:\/\/*.google.com.tw https:\/\/*.google.co.tz https:\/\/*.google.com.ua https:\/\/*.google.co.ug https:\/\/*.google.co.uk https:\/\/*.google.com.uy https:\/\/*.google.co.uz https:\/\/*.google.com.vc https:\/\/*.google.co.ve https:\/\/*.google.co.vi https:\/\/*.google.com.vn https:\/\/*.google.vu https:\/\/*.google.ws https:\/\/*.google.rs https:\/\/*.google.co.za https:\/\/*.google.co.zm https:\/\/*.google.co.zw https:\/\/*.google.cat; frame-src 'self' https:\/\/bandcamp.com https:\/\/m.facebook.com https:\/\/mobile.facebook.com https:\/\/web.facebook.com https:\/\/www.facebook.com https:\/\/www.instagram.com https:\/\/social-plugins.line.me https:\/\/embed.nicovideo.jp https:\/\/w.soundcloud.com https:\/\/open.spotify.com https:\/\/platform.twitter.com https:\/\/syndication.twitter.com https:\/\/player.vimeo.com https:\/\/www.youtube.com https:\/\/secure2.arcot.com https:\/\/secure4.arcot.com https:\/\/dig-acs2.cafis-paynet.jp https:\/\/dig3ds.cafis-paynet.jp https:\/\/geoissuer.cardinalcommerce.com https:\/\/acs-jcn.dnp-cdms.jp https:\/\/api.veritrans.co.jp https:\/\/*.google.com https:\/\/td.doubleclick.net; report-uri \/csp-report.php?v=3","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval'; connect-src 'self'; img-src 'self' data: www.pkobp.pl; style-src 'self' 'unsafe-inline'; font-src 'self'; report-uri \/ikd_img\/skins\/ipko\/grcv;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ffImgBtIqOfup_Fm88fGDw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src 'self' https:\/\/d1mnljovdqnw4e.cloudfront.net data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; connect-src 'self' https:; img-src 'self' https:; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/services.sdiapi.com;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-LC-U7rh2ThwpWnC8hAohOw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob: *.allopneus.com *.gstatic.com *.youtube.com *.ytimg.com *.google.com google.com www.google.com *.google.fr google.fr www.google.fr *.google.be google.be www.google.be *.googleapis.com *.facebook.com *.doubleclick.net *.g.doubleclick.net googleads.g.doubleclick.net *.googlesyndication.com pagead2.googlesyndication.com www.googleadservices.com images.driverreviews.com bat.bing.com bat.bing.net analytics.optimalpeople.fr tr.cloud-media.fr marker.np6.com *.zoho.eu *.zohopublic.eu *.googletagmanager.com cdn.cookielaw.org *.apple.com *.checkout.com *.dalenys.com *.pushaddict.com *.avis-verifies.com *.oney.io *.payline.com *.paypal.com gethatch.com gjigle.com; font-src 'self' data: *.allopneus.com *.gstatic.com fonts.googleapis.com use.typekit.net p.typekit.net *.zohocdn.com applepay.cdn-apple.com *.payline.com maxcdn.bootstrapcdn.com *.oney.io; connect-src 'self' *.allopneus.com *.apple.com browser-intake-datadoghq.eu *.datadome.co *.captcha-delivery.com *.kameleoon.eu cdn.cookielaw.org *.onetrust.com *.zohopublic.eu *.zoho.eu notifpush.com *.notifadz.com data.thank-you.io ping.thank-you.io *.google.com www.google.com google.com analytics.optimalpeople.fr pagead2.googlesyndication.com www.googleadservices.com *.doubleclick.net *.g.doubleclick.net googleads.g.doubleclick.net bat.bing.com bat.bing.net connect.facebook.net www.googletagmanager.com *.facebook.com marker.np6.com widget.driverreviews.com js.checkout.com gethatch.com *.cloudflare.com *.cloudflareinsights.com tagmanager.pirelli.com a.imgstatics.com gjigle.com *.googleapis.com *.oney.io *.payline.com *.paypal.com www.datadoghq-browser-agent.com *.avis-verifies.com; frame-src 'self' *.allopneus.com accounts.google.com *.facebook.com *.zohopublic.eu cdn-eu.pagesense.io *.captcha-delivery.com www.youtube.com *.apple.com *.checkout.com *.tradedoubler.com tradedoubler.com *.dalenys.com *.clic2buy.com gjigle.com *.paypal.com *.payline.com *.oney.io *.avis-verifies.com applepay.cdn-apple.com; script-src-attr 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *.allopneus.com fonts.googleapis.com *.gstatic.com use.typekit.net p.typekit.net *.zohocdn.com cdn-eu.pagesense.io accounts.google.com *.dalenys.com *.payline.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' blob: *.allopneus.com www.googletagmanager.com cdn.cookielaw.org *.onetrust.com cookie-cdn.cookiepro.com js.datadome.co *.captcha-delivery.com *.kameleoon.eu notifpush.com *.notifadz.com cdn.np6.com cdnjs.cloudflare.com connect.facebook.net pagead2.googlesyndication.com www.googleadservices.com *.zohocdn.com *.zohostatic.eu *.zohopublic.eu *.zoho.eu maillist-manage.eu cdn-eu.pagesense.io analytics.optimalpeople.fr widget.driverreviews.com data.thank-you.io bat.bing.com *.google.com accounts.google.com appleid.cdn-apple.com applepay.cdn-apple.com *.dalenys.com cdn.checkout.com js.checkout.com *.tradedoubler.com *.clic2buy.com gethatch.com *.cloudflare.com *.cloudflareinsights.com tagmanager.pirelli.com www.youtube.com *.googleapis.com *.avis-verifies.com *.oney.io *.payline.com *.paypal.com www.datadoghq-browser-agent.com maxcdn.bootstrapcdn.com; media-src 'self' data: blob:; worker-src 'self' blob:; child-src 'self' blob:; report-to csp-reports; report-uri https:\/\/browser-intake-datadoghq.eu\/api\/v2\/logs?dd-api-key=pub252bc361e6eaa27a32ccc4135ddcc93f&dd-evp-origin=content-security-policy&ddsource=csp-report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-QbVuNjgl-8RMrE2t0-voEA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-src viz.tools.investis.com irs.tools.investis.com www.youtube.com www.youtube-nocookie.com; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=i6PaAbmsmKXnGLpr8vDgc8Ub0JELvuBsLavkmAex9b4-1778729611.5940723-1.0.1.1-gM_CERPzGPOkV7cvcPvMoUWiGvSueIZPCchJwcrLls0xNth6OLt3v_6Ly9QPBzN9.XLG4doJYJTQYUng3dY4E9K1NNBsD7GHPHR58pyzp9_w3CIQV9VJcmFpRUenGztg72AZfnRdfahpZ1_C0lo_EwsNB.iMOdQOyH2ixg1mc_8XoISpbc22DEfkqN5kAS94QYBiFvvORSdUfe5lqrQLHQ; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self'; child-src 'self'; connect-src 'self' cdnjs.cloudflare.com *.algolia.net *.algolianet.com *.flickr.com *.googleapis.com *.google-analytics.com *.gstatic-cache.com *.typekit.com *.typekit.net https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/o15468.ingest.sentry.io\/api\/6068037\/envelope\/; font-src 'self' cdnjs.cloudflare.com *.typekit.net fonts.gstatic.com app.everviz.com\/static\/fonts\/; frame-src 'self' maps.google.com *.typekit.net player.vimeo.com translate.googleapis.com *.twitter.com www.google.com www.googletagmanager.com *.youtube.com; img-src 'self' data: cdnjs.cloudflare.com *.staticflickr.com *.twitter.com *.typekit.net *.googletagmanager.com fonts.gstatic.com translate.google.com comsec-web-static.s3.eu-west-1.amazonaws.com staging-new-commonwealth-files.s3.eu-west-2.amazonaws.com testing-new-commonwealth-files.s3.eu-west-2.amazonaws.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com; media-src 'self' comsec-web-static.s3.eu-west-1.amazonaws.com staging-new-commonwealth-files.s3.eu-west-2.amazonaws.com testing-new-commonwealth-files.s3.eu-west-2.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' apis.google.com code.highcharts.com connect.facebook.net embedr.flickr.com player.vimeo.com unpkg.com www.googletagmanager.com www.gstatic.com app.everviz.com\/resources\/js\/ app.everviz.com\/inject cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/nomoredirectory.org https:\/\/unpkg.com; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com player.vimeo.com cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/nomoredirectory.org https:\/\/unpkg.com; style-src 'self' 'unsafe-inline' code.highcharts.com *.typekit.net *.googleapis.com unpkg.com www.gstatic.com app.everviz.com\/static\/fonts\/ app.everviz.com\/resources\/css\/ cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/nomoredirectory.org https:\/\/unpkg.com; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' *.typekit.net cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/nomoredirectory.org https:\/\/unpkg.com; frame-ancestors 'self'; report-uri https:\/\/thecommonwealth.org\/log-report-uri\/reportOnly","count":1},{"content-security-policy-report-only":" font-src *.gstatic.com data: fonts.googleapis.com fonts.gstatic.com *.fontawesome.com *.yotpo.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.gstatic.com *.googleapis.com maps.googleapis.com maps.gstatic.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com *.avada.io *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com cdn.dnky.co webchat.dotdigital.com *.fontawesome.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com https:\/\/get.geojs.io *.avada.io *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" form-action 'self'; connect-src 'self' googletagmanager.com www.googletagmanager.com google-analytics.com *.google-analytics.com google.com google.co.jp *.googleadservices.com *.googlesyndication.com stats.g.doubleclick.net *.clarity.ms c.bing.com bat.bing.com s.yimg.jp b9x.yahoo.co.jp yads.yahoo.co.jp connect.facebook.net www.facebook.com pi.pardot.com *.pardot.com assets.juicer.cc script.juicer.cc; report-uri \/csp\/api\/csp_report\/","count":1},{"content-security-policy-report-only":" default-src *; script-src * data: wasm-eval: 'self' 'unsafe-eval' 'unsafe-inline' 'report-sample'; object-src 'none'; child-src * blob:; worker-src * blob: 'self'; img-src * blob: data: 'self'; upgrade-insecure-requests; form-action * 'self'; connect-src * 'self'; frame-src * 'self'; font-src * data: 'self'; style-src * 'unsafe-inline' 'self' data:; report-uri https:\/\/o166208.ingest.sentry.io\/api\/1238795\/security\/?sentry_key=eebe259ebaa846d39aaae0e3404505ab&sentry_environment=production","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https:\/\/aau.edu.jo https:\/\/*.aau.edu.jo *.googleusercontent.com *.jsdelivr.net *.gstatic.com *.bootstrapcdn.com *.googleapis.com *.google.com; report-uri \/\/report-csp-violation","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/families_google","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https:\/\/app.storyblok.com; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https:\/\/st.anyip.io https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.doubleclick.net https:\/\/*.googleadservices.com https:\/\/*.hs-scripts.com https:\/\/*.hs-analytics.net https:\/\/*.hs-banner.com https:\/\/ph.anyip.io https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com https:\/\/connect.facebook.net https:\/\/www.redditstatic.com https:\/\/valley-intent.nyc3.digitaloceanspaces.com https:\/\/d-code.liadm.com https:\/\/*.clarity.ms https:\/\/bat.bing.com https:\/\/static.cloudflareinsights.com https:\/\/snap.licdn.com https:\/\/static.ads-twitter.com https:\/\/app.factors.ai https:\/\/code.upscope.io https:\/\/js.upscope.io https:\/\/widget.trustpilot.com https:\/\/ddwl4m2hdecbv.cloudfront.net https:\/\/sc.lfeeder.com https:\/\/t.rightmessage.com https:\/\/app.storyblok.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/fonts.intercomcdn.com; media-src 'self' https:\/\/js.intercomcdn.com; connect-src 'self' https: wss:; frame-src 'self' https:\/\/st.anyip.io https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/*.recaptcha.net https:\/\/*.intercom.io https:\/\/*.liadm.com https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com; form-action 'self'; worker-src 'self' blob:; report-uri \/_csp-report","count":1},{"content-security-policy-report-only":" font-src *.cloudflare.com *.googleapis.com *.gstatic.com *.reviews.io *.slant.co *.klarnacdn.net *.media-amazon.com chat.digitalgenius.com data: 'self' 'unsafe-inline'; form-action * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src * 'self' 'unsafe-inline'; img-src *.holzkern.com *.bing.com *.bing.net *.clarity.ms *.criteo.com *.criteo.net *.doubleclick.net *.facebook.com *.ggpht.com *.google-analytics.com *.google.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.kameleoon.com *.experimentation.dev *.luckyorange.com *.payments-amazon.com *.pinterest.com *.reviews.io *.twitter.com d10lpsik1i8c69.cloudfront.net t.co x.bidswitch.net ib.adnxs.com rtb-csync.smartadserver.com sync-t1.taboola.com visitor.omnitagjs.com r.casalemedia.com id5-sync.com ad.360yield.com matching.ivitrack.com contextual.media.net exchange.mediavine.com jadserve.postrelease.com sync.outbrain.com simage2.pubmatic.com pixel.rubiconproject.com match.sharethrough.com criteo-sync.teads.tv criteo-partners.tremorhub.com eb2.3lift.com a.twiago.com ad.yieldlab.net sync-criteo.ads.yieldmo.com e1.emxdgt.com sync.1rx.io sync.targeting.unrulymedia.com collector-45613.tvsquared.com public-prod-dspcookiematching.dmxleo.com aa.agkn.com *.paypalobjects.com *.media-amazon.com *.klarnacdn.net *.paypal.com safesly.com *.klarna.com *.klarnaevt.com dpm.demdex.net *.vimeocdn.com *.adyen.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.pl www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tm www.google.tn www.google.to www.google.tt www.google.vu www.google.ws data: 'self' 'unsafe-inline'; script-src *.holzkern.com *.addthis.com *.ads-twitter.com *.bing.com *.boxx.ai *.clarity.ms *.cloudflare.com *.cloudflareinsights.com *.cnd-motionmedia.de *.criteo.com *.doubleclick.net *.facebook.net *.google.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.kameleoon.com *.kameleoon.eu *.experimentation.dev *.netcoresmartech.com *.payments-amazon.com *.pinimg.com *.pinterest.com *.reviews.io *.snapchat.com *.sovendus.com *.vimeo.com d10lpsik1i8c69.cloudfront.net sc-static.net js.klarna.com collector-45613.tvsquared.com *.newrelic.com *.nr-data.net *.paypal.com *.stripe.com *.qstatic.com *.braintreegateway.com *.klarna.com *.klarnacdn.net *.gstatic.com *.cdn-apple.com *.cardinalcommerce.com *.paypalobjects.com chat.digitalgenius.com *.dgdeepai.com *.klarnaservices.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.holzkern.com *.cloudflare.com *.googleapis.com *.googletagmanager.com *.kameleoon.com *.experimentation.dev *.reviews.io *.vimeocdn.com *.klarnacdn.net d10lpsik1i8c69.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.bing.com *.google.com *.gstatic.com *.vimeocdn.com 'self' 'unsafe-inline'; manifest-src *.netcoresmartech.com 'self' 'unsafe-inline'; connect-src * 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.vimeo.com 'self' 'unsafe-inline'; report-uri https:\/\/68687097-c7e3-4199-ac7f-b76294254f77.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/*.onetrust.com https:\/\/cdn.cookielaw.org https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/connect.facebook.net https:\/\/apis.google.com https:\/\/yoast.com https:\/\/static.axept.io; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/*.onetrust.com https:\/\/www.gstatic.com; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/*.hotjar.com; img-src 'self' data: blob: https: http:\/\/www.slidescarnival.com; media-src 'self' https:\/\/ssl.gstatic.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net https:\/\/www.canva.com https:\/\/docs.google.com https:\/\/accounts.google.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/analytics.google.com https:\/\/www.googletagmanager.com https:\/\/cdn.jsdelivr.net https:\/\/*.onetrust.com https:\/\/cdn.cookielaw.org https:\/\/api.canva.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/vc.hotjar.io https:\/\/metrics.hotjar.io https:\/\/stats.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/translate.googleapis.com https:\/\/apis.google.com https:\/\/*.is5qnl632q-uc.a.run.app https:\/\/www.google.com https:\/\/www.google.co.in https:\/\/www.google.co.uk https:\/\/www.google.co.za https:\/\/www.google.com.au https:\/\/www.google.com.eg https:\/\/www.google.com.my https:\/\/www.google.com.ph https:\/\/www.google.com.sa https:\/\/www.google.com.tw https:\/\/www.google.com.vn; worker-src 'self' blob: https:\/\/cdn.jsdelivr.net; frame-ancestors 'self' https:\/\/*.canva.com; report-uri \/wp-admin\/admin-ajax.php?action=sc_csp_report","count":1},{"content-security-policy-report-only":" default-src 'self' *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io; script-src 'self' blob: 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' *.google-analytics.com https:\/\/ajax.googleapis.com https:\/\/cdn.hellosign.com https:\/\/code.jquery.com https:\/\/cdn.pendo.io https:\/\/static.zdassets.com https:\/\/edge.fullstory.com https:\/\/*.storage.googleapis.com https:\/\/data.pendo.io *.pusher.com *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io; script-src-elem 'self' blob: *.googletagmanager.com *.cloudflare.com *.google-analytics.com 'unsafe-inline' 'unsafe-hashes' https:\/\/ajax.googleapis.com https:\/\/code.jquery.com https:\/\/cdn.hellosign.com https:\/\/cdn.pendo.io https:\/\/static.zdassets.com https:\/\/edge.fullstory.com https:\/\/*.storage.googleapis.com https:\/\/data.pendo.io *.pusher.com *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io; img-src 'self' data: *.google-analytics.com *.googletagmanager.com https:\/\/*.storage.googleapis.com https:\/\/data.pendo.io *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io; connect-src 'self' *.google-analytics.com wss:\/\/ws-ap2.pusher.com *.pusher.com https:\/\/app.hellosign.com https:\/\/*.zdassets.com wss:\/\/ws-mt1.pusher.com https:\/\/storedge.zendesk.com https:\/\/edge.fullstory.com https:\/\/rs.fullstory.com https:\/\/data.pendo.io https:\/\/*.storedge.com *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io; frame-src 'self' https:\/\/app.hellosign.com https:\/\/esign-signing-ui.polaris.devable.io https:\/\/esign-signing-ui.polaris.stageable.io https:\/\/esign-signing-ui.polaris.storable.io *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io https:\/\/astria-porta.access.devable.io\/ https:\/\/astria-porta.access.stageable.io\/ https:\/\/astria-porta.access.storable.io\/; style-src 'self' 'unsafe-inline' 'unsafe-hashes' fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/data.pendo.io https:\/\/*.storage.googleapis.com https:\/\/stackpath.bootstrapcdn.com *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io; font-src 'self' fonts.gstatic.com; form-action 'self' *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io; frame-ancestors 'self' *.storedgefms.com https:\/\/enterprise.storedge.com https:\/\/talemonger.auth.storable.io https:\/\/cdn.talemonger.auth.storable.io https:\/\/portal.storable.io https:\/\/esign-service.polaris.storable.io *.payments.storable.io; report-uri \/csp_report","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/grow.clearbitjs.com https:\/\/js-na1.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.hs-scripts.com https:\/\/js.hsadspixel.net https:\/\/js.hscollectedforms.net https:\/\/js.hsforms.net https:\/\/js.hsleadflows.net https:\/\/js.hubspot.com https:\/\/js.usemessages.com https:\/\/sc.lfeeder.com https:\/\/script.hotjar.com https:\/\/snap.licdn.com https:\/\/static.hotjar.com https:\/\/unpkg.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/analytics.google.com https:\/\/api.hubapi.com https:\/\/api.hubspot.com https:\/\/cta-service-cms2.hubspot.com https:\/\/forms.hscollectedforms.net https:\/\/forms.hsforms.com https:\/\/forms.hubspot.com https:\/\/px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.google.com.br; font-src 'self' https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/app.hubspot.com https:\/\/td.doubleclick.net https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com; img-src 'self' data: https:\/\/20650649.fs1.hubspotusercontent-na1.net https:\/\/forms-na1.hsforms.com https:\/\/forms.hsforms.com https:\/\/googleads.g.doubleclick.net https:\/\/i.ytimg.com https:\/\/perf-na1.hsforms.com https:\/\/pulsus.mobi https:\/\/px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/tr-rc.lfeeder.com https:\/\/track.hubspot.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.google.com.br; manifest-src 'self'; media-src 'self'; worker-src 'none';","count":1},{"content-security-policy-report-only":" prefetch-src *.bing.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https:\/\/*.gstatic.com applepay.cdn-apple.com *.fontawesome.com *.alicdn.com *.bootstrapcdn.com *.cdnfonts.com *.googleapis.com *.rockler.com *.slant.co data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de *.cordialdev.com *.cordial.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.adyen.com pay.google.com *.certcapture.com *.cordialdev.com *.cordial.com *.cordial.io applepay.cdn-apple.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com * photos.pixlee.co https:\/\/photos.pixlee.co landofcoder.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com https:\/\/*.gstatic.com *.certcapture.com applepay.cdn-apple.com https:\/\/scontent-bom1-1.cdninstagram.com\/ https:\/\/scontent-bom2-2.xx.fbcdn.net https:\/\/scontent-bom1-2.cdninstagram.com https:\/\/scontent-bom1-2 ftcdn.net https:\/\/scontent-bom1-2.xx.fbcdn.net\/ *.cdninstagram.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.disqus.com https:\/\/img.youtube.com store.paradoxlabs.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com wac.edgecastcdn.net *.lightboxcdn.com https:\/\/hello.zonos.com https:\/\/a.tile.openstreetmap.org https:\/\/b.tile.openstreetmap.org https:\/\/c.tile.openstreetmap.org *.facebook.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com *.1rx.io *.360yield.com *.3lift.com *.adnxs.com *.ad-stir.com *.alicdn.com *.amazon-adsystem.com *.attentivemobile.com *.attn.tv *.bidr.io *.bing.com *.bing.net *.casalemedia.com *.clarity.ms *.cookiebot.com *.cordial.com *.crazyegg.com *.creativecdn.com d3cgm8py10hi0z.cloudfront.net *.facebook.net *.ggpht.com *.googleadservices.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.com.af www.google.com.ag www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.td www.google.tg www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vu www.google.ws google.com *.googlesyndication.com *.gumgum.com *.inmobi.com *.liadm.com *.lijit.com *.media.net *.mountain.com *.nexx360.io *.openx.net *.opera.com *.outbrain.com *.pinimg.com *.pinterest.com *.pubmatic.com *.rakuten.com rockler.com *.rockler.com *.rubiconproject.com *.searchspring.io *.searchspring.net *.sharethrough.com *.shop.pe shop.pe *.smaato.net *.smartadserver.com *.sonobi.com *.taboola.com *.teads.tv *.turnto.com yastatic.net *.yieldmo.com *.ytimg.com *.zonos.com user-sync.fwmrm.net data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.attn.tv events.attentivemobile.com *.certcapture.com *.cordialdev.com *.cordial.com track.cordial.io *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com maps.googleapis.com utt.impactcdn.com *.disqus.com *.authorize.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.googleapis.com https:\/\/cdn.searchspring.net *.turnto.com https:\/\/checkoutshopper-test.adyen.com *.lightboxcdn.com *.news.rockler.com https:\/\/hello.zonos.com cdn.searchspring.net https:\/\/widgets.turnto.com we.turnto.com landofcoder.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net addshoppers.s3.amazonaws.com *.bing.com *.blackfire.io *.clarity.ms *.cookiebot.com *.crazyegg.com *.creativecdn.com d2mjzob2nc713b.cloudfront.net *.googlesyndication.com *.gstatic.com *.impactcdn.com *.liadm.com *.mountain.com *.pinimg.com *.pinterest.com *.rockler.com *.searchspring.io *.searchspring.net *.shop.pe shop.pe *.tiktokcdn-us.com *.vimeo.com *.zonos.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src *.adobe.com fonts.googleapis.com https:\/\/fonts.googleapis.com\/ *.certcapture.com *.gstatic.com *.googleapis.com *.fontawesome.com assets.braintreegateway.com *.turnto.com cdn.searchspring.net https:\/\/widgets.turnto.com *.tagmanager.google.com *.googletagmanager.com *.attn.tv *.bootstrapcdn.com *.crazyegg.com *.lightboxcdn.com *.rockler.com *.searchspring.net *.tiktokcdn-us.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/scontent-bom1-2.cdninstagram.com\/ *.cdninstagram.com *.googleapis.com *.google.com *.gstatic.com *.mountain.com *.youtube.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.adyen.com payments-eu.amazon.com *.attn.tv events.attentivemobile.com *.certcapture.com *.cordialdev.com *.cordial.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com maps.googleapis.com *.authorize.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.turnto.com apay-us.amazon.com *.google-analytics.com https:\/\/hello.zonos.com https:\/\/*.a.searchspring.io https:\/\/cdn-ws.turnto.com landofcoder.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app *.rockler.com 100.20.58.101 18.210.229.244 *.1rx.io 3.212.39.155 34.215.155.61 35.160.46.251 44.212.189.233 44.228.85.26 44.238.122.172 52.22.50.55 52.71.121.170 54.156.2.105 *.adnxs.com *.alicdn.com *.attentivemobile.com *.bing.com *.bing.net *.clarity.ms *.cookiebot.com *.crazyegg.com *.creativecdn.com *.facebook.com *.googleadservices.com *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cd www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.com.af www.google.com.ag www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sv www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.pl www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sn www.google.so www.google.sr www.google.td www.google.tg www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vu *.googlesyndication.com *.gstatic.com *.gumgum.com *.inmobi.com *.liadm.com *.lightboxcdn.com *.lijit.com *.mountain.com *.nexx360.io *.opera.com *.pinterest.com *.pubmatic.com *.rakuten.com *.rubiconproject.com *.safeopt.com *.searchspring.io *.searchspring.net *.sharethrough.com *.shop.pe shop.pe *.smaato.net *.sonobi.com *.zonos.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri rockler.com *.rockler.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; report-uri https:\/\/a5cc4e91-2050-4411-835a-70713844fbf7.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" upgrade-insecure-requests; frame-ancestors 'self' https:\/\/*.sensibull.com https:\/\/kite.zerodha.com; report-uri https:\/\/7eae552da389ebb083bedadbd9428ed2.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https:\/\/www.synergie.fr; script-src 'self' https:\/\/cdn.synergie.fr https:\/\/www.googletagmanager.com https:\/\/chat-window.kmblabs.com http:\/\/static.axept.io https:\/\/v2.synergie.intconv.kmblabs.com https:\/\/www.gstatic.com https:\/\/www.google.com https:\/\/maps.googleapis.com https:\/\/cdn.signalfx.com 'nonce-c1N3JrUIs5AkPTcKocBr\/g=='; connect-src 'self' data: https:\/\/api.synergie.fr https:\/\/www.google-analytics.com https:\/\/chatwindow-v2.api.kmblabs.com https:\/\/client.axept.io https:\/\/api.axept.io https:\/\/bam.eu01.nr-data.net https:\/\/099bx3d09i.execute-api.eu-west-1.amazonaws.com https:\/\/maps.googleapis.com https:\/\/synergie-prod.alb.chatbot.kmblabs.com https:\/\/rum-ingest.eu1.signalfx.com https:\/\/*.signalfx.com https:\/\/v2.synergie.intconv.kmblabs.com; img-src 'self' https:\/\/cdn.synergie.fr https:\/\/media.synergie.fr https:\/\/cdnjs.cloudflare.com data:; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/fonts.axept.io https:\/\/v2.synergie.intconv.kmblabs.com; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/fonts.axept.io https:\/\/chat-window.kmblabs.com https:\/\/v2.synergie.intconv.kmblabs.com","count":1},{"content-security-policy-report-only":" default-src 'self';      base-uri 'self';      object-src 'none';      frame-ancestors 'self';      upgrade-insecure-requests;      form-action 'self'       https:\/\/accounts.google.com       https:\/\/login.microsoftonline.com       https:\/\/pi.pardot.com;      script-src 'self' 'unsafe-eval'       https:\/\/www.googletagmanager.com       https:\/\/www.google-analytics.com       https:\/\/analytics.google.com       https:\/\/googleads.g.doubleclick.net       https:\/\/www.google.com       https:\/\/scripts.clarity.ms       https:\/\/j.clarity.ms https:\/\/www.clarity.ms       https:\/\/dc.services.visualstudio.com       https:\/\/az416426.vo.msecnd.net       https:\/\/connect.facebook.net       https:\/\/static.ads-twitter.com       https:\/\/snap.licdn.com       https:\/\/px.ads.linkedin.com       https:\/\/js.zi-scripts.com       https:\/\/ws.zoominfo.com       https:\/\/pi.pardot.com       https:\/\/goto.blackbox.com       https:\/\/ok.blackbox.com https:\/\/okt.to       https:\/\/j.6sc.co       https:\/\/scatec.io       https:\/\/t.channeladvisor.com       https:\/\/cdnjs.cloudflare.com       https:\/\/bbcdn1.azureedge.net       https:\/\/www.blackbox.com;      script-src-elem 'self' 'unsafe-inline'       https:\/\/www.googletagmanager.com        https:\/\/www.google-analytics.com        https:\/\/analytics.google.com       https:\/\/googleads.g.doubleclick.net        https:\/\/www.google.com       https:\/\/scripts.clarity.ms        https:\/\/j.clarity.ms        https:\/\/www.clarity.ms       https:\/\/dc.services.visualstudio.com        https:\/\/az416426.vo.msecnd.net       https:\/\/connect.facebook.net        https:\/\/static.ads-twitter.com       https:\/\/snap.licdn.com        https:\/\/px.ads.linkedin.com       https:\/\/js.zi-scripts.com        https:\/\/ws.zoominfo.com        https:\/\/pi.pardot.com       https:\/\/goto.blackbox.com        https:\/\/ok.blackbox.com https:\/\/okt.to       https:\/\/j.6sc.co        https:\/\/scatec.io        https:\/\/t.channeladvisor.com       https:\/\/cdnjs.cloudflare.com        https:\/\/bbcdn1.azureedge.net        https:\/\/www.blackbox.com       https:\/\/ajax.googleapis.com       https:\/\/recaptcha.net       https:\/\/www.gstatic.com       https:\/\/cdn.blackbox.com       https:\/\/content.etilize.com;      script-src-attr 'self' 'unsafe-inline';      connect-src 'self'       https:\/\/www.googletagmanager.com       https:\/\/www.google-analytics.com       https:\/\/analytics.google.com       https:\/\/googleads.g.doubleclick.net       https:\/\/scripts.clarity.ms       https:\/\/j.clarity.ms       https:\/\/www.clarity.ms       https:\/\/dc.services.visualstudio.com       https:\/\/connect.facebook.net       https:\/\/www.facebook.com       https:\/\/static.ads-twitter.com       https:\/\/analytics.twitter.com       https:\/\/t.co       https:\/\/snap.licdn.com       https:\/\/px.ads.linkedin.com       https:\/\/js.zi-scripts.com       https:\/\/ws.zoominfo.com       https:\/\/pi.pardot.com       https:\/\/goto.blackbox.com       https:\/\/ok.blackbox.com        https:\/\/okt.to       https:\/\/j.6sc.co        https:\/\/b.6sc.co        https:\/\/c.6sc.co        https:\/\/ipv6.6sc.co       https:\/\/scatec.io        https:\/\/t.channeladvisor.com       https:\/\/ekr.zdassets.com        https:\/\/static.zdassets.com       https:\/\/ajax.googleapis.com       https:\/\/www.google.com       https:\/\/recaptcha.net       https:\/\/az416426.vo.msecnd.net       https:\/\/bbcdn1.azureedge.net;      style-src 'self' 'unsafe-inline'        https:\/\/fonts.googleapis.com;      font-src 'self' https:       https:\/\/fonts.gstatic.com;      img-src 'self' data:       https:\/\/cdn.blackbox.com        https:\/\/*.azureedge.net        https:\/\/*.azurefd.net       https:\/\/bbcdn1.azureedge.net        https:\/\/bbnscdn.azureedge.net       https:\/\/bbpimassetsp-aza7efghcfa8c2dh.a03.azurefd.net       https:\/\/b.6sc.co        https:\/\/t.co        https:\/\/www.google.com       https:\/\/googleads.g.doubleclick.net        https:\/\/px.ads.linkedin.com        https:\/\/recaptcha.net       https:\/\/www.googletagmanager.com;      frame-src 'self'       https:\/\/recaptcha.net        https:\/\/www.google.com        https:\/\/www.gstatic.com       https:\/\/www.googletagmanager.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: dvngeac8rg9mb.cloudfront.net js.stripe.com www.gstatic.com *.googleapis.com ws.zoominfo.com www.google.com www.googletagmanager.com compilers.widgets.sphere-engine.com kit.fontawesome.com d34s7xanp5e5sf.cloudfront.net; connect-src 'self' api.stripe.com *.googleapis.com *.fontawesome.com wss:\/\/push.piazza.com; img-src 'self' data: http: https:; object-src 'none'; font-src 'self' data: *.typekit.net *.gstatic.com *.fontawesome.com; style-src 'self' 'unsafe-inline' blob: *.typekit.net *.gstatic.com *.googleapis.com dvngeac8rg9mb.cloudfront.net; frame-src 'self' www.youtube.com www.youtube-nocookie.com www.vimeo.com player.vimeo.com www.facebook.com youtu.be gfycat.com www.google.com giphy.com docs.google.com calendar.google.com www.desmos.com www.geogebra.org js.stripe.com; report-uri \/security\/csp_report","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-Bj+PKTG+msWwCQfIG3N7Jg==' https:\/\/www.google-analytics.com https:\/\/widget.trustpilot.com http:\/\/widget.trustpilot.com https:\/\/*.sentry.io https:\/\/*.firebase.googleapis.com https:\/\/static.zdassets.com https:\/\/www.redditstatic.com\/ads\/pixel.js https:\/\/snap.licdn.com\/li.lms-analytics\/insight.min.js ; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src 'self' https:\/\/content-api.changenow.io https:\/\/widget.trustpilot.com https:\/\/changenow.io https:\/\/explorer-api.walletconnect.com https:\/\/alb.reddit.com\/rp.gif; connect-src 'self' https:\/\/l.changenow.org https:\/\/*.zdassets.com https:\/\/www.google-analytics.com https:\/\/vip-api.changenow.io https:\/\/content-api.changenow.io https:\/\/changenow.io https:\/\/affiliate-backend.changenow.io https:\/\/api.changenow.io https:\/\/explorer-api.walletconnect.com https:\/\/verify.walletconnect.com https:\/\/changenow.zendesk.com https:\/\/px.ads.linkedin.com\/collect ; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; frame-src 'self' https:\/\/widget.trustpilot.com http:\/\/widget.trustpilot.com https:\/\/changenow.io https:\/\/youtube.com https:\/\/verify.walletconnect.com https:\/\/www.youtube.com ; report-uri https:\/\/l.changenow.org\/api\/3\/security\/?sentry_key=caf1b4c4d55fac9fb827b0fc4c20f664","count":1},{"content-security-policy-report-only":"  frame-src https:\/\/www.google.com\/ https:\/\/optimize.google.com https:\/\/*.paddle.com https:\/\/www.recaptcha.net\/; report-uri \/api\/v1\/reports; script-src 'unsafe-inline' 'unsafe-eval' 'self' https:\/\/docs.staticstream.org https:\/\/*.google-analytics.com https:\/\/google-analytics.com https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/optimize.google.com https:\/\/www.googleoptimize.com https:\/\/www.recaptcha.net https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/*.paddle.com https:\/\/*.zopim.com https:\/\/*.zdassets.com https:\/\/browser.sentry-cdn.com https:\/\/*.ingest.sentry.io https:\/\/cdn.jsdelivr.net https:\/\/code.jquery.com,; connect-src 'self' https:\/\/docs.staticstream.org https:\/\/*.google-analytics.com https:\/\/*.paddle.com https:\/\/browsec.zendesk.com wss:\/\/*.zopim.com https:\/\/*.zopim.com https:\/\/*.zdassets.com https:\/\/*.ingest.sentry.io https:\/\/bash.ws\/ https:\/\/*.bash.ws\/;","count":1},{"content-security-policy-report-only":" default-src * 'self' 'unsafe-eval' 'unsafe-inline' data: blob: ws: wss:; report-uri https:\/\/o1151714.ingest.us.sentry.io\/api\/4509669501698048\/security\/?sentry_key=7eb3d90eb4660416caf507087367e67e; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.b0e8.com magefan.com cm.magefan.com *.bc0a.com *.elotouch.com www.elotouch.com elotouch.com *.google.lv data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.b0e8.com *.bc0a.com *.recaptcha.net *.simpli.fi *.zi-scripts.com siteimproveanalytics.com *.pardot.com *.elotouch.com *.jsdelivr.net unpkg.com *.cloudflare.com *.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.fontawesome.com hello.myfonts.net *.cloudflare.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.elotouch.com elotouch.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.doubleclick.net *.zi-scripts.com *.zoominfo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval'     *.googleapis.com      fonts.gstatic.com      *.fontawesome.com      *.aspnetcdn.com      *.jsdelivr.net      *.googletagmanager.com;     img-src * data: *.wistia.com;     frame-ancestors 'self';     object-src 'none';     form-action 'self' *.hsforms.com *.agencybloc.com *.spinutech.com https:\/\/www.facebook.com\/tr\/;     base-uri 'self';     media-src s3.amazonaws.com blob: *.wistia.com *.wistia.net;     report-uri \/csp\/;","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.com.hk *.ebay.hk *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.com.hk *.ebay.hk *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.com.hk *.ebay.hk *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B%3F710a%3Ac%3F05(rbpv7%3F2(lqoi%3E-19e24844ba6-0x806#pd","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klarnacdn.net *.fontawesome.com maxcdn.bootstrapcdn.com *.cloudfront.net *.reviews.io *.reviews.co.uk *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.reviews.io *.reviews.co.uk 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/js.mollie.com account.fetchify.com *.klarna.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.reviews.io *.reviews.co.uk *.stripe.com klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.trustpilot.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io cdn.doofinder.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/s3.amazonaws.com https:\/\/aggregate-imgs.s3.eu-north-1.amazonaws.com https:\/\/fsc-images.s3.eu-north-1.amazonaws.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/www.google.com.ua https:\/\/www.googleadservices.com https:\/\/bat.bing.com https:\/\/www.magezon.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.cloudfront.net *.reviews.io *.reviews.co.uk *.cdninstagram.com *.fbcdn.net maps.googleapis.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com cdn.doofinder.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/js.mollie.com https:\/\/*.ngrok.app cc-cdn.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/widget.reviews.co.uk https:\/\/porjs.com https:\/\/cdn-cookieyes.com https:\/\/log.cookieyes.com https:\/\/www.google.com.ua newrelic.com nr-data.net https:\/\/bat.bing.com https:\/\/www.clarity.ms https:\/\/static.addtoany.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.reviews.io *.reviews.co.uk *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarnaevt.com *.amazon.com *.link.com *.trustpilot.com https:\/\/www.googletagmanager.com tagmanager.google.com unpkg.com *.instagram.com maps.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.doofinder.com cc-cdn.com *.klarnacdn.net https:\/\/static.klaviyo.com *.fontawesome.com www.googletagmanager.com maxcdn.bootstrapcdn.com assets.braintreegateway.com *.cloudfront.net *.reviews.io *.reviews.co.uk *.stripe.network *.stripecdn.com *.amazon.com *.trustpilot.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.doofinder.com wss:\/\/*.doofinder.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/*.fero.com https:\/\/*.ngrok.app wss:\/\/*.ngrok.app wss:\/\/fero.ngrok.app:3000\/ws api.craftyclicks.co.uk pcls1.craftyclicks.co.uk cc-cdn.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/k.clarity.ms api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.cloudfront.net *.reviews.io *.reviews.co.uk *.stripe.com klarna.com *.link.com *.amazon.com *.google-analytics.com *.doubleclick.net https:\/\/www.google-analytics.com *.instagram.com *.googleusercontent.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net https:\/\/*.gstatic.com *.fontawesome.com *.oct8ne.com https:\/\/cdnjs.cloudflare.com *.gstatic.com https:\/\/sandbox.sequracdn.com\/ *.reskyt.com\/ https:\/\/cdn.doofinder.com\/* data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/plumrocket.com https:\/\/www.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.adyen.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.oct8ne.com https:\/\/plumrocket.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com *.trustpilot.com *.paypalobjects.com\/ *.flyde.io\/ *.redintelligence.net\/ *.reskyt.com\/ *.sequrapi.com\/ *.klarnacdn.net\/ *.doubleclick.net\/ *.google.com\/ https:\/\/www.facebook.com *.amazonaws.com\/* https:\/\/myadsplatform-prod.s3.eu-central-1.amazonaws.com\/ https:\/\/static.criteo.net https:\/\/gum.criteo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net p.typekit.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com validator.swagger.io *.adyen.com https:\/\/*.gstatic.com cdn.doofinder.com magefan.com cm.magefan.com *.disqus.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.oct8ne.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com *.padelnuestro.com https:\/\/www.google.ie *.googleapis.com *.gstatic.com https:\/\/www.google.es\/ads\/ *.googletagmanager.com\/ https:\/\/www.emjcd.com\/ https:\/\/cj.dotomi.com\/ *.cloudfront.net *.bing.com\/ *.adform.net\/ *.facebook.com\/ *.reskyt.com\/ *.connectif.cloud\/ *.doubleclick.net\/ *.google.com\/ *.placeholder.com https:\/\/grwapi.net *.google-analytics.com *.tile.openstreetmap.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net www.sandbox.paypal.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com www.googletagmanager.com *.adyen.com cdn.doofinder.com *.disqus.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.oct8ne.com https:\/\/cdnjs.cloudflare.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com *.trustpilot.com https:\/\/sdk.privacy-center.org https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net *.googleapis.com *.gstatic.com https:\/\/www.mczbf.com\/ https:\/\/cdn.connectif.cloud\/ *.cloudfront.net https:\/\/commerce.adobedtm.com\/ *.bing.com\/ *.adform.net\/ *.jsdelivr.net\/ *.flyde.io\/ *.facebook.net\/ *.tiktok.com\/ *.klarnacdn.net\/ *.reskyt.com\/ *.quantummetric.com\/ blob *.klarna.com\/ *.sequrapi.com\/ *.clarity.ms\/ *.google.com\/ https:\/\/grwapi.net https:\/\/unpkg.com https:\/\/eu1-config.doofinder.com\/* *.doofinder.com\/* https:\/\/eu1-config.doofinder.com\/2.x\/d0f0ef47-8a08-4c9c-9f1f-3c43a3aa757c.js *.usermaven.com\/* *.creativecdn.com\/* *.woopra.com\/* https:\/\/static.woopra.com\/ https:\/\/www.woopra.com\/ https:\/\/tags.creativecdn.com\/ https:\/\/ams.creativecdn.com\/ https:\/\/f.creativecdn.com\/ https:\/\/sync.outbrain.com\/ *.googletagmanager.com *.google-analytics.com cdn.jsdelivr.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/fonts.googleapis.com\/ *.doofinder.com *.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.trustpilot.com *.googletagmanager.com\/ *.reskyt.com\/ *.googleapis.com https:\/\/grwapi.net *.doofinder.com\/* https:\/\/cdn.doofinder.com\/* https:\/\/cdn.doofinder.com\/livelayer\/1\/css\/2\/common.css cdn.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io qa-api.magedevteam.com *.sentry.io *.adyen.com *.doofinder.com wss:\/\/*.doofinder.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.oct8ne.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com https:\/\/pre.wayletlabs.com\/* https:\/\/pro.waylet.es\/* https:\/\/region1.google-analytics.com https:\/\/api.privacy-center.org *.doubleclick.net https:\/\/bam.nr-data.net *.googleapis.com *.gstatic.com *.google.com https:\/\/www.mczbf.com\/ *.connectif.cloud\/ *.flyde.io\/ *.tiktok.com\/ *.facebook.com\/ *.reskyt.com\/ *.quantummetric.com\/ *.googlesyndication.com\/ *.klarna.com\/ *.klarnacdn.net\/ *.clarity.ms https:\/\/grwapi.net https:\/\/track.adform.net https:\/\/google.com *.woopra.com\/ *.googletagmanager.com *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net *.hotjar.com data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.authorize.net *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.braintreegateway.com *.paypal.com google.com *.google.com *.certcapture.com *.authorize.net challenges.cloudflare.com data: *.hotjar.com *.gstatic.com *.doubleclick.net *.facebook.com *.brand-display.com *.sitescout.com *.addthis.com *.metalocator.com *.googletagmanager.com *.medallia.com *.adsrvr.org *.ipredictive.com *.spotify.com *.byspotify.com *.weltpixel.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.certcapture.com magefan.com cm.magefan.com *.disqus.com https:\/\/firebasestorage.googleapis.com *.magentocommerce.com *.facebook.com *.doubleclick.net *.google.com *.brand-display.com *.sitescout.com *.googletagmanager.com *.googleapis.com *.analytics.yahoo.com *.ktxlytics.io *.adnxs.com *.metalocator.com *.scooterscoffee.com *.kampyle.com *.ipredictive.com *.spotify.com *.byspotify.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.certcapture.com *.disqus.com *.avada.io *.shopify.com *.authorize.net challenges.cloudflare.com *.bluecore.com *.facebook.net *.googleapis.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.gstatic.com *.brand-display.com *.cloudflare.com *.sitescout.com up.pixel.ad *.xg4ken.com *.usersnap.com chimpstatic.com data: *.ktxlytics.io *.app-us1.com *.amazonaws.com *.addthis.com *.addthisedge.com trackcmp.net *.moatads.com *.metalocator.com *.jsdelivr.net *.medallia.com *.snapchat.com *.trackedweb.net *.appboycdn.com sc-static.net *.adsrvr.org *.ipredictive.com *.spotify.com *.byspotify.com *.adroll.com *.tiktokw.us *.redditstatic.com *.braze.com *.googleadservices.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com *.fontawesome.com https:\/\/fonts.bunny.net *.googleapis.com *.mailchimp.com *.typekit.net *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.certcapture.com https:\/\/get.geojs.io *.avada.io *.authorize.net *.bluecore.com *.googleapis.com *.hotjar.com *.hotjar.io *.doubleclick.net *.ktxlytics.io *.medallia.com *.snapchat.com *.trackedweb.net *.appboycdn.com sc-static.net *.kampyle.com *.ipredictive.com *.spotify.com *.byspotify.com *.adroll.com *.tiktokw.us *.redditstatic.com *.adsrvr.org *.braze.com *.facebook.net *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.run.app 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/scooterscoffee.com\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https:; connect-src 'self' https:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" default-src 'self' *.nku.edu; script-src 'self' *.nku.edu 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com www.googletagmanager.com *.google-analytics.com *.analytics.google.com www.clarity.ms *.clarity.ms cdn-cookieyes.com *.cookieyes.com www.bugherd.com *.bugherd.com *.ivy.ai tockify.com *.tockify.com *.qualtrics.com *.mailchimp.com chimpstatic.com *.technolutions.net static.ctctcdn.com *.ctctcdn.com kit.fontawesome.com use.fontawesome.com *.fontawesome.com *.kaltura.com cdnapisec.kaltura.com *.padlet.com elink.io *.elink.io *.libanswers.com *.libapps.com *.ebsco.com *.acalog.com www.dubbot.com *.dubbot.com www.youtube.com www.youtube-nocookie.com s.ytimg.com player.vimeo.com www.google.com cse.google.com connect.facebook.net *.cloudfront.net unpkg.com sc-static.net tr.snapchat.com analytics.tiktok.com js.adsrvr.org googleads.g.doubleclick.net; style-src 'self' *.nku.edu 'unsafe-inline' fonts.googleapis.com use.typekit.net p.typekit.net *.fontawesome.com *.qualtrics.com *.kaltura.com *.ivy.ai cdn-cookieyes.com www.google.com *.technolutions.net *.cloudfront.net unpkg.com; font-src 'self' *.nku.edu data: fonts.gstatic.com use.typekit.net use.fontawesome.com ka-f.fontawesome.com *.fontawesome.com *.ivy.ai *.cloudfront.net; img-src 'self' *.nku.edu data: blob: *.bing.com *.googleapis.com *.gstatic.com www.googletagmanager.com *.google-analytics.com *.analytics.google.com *.clarity.ms *.bugherd.com bugherd-attachments.s3.us-west-2.amazonaws.com *.ivy.ai *.ivy-cdn.com *.qualtrics.com *.mailchimp.com *.technolutions.net *.ctctcdn.com *.fontawesome.com *.kaltura.com *.padlet.com *.libanswers.com *.libapps.com *.ebsco.com *.acalog.com cdn-cookieyes.com i.ytimg.com *.ytimg.com *.vimeocdn.com www.google.com *.googleusercontent.com www.facebook.com *.cloudfront.net tr.snapchat.com tr6.snapchat.com; media-src 'self' *.nku.edu blob: data: *.kaltura.com *.youtube.com *.googlevideo.com *.vimeocdn.com player.vimeo.com *.cloudfront.net; connect-src 'self' *.nku.edu *.google-analytics.com analytics.google.com *.analytics.google.com *.googletagmanager.com www.google.com stats.g.doubleclick.net www.clarity.ms *.clarity.ms cdn-cookieyes.com *.cookieyes.com log.cookieyes.com *.bugherd.com *.pusher.com wss:\/\/*.pusher.com *.bugsnag.com *.ivy.ai *.tockify.com *.qualtrics.com *.mailchimp.com *.technolutions.net *.ctctcdn.com *.fontawesome.com *.kaltura.com *.padlet.com *.elink.io *.libanswers.com *.libapps.com *.ebsco.com *.acalog.com *.dubbot.com connect.facebook.net www.facebook.com *.cloudfront.net analytics.tiktok.com tr.snapchat.com tr6.snapchat.com insight.adsrvr.org; frame-src 'self' *.nku.edu calendar.google.com www.youtube.com www.youtube-nocookie.com player.vimeo.com www.google.com maps.google.com tockify.com *.tockify.com *.kaltura.com *.qualtrics.com *.padlet.com elink.io *.elink.io *.libanswers.com *.libapps.com *.ebsco.com *.acalog.com *.ivy.ai *.bugherd.com *.mailchimp.com *.technolutions.net insight.adsrvr.org; form-action 'self' *.nku.edu *.qualtrics.com *.mailchimp.com *.list-manage.com *.technolutions.net *.libanswers.com *.cookieyes.com; frame-ancestors 'self' *.nku.edu; base-uri 'self'; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/js.adsrvr.org https:\/\/connect.facebook.net https:\/\/siteimproveanalytics.com https:\/\/static.ads-twitter.com https:\/\/cdn.taboola.com https:\/\/trc.taboola.com https:\/\/psb.taboola.com https:\/\/snap.licdn.com https:\/\/munchkin.marketo.net https:\/\/widget.tagembed.com https:\/\/cdn.tagembed.com https:\/\/cdn.theaccessplatform.com https:\/\/code.jquery.com https:\/\/platform.twitter.com https:\/\/www.youtube.com;style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/p.typekit.net https:\/\/use.typekit.net https:\/\/cdn.tagembed.com https:\/\/widget.tagembed.com https:\/\/cdn.theaccessplatform.com;object-src 'none';base-uri 'self';connect-src 'self' https:\/\/delivery-cqucontenthub.stylelabs.cloud https:\/\/fb.cqu.edu.au https:\/\/www-search.cqu.edu.au https:\/\/dxp-au-search.funnelback.squiz.cloud https:\/\/www.google-analytics.com https:\/\/*.google.com https:\/\/www.google.com.au https:\/\/www.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/stats.g.doubleclick.net https:\/\/px.ads.linkedin.com https:\/\/pips.taboola.com https:\/\/cds.taboola.com https:\/\/622-hhc-246.mktoresp.com https:\/\/622-hhc-246.mktoutil.com https:\/\/www.facebook.com https:\/\/trc-events.taboola.com https:\/\/s3.us-west-1.wasabisys.com wss:\/\/ws.hotjar.com https:\/\/content.hotjar.io https:\/\/vc.hotjar.io https:\/\/psb.taboola.com https:\/\/api.theaccessplatform.com https:\/\/munchkin.marketo.net https:\/\/api.intentiq.com https:\/\/cdn.taboola.com https:\/\/widget.tagembed.com https:\/\/metrics.hotjar.io https:\/\/web.tagembed.com https:\/\/analytics.cqu.edu.au https:\/\/insight.adsrvr.org;font-src 'self' data https:\/\/fonts.gstatic.com https:\/\/use.typekit.net https:\/\/cdn.theaccessplatform.com https:\/\/cdn.tagembed.com;frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/insight.adsrvr.org https:\/\/9389440.fls.doubleclick.net https:\/\/www.youtube.com https:\/\/td.doubleclick.net https:\/\/www.facebook.com https:\/\/platform.twitter.com https:\/\/match.adsrvr.org https:\/\/tsdtocl.com https:\/\/player.vimeo.com https:\/\/eap.ascentone.com;img-src 'self' https:\/\/staff-profiles.cqu.edu.au https:\/\/delivery-cqucontenthub.stylelabs.cloud https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.google.com https:\/\/www.google.com.au https:\/\/www.google.com.co https:\/\/www.google.com.pe https:\/\/www.google.com.bd https:\/\/www.google.co.in https:\/\/www.google.com.ng https:\/\/www.google.com.np https:\/\/www.google.lk https:\/\/www.google.co.uk https:\/\/www.google.com.sg https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/analytics.twitter.com https:\/\/px.ads.linkedin.com https:\/\/www.facebook.com https:\/\/78858.global.siteimproveanalytics.io https:\/\/t.co https:\/\/www.linkedin.com https:\/\/i.ytimg.com https:\/\/aumejtoqen.cloudimg.io https:\/\/ui-avatars.com https:\/\/fs.theambassadorplatform.com https:\/\/sync.intentiq.com https:\/\/cdn.taboola.com https:\/\/media.tagembed.com https:\/\/au-gmtdmp.mookie1.com https:\/\/secure.adnxs.com https:\/\/i.vimeocdn.com https:\/\/stats.g.doubleclick.net https:\/\/connect.facebook.net;manifest-src 'self';media-src 'self' https:\/\/delivery-cqucontenthub.stylelabs.cloud;worker-src 'none';report-uri https:\/\/wwwcqu.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" font-src traxxas.com fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com *.paypal.com * traxxas.com fonts.gstatic.com zonos.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.gstatic.com https:\/\/img.youtube.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com traxxas.com assurance.sysnetgs.com i1.createsend1.com i2.createsend1.com i3.createsend1.com i4.createsend1.com i5.createsend1.com i6.createsend1.com i7.createsend1.com i8.createsend1.com i9.createsend1.com i10.createsend1.com fonts.gstatic.com hn.inspectlet.com hello.zonos.com connect.facebook.net www.facebook.com facebook.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com traxxas.com support.traxxas.com assurance.sysnetgs.com cdn.inspectlet.com fonts.gstatic.com s7.addthis.com zonos.com cdn.jsdelivr.net route.elements.zonos.com js-agent.newrelic.com connect.facebook.net https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net https:\/\/hello.zonos.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline assets.braintreegateway.com traxxas.com fonts.googleapis.com fonts.gstatic.com zonos.com cdn.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com download-video-ak.vimeocdn.com player.vimeo.com vod-progressive-ak.vimeocdn.com vimeocdn.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com traxxas.com fonts.gstatic.com hn.inspectlet.com wss:\/\/ws.inspectlet.com zonos.com hello.zonos.com cdn.jsdelivr.net route.elements.zonos.com js-agent.newrelic.com connect.facebook.net cdn.inspectlet.com assurance.sysnetgs.com https:\/\/maps.googleapis.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" img-src 'self' data: https:\/\/www.facebook.com  https:\/\/secure.gravatar.com https:\/\/ts.w.org https:\/\/s.w.org https:\/\/ps.w.org; default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/www.googleadservices.com  https:\/\/www.google.com  https:\/\/www.gstatic.com  https:\/\/googleads.g.doubleclick.net  https:\/\/www.youtube.com  'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https:\/\/www.googleadservices.com  https:\/\/www.google.com  https:\/\/www.gstatic.com  https:\/\/googleads.g.doubleclick.net  https:\/\/www.youtube.com ; style-src 'self' 'unsafe-inline' https:\/\/cdn.materialdesignicons.com  https:\/\/fonts.googleapis.com ; style-src-elem 'self' 'unsafe-inline' https:\/\/cdn.materialdesignicons.com  https:\/\/fonts.googleapis.com ; font-src 'self' https:\/\/fonts.gstatic.com  data:; frame-src 'self' https:\/\/www.youtube.com  blob:; connect-src 'self' https:\/\/stats.g.doubleclick.net  https:\/\/www.google.com  https:\/\/analytics.google.com;  report-uri https:\/\/www.studentclearinghouse.org\/wp-json\/really-simple-security\/v1\/csp?rsssl_apitoken=587938375;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: cdn.privacy-mgmt.com maps.googleapis.com www.news.co.uk uk-script.dotmetrics.net *.google-analytics.com *.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com cdn.privacy-mgmt.com *.tiqcdn.com unpkg.com uk-script.dotmetrics.net *.scorecardresearch.com *.google-analytics.com *.googletagmanager.com *.brightcove.com; style-src 'self' 'unsafe-inline' data: use.fontawesome.com fonts.googleapis.com use.typekit.net maps.google.com unpkg.com; img-src 'self' data: *.googleapis.com *.gstatic.com *.google-analytics.com *.scorecardresearch.com *.news.co.uk www.news.co.uk *.dotmetrics.net newsuk.s3.amazonaws.com *.google.com s.w.org ps.w.org ts.w.org secure.gravatar.com www.gravatar.com; font-src 'self' data: fonts.gstatic.com; frame-src 'self' *.youtube.com *.vimeo.com *.brightcove.com cdn.privacy-mgmt.com;","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.google.com *.googletagmanager.com *.googleapis.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com *.amazonaws.com *.shop.pe shop.pe *.juicer.io *.cloudfront.net v2.zopim.com data: *.bootstrapcdn.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.dynamicyield.com https:\/\/*.gladly.com https:\/\/*.smooch.io https:\/\/d1fc8wv8zag5ca.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com www.facebook.com *.amazonaws.com *.juicer.io shop.pe *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com https:\/\/*.gladly.com https:\/\/*.smooch.io https:\/\/d1fc8wv8zag5ca.cloudfront.net *.authorize.net 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.dotdigital-pages.com *.dotdigital.com *.certcapture.com www.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com *.amazonaws.com *.juicer.io *.shop.pe shop.pe *.criteo.com assets.bounceexchange.com vars.hotjar.com www.facebook.com imgs.signifyd.com h.online-metrix.net vendor1.leasestation.com amc.demdex.net nsg.symantec.com *.paypalobjects.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.pinterest.com https:\/\/nl.fatquartershop.com *.dynamicyield.com https:\/\/*.gladly.com https:\/\/*.smooch.io https:\/\/d1fc8wv8zag5ca.cloudfront.net webchat.dotdigital.com webchat.staging.dotdigital.com *.authorize.net 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.trackedlink.net *.ddlnk.net *.certcapture.com *.google.com *.googletagmanager.com *.googleapis.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com *.amazonaws.com *.juicer.io *.shop.pe shop.pe *.fatquartershop.com pixel.voltn.com v2.zopim.com www.google.co.in *.pinterest.com www.facebook.com *.cdnwidget.com u.cdnwidget.com bat.bing.com nsg.symantec.com events.bouncex.net pippio.com p.brsrvr.com connect.facebook.net imgs.signifyd.com events.cdnwidget.com api.bounceexchange.com amc.demdex.net *.e.aa.online-metrix.net match.adsrvr.org yotpo-editor-production.s3.amazonaws.com *.cdninstagram.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.clarity.ms *.rqtrk.eu *.dynamicyield.com https:\/\/chat-assets.cdn.gladly.com https:\/\/chat-assets.cdn.gladly.qa maps.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com www.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal *.certcapture.com https:\/\/cnstrc.com\/js\/cust\/fat-quarter-shop_Orxy5R.js www.google.com *.googletagmanager.com *.googleapis.com www.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com addshoppers.s3.amazonaws.com *.juicer.io *.traversedlp.com *.pinimg.com v2.zopim.com *.shop.pe shop.pe *.criteo.net *.criteo.com *.zdassets.com\/ loader.wisepops.com *.cloudfront.net fatquartershop-com-dev.ecomm-nav.com connect.facebook.net vendor1.quickspark.com nsg.symantec.com script.crazyegg.com bat.bing.com tag.bounceexchange.com assets.bounceexchange.com cdn.brcdn.com imgs.signifyd.com cdns.brsrvr.com bam.nr-data.net js-agent.newrelic.com mc.s10.exacttarget.com *.hotjar.com bam-cell.nr-data.net *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.staticw2.yotpo.com https:\/\/nl.fatquartershop.com *.rqtrk.eu *.clarity.ms *.dynamicyield.com *.zendesk.com https:\/\/cnstrc.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/Swiper\/4.4.6\/js\/swiper.js https:\/\/*.gladly.com https:\/\/*.smooch.io https:\/\/d1fc8wv8zag5ca.cloudfront.net https:\/\/cdnjs.cloudflare.com https:\/\/chat-sdk.cdn.gladly.com https:\/\/chat-sdk.cdn.gladly.qa d2mjzob2nc713b.cloudfront.net fatquartershop.cdn1.safeopt.com webchat.dotdigital.com webchat.staging.dotdigital.com *.authorize.net maps.googleapis.com https:\/\/www.fatquartershop.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com *.google.com *.googletagmanager.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com *.amazonaws.com *.juicer.io *.shop.pe shop.pe events.bouncex.net stats.g.doubleclick.net www.google-analytics.com *.cloudfront.net *.addshoppers.com *.bootstrapcdn.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.staticw2.yotpo.com *.dynamicyield.com https:\/\/*.gladly.com https:\/\/*.smooch.io https:\/\/d1fc8wv8zag5ca.cloudfront.net https:\/\/chat-sdk.cdn.gladly.com https:\/\/chat-sdk.cdn.gladly.qa webchat.dotdigital.com webchat.staging.dotdigital.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'unsafe-inline' data: 'unsafe-inline' blob: *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.dynamicyield.com *.zdassets.com\/ https:\/\/chat-sdk.cdn.gladly.com https:\/\/chat-sdk.cdn.gladly.qa 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.certcapture.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com bat.bing.com *.amazonaws.com *.juicer.io *.shop.pe shop.pe ekr.zdassets.com script.crazyegg.com *.pinterest.com stats.g.doubleclick.net wss: www.google-analytics.com manager.eu.smartlook.cloud in.hotjar.com staging-core.dxpapi.com core.dxpapi.com imgs.signifyd.com bt.signifyd.com:11103 data.cdnbasket.net ids.cdnwidget.com pd.cdnwidget.com page.cdnbasket.net\/ view.cdnbasket.net bam.nr-data.net vc.hotjar.io bam-cell.nr-data.net api.traversedlp.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.clarity.ms *.dynamicyield.com *.zendesk.com zendesk-eu.my.sentry.io *.cnstrc.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/Swiper\/4.4.6\/js\/swiper.js https:\/\/*.gladly.com https:\/\/*.smooch.io https:\/\/d1fc8wv8zag5ca.cloudfront.net https:\/\/api.us-1.gladly.chat wss:\/\/ws.us-1.gladly.chat https:\/\/chat-assets.cdn.gladly.com https:\/\/chat-sdk.cdn.gladly.com https:\/\/api.us-uat.gladly.chat wss:\/\/ws.us-uat.gladly.chat https:\/\/chat-assets.cdn.gladly.qa https:\/\/chat-sdk.cdn.gladly.qa webchat.dotdigital.com webchat.staging.dotdigital.com *.authorize.net maps.googleapis.com places.googleapis.com 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.pubnub.com www.googletagmanager.com cdn.sift.com scripts.clarity.ms www.clarity.ms unpkg.com *.clarity.ms googleads.g.doubleclick.net www.gstatic.com ssljscdn.airbrake.io www.google.com cdn.debugbear.com cdn.jsdelivr.net\/npm\/tinymce@5.4.1\/ static.ads-twitter.com bat.bing.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com womp.me www.gstatic.com cdn.jsdelivr.net netdna.bootstrapcdn.com; img-src * 'self' data: blob:; font-src 'self' data: fonts.gstatic.com wompme.blob.core.windows.net netdna.bootstrapcdn.com use.typekit.net img1.wsimg.com; connect-src 'self' analytics.google.com clarity.ms *.clarity.ms www.google.com pndsn.com *.pndsn.com www.googletagmanager.com region1.analytics.google.com stats.g.doubleclick.net fu-tango.niteflirt.com www.google-analytics.com forum.niteflirt.com files.niteflirt.com api.airbrake.io www.google.ca www.google.co.uk data.debugbear.com fu-sierra.niteflirt.com maps.googleapis.com ps1.pndsn.com y.clarity.ms analytics.twitter.com t.co nf-prod-3yf9blsl.livekit.cloud bat.bing.com bat.bing.net notifier-configs.airbrake.io; media-src * 'self'; frame-src 'self' www.googletagmanager.com platphorm.zendesk.com support.niteflirt.com t.niteflirt.com www.google.com j3lme1u30b.execute-api.us-west-2.amazonaws.com www.youtube.com; worker-src 'self' blob:; report-uri https:\/\/siteuri.report-uri.com\/r\/t\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src *; img-src * data:; script-src 'nonce-OdKhIYGyB3tPBUx93VMEys8nuvS\/xqIH' 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' https: http: 'self' cdn.bizible.com; style-src 'self' 'unsafe-inline' https:\/\/404-tpa-276.mktoweb.com\/ https:\/\/*.qualified.com; font-src 'self' kit.fontawesome.com https:\/\/ka-p.fontawesome.com\/ https:\/\/fast.wistia.com\/ data:; form-action 'self'; object-src 'none'; media-src 'self' blob: mediastream: https:\/\/*.qualified.com; frame-src https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net\/ https:\/\/gtm.casepeer.com\/ https:\/\/gtm.mycase.com\/ https:\/\/insight.adsrvr.org\/ https:\/\/app.netlify.com\/ https:\/\/404-tpa-276.mktoweb.com\/ https:\/\/*.qualified.com; child-src https:\/\/*.qualified.com; frame-ancestors demo.affinipay.com ka-p.fontawesome.com; upgrade-insecure-requests; block-all-mixed-content; report-uri \/.netlify\/functions\/__csp-violations","count":1},{"content-security-policy-report-only":" default-src 'self' *.devfolio.co data:; script-src 'self' *.devfolio.co 'unsafe-eval' 'unsafe-inline' https:\/\/cdn.segment.com\/ https:\/\/maps.googleapis.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/cdn.jsdelivr.net\/ https:\/\/cdnmd.global-cache.online\/ https:\/\/static.cloudflareinsights.com\/ https:\/\/www.youtube.com\/ https:\/\/checkout.razorpay.com\/ https:\/\/apis.google.com\/ https:\/\/gstatic.com\/ https:\/\/ssl.gstatic.com\/ https:\/\/player.vimeo.com\/ https:\/\/connect.facebook.net\/ https:\/\/google.com\/ https:\/\/accounts.google.com\/gsi\/client https:\/\/ssl.google-analytics.com\/ https:\/\/translate.googleapis.com\/ https:\/\/unpkg.com\/ https:\/\/cdn.rudderlabs.com https:\/\/www.pagespeed-mod.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.gstatic.com\/ http:\/\/www.google.com\/ *.cloudfront.net\/ https:\/\/polyfill.io\/ https:\/\/sessions.bugsnag.com\/ https:\/\/d2wy8f7a9ursnm.cloudfront.net\/v7\/bugsnag.min.js https:\/\/cdn.tokenproof.xyz\/js\/tokenproof-oa-widget-v1.0.js https:\/\/us-assets.i.posthog.com\/ blob:; connect-src 'self' *.devfolio.co https:\/\/sessions.bugsnag.com\/ https:\/\/maps.googleapis.com\/ https:\/\/api.segment.io\/ https:\/\/cdn.segment.com\/ https:\/\/autocomplete.clearbit.com\/ wss:\/\/*.devfolio.co\/ https:\/\/lh3.googleusercontent.com\/ https:\/\/sentry.io\/ https:\/\/vimeo.com\/ wss:\/\/*.bridge.walletconnect.org\/ https:\/\/mainnet.infura.io wss:\/\/mainnet.infura.io https:\/\/arbitrum-mainnet.infura.io wss:\/\/eth-mainnet.ws.alchemyapi.io\/ https:\/\/eth-mainnet.alchemyapi.io\/ https:\/\/arb-mainnet.g.alchemy.com\/ wss:\/\/arb-mainnet.g.alchemy.com\/ wss:\/\/www.walletlink.org\/ https:\/\/api.wallet.coinbase.com https:\/\/dns.google.com\/ https:\/\/api.giphy.com\/ https:\/\/registry.walletconnect.org\/ https:\/\/api.segment.io\/  *.dataplane.rudderstack.com\/  https:\/\/api.rudderlabs.com\/ https:\/\/www.google-analytics.com\/ https:\/\/api.trongrid.io\/ https:\/\/sun.tronex.io\/ https:\/\/devfolio-prod.s3.ap-south-1.amazonaws.com\/ https:\/\/explorer-api.walletconnect.com\/ wss:\/\/relay.walletconnect.com\/ https:\/\/sockjs-us2.pusher.com\/ https:\/\/api.rudderstack.com\/ https:\/\/cloudflare-eth.com\/ https:\/\/anon-aadhaar-artifacts.s3.eu-central-1.amazonaws.com\/ https:\/\/us-assets.i.posthog.com\/ https:\/\/app.posthog.com\/ data:; style-src 'self' https:\/\/fonts.googleapis.com\/ https:\/\/translate.googleapis.com\/ 'unsafe-inline' data:; img-src 'self' * *.devfolio.co\/ data: blob:; frame-src https:\/\/www.loom.com\/ https:\/\/www.youtube.com\/ https:\/\/drive.google.com\/ https:\/\/m.youtube.com\/ https:\/\/www.dailymotion.com\/  https:\/\/vimeo.com\/ https:\/\/api.razorpay.com\/ https:\/\/accounts.google.com\/ https:\/\/www.google.com\/ https:\/\/player.vimeo.com\/ https:\/\/loom.com\/ https:\/\/www.drive.google.com\/ https:\/\/razorpay.com\/ *.razorpay.com\/ https:\/\/mozbar.moz.com\/; font-src 'self' https:\/\/fonts.gstatic.com\/ https:\/\/devfolio-prod.s3.ap-south-1.amazonaws.com\/ https:\/\/o91302.ingest.sentry.io\/  https:\/\/mozbar.moz.com https:\/\/cdn.tokenproof.xyz\/fonts\/ data:; frame-ancestors 'self'; media-src 'self' *.devfolio.co\/ *.githubusercontent.com\/ https:\/\/www.youtube.com\/ https:\/\/m.youtube.com\/ https:\/\/youtu.be\/ https:\/\/youtube.com\/ https:\/\/drive.google.com\/ https:\/\/www.drive.google.com\/ data: blob:; report-uri https:\/\/o91302.ingest.sentry.io\/api\/1193563\/security\/?sentry_key=66b59c332abd4ee9902ba11631dc07c6","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' blob: bat.bing.net *.speedcurve.com network-eu.bazaarvoice.com api.bazaarvoice.com www.googleadservices.com *.cdn.parcellab.com  www.mczbf.com googleads.g.doubleclick.net t.contentsquare.net analytics-static.ugc.bazaarvoice.com x.klarnacdn.net www.paypal.com static-eu.payments-amazon.com cdn-ukwest.onetrust.com om.ordergroove.com stg.api.bazaarvoice.com display-stg.ugc.bazaarvoice.com display.ugc.bazaarvoice.com services.postcodeanywhere.co.uk c.zmags.com maps.googleapis.com pagead2.googlesyndication.com www.googleadservices.com cdn.ometria.com ct.pinterest.com api.bounceexchange.com js.smct.io d.impactradius-event.com script.hotjar.com js.adsrvr.org static.ads-twitter.com ad.doubleclick.net smct.co platform.twitter.com analytics.tiktok.com static.hotjar.com bat.bing.com s.pinimg.com assets.bounceexchange.com cdn.parcellab.com intentclientscriptslon.s3.eu-west-2.amazonaws.com unpkg.com tag.wknd.ai unpkg.com cdn.particularaudience.com intentclientscriptslon.s3.eu-west-2.amazonaws.com unpkg.com cdn.cookielaw.org cdn.jsdelivr.net www.google-analytics.com e.cquotient.com p.cquotient.com static.ordergroove.com cdn.cquotient.com www.gstatic.com hotelchocolat.whoson.com cas.zma.gs hotel11113.pcapredict.com cdn-ukwest.onetrust.com www.googletagmanager.com www.google.com try.abtasty.com js.klarna.com; font-src data: x.klarnacdn.net fonts.gstatic.com smc-fonts.s3-eu-west-1.amazonaws.com images.getfastr.com maxcdn.bootstrapcdn.com c.zmags.com; style-src 'self' 'unsafe-inline' hotelchocolat.whoson.com *.cdn.parcellab.com display.ugc.bazaarvoice.com assets.bounceexchange.com x.klarnacdn.net styledisplay.ugc.bazaarvoice.com smc-fonts.s3-eu-west-1.amazonaws.com cdn.parcellab.com icons.parcellab.com services.postcodeanywhere.co.uk c.zmags.com fonts.googleapis.com maxcdn.bootstrapcdn.com cas.zma.gs; connect-src 'self' *.speedcurve.com *.algolianet.com *.contentsquare.net ad.doubleclick.net *.algolia.net wss:\/\/*.hotjar.com *.hotjar.com bat.bing.net *.hotjar.io *.ometria.com google.com www.paypal.com region1.google-analytics.com cdn-ukwest.onetrust.com region1.analytics.google.com www.mczbf.com q-aeu1.contentsquare.net www.pinterest.com api.parcellab.com events.bouncex.net storage.googleapis.com srm.ba.contentsquare.net k-aeu1.contentsquare.net adservice.google.com cognito-identity.eu-west-1.amazonaws.com ids.cdnwidget.com pd.cdnwidget.com view.cdnbasket.net page.cdnbasket.net data.cdnbasket.net js.smct.io stats.g.doubleclick.net analytics.google.com ssgtm.hotelchocolat.com c.contentsquare.net ad.doubleclick.net dcinfos-cache.abtasty.com geolocation.onetrust.com eu.playground.klarnaevt.com www.sandbox.paypal.com payments-eu.amazon.com om.ordergroove.com restapi.ordergroove.com services.postcodeanywhere.co.uk privacyportal-uk.onetrust.com na.klarnaevt.com insights.algolia.io stfgatlncw-dsn.algolia.net c.zmags.com pagead2.googlesyndication.com maps.googleapis.com googleads4.g.doubleclick.net www.googleadservices.com insight.adsrvr.org bat.bing.com www.google.com firehose.eu-west-1.amazonaws.com ep.smct.co ct.pinterest.com analytics.tiktok.com ct.pinterest.com ct.pinterest.com ipl.smct.io main.inference.madewithintent.ai recs-us-e1a.particularaudience.com cdn.cookielaw.org googleads4.g.doubleclick.net insight.adsrvr.org eu.klarnaevt.com cdn-ukwest.onetrust.com js.klarna.com try.abtasty.com cas.zma.gs www.google-analytics.com ariane.abtasty.com; img-src 'self' *.speedcurve.com data: www.googleadservices.com icons.parcellab.com www.google.co.uk bat.bing.net cj.dotomi.com tbs.tradedoubler.com www.emjcd.com googleads.g.doubleclick.net match.adsrvr.org insight.adsrvr.org api.bounceexchange.com network-eu-stg-a.bazaarvoice.com network-eu.bazaarvoice.com hotelchocolat.whoson.com events.smct.co www.google-analytics.com assets.bounceexchange.com l.contentsquare.net www.google.com trk.ometria.com c.contentsquare.net ad.doubleclick.net network-eu-stg.bazaarvoice.com static-eu.payments-amazon.com www.hotelchocolat.com m.media-amazon.com www.paypalobjects.com om.ordergroove.com blog.hotelchocolat.com services.postcodeanywhere.co.uk images.creator-prod.zmags.com www.googletagmanager.com maps.gstatic.com maps.googleapis.com *.cdnwidget.com events.bouncex.net bat.bing.com analytics.twitter.com t.co cdn.cookielaw.org images.getfastr.com img.creator-prod.zmags.com cdn-ukwest.onetrust.com; frame-src 'self' 6933631.fls.doubleclick.net  13586967.fls.doubleclick.net https:\/\/online.flippingbook.com match.adsrvr.org ssgtm.hotelchocolat.com td.doubleclick.net cnc-api.zmags.com www.sandbox.paypal.com www.paypal.com testsecureacceptance.cybersource.com www.google.com www.youtube.com ls.smct.io d2d7do8qaecbru.cloudfront.net www.googleadservices.com assets.bounceexchange.com ct.pinterest.com insight.adsrvr.org www.googletagmanager.com www.google.co.uk","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/trusted-scripts.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:\/\/trusted-images.com; font-src 'self'; frame-src 'self' https:\/\/forms.office.com; object-src 'none'; base-uri 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net betano.bg *.betano.bg betano.com *.betano.com betgenius.com *.betgenius.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org facebook.net *.facebook.net fullstory.com *.fullstory.com gmlinteractive.com *.gmlinteractive.com creativecdn.com *.creativecdn.com googletagmanager.com *.googletagmanager.com kaizengaming.com *.kaizengaming.com kameleoon.eu *.kameleoon.eu optimove.net *.optimove.net sportradar.com *.sportradar.com sportradarserving.com *.sportradarserving.com cloudflareinsights.com *.cloudflareinsights.com app.delivery *.app.delivery google-analytics.com *.google-analytics.com lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com *.brandinsight.tech *.bing.com *.taboola.com *.geocomply.com *.kameleoon.io *.ads-twitter.com *.jsdelivr.net *.kwai.net *.clarity.ms *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.pa4r.com res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=b1Oi2Qk45G4wss5_zcf2bK6eRWjDZzjd_06EvZEuJ1s-1778725683.8888829-1.0.1.1-UbNs_VFYUdva0qWN9B2cz4oR1fIMGEGJ.31L6Vq_P2yOv86zOZdZjadCmp1CKEsUi8FDuc0JxK.njiujL47G9LNoHZxqQzLCF05L.oDoMzaeLq3rrvkEEmeLJVptGVPHuEb1WS93XC4U2ozyZ5eMmJj4BGV2YSiAtVwgGnwz8ZMAqIVh1ucn_pnIqLisu3nI; report-to cf-ucinpyeqbpeqktwt","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-Llb--e3rr12BIZ-JsUvLPA' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.iubenda.com cdn.iubenda.com www.googletagmanager.com *.googletagmanager.com www.google-analytics.com *.google-analytics.com *.googleadservices.com *.googlesyndication.com *.googletagservices.com www.google.com accounts.google.com connect.facebook.net cdn.firstpromoter.com firstpromoter.com cdn-4.convertexperiments.com t.undetectable.ai analytics.aweber.com cdn.cgb.la public.reduxpayments.com va.vercel-scripts.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.iubenda.com accounts.google.com; font-src 'self' data: fonts.gstatic.com *.iubenda.com; img-src 'self' data: blob: *.iubenda.com www.facebook.com *.facebook.com www.google-analytics.com *.google-analytics.com www.google.com www.googletagmanager.com *.googleadservices.com *.googlesyndication.com t.undetectable.ai cdn-4.convertexperiments.com analytics.aweber.com; connect-src 'self' *.iubenda.com www.google-analytics.com *.google-analytics.com region1.google-analytics.com analytics.google.com accounts.google.com graph.facebook.com *.facebook.com t.undetectable.ai cdn.firstpromoter.com firstpromoter.com cdn-4.convertexperiments.com analytics.aweber.com vitals.vercel-insights.com vitals.vercel-analytics.com *.vercel-scripts.com; frame-src 'self' *.iubenda.com cdn.iubenda.com www.googletagmanager.com td.doubleclick.net www.facebook.com accounts.google.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-4Ovy00sUl\/GbnbW1Uc6MEg==' 'strict-dynamic' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:\/\/files.any.run; media-src 'self' blob: https:\/\/files.any.run; font-src 'self' data:; connect-src 'self' https:\/\/analytics.any.run https:\/\/sentry.any.run https:\/\/api-gb.any.run; frame-src 'self' https:\/\/challenges.cloudflare.com; frame-ancestors 'self'; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'; manifest-src 'self' https:\/\/files.any.run; upgrade-insecure-requests; report-uri \/api\/csp-report\/create","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'none'; report-uri \/cdn-cgi\/script_monitor\/report?m=eUlZlJmNzUSkr.fVz3HlqvtQkL9LHR0dhHhFG4jwt9M-1778728017.925241-1.0.1.1-TSh0Yn2Zl8QOsC2Xf_RpFfxIO1FuGJUp4C36s.4yMKI.MSs19Y6wlbxCCOer20cQzMrvFpZ8l4wrLBtRJgh75TrtBKPuOLN7VZyatm_9DpNdnVEkrHFy2Osc0rAggfAIiIf2eJUtCUxWtw6Lem8JfqTu91mgj0OALhFaYcaUiBy1V7EBpRDhknoK42TBcOa5; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self' 'report-sample'; connect-src 'self' https:\/\/matomo.psi.ch\/; font-src 'self' data: player.podigee-cdn.net assets.brevo.com; frame-src 'self' *.ddev.site *.psi.ch player.vimeo.com www.youtube-nocookie.com feeds.sirop.org maps.google.com www.jove.com player.podigee-cdn.net cdnapisec.kaltura.com www.google.com www.srf.ch www.youtube.com psi.mediaspace.cast.switch.ch; img-src 'self' data: gfa-status.web.psi.ch share.web.psi.ch webcam.switch.ch; media-src 'self' *.ethz.ch data:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/polyfill-fastly.io https:\/\/unpkg.com https:\/\/matomo.psi.ch\/; script-src-elem 'self' 'unsafe-inline' test-t6dnbai-3bjapdgtwdrsg.eu-2.platformsh.site www.gstatic.com *.psi.ch www.google.com player.podigee-cdn.net sibforms.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/polyfill-fastly.io https:\/\/unpkg.com; style-src 'self' 'report-sample' 'unsafe-inline' www.gstatic.com player.podigee-cdn.net sibforms.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; webrtc 'block'; worker-src 'self'; base-uri 'self'; form-action 'self' www.google.com; frame-ancestors 'self'; report-uri https:\/\/www.psi.ch\/de\/log-report-uri\/reportOnly","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-U_kFEAkJJsC4QLkzMZ16ow' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-MLPMF58ggUxlUkcRHHaSOw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src *; img-src * data:; script-src 'nonce-poVH7RY3hv2JiEmxeXFQYa45cyLa+5U1' 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' https: http: 'self' cdn.bizible.com; style-src 'self' 'unsafe-inline' https:\/\/404-tpa-276.mktoweb.com\/ https:\/\/*.qualified.com; font-src 'self' kit.fontawesome.com ka-p.fontawesome.com https:\/\/fast.wistia.com\/ https:\/\/fast.wistia.net\/ data:; form-action 'self'; object-src 'none'; media-src 'self' blob: mediastream: https:\/\/*.qualified.com; frame-src https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net\/ https:\/\/gtm.lawpay.com\/ https:\/\/gtm.mycase.com\/ https:\/\/insight.adsrvr.org\/ https:\/\/app.netlify.com\/ https:\/\/404-tpa-276.mktoweb.com\/ https:\/\/*.qualified.com; child-src https:\/\/*.qualified.com; frame-ancestors demo.affinipay.com ka-p.fontawesome.com; upgrade-insecure-requests; block-all-mixed-content; report-uri \/.netlify\/functions\/__csp-violations","count":1},{"content-security-policy-report-only":" base-uri 'self'; connect-src 'self' https:\/\/*.kadaster.nl https:\/\/hetkadaster.bbvms.com https:\/\/api.mypurecloud.de https:\/\/api-cdn.mypurecloud.de https:\/\/kadasterbv.containers.piwik.pro https:\/\/kadasterbv.piwik.pro https:\/\/api.pdok.nl https:\/\/service.pdok.nl https:\/\/bat.bing.net https:\/\/cdn.bluebillywig.com wss:\/\/webmessaging.mypurecloud.de\/v1; default-src 'self'; font-src 'self' https:\/\/kadasterbv.containers.piwik.pro https:\/\/*.kadaster.nl; frame-ancestors 'self'; frame-src 'self' https:\/\/apps.mypurecloud.de; img-src 'self' data: blob: https:\/\/*.kadaster.nl https:\/\/hetkadaster.bbvms.com https:\/\/stats.bluebillywig.com https:\/\/kadasterbv.containers.piwik.pro https:\/\/kadasterbv.piwik.pro https:\/\/service.pdok.nl https:\/\/www.toegankelijkheidsverklaring.nl https:\/\/6052693.global.siteimproveanalytics.io; media-src 'self' data: blob: https:\/\/*.kadaster.nl https:\/\/cdn.bluebillywig.com https:\/\/hetkadaster.bbvms.com https:\/\/d17w22xdcwd6zx.cloudfront.net\/hetkadaster\/; report-to report-uri-com; report-uri https:\/\/kadasternl.report-uri.com\/r\/t\/csp\/reportOnly; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.kadaster.nl https:\/\/cdn.bluebillywig.com https:\/\/apps.mypurecloud.de https:\/\/hetkadaster.bbvms.com https:\/\/kadasterbv.piwik.pro\/ppms.js https:\/\/kadasterbv.containers.piwik.pro https:\/\/siteimproveanalytics.com https:\/\/bat.bing.com https:\/\/www.googleadservices.com; style-src 'self' 'unsafe-inline' https:\/\/*.kadaster.nl;","count":1},{"content-security-policy-report-only":" default-src 'self' *.googleapis.com *.googletagmanager.com;connect-src 'self' *.gstatic.com *.google.com *.google-analytics.com *.google *.googlesyndication.com *.googletagmanager.com;frame-src 'self' *.google *.doubleclick.net *.google.com *.googlesyndication.com;font-src 'self' data: fonts.gstatic.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com  *.ampproject.org *.facebook.net *.jquery.com *.cloudfront.net *.google *.google.com *.googlesyndication.com *.googletagmanager.com *.googleapis.com;style-src 'self' 'unsafe-inline' 'unsafe-eval' *.jquery.com *.cloudfront.net *.googleapis.com *.cloudflare.com;img-src 'self' *.cloudfront.net *.google.com *;report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: *.fontawesome.com 'self' data: *.tawk.to fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.tawk.to *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.innoship.ro https:\/\/www.googletagmanager.com\/ *.wesupply.xyz https:\/\/wesupplylabs.com s.pinimg.com ct.pinterest.com consentcdn.cookiebot.com *.weltpixel.com *.tawk.to https:\/\/b2d.springfarma.com\/ https:\/\/consentcdn.cookiebot.eu\/ *.creativecdn.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.gstatic.com *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.tbicp.com *.tile.openstreetmap.org *.openstreetmap.org http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ t.themarketer.com cdn1.themarketer.com *.hsforms.net *.hsforms.com 'self' data: www.google.ro\/ads www.facebook.com\/tr analytics.tiktok.com *.google-analytics.com *.analytics.google.com s.pinimg.com ct.pinterest.com www.google.com.ua *.tawk.to cdn.jsdelivr.net *.facebook.com *.omnitagjs.com *.google.ro https:\/\/b2d.springfarma.com *.adnxs.com *.mktr2.com *.doubleclick.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com *.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.tbicp.com https:\/\/scripts.luigisbox.com https:\/\/cdn.luigisbox.com https:\/\/live.luigisbox.com https:\/\/api.luigisbox.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.avada.io t.themarketer.com cdn1.themarketer.com *.hsforms.net *.hsforms.com www.google.ro attr-2p.com cdnjs.cloudflare.com retargeting.newsmanapp.com analytics.tiktok.com https:\/\/connect.facebook.net s.pinimg.com ct.pinterest.com consent.cookiebot.com *.tawk.to cdn.jsdelivr.net https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net unpkg.com *.cloudflareinsights.com *.clarity.ms *.newrelic.com *.cookiebot.eu *.creativecdn.com https:\/\/b2d.springfarma.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/scripts.luigisbox.com https:\/\/cdn.luigisbox.com https:\/\/live.luigisbox.com https:\/\/api.luigisbox.com t.themarketer.com cdn1.themarketer.com *.googleapis.com *.gstatic.com *.tawk.to cdn.jsdelivr.net tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ *.mktr2.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/scripts.luigisbox.com https:\/\/cdn.luigisbox.com https:\/\/live.luigisbox.com https:\/\/api.luigisbox.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/get.geojs.io *.avada.io t.themarketer.com cdn1.themarketer.com c1api.themarketer.com c2api.themarketer.com c3api.themarketer.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com https:\/\/connect.facebook.net analytics.tiktok.com *.analytics.google.com s.pinimg.com ct.pinterest.com *.tawk.to wss:\/\/*.tawk.to *.facebook.net https:\/\/www.google.com https:\/\/ams.creativecdn.com https:\/\/bam.eu01.nr-data.net *.nr-data.net *.cookiebot.eu *.clarity.ms *.googlesyndication.com *.tiktokw.us https:\/\/b2d.springfarma.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.hs-scripts.com https:\/\/js.hsforms.net https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.hsadspixel.net https:\/\/js.hubspot.com https:\/\/www.googletagmanager.com https:\/\/cdn.optimizely.com https:\/\/js.qualified.com https:\/\/cmp.osano.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/cdn.leandata.com https:\/\/cdn1.leandata.com https:\/\/js.storylane.io https:\/\/widgets.peerspot.com https:\/\/gist.github.com https:\/\/challenges.cloudflare.com https:\/\/www.youtube.com https:\/\/*.browser-intake-datadoghq.com https:\/\/www.datadoghq.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/j.6sc.co https:\/\/www.redditstatic.com https:\/\/pixel.byspotify.com https:\/\/bat.bing.com https:\/\/ok.huntress.com https:\/\/static.oktopost.com https:\/\/a.quora.com https:\/\/trk.techtarget.com https:\/\/tags.srv.stackadapt.com https:\/\/tracking.g2crowd.com https:\/\/static.ads-twitter.com https:\/\/googleads.g.doubleclick.net https:\/\/browser.sentry-cdn.com https:\/\/bzrcdn.openai.com; connect-src 'self' https:\/\/t.huntress.com https:\/\/www.huntress.com https:\/\/staging.huntress.com https:\/\/huntress.io https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/*.datadoghq.com https:\/\/hooks.zapier.com https:\/\/d1ixnma31xyxb5.cloudfront.net https:\/\/cdn.builder.io https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/cmp.osano.com https:\/\/consent.api.osano.com https:\/\/js.hs-scripts.com https:\/\/js.hsforms.net https:\/\/js.hs-banner.com https:\/\/forms.hsforms.com https:\/\/api.hubspot.com https:\/\/api.hubapi.com https:\/\/cta-service-cms2.hubspot.com https:\/\/js.qualified.com https:\/\/app.qualified.com wss:\/\/*.qualified.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/distillery.wistia.com https:\/\/pipedream.wistia.com https:\/\/embed-cloudfront.wistia.com https:\/\/challenges.cloudflare.com https:\/\/ilapi.graphite.io https:\/\/logx.optimizely.com https:\/\/rum.optimizely.com https:\/\/content.hotjar.io https:\/\/metrics.hotjar.io wss:\/\/ws.hotjar.com https:\/\/px.ads.linkedin.com https:\/\/epsilon.6sense.com https:\/\/ipv6.6sc.co https:\/\/c.6sc.co https:\/\/secure.adnxs.com https:\/\/pixel-config.reddit.com https:\/\/pixels.spotify.com https:\/\/pagead2.googlesyndication.com https:\/\/www.google-analytics.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/vc.hotjar.io https:\/\/www.google.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/tags.srv.stackadapt.com https:\/\/ibc-flow.techtarget.com https:\/\/tracking-api.g2.com https:\/\/app.leandata.com https:\/\/bzrcdn.openai.com https:\/\/bzr.openai.com https:\/\/middleware.huntress.com; style-src 'self' 'unsafe-inline' https:\/\/cmp.osano.com https:\/\/github.githubassets.com https:\/\/tags.srv.stackadapt.com https:\/\/fast.wistia.com https:\/\/fonts.googleapis.com; font-src 'self' data: https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/fonts.gstatic.com; img-src 'self' data: blob: https:\/\/d1ixnma31xyxb5.cloudfront.net https:\/\/cdn.builder.io https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/widgets.peerspot.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/embedwistia-a.akamaihd.net https:\/\/embed-ssl.wistia.com https:\/\/images.peerspot.com https:\/\/www.peerspot.com https:\/\/perf-na1.hsforms.com https:\/\/px.ads.linkedin.com https:\/\/px4.ads.linkedin.com https:\/\/alb.reddit.com https:\/\/b.6sc.co https:\/\/www.facebook.com https:\/\/bat.bing.com https:\/\/www.linkedin.com https:\/\/q.quora.com https:\/\/analytics.twitter.com https:\/\/t.co https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/tags.srv.stackadapt.com https:\/\/i.ytimg.com https:\/\/assets-global.website-files.com https:\/\/uploads-ssl.webflow.com https:\/\/ok.huntress.com; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/fast.wistia.net https:\/\/fast.wistia.com https:\/\/widgets.peerspot.com https:\/\/app.storylane.io https:\/\/tour.huntress.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/challenges.cloudflare.com https:\/\/cmp.osano.com https:\/\/*.cdn.optimizely.com https:\/\/app.qualified.com https:\/\/www.facebook.com https:\/\/huntress-labs.my.leandata.com; media-src 'self' blob: https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/embedwistia-a.akamaihd.net https:\/\/cdn.builder.io; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/forms.hsforms.com https:\/\/www.facebook.com; frame-ancestors 'self' https:\/\/hub.huntress.com","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-awwbojOoTIP2x28eYmaViQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-xMsg86hJj0qHEmjUyp1CDg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' *.rgi.net *.rgfi.net; script-src 'self' *.rgi.net *.rgfi.net 'unsafe-inline'; img-src 'self' *.rgi.net *.rgfi.net; frame-src 'self' *.rgi.net www.youtube.com www.youtube-nocookie.com; frame-ancestors 'self' *.data-line.de *.rgi.net; object-src 'none'; report-uri https:\/\/gindat.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" base-uri 'self';connect-src 'self' https: wss:;default-src 'none';font-src 'self' data: https:;form-action 'self' https:;frame-ancestors https:;frame-src https: blob:;img-src 'self' blob: data: https: http:;manifest-src 'none';media-src 'self' https: blob:;object-src 'self' https:\/\/djtflbt20bdde.cloudfront.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;worker-src 'self' https:\/\/zenkit.com https:\/\/*.zenkit.com;report-uri \/csp-report;script-src-attr 'none';style-src 'self' https: 'unsafe-inline'","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/ordermygear.report-uri.com\/r\/t\/csp\/wizard","count":1},{"content-security-policy-report-only":" base-uri 'self'; connect-src 'self' https:\/\/*.fontawesome.com\/ https:\/\/*.formassembly.com\/ https:\/\/*.promedica.app\/ https:\/\/*.vercel-storage.com\/ https:\/\/*.vercel.app\/ https:\/\/analytics.google.com\/ https:\/\/api.stadiamaps.com\/ https:\/\/cdn.cookielaw.org\/ https:\/\/cm.pmdt-jss.localhost\/ https:\/\/maps.googleapis.com\/ https:\/\/mc-3f4459e6-26cc-45d7-95b4-1637-cd.azurewebsites.net\/ https:\/\/mc-d506a988-cc64-4e20-af8c-4606-afd.azurefd.net\/ https:\/\/pagead2.googlesyndication.com\/ https:\/\/pcl-staging.promedica.org\/ https:\/\/pcl.promedica.org\/ https:\/\/promedica.matomo.cloud\/ https:\/\/siteintercept.qualtrics.com\/ https:\/\/stats.g.doubleclick.net\/ https:\/\/www.google-analytics.com\/; default-src 'self' https:\/\/*.promedica.app\/ https:\/\/*.vercel.app\/; font-src 'self' data: https:\/\/*.fontawesome.com\/ https:\/\/*.promedica.app\/ https:\/\/*.vercel.app\/ https:\/\/fonts.gstatic.com\/ https:\/\/use.typekit.net\/; frame-src 'self' https:\/\/td.doubleclick.net\/ https:\/\/www.google.com\/ https:\/\/www.youtube.com\/; img-src 'self' data: http:\/\/dummyimage.com https:\/\/*.promedica.app https:\/\/*.qualtrics.com https:\/\/*.vercel.app https:\/\/cdn.cookielaw.org https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/mc-3f4459e6-26cc-45d7-95b4-1637-cd.azurewebsites.net https:\/\/mc-d506a988-cc64-4e20-af8c-4606-afd.azurefd.net https:\/\/pcl-staging.promedica.org https:\/\/pcl.promedica.org https:\/\/www.google-analytics.com https:\/\/www.google.com.ec https:\/\/www.google.com https:\/\/www.googletagmanager.com; manifest-src 'self'; media-src 'self' data: https:\/\/pcl.promedica.org\/ https:\/\/pcl-staging.promedica.org\/; object-src 'none'; report-uri https:\/\/6480f3f9bf4bdd8c5cde6f2b.endpoint.csper.io\/?v=1; script-src 'unsafe-inline' 'unsafe-eval' 'report-sample' 'self' https:\/\/*.promedica.app\/ https:\/\/*.vercel.app\/ https:\/\/cdn.cookielaw.org\/ https:\/\/cdn.matomo.cloud\/ https:\/\/cdn.mouseflow.com\/ https:\/\/googleads.g.doubleclick.net\/ https:\/\/kit.fontawesome.com\/ https:\/\/maps.googleapis.com\/ https:\/\/promedica.tfaforms.net\/ https:\/\/siteintercept.qualtrics.com\/ https:\/\/unpkg.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.gstatic.com\/ https:\/\/www.youtube.com\/ https:\/\/zn86cv25rplysllsr-promedica.siteintercept.qualtrics.com\/SIE\/; style-src 'report-sample' 'unsafe-inline' 'self' https:\/\/*.promedica.app\/ https:\/\/*.vercel.app\/ https:\/\/fonts.googleapis.com\/ https:\/\/promedica.tfaforms.net\/; worker-src 'self' blob:","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-juhNmE-T6g5nsG8jB-BddA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/gfiber-static-marketing-jt-team","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.zma.gs *.devhec.com *.abtasty.com abtasty.com api-data-connector.abtasty.com ariane.abtasty.com assets-manager.abtasty.com common-fonts.abtasty.com dcinfos-cache.abtasty.com try.abtasty.com *.ipredictive.com ipredictive.com adlucent.com deepsearch.adlucent.com *.everesttech.net everesttech.net *.typekit.net typekit.net amazonaws.com execute-api.us-west-2.amazonaws.com us-east-2.amazonaws.com socialannex.com *.adnxs.com adnxs.com *.auryc.com auryc.com *.bidr.io prod.bidr.io *.bing.com *.bing.net bat.bing.net bing.com *.brxcdn.com brxcdn.com *.btttag.com btttag.com *.builder.io builder.io *.cloudflare.com *.cloudflareinsights.com cdnfonts.com cloudflare.com cloudflareinsights.com *.cloudfront.net cloudfront.net *.cloudinary.com cloudinary.com *.cnstrc.com cnstrc.com *.contentsquare.net bf.contentsquare.net contentsquare.net hj.contentsquare.net *.criteo.com criteo.com *.delighted.com delighted.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.dstillery.com dstillery.com media6degrees.com *.facebook.com *.facebook.net facebook.com facebook.net *.getfastr.com getfastr.com *.iesnare.com iesnare.com *.google.com *.googlesyndication.com *.gstatic.com analytics.google.com google.bg google.bs google.ca google.ch google.co.cr google.co.il google.co.in google.co.jp google.co.th google.co.uk google.co.vi google.co.za google.com google.com.ar google.com.au google.com.br google.com.bz google.com.co google.com.eg google.com.hk google.com.mx google.com.my google.com.ng google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.sa google.com.sg google.com.sv google.com.tr google.com.tw google.de google.es google.fr google.hn google.hr google.ie google.it google.nl google.pt google.ro google.sc google.se google.sk google.tt googlesyndication.com gstatic.com *.googleadservices.com googleadservices.com *.googleapis.com googleapis.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.fsastore.com *.hsastore.com *.welldeservedhealth.com fsastore.com hsastore.com welldeservedhealth.com *.heap-api.com *.heapanalytics.com heap-api.com heapanalytics.com us.heap-api.com ip-api.com *.izooto.com izooto.com jquery.com listrak.com listrakbi.com *.liadm.com liadm.com *.pcapredict.com *.postcodeanywhere.co.uk pcapredict.com bing.net *.clarity.ms mountain.com *.northbeam.io northbeam.io *.oursprivacy.com oursprivacy.com *.paypalobjects.com paypalobjects.com *.pepperjam.com *.pepperjamnetwork.com pepperjam.com pepperjamnetwork.com *.pinimg.com *.pinterest.com pinimg.com pinterest.com *.pdst.fm *.powerreviews.com powerreviews.com *.riskified.com riskified.com disstg.commercecloud.salesforce.com *.segment.com *.segment.io segment.com segment.io ingest.sentry.io *.spotify.com *.mobify-storefront.com mobify-storefront.com alocdn.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com acsbapp.com postcodeanywhere.co.uk telemetry.vaultdcr.com zma.gs *.vaultdcr.com *.youtube.com *.ytimg.com youtube.com ytimg.com *.zdassets.com *.zendesk.com zdassets.com zendesk.com zopim.com *.zmags.com *.zmags.workers.dev creator-prod.zmags.com zmags.com zmags.workers.dev *.fsastore.com; frame-ancestors capacitor:\/\/localhost;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.uship.com https:\/\/api.uship.com https:\/\/api-web.uship.com https:\/\/login.uship.com https:\/\/about.uship.com https:\/\/api-reviews.uship.com https:\/\/collect.uship.com https:\/\/content.uship.com https:\/\/go.uship.com https:\/\/help.uship.com https:\/\/ship.uship.com https:\/\/static.uship.com https:\/\/tm.uship.com https:\/\/track.uship.com https:\/\/login.okta.com https:\/\/www.ushipcdn.cloud https:\/\/t.ushipcdn.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.analytics.google.com https:\/\/ajax.googleapis.com https:\/\/fonts.googleapis.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.youtube.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/cdn.optimizely.com https:\/\/logx.optimizely.com https:\/\/rum.optimizely.com https:\/\/eum.instana.io https:\/\/eum-red-saas.instana.io https:\/\/app-sj21.marketo.com https:\/\/544-zar-489.mktoresp.com https:\/\/munchkin.marketo.net https:\/\/js.stripe.com https:\/\/bat.bing.com https:\/\/www.bing.com https:\/\/bat.bing.net https:\/\/edge.fullstory.com https:\/\/rs.fullstory.com https:\/\/d.adroll.com https:\/\/ipv4.d.adroll.com https:\/\/s.adroll.com https:\/\/aorta.clickagy.com https:\/\/hemsync.clickagy.com https:\/\/tags.clickagy.com https:\/\/pixels.spotify.com https:\/\/file-paa.zoom.us https:\/\/log-gateway.zoom.us https:\/\/us01apizva.zoom.us https:\/\/us01campaign.zoom.us https:\/\/us01ccistatic.zoom.us https:\/\/p.yotpo.com https:\/\/staticw2.yotpo.com https:\/\/unpkg.com https:\/\/ajax.cloudflare.com https:\/\/cdnjs.cloudflare.com https:\/\/vjs.zencdn.net https:\/\/static.cloudflareinsights.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/snap.licdn.com https:\/\/px.ads.linkedin.com https:\/\/pixel.byspotify.com https:\/\/ct.pinterest.com https:\/\/d.impactradius-event.com https:\/\/d.impct.site https:\/\/fast.ssqt.io https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/lex.33across.com https:\/\/insight.adsrvr.org https:\/\/js.adsrvr.org https:\/\/match.adsrvr.org https:\/\/tags.tiqcdn.com https:\/\/collect.tealiumiq.com https:\/\/cdn.mxpnl.com https:\/\/api-js.mixpanel.com https:\/\/js.zi-scripts.com https:\/\/ws.zoominfo.com https:\/\/widget.trustpilot.com https:\/\/player.vimeo.com https:\/\/app-sj21.marketo.com https:\/\/ekr.zdassets.com https:\/\/static.zdassets.com https:\/\/ushipaibot.zendesk.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' https:\/\/www.uship.com https:\/\/api.uship.com https:\/\/api-web.uship.com https:\/\/login.uship.com https:\/\/about.uship.com https:\/\/api-reviews.uship.com https:\/\/collect.uship.com https:\/\/content.uship.com https:\/\/go.uship.com https:\/\/help.uship.com https:\/\/ship.uship.com https:\/\/static.uship.com https:\/\/tm.uship.com https:\/\/track.uship.com https:\/\/login.okta.com https:\/\/www.ushipcdn.cloud https:\/\/t.ushipcdn.com https:\/\/ajax.googleapis.com https:\/\/fonts.googleapis.com https:\/\/maps.googleapis.com https:\/\/p.yotpo.com https:\/\/staticw2.yotpo.com https:\/\/unpkg.com https:\/\/ajax.cloudflare.com https:\/\/cdnjs.cloudflare.com https:\/\/vjs.zencdn.net https:\/\/static.cloudflareinsights.com https:\/\/fonts.gstatic.com https:\/\/use.fontawesome.com; img-src 'self' data: https:\/\/www.uship.com https:\/\/api.uship.com https:\/\/api-web.uship.com https:\/\/login.uship.com https:\/\/about.uship.com https:\/\/api-reviews.uship.com https:\/\/collect.uship.com https:\/\/content.uship.com https:\/\/go.uship.com https:\/\/help.uship.com https:\/\/ship.uship.com https:\/\/static.uship.com https:\/\/tm.uship.com https:\/\/track.uship.com https:\/\/login.okta.com https:\/\/www.ushipcdn.cloud https:\/\/t.ushipcdn.com https:\/\/s.ushipcdn.com https:\/\/resources.awsuship.com https:\/\/d2i7mi0re7cgbq.cloudfront.net https:\/\/proof-of-delivery-prod.s3.us-east-1.amazonaws.com https:\/\/uship-legacy-resources-prod.s3.us-east-1.amazonaws.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.analytics.google.com https:\/\/ajax.googleapis.com https:\/\/fonts.googleapis.com https:\/\/maps.googleapis.com https:\/\/fonts.gstatic.com https:\/\/maps.gstatic.com https:\/\/www.gstatic.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.youtube.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/cdn.optimizely.com https:\/\/logx.optimizely.com https:\/\/rum.optimizely.com https:\/\/eum.instana.io https:\/\/eum-red-saas.instana.io https:\/\/bat.bing.com https:\/\/www.bing.com https:\/\/bat.bing.net https:\/\/edge.fullstory.com https:\/\/rs.fullstory.com https:\/\/d.adroll.com https:\/\/ipv4.d.adroll.com https:\/\/s.adroll.com https:\/\/aorta.clickagy.com https:\/\/hemsync.clickagy.com https:\/\/tags.clickagy.com https:\/\/p.yotpo.com https:\/\/staticw2.yotpo.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/snap.licdn.com https:\/\/px.ads.linkedin.com https:\/\/pixel.byspotify.com https:\/\/ct.pinterest.com https:\/\/d.impactradius-event.com https:\/\/d.impct.site https:\/\/fast.ssqt.io https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/lex.33across.com https:\/\/insight.adsrvr.org https:\/\/js.adsrvr.org https:\/\/match.adsrvr.org https:\/\/*.online-metrix.net https:\/\/cdn.sanity.io https:\/\/notify.bugsnag.com https:\/\/app.jazz.co https:\/\/t.vibe.co; font-src 'self' data: https:\/\/www.uship.com https:\/\/api.uship.com https:\/\/api-web.uship.com https:\/\/login.uship.com https:\/\/about.uship.com https:\/\/api-reviews.uship.com https:\/\/collect.uship.com https:\/\/content.uship.com https:\/\/go.uship.com https:\/\/help.uship.com https:\/\/ship.uship.com https:\/\/static.uship.com https:\/\/tm.uship.com https:\/\/track.uship.com https:\/\/login.okta.com https:\/\/www.ushipcdn.cloud https:\/\/t.ushipcdn.com https:\/\/p.yotpo.com https:\/\/staticw2.yotpo.com https:\/\/fonts.gstatic.com https:\/\/use.fontawesome.com https:\/\/unpkg.com https:\/\/ajax.cloudflare.com https:\/\/cdnjs.cloudflare.com https:\/\/vjs.zencdn.net https:\/\/static.cloudflareinsights.com https:\/\/api.radar.io https:\/\/static.radar.com; connect-src 'self' https:\/\/www.uship.com https:\/\/api.uship.com https:\/\/api-web.uship.com https:\/\/login.uship.com https:\/\/about.uship.com https:\/\/api-reviews.uship.com https:\/\/collect.uship.com https:\/\/content.uship.com https:\/\/go.uship.com https:\/\/help.uship.com https:\/\/ship.uship.com https:\/\/static.uship.com https:\/\/tm.uship.com https:\/\/track.uship.com https:\/\/login.okta.com https:\/\/www.ushipcdn.cloud https:\/\/t.ushipcdn.com https:\/\/proof-of-delivery-prod.s3.us-east-1.amazonaws.com https:\/\/uship-legacy-resources-prod.s3.us-east-1.amazonaws.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.analytics.google.com https:\/\/ajax.googleapis.com https:\/\/fonts.googleapis.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.youtube.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/cdn.optimizely.com https:\/\/logx.optimizely.com https:\/\/rum.optimizely.com https:\/\/eum.instana.io https:\/\/eum-red-saas.instana.io https:\/\/app-sj21.marketo.com https:\/\/544-zar-489.mktoresp.com https:\/\/munchkin.marketo.net https:\/\/bat.bing.com https:\/\/www.bing.com https:\/\/bat.bing.net https:\/\/edge.fullstory.com https:\/\/rs.fullstory.com https:\/\/d.adroll.com https:\/\/ipv4.d.adroll.com https:\/\/s.adroll.com https:\/\/aorta.clickagy.com https:\/\/hemsync.clickagy.com https:\/\/tags.clickagy.com https:\/\/pixels.spotify.com https:\/\/file-paa.zoom.us https:\/\/log-gateway.zoom.us https:\/\/us01apizva.zoom.us https:\/\/us01campaign.zoom.us https:\/\/us01ccistatic.zoom.us https:\/\/p.yotpo.com https:\/\/staticw2.yotpo.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/snap.licdn.com https:\/\/px.ads.linkedin.com https:\/\/pixel.byspotify.com https:\/\/ct.pinterest.com https:\/\/d.impactradius-event.com https:\/\/d.impct.site https:\/\/fast.ssqt.io https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/lex.33across.com https:\/\/insight.adsrvr.org https:\/\/js.adsrvr.org https:\/\/match.adsrvr.org https:\/\/tags.tiqcdn.com https:\/\/collect.tealiumiq.com https:\/\/cdn.mxpnl.com https:\/\/api-js.mixpanel.com https:\/\/js.zi-scripts.com https:\/\/ws.zoominfo.com https:\/\/api.radar.io https:\/\/static.radar.com https:\/\/ekr.zdassets.com https:\/\/static.zdassets.com https:\/\/ushipaibot.zendesk.com; media-src 'self' data: https:\/\/www.uship.com https:\/\/api.uship.com https:\/\/api-web.uship.com https:\/\/login.uship.com https:\/\/about.uship.com https:\/\/api-reviews.uship.com https:\/\/collect.uship.com https:\/\/content.uship.com https:\/\/go.uship.com https:\/\/help.uship.com https:\/\/ship.uship.com https:\/\/static.uship.com https:\/\/tm.uship.com https:\/\/track.uship.com https:\/\/login.okta.com https:\/\/www.ushipcdn.cloud; frame-src 'self' https:\/\/www.uship.com https:\/\/api.uship.com https:\/\/api-web.uship.com https:\/\/login.uship.com https:\/\/about.uship.com https:\/\/api-reviews.uship.com https:\/\/collect.uship.com https:\/\/content.uship.com https:\/\/go.uship.com https:\/\/help.uship.com https:\/\/ship.uship.com https:\/\/static.uship.com https:\/\/tm.uship.com https:\/\/track.uship.com https:\/\/login.okta.com https:\/\/www.ushipcdn.cloud https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.youtube.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/cdn.optimizely.com https:\/\/logx.optimizely.com https:\/\/rum.optimizely.com https:\/\/js.stripe.com https:\/\/connect.stripe.com https:\/\/bat.bing.com https:\/\/www.bing.com https:\/\/bat.bing.net https:\/\/aorta.clickagy.com https:\/\/hemsync.clickagy.com https:\/\/tags.clickagy.com https:\/\/file-paa.zoom.us https:\/\/log-gateway.zoom.us https:\/\/us01apizva.zoom.us https:\/\/us01campaign.zoom.us https:\/\/us01ccistatic.zoom.us https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/snap.licdn.com https:\/\/px.ads.linkedin.com https:\/\/pixel.byspotify.com https:\/\/ct.pinterest.com https:\/\/d.impactradius-event.com https:\/\/d.impct.site https:\/\/fast.ssqt.io https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/lex.33across.com https:\/\/insight.adsrvr.org https:\/\/js.adsrvr.org https:\/\/match.adsrvr.org https:\/\/*.online-metrix.net https:\/\/widget.trustpilot.com https:\/\/player.vimeo.com https:\/\/app-sj21.marketo.com; worker-src 'self' blob:; child-src 'self'; manifest-src 'self' https:\/\/www.ushipcdn.cloud; object-src 'none'; frame-ancestors 'self'; block-all-mixed-content; report-uri https:\/\/uship.report-uri.com\/r\/t\/csp\/reportOnly; report-to csp","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.com.my *.ebay.my *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.com.my *.ebay.my *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebay.com.my *.ebay.my *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B%3F710a%3Ac%3F05(rbpv27.k4%7Fq0-19e2423c9d2-0x2604#pd","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" child-src 'self' https:\/\/maps.googleapis.com; connect-src 'self' http:\/\/localhost:49755 https:\/\/*.dna.ip-only.net https:\/\/02d22c83a39531f497f8176997802343-httpcache0-80501-cacheod0.dna.ip-only.net https:\/\/177f070ca788ce3aac4d391fb312464c-httpcache0-80501-httpcache0.dna.ip-only.net https:\/\/analytics.qbrick.com https:\/\/api.checkin.no https:\/\/cdn.jsdelivr.net https:\/\/consentcdn.cookiebot.com https:\/\/esp-eu.aptrinsic.com https:\/\/fotball.formstack.com https:\/\/js.monitor.azure.com https:\/\/maps.googleapis.com https:\/\/matomo.fotball.no https:\/\/notifications.fotball.no https:\/\/play2.qbrick.com https:\/\/servedbyadbutler.com https:\/\/static.checkin.no https:\/\/static.formstack.com https:\/\/video.qbrick.com https:\/\/westeurope-5.in.applicationinsights.azure.com wss:\/\/notification.qbrick.com wss:\/\/ws.checkin.no; font-src 'self' data: https:\/\/*.cloudfront.net\/graphik\/ https:\/\/*.cloudfront.net\/lato\/ https:\/\/*.typekit.net https:\/\/cdn.jsdelivr.net https:\/\/fonts.gstatic.com https:\/\/fotball.formstack.com https:\/\/play2.qbrick.com https:\/\/r2cdn.perplexity.ai https:\/\/static.formstack.com https:\/\/vjs.zencdn.net https:\/\/www.fotball.no; frame-src 'self' https:\/\/akilles.h5p.com\/ https:\/\/app.bwz.se\/ https:\/\/app.powerbi.com https:\/\/calendar.google.com https:\/\/cdn.knightlab.com https:\/\/consentcdn.cookiebot.com https:\/\/forms.office.com https:\/\/fotball-iv.azurewebsites.net https:\/\/imagevault.fotball.no https:\/\/m.facebook.com https:\/\/maps.googleapis.com https:\/\/norges-fotballforbund.campaign.playable.com https:\/\/open.spotify.com https:\/\/play2.qbrick.com https:\/\/player.vimeo.com https:\/\/servedbyadbutler.com https:\/\/video.qbrick.com https:\/\/vimeo.com\/ https:\/\/w.soundcloud.com https:\/\/www.facebook.com https:\/\/www.instagram.com https:\/\/www.youtube.com; img-src 'self' data: https:\/\/*.dna.ip-only.net https:\/\/curator-assets.b-cdn.net https:\/\/dam.fotball.no https:\/\/fonts.gstatic.com https:\/\/httpcache0-80501-cachedown0.dna.ip-only.net https:\/\/i.ytimg.com https:\/\/images.fotball.no https:\/\/imgsct.cookiebot.com https:\/\/khms0.googleapis.com https:\/\/khms1.googleapis.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/matomo.fotball.no https:\/\/play2.qbrick.com https:\/\/s3.amazonaws.com https:\/\/servedbyadbutler.com https:\/\/translate.google.com https:\/\/vimeo.com\/ https:\/\/www.fotball.no https:\/\/www.google-analytics.com; script-src-elem 'self' 'unsafe-inline' https:\/\/akilles.h5p.com https:\/\/app.playable.com https:\/\/cdn.curator.io https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/connect.facebook.net https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/e.issuu.com https:\/\/files.cdn.leadfamly.com https:\/\/fotball.formstack.com https:\/\/js.monitor.azure.com https:\/\/maps.googleapis.com https:\/\/matomo.fotball.no https:\/\/maxcdn.bootstrapcdn.com https:\/\/play2.qbrick.com https:\/\/player.vimeo.com https:\/\/registration.checkin.no https:\/\/servedbyadbutler.com https:\/\/static.formstack.com https:\/\/web-sdk-eu.aptrinsic.com https:\/\/www.instagram.com https:\/\/www.youtube.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/files.cdn.leadfamly.com https:\/\/fotball.formstack.com https:\/\/js.monitor.azure.com https:\/\/maps.googleapis.com https:\/\/matomo.fotball.no https:\/\/maxcdn.bootstrapcdn.com https:\/\/play2.qbrick.com https:\/\/servedbyadbutler.com https:\/\/static.formstack.com https:\/\/web-sdk-eu.aptrinsic.com https:\/\/www.fotball.no; style-src-elem 'self' 'unsafe-inline' https:\/\/*.typekit.net https:\/\/cdn.jsdelivr.net https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/play2.qbrick.com https:\/\/registration.checkin.no https:\/\/use.typekit.net https:\/\/vjs.zencdn.net https:\/\/web-sdk-eu.aptrinsic.com https:\/\/www.gstatic.com; style-src 'self' 'unsafe-inline' https:\/\/*.typekit.net https:\/\/fonts.googleapis.com https:\/\/maps.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/play2.qbrick.com https:\/\/use.typekit.net https:\/\/vjs.zencdn.net https:\/\/www.fotball.no; style-src-attr 'unsafe-inline'; default-src 'none'; base-uri https:\/\/play2.qbrick.com https:\/\/www.fotball.no; media-src blob: https:\/\/0190b0b31b8dd17a1463ce1a6d517637-httpcache0-80501-cacheod0.dna.ip-only.net https:\/\/104ca5673faec03f15eefd6f0ab056f2-httpcache0-80501-cacheod0.dna.ip-only.net https:\/\/4b26957422d55a62b16b4379c74cf8a0-httpcache0-80501-httpcache0.dna.ip-only.net https:\/\/77c6108b1f24550417860e13b5402c99-httpcache0-80501-cacheod0.dna.ip-only.net https:\/\/httpcache0-80501-cachedown0.dna.ip-only.net https:\/\/maps.googleapis.com https:\/\/play2.qbrick.com https:\/\/vimeo.com\/ https:\/\/www.fotball.no; object-src https:\/\/maps.googleapis.com; manifest-src https:\/\/www.fotball.no; worker-src blob:; report-to stott-security-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com data:; img-src 'self' https: data: blob:; connect-src 'self' https:; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; object-src 'none'; base-uri 'self'; frame-ancestors 'none'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/*.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/connect.facebook.net https:\/\/www.clarity.ms https:\/\/c.clarity.ms https:\/\/strava-embeds.com https:\/\/d335luupugsy2.cloudfront.net https:\/\/challenges.cloudflare.com https:\/\/vercel.live https:\/\/static.zdassets.com https:\/\/static.hotjar.com https:\/\/cdn.mouseflow.com https:\/\/www.googleadservices.com https:\/\/static.cloudflareinsights.com https:\/\/posthog.ingresse.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com; img-src 'self' data: blob: https:; font-src 'self' data: https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/api.ticketsports.com.br https:\/\/api-beta.ticketsports.com.br https:\/\/accounts.ticketsports.com.br https:\/\/*.googletagmanager.com https:\/\/app.posthog.com https:\/\/us.i.posthog.com https:\/\/nominatim.openstreetmap.org https:\/\/www.google.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/www.facebook.com https:\/\/c.clarity.ms https:\/\/e.clarity.ms https:\/\/app.rdstation.com.br https:\/\/api.rd.services https:\/\/challenges.cloudflare.com https:\/\/www.strava.com https:\/\/vars.hotjar.com https:\/\/mouseflow.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/ekr.zdassets.com https:\/\/posthog.ingresse.com https:\/\/capiq.datah04.com; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/challenges.cloudflare.com https:\/\/td.doubleclick.net https:\/\/www.strava.com https:\/\/strava-embeds.com https:\/\/vercel.live https:\/\/vars.hotjar.com; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com *.googleapis.com *.shopogen.ro *.gigya.com *.carrefour.ro carrefour.ro *.google.com www.googletagmanager.com *.googletagmanager.com facebook.com *.prefixbox.com *.tiktok.com *.jsdelivr.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.facebook.com *.instagram.com *.gigya.com *.carrefour.ro carrefour.ro facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.googletagmanager.com *.doubleclick.net *.facebook.com *.dotdigital-pages.com *.dotdigital.com *.cookiebot.com *.google.com *.gigya.com *.carrefour.ro carrefour.ro *.krxd.net *.hotjar.com *.jsdelivr.net *.btdirect.ro *.tiktok.com *.prefixbox.com facebook.com www.googletagmanager.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com 'self' data: *.googletagmanager.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.gstatic.com blob: *.3lift.com *.adnxs.com *.adsrvr.org *.bluekai.com *.casalemedia.com *.ck-ie.com *.contextweb.com *.cookielaw.org *.dotomi.com *.eyeota.net *.flavedo.io *.flix360.com *.flix360.io *.flixcar.com *.google.ro *.google-analytics.com *.googleadservices.com *.kargo.com *.lijit.com *.media.net *.mediaplex.com *.openx.net *.paypal.com *.pubmatic.com *.rlcdn.com *.rubiconproject.com servedbyadbutler.com *.sharethrough.com *.shopogen.ro *.stickyadstv.com *.streamtheworld.com *.tremorhub.com *.yahoo.com *.gigya.com 'unsafe-inline' data: *.carrefour.ro carrefour.ro facebook.com *.krxd.net *.google.com www.googletagmanager.com *.tiktok.com *.prefixbox.com *.jsdelivr.net *.newrelic.com bam.eu01.nr-data.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.cloudflare.com *.cookiebot.com *.dotomi.com *.flix360.com *.flix360.io *.flixcar.com *.flixfacts.com *.googleapis.com *.instagram.com *.jsdelivr.net *.newrelic.com *.paypal.com *.pingdom.net servedbyadbutler.com *.shopogen.ro *.gigya.com *.carrefour.ro carrefour.ro chimpstatic.com www.googletagmanager.com *.krxd.net *.prefixbox.com *.tiktok.com *.cookielaw.org *.hotjar.com facebook.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.fontawesome.com *.shopogen.ro *.twitter.com *.typekit.net *.gigya.com 'unsafe-inline' data: *.carrefour.ro carrefour.ro *.jsdelivr.net *.prefixbox.com *.tiktok.com maxcdn.bootstrapcdn.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.citrusad.com *.doubleclick.net *.flix360.io *.flixcar.com *.googleapis.com *.googlesyndication.com *.instagram.com *.onetrust.com *.paypal.com *.pingdom.net *.shopogen.ro *.gigya.com *.carrefour.ro carrefour.ro *.cookielaw.org *.krxd.net *.hotjar.com *.jsdelivr.net *.prefixbox.com *.newrelic.com bam.eu01.nr-data.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hs-scripts.com clarity.ms cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/platform.twitter.com https:\/\/www.google.com; script-src-elem 'self' 'unsafe-inline' http:\/\/*.googleapis.com js.hs-analytics.net\/ js-agent.newrelic.com cloud.typography.com\/ js.hs-banner.com\/ js.hs-scripts.com\/ https:\/\/*.clarity.ms\/ w.recruiterbox.com public.tableau.com http:\/\/*.googletagmanager.com\/ http:\/\/connect.facebook.net\/ http:\/\/gstatic.com http:\/\/*.gstatic.com\/ http:\/\/*.jsdelivr.net player.vimeo.com http:\/\/*.vimeocdn.com\/ http:\/\/cdn-cookieyes.com\/ cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/platform.twitter.com https:\/\/www.google.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com cdn.jsdelivr.net; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com js.hs-scripts.com clarity.ms js-agent.newrelic.com cloud.typography.com w.recruiterbox.com cdn.jsdelivr.net; frame-ancestors 'self' www.ustravel.org","count":1},{"content-security-policy-report-only":" worker-src *.noibu.com; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.fontawesome.com *.googleapis.com www.google.com www.gstatic.com *.bootstrapcdn.com *.paypalobjects.com *.gladly.com *.cookielaw.org data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/plumrocket.com *.tilebar-vis.com *.byondxr.com *.facebook.com *.facebook.net *.yotpo.com *.listrakbi.com *.cookielaw.org *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app www.google.com *.affirm.com *.affirm.ca https:\/\/plumrocket.com *.tilebar-vis.com *.byondxr.com sketchfab.com *.weltpixel.com cdn.cardknox.com\/ *.facebook.com *.paypalobjects.com *.yotpo.com *.cardknox.com *.vimeo.com vimeo.com *.googletagmanager.com *.xtento.com *.doubleclick.net *.gladly.com *.optimizely.com *.creativecdn.com *.pinterest.com *.listrakbi.com *.cookielaw.org *.noibu.com photos.pixlee.co c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * speedsize.com *.speedsize.com www.xtento.com 'self' 'unsafe-inline'; img-src *.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app www.apptrian.com *.affirm.com *.affirm.ca *.googleadservices.com *.facebook.com *.yotpo.com *.cdninstagram.com *.google-analytics.com *.google.com *.google.com.vn *.google.co.il *.google.com.sg *.google.co.uk *.google.de *.magentocommerce.com *.paypalobjects.com *.ytimg.com *.web-view.net *.googleapis.com *.nagich.co.il vimeo.com *.vimeo.com *.tilebar.com *.zdassets.com *.pxlecdn.com *.cloudfront.net *.roomvo.com *.tilebar-vis.com *.byondxr.com *.searchspring.net *.gladly.com *.edgecastcdn.net *.doubleclick.net *.bing.com *.pinterest.com *.optimizely.com *.adnxs.com *.pubmatic.com *.adingo.jp *.adingo.com *.creativecdn.com *.yahoo.com *.yahoo.net *.33across.com *.mobon.net *.seedtag.com *.clarity.ms *.brcdn.com *.brsrvr.com *.listrakbi.com *.cookielaw.org wac.edgecastcdn.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/redchamps.com speedsize.com *.speedsize.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.apptrian.com *.affirm.com *.affirm.ca *.byondxr.com *.tilebar-vis.com cdn.cardknox.com\/ifields\/2.15.2405.1601\/ifields.min.js *.googleapis.com *.gstatic.com *.fontawesome.com *.dxpapi.com *.google-analytics.com apis.google.com *.googleadservices.com *.googletagmanager.com *.facebook.net *.doubleclick.net *.analytics.com *.rawgit.com *.nagich.co.il *.luckyorange.com *.xtento.com *.paypal.com *.paypalobjects.com *.forsixty.com *.criteo.com *.searchspring.io *.searchspring.net *.roomvo.io *.roomvo.com *.cloudflareinsights.com *.optimizely.com *.turnto.com *.pixlee.com *.pxlecdn.com *.cloudflare.com *.gladly.com *.smooch.io *.bing.com *.creativecdn.com *.pinimg.com *.particularaudience.com *.googletagservices.com *.googlesyndication.com cnstrc.com getrockerbox.com\/ *.adnxs.com *.adingo.jp *.adingo.com *.cnstrc.com *.tilebar.com *.pinterest.com *.callrail.com *.clarity.ms *.algoliaradar.com *.brcdn.com *.listrakbi.com *.cloudfront.net *.cookielaw.org *.noibu.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com speedsize.com *.speedsize.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com *.bootstrapcdn.com *.cloudflare.com *.turnto.com *.gladly.com *.brcdn.com *.listrakbi.com *.cookielaw.org *.typekit.net assets.braintreegateway.com speedsize.com *.speedsize.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com speedsize.com *.speedsize.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.afterpay.com *.afterpay-beta.com *.afterpaycdn.com *.squarecdn.com *.cash.app api.lab.amplitude.com www.apptrian.com *.affirm.com *.affirm.ca www.google.com www.gstatic.com *.dxpapi.com *.doubleclick.net *.analytics.com *.facebook.com *.google-analytics.com *.nagich.co.il player.vimeo.com *.luckyorange.com *.googleapis.com *.visitors.live *.zdassets.com *.searchspring.io *.searchspring.net *.roomvo.io *.roomvo.com cloudflareinsights.com *.cloudflareinsights.com *.optimizely.com *.turnto.com *.tilebar-vis.com *.byondxr.com unpkg.com *.unpkg.com *.gladly.com *.smooch.io *.creativecdn.com *.pinimg.com *.particularaudience.com *.googletagservices.com *.googlesyndication.com *.pinterest.com *.cnstrc.com *.cardknox.com *.clarity.ms *.pixlee.com *.algolia.io *.listrakbi.com *.betanetqa.me *.cloudflare.com *.cookielaw.org https:\/\/*.noibu.com wss:\/\/*.noibu.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com speedsize.com *.speedsize.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src speedsize.com *.speedsize.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri \/bnews\/csp\/report; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'none'; connect-src 'self' https:\/\/*.mediaflow.com https:\/\/mfstatic.com https:\/\/matomo.malmo.se https:\/\/edge.api.brightcove.com https:\/\/manifest.prod.boltdns.net https:\/\/house-fastly-signed-eu-west-1-prod.brightcovecdn.com; font-src 'self' data: https:\/\/mfstatic.com; frame-src 'self' https:\/\/stadsatlas.malmo.se https:\/\/*.mediaflow.com https:\/\/www.youtube.com; img-src 'self' data: https:\/\/devenemang.malmo.se https:\/\/test-devenemang.malmo.se https:\/\/assets.malmo.se https:\/\/malmo.se https:\/\/metrics.brightcove.com https:\/\/*.prod.boltdns.net https:\/\/assets.mediaflowpro.com https:\/\/*.brightcovecdn.com https:\/\/*.inviewer.se https:\/\/i.ytimg.com; media-src 'self' https:\/\/*.brightcovecdn.com https:\/\/*.mediaflow.com blob:; script-src 'self' 'nonce-dbe0cfb0-4f44-11f1-8073-1dfff111a2bf' https:\/\/matomo.malmo.se https:\/\/players.brightcove.net 'strict-dynamic' 'unsafe-eval'; script-src-elem 'self' 'nonce-dbe0cfb0-4f44-11f1-8073-1dfff111a2bf' https:\/\/matomo.malmo.se https:\/\/www.google.com\/recaptcha https:\/\/players.brightcove.net https:\/\/mfstatic.com https:\/\/www.youtube.com; style-src 'self' https:\/\/malmo.se https:\/\/mfstatic.com 'unsafe-inline' data:;","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: streamable.com; www.youtube.com; script-src 'none' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https: www.googletagmanager.com; www.youtube.com;; style-src-elem 'self' 'unsafe-inline' https: cdn.lineicons.com; fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https:; img-src 'self' https: data: cmefnbespa.cloudimg.io; forms-eu1.hsforms.com;; connect-src 'self' 'none' https: data: www.google.com; forms-eu1.hsforms.com; forms-eu1.hscollectedforms.net; text\/plain; media-src 'self' https: www.youtube.com; frame-src 'self' https: www.youtube.com; streamable.com; www.google.com; sandbox allow-same-origin","count":1},{"content-security-policy-report-only":" default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data: https:\/\/*.stripe.com; object-src 'none'; script-src 'self' https: https:\/\/connect-js.stripe.com https:\/\/js.stripe.com https:\/\/*.js.stripe.com https:\/\/maps.googleapis.com 'nonce-1QcPQfV2giDCJITbmLwYsw=='; style-src 'self' https: 'nonce-1QcPQfV2giDCJITbmLwYsw=='; style-src-attr 'unsafe-inline'; frame-src 'self' https:\/\/connect-js.stripe.com https:\/\/js.stripe.com https:\/\/*.js.stripe.com https:\/\/hooks.stripe.com; connect-src 'self' https:\/\/api.stripe.com https:\/\/maps.googleapis.com; report-uri \/systems\/csp_report","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' cdn2.hubspot.net *.hubspot.com *.hubspotusercontent10.net js.hscollectedforms.net js.hsleadflows.net js.hs-scripts.com js.hsadspixel.net js.hs-analytics.net js.hs-banner.com js.hs-banner.net *.hsforms.net *.hsforms.com static.hsappstatic.net js.hubspotfeedback.com feedback.hubapi.com js.usemessages.com *.vidyard.com cdnjs.cloudflare.com cdnjs.cloudflare.com 10921146.fls.doubleclick.net plausible.io *.hotjar.com *.hotjar.io *.qualified.com bttrack.com *.googletagmanager.com *.force.com *.thycotic.com *.centrify.com *.bidr.io *.rlcdn.cm t.co *.twitter.com burly.io *.clickagy.com *.doubleclck.net *.zoominfo.com lltrck.com facebook.com *.facebook.net *.redditstatic.com *.linkedin.com *.licdn.com *.demandbase.com *.zoominfo.com 'strict-dynamic' 'nonce-I\/1+3XcgisZDZFthcNzvHw=='","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/managewp.com https:\/\/orion.managewp.com https:\/\/s42013.pcdn.co https:\/\/db0hcalplzljl.cloudfront.net\/ https:\/\/*.google.com api.w.org https:\/\/*.googleapis.com ogp.me https:\/\/www.facebook.com *.google-analytics.com api.w.org *.googletagmanager.com tags.tiqcdn.com use.typekit.net s.w.org https:\/\/secure.gravatar.com https:\/\/connect.facebook.net https:\/\/p.typekit.net https:\/\/www.googleadservices.com https:\/\/fonts.gstatic.com https:\/\/www.gstatic.com  https:\/\/*.g.doubleclick.net https:\/\/player.vimeo.com https:\/\/*.youtube.com https:\/\/*.youtube-nocookie.com https:\/\/*.googlevideo.com https:\/\/*.ytimg.com data:;  img-src * data:;  object-src 'none';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-xgXKqLSxHkS\/L+Z1UyUdYQ==' https:\/\/*.adyen.com https:\/\/*.adyenpayments.com https:\/\/*.bambuser.com https:\/\/*.cevoid.com https:\/\/*.contentsquare.net https:\/\/*.doubleclick.net https:\/\/*.klarna.com https:\/\/*.klarnacdn.net https:\/\/*.kustom.co https:\/\/*.taboola.com https:\/\/*.usercentrics.eu https:\/\/analytics.tiktok.com https:\/\/api.unifaun.com https:\/\/assets.voyado.com https:\/\/bat.bing.com https:\/\/chat.kindlycdn.com https:\/\/connect.facebook.net https:\/\/ct.pinterest.com https:\/\/gallery.cevoid.com https:\/\/google-analytics.com https:\/\/pay.google.com https:\/\/s.pinimg.com https:\/\/t.contentsquare.net https:\/\/tr.snapchat.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.googletagservices.com https:\/\/ad.doubleclick.net https:\/\/modules.ecomid.com; style-src 'self' 'unsafe-inline' https: data:; connect-src 'self' https:\/\/*.az.contentsquare.net https:\/\/*.bambuser.com https:\/\/*.cevoid.com https:\/\/*.contentsquare.net https:\/\/*.facebook.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/www.google.com https:\/\/*.google.se https:\/\/*.klarna.com https:\/\/*.kindly.ai https:\/\/*.kustom.co https:\/\/*.snapchat.com https:\/\/*.taboola.com https:\/\/*.tiktok.com https:\/\/*.usercentrics.eu https:\/\/*.kappahl.com https:\/\/*.newbie.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/api.cevoid.com https:\/\/api.klarna.com https:\/\/api.raygun.io https:\/\/api.screen9.com https:\/\/api.unifaun.com https:\/\/assets.voyado.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/bot.kindly.ai https:\/\/cdn.raygun.io https:\/\/chat.kindlycdn.com https:\/\/checkout-test.adyen.com https:\/\/checkout.adyen.com https:\/\/checkoutanalytics-test.adyen.com https:\/\/checkoutshopper-test.cdn.adyen.com https:\/\/checkoutshopper-test.cdn.adyen.com\/ https:\/\/checkoutanalytics-live.adyen.com https:\/\/ct.pinterest.com https:\/\/dc.services.visualstudio.com https:\/\/gallery.cevoid.com https:\/\/google.com https:\/\/maps.googleapis.com https:\/\/pagead2.googlesyndication.com https:\/\/googleads.g.doubleclick.net https:\/\/pay.google.com https:\/\/qcdn.screen9.com https:\/\/qcnl.tv https:\/\/statsapi.screen9.com https:\/\/t.contentsquare.net https:\/\/t1.voyado.com https:\/\/wapi.lipscore.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.pinterest.com https:\/\/www.sandbox.paypal.com https:\/\/ad.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/modules.ecomid.com https:\/\/events.ecomid.com https:\/\/api.ecomid.com https:\/\/sockjs-eu.pusher.com; frame-src 'self' https:\/\/*.adyen.com https:\/\/*.adyenpayments.com https:\/\/*.bambuser.com https:\/\/*.doubleclick.net https:\/\/*.klarna.com https:\/\/*.klarnacdn.net https:\/\/*.kustom.co https:\/\/*.usercentrics.eu https:\/\/checkout.klarna.com https:\/\/ct.pinterest.com https:\/\/pay.google.com https:\/\/*.kappahl.com https:\/\/*.newbie.com https:\/\/tr.snapchat.com https:\/\/www.googletagmanager.com https:\/\/www.sandbox.paypal.com https:\/\/modules.ecomid.com https:\/\/www.facebook.com; img-src 'self' data: https: blob:; media-src 'self' blob: data: https:;font-src 'self' https: data:; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; report-uri \/csp-report;","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ bid.g.doubleclick.net sst.nonpaints.com https:\/\/www.googletagmanager.com\/ *.multisafepay.com https:\/\/pay.google.com 'self' 'unsafe-inline'; img-src cdn.nonpaints.com data: widgets.magentocommerce.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com https:\/\/images.unsplash.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com *.multisafepay.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com data: https: 'self' 'unsafe-inline'; script-src www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.disqus.com https:\/\/cdn.jsdelivr.net *.multisafepay.com https:\/\/pay.google.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src https:\/\/cdn.jsdelivr.net *.multisafepay.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.multisafepay.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-hmKaZ9XwtcKu_X6E9YNNOg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" base-uri 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'nonce-2rO05SmkARXVpNCPOL7Dbg=='","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: *.api.useinsider.com *.doubleclick.net *.facebook.net *.g.doubleclick.net *.googleadservices.com *.googletagmanager.com *.hotjar.com *.iopenmall.tw *.scriptcdn.net *.useinsider.com 3001.scriptcdn.net analytics.tiktok.com b99.yahoo.co.jp bat.bing.com bb8.aotter.net cdn.jsdelivr.net cdn.smartnews-ads.com cdnjs.cloudflare.com challenges.cloudflare.com code.highcharts.com connect.facebook.net d.line-scdn.net dhfs.heytapimage.com dmp.im-apps.net dynamic.criteo.com g.alicdn.com h.accesstrade.net images.uc.cn infird.com iopenmalltw.api.useinsider.com matomo.ewebs.tw payments.developers.google.com s.pinimg.com s.yimg.jp s3.amazonaws.com secure-ds.serving-sys.com static.ads-twitter.com static.hotjar.com statics.a8.net trj.valuecommerce.com writeoff.iopenmall.tw www.google-analytics.com www.youtube.com; style-src 'self' 'unsafe-inline' data: *.dev.ewebs.tw *.gstatic.com *.iopenmall.tw assets.api.useinsider.com bbc.dev.ewebs.tw cdn.jsdelivr.net cdnjs.cloudflare.com epayment.7-11.com.tw fonts.googleapis.com writeoff.iopenmall.tw www.googletagmanager.com; img-src 'self' https: http: data: blob:; font-src 'self' data: *.gstatic.com *.iopenmall.tw at.alicdn.com cdn.scite.ai cdn.yiban.io cdnjs.cloudflare.com font.static.useinsider.com lf-flow-web-cdn.doubao.com mall.iopenmall.tw maxcdn.bootstrapcdn.com obs.dianleida.net r2cdn.perplexity.ai rsms.me static.shopback.com unpkg.com; media-src 'self' data: blob: https: http:; connect-src 'self' blob: *.a.run.app *.api.useinsider.com *.bing.com *.doubleclick.net *.facebook.com *.g.doubleclick.net *.google-analytics.com *.google.co.uk *.google.com *.google.com.do *.google.com.hk *.google.com.tw *.google.ni *.googleadservices.com *.googleapis.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.im-apps.net *.iopenmall.tw *.pinterest.com *.tiktok.com *.tiktokw.us *.useinsider.com *.yahoo.co.jp cdn.shopimgs.com dynamic.criteo.com g.alicdn.com google.com matomo.ewebs.tw s3.ap-east-1.amazonaws.com wss:\/\/*.hotjar.com wss:\/\/*.iopenmall.tw www.google.ae www.google.am www.google.at www.google.be www.google.bg www.google.bt www.google.by www.google.ca www.google.ch www.google.cl www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.kr www.google.co.ma www.google.co.nz www.google.co.th www.google.co.uz www.google.co.ve www.google.co.za www.google.com.ag www.google.com.ar www.google.com.au www.google.com.bd www.google.com.br www.google.com.co www.google.com.eg www.google.com.gh www.google.com.kh www.google.com.kw www.google.com.mx www.google.com.my www.google.com.ng www.google.com.np www.google.com.pe www.google.com.ph www.google.com.pk www.google.com.sa www.google.com.sg www.google.com.tr www.google.com.ua www.google.com.uy www.google.com.vn www.google.cz www.google.de www.google.dk www.google.dz www.google.es www.google.fr www.google.hu www.google.it www.google.jo www.google.kg www.google.la www.google.md www.google.nl www.google.no www.google.pl www.google.pt www.google.ro www.google.ru www.google.se www.google.sk www.google.td; frame-src 'self' www.youtube.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self' *.facebook.com; worker-src 'self' blob:; report-uri https:\/\/o4511211467243520.ingest.us.sentry.io\/api\/4511211468226560\/security\/?sentry_key=d523cce86871262b9953a69fc0219b4c;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net betano.com *.betano.com betano.ng *.betano.ng cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org facebook.net *.facebook.net fullstory.com *.fullstory.com gmlinteractive.com *.gmlinteractive.com googletagmanager.com *.googletagmanager.com kaizengaming.com *.kaizengaming.com kameleoon.io *.kameleoon.io optimove.net *.optimove.net sportradar.com *.sportradar.com sportradarserving.com *.sportradarserving.com cloudflareinsights.com *.cloudflareinsights.com ads-twitter.com *.ads-twitter.com app.delivery *.app.delivery lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com *.brandinsight.tech *.bing.com *.taboola.com *.geocomply.com *.creativecdn.com *.kameleoon.eu *.google-analytics.com *.jsdelivr.net *.kwai.net *.clarity.ms *.betgenius.com *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.pa4r.com res-odx.op-mobile.opera.com; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=gaHcqPq38cBf9Mj3EaWN6vTIbPliYF7XNDWxUq3A2w8-1778727993.8572338-1.0.1.1-Nv2OsDJQCqZTudVdtFgSuIUNem1u5enTesu8F1qrQ67XGkBQVlGRXrddhiA.ysEGzVlZzlKZfBDjbNZmIGkxz7CDCAM0EUKIi6c5lhmX7RXFlNtjn8as_LqPPFU5RCwWx0w7Rx_cJl2lSgZCqA0P9rjSa8WIlmhrGoDtKCTuN.F4nHwmnGAF7ViWvkDu5VBH; report-to cf-xldokwvfworkmqyo","count":1},{"content-security-policy-report-only":" default-src 'self' www.google-analytics.com www.youtube.com cdn.cookielaw.org *.onetrust.com *.gstatic.com *.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com cdn.jsdelivr.net cdn.cookielaw.org img03.en25.com *.youtube.com *.google.com *.gstatic.com *.google-analytics.com embed.vev.page *.vev.design *.googleapis.com discover.hdrinc.com *.cloudflare.com unpkg.com; style-src 'self' 'unsafe-inline' cloud.typography.com cdn.jsdelivr.net *.googleapis.com www.hdrinc.com unpkg.com *.cloudflare.com; img-src 'self' data: *; media-src film.vev.design cdn.vev.design; frame-src 'self' *.google.com *.youtube.com *.vimeo.com discover.hdrinc.com *.doubleclick.net player.blubrry.com e.issuu.com caupneif01 *.youtube-nocookie.com *.googletagmanager.com *.cloudflare.com; child-src 'self' *.google.com *.youtube.com; font-src 'self' data: cloud.typography.com cdn.vev.design *.gstatic.com www.hdrinc.com cdn.scite.ai use.typekit.net fonts.vev.design; connect-src 'self' *.googleapis.com *.google-analytics.com *.cookielaw.org *.onetrust.com analytics.google.com *.doubleclick.net region1.analytics.google.com *.google.com *.gstatic.com; report-uri \/report-csp-violation; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.google.com https:\/\/snap.licdn.com https:\/\/www.redditstatic.com https:\/\/policy.app.cookieinformation.com https:\/\/googleads.g.doubleclick.net https:\/\/secure.quantserve.com https:\/\/static.ads-twitter.com https:\/\/rules.quantcount.com https:\/\/analytics.tiktok.com https:\/\/tags.srv.stackadapt.com https:\/\/www.gstatic.com https:\/\/cdn.xsolla.net https:\/\/3001.scriptcdn.net https:\/\/infird.com; style-src 'self' 'unsafe-inline' https:\/\/tags.srv.stackadapt.com https:\/\/www.gstatic.com; img-src 'self' data: blob: https: https:\/\/cms.ioi.dk https:\/\/www.facebook.com https:\/\/px.ads.linkedin.com https:\/\/region1.google-analytics.com https:\/\/alb.reddit.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/ioi.dk https:\/\/use.typekit.net https:\/\/r2cdn.perplexity.ai; connect-src 'self' data: https:\/\/cms.ioi.dk https:\/\/region1.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/px.ads.linkedin.com https:\/\/alb.reddit.com https:\/\/pixel-config.reddit.com https:\/\/conversions-config.reddit.com https:\/\/www.redditstatic.com https:\/\/www.facebook.com https:\/\/policy.app.cookieinformation.com https:\/\/o4504207644033024.ingest.us.sentry.io https:\/\/vimeo.com https:\/\/prreqcroab.icu https:\/\/analytics.tiktok.com https:\/\/tags.srv.stackadapt.com https:\/\/www.googleadservices.com https:\/\/pixel.quantserve.com https:\/\/pixel.quantcount.com https:\/\/googleads.g.doubleclick.net https:\/\/analytics-ipv6.tiktokw.us https:\/\/consent.app.cookieinformation.com https:\/\/store.xsolla.com https:\/\/api.killadsapi.com https:\/\/overbridgenet.com; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/policy.app.cookieinformation.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/www.google.com https:\/\/www.facebook.com https:\/\/purchase.xsolla.com https:\/\/duertry.com https:\/\/access.workspace.google.com https:\/\/accounts.google.com; frame-ancestors 'self' https:\/\/dev-ioi-website.euwest01.umbraco.io https:\/\/stage-ioi-website.euwest01.umbraco.io https:\/\/ioi-website.euwest01.umbraco.io; media-src 'self' https:\/\/dev-ioi-website.euwest01.umbraco.io https:\/\/stage-ioi-website.euwest01.umbraco.io https:\/\/cms.ioi.dk; report-uri https:\/\/4ff80cf698c8fa08a42150e2d0fae142@o4504207644033024.ingest.us.sentry.io\/4510260682948608; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'none'; frame-ancestors 'none'; form-action 'self'; report-to csp-violation-endpoint; report-uri \/cgi-bin\/report_csp_violation.py","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-wV7ZYMVvvbKCE9cuW7NvnA==' d1ueir2rcqs7wj.cloudfront.net js.stripe.com *.paypal.com www.paypalobjects.com *.googletagmanager.com *.gstatic.com www.google-analytics.com www.google.com connect.facebook.net challenges.cloudflare.com cdn.segment.com cdn-cookieyes.com browser.sentry-cdn.com *.filepicker.io *.vimeo.com *.youtube.com *.youtu.be; style-src 'self' 'unsafe-inline' d1ueir2rcqs7wj.cloudfront.net fonts.googleapis.com *.filepicker.io *.vimeo.com *.youtube.com *.youtu.be; font-src 'self' d1ueir2rcqs7wj.cloudfront.net fonts.gstatic.com data:; img-src 'self' data: d1ueir2rcqs7wj.cloudfront.net *.facebook.com www.google-analytics.com *.googletagmanager.com *.amazonaws.com *.chuffed.org dev.visualwebsiteoptimizer.com *.filepicker.io *.vimeo.com *.youtube.com *.youtu.be; connect-src 'self' d1ueir2rcqs7wj.cloudfront.net *.stripe.com *.stripe.network *.paypal.com api.paypal.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.facebook.com *.segment.io cdn.segment.com *.sentry.io *.ingest.de.sentry.io wss:\/\/*.pusher.com *.amazonaws.com dev.visualwebsiteoptimizer.com; frame-src 'self' *.stripe.com *.paypal.com www.google.com challenges.cloudflare.com *.googletagmanager.com *.filepicker.io *.vimeo.com *.youtube.com *.youtu.be; worker-src 'self' blob:","count":1},{"content-security-policy-report-only":" default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-ancestors 'self'; report-uri https:\/\/taogroup.com\/wp-json\/tao-sec\/v1\/csp-report;","count":1},{"content-security-policy-report-only":" default-src 'self' https:; font-src 'self' https: data:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com; worker-src 'self' blob:; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: www.googletagmanager.com; connect-src 'self' https: ws: wss:; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubf68dfe1092b9b71f30b0f8123a55b7f0&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=project%3Ask%2Cenv%3Aproduction&service=sk","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' chrome-extension: https:\/\/rusmeteo.net https:\/\/pos.gosuslugi.ru 'unsafe-inline' 'unsafe-inline' https:\/\/counter.rambler.ru https:\/\/st.top100.ru https:\/\/mc.yandex.ru https:\/\/stat.sputnik.ru https:\/\/cdn.jsdelivr.net https:\/\/ymuc63gdgz.ru 127.0.0.1:8182 127.0.0.1:8888 127.0.0.1:5005; frame-src 'self' https:\/\/pos.gosuslugi.ru chrome-extension: https:\/\/mc.yandex.ru https:\/\/mc.yandex.md https:\/\/mc.yandex.com; object-src 'self'; report-uri \/cspreportonly;","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/fast.wistia.com https:\/\/*.wistia.com https:\/\/js.hsforms.net https:\/\/statuspal.io https:\/\/connect.facebook.net https:\/\/bat.bing.com https:\/\/tracking.g2crowd.com https:\/\/www.redditstatic.com https:\/\/www.clarity.ms https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/snap.licdn.com https:\/\/a.burly.io https:\/\/j.6sc.co https:\/\/cdn.stat-track.com https:\/\/*.zoominfo.com; style-src 'self' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; frame-src https:\/\/fast.wistia.com https:\/\/*.wistia.com https:\/\/forms.hsforms.com https:\/\/statuspal.io; img-src 'self' https: data: https:\/\/www.facebook.com https:\/\/static.xx.fbcdn.net https:\/\/*.wistia.com https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/bat.bing.com; connect-src 'self' https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.facebook.com https:\/\/bat.bing.com https:\/\/tracking.g2crowd.com https:\/\/forms.hsforms.com https:\/\/*.hubspot.com https:\/\/statuspal.io https:\/\/*.wistia.com https:\/\/www.clarity.ms https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/px.ads.linkedin.com https:\/\/a.burly.io https:\/\/j.6sc.co https:\/\/cdn.stat-track.com https:\/\/*.zoominfo.com; media-src 'self' https:\/\/embedwistia-a.akamaihd.net https:\/\/*.wistia.com","count":1},{"content-security-policy-report-only":" default-src 'self';  font-src 'self'    https:\/\/static.sanitas.es    https:\/\/maxcdn.bootstrapcdn.com    https:\/\/s3.lightboxcdn.com    https:\/\/fonts.gstatic.com    https:\/\/sanitaspre.herokuapp.com;  style-src 'self' 'unsafe-inline'    https:\/\/static.sanitas.es    https:\/\/sanitaspre.herokuapp.com    https:\/\/forms.zetaglobal.net    https:\/\/fonts.googleapis.com    https:\/\/maxcdn.bootstrapcdn.com;  img-src 'self'    data:    https:\/\/www.sanitas.es    https:\/\/static.sanitas.es    https:\/\/www.bupa.pt    https:\/\/cdn.cookielaw.org    https:\/\/sanitassociedadanonimade.data.adobedc.net    https:\/\/www.googletagmanager.com    https:\/\/www.google.com    https:\/\/forms.zetaglobal.net    https:\/\/sanitaspre.herokuapp.com    https:\/\/maps.gstatic.com    https:\/\/maps.googleapis.com    https:\/\/lh3.googleusercontent.com    https:\/\/www.google.es;  script-src 'self' 'unsafe-inline' 'unsafe-eval'    https:\/\/static.sanitas.es    https:\/\/www.googletagmanager.com    https:\/\/x.empathy.co    https:\/\/sanitaspre.herokuapp.com    https:\/\/assets.adobedtm.com https:\/\/cdn.cookielaw.org    https:\/\/static.hotjar.com https:\/\/euhosted.live.rezync.com    https:\/\/googleads.g.doubleclick.net    https:\/\/cdnjs.cloudflare.com    https:\/\/www.lightboxcdn.com    https:\/\/script.hotjar.com    https:\/\/forms.zetaglobal.net    https:\/\/d30o4d63vvluug.cloudfront.net    https:\/\/maps.googleapis.com    https:\/\/assets.exatom.io    https:\/\/cdn.eu.zetaglobal.net;  connect-src 'self'    https:\/\/api.sanitas.es    https:\/\/sanitassociedad.tt.omtrdc.net    https:\/\/cdn.cookielaw.org    https:\/\/onsiterecs.api.eu.zetaglobal.net    https:\/\/sanitaspre.herokuapp.com    https:\/\/events.api.eu.zetaglobal.net    https:\/\/content.hotjar.io    https:\/\/people.api.eu.zetaglobal.net    https:\/\/api.eu.zetaglobal.net    https:\/\/jsonplaceholder.typicode.com    https:\/\/maps.googleapis.com    https:\/\/assets.exatom.io    https:\/\/dpm.demdex.net    https:\/\/ad.doubleclick.net    https:\/\/www.google.com    wss:\/\/sanitaspre.herokuapp.com    wss:\/\/ws.hotjar.com;  frame-src 'self'    https:\/\/sania.chat    https:\/\/www.sania.chat    https:\/\/8508277.fls.doubleclick.net    https:\/\/sanitassociedadanonimade.demdex.net;","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-src 'self' https:; media-src 'self' blob: https:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'self'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" script-src 'nonce-\/vkGpRsDg8qy6\/V\/pr0Q1A==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=7b033a1f-c3b6-40ee-a250-e8d24c07b3a5; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src *; img-src * data:; script-src 'nonce-qXUVYw5w+rakxk6illhCnSy+KViG8WNt' 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' https: http: 'self' cdn.bizible.com; style-src 'self' 'unsafe-inline' https:\/\/404-tpa-276.mktoweb.com\/ https:\/\/*.qualified.com; font-src 'self' kit.fontawesome.com https:\/\/ka-p.fontawesome.com\/ https:\/\/fast.wistia.com\/ data:; form-action 'self'; object-src 'none'; media-src 'self' blob: mediastream: https:\/\/*.qualified.com; frame-src https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net\/ https:\/\/gtm.docketwise.com\/ https:\/\/www.youtube.com\/ https:\/\/insight.adsrvr.org\/ https:\/\/app.netlify.com\/ https:\/\/404-tpa-276.mktoweb.com\/ https:\/\/*.qualified.com; child-src https:\/\/*.qualified.com; frame-ancestors demo.affinipay.com ka-p.fontawesome.com; upgrade-insecure-requests; block-all-mixed-content; report-uri \/.netlify\/functions\/__csp-violations","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-_p97S0SMOfvbAKyM_7Aaxw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src *.addgene.org 'self' data: https:\/\/fonts.gstatic.com http:\/\/static-assets; style-src *.addgene.org 'self' https:\/\/googletagmanager.com 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/tagmanager.google.com http:\/\/static-assets; default-src 'self' *.addgene.org; frame-src https:\/\/td.doubleclick.net *.addgene.org https:\/\/www.surveymonkey.com 'self' https:\/\/www.usaepay.com https:\/\/challenges.cloudflare.com https:\/\/www.youtube.com https:\/\/sandbox.usaepay.com https:\/\/www.googletagmanager.com https:\/\/bid.g.doubleclick.net; img-src https:\/\/ssl.gstatic.com https:\/\/*.analytics.google.com *.addgene.org https:\/\/www.gstatic.com https:\/\/*.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com 'self' https:\/\/i.ytimg.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.googletagmanager.com data: https:\/\/googletagmanager.com *.addgene.org.s3.amazonaws.com https:\/\/*.google-analytics.com http:\/\/static-assets; connect-src *.nr-data.net https:\/\/*.analytics.google.com *.addgene.org https:\/\/ekr.zdassets.com https:\/\/*.g.doubleclick.net 'self' https:\/\/www.usaepay.com https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/sandbox.usaepay.com https:\/\/zendesk-eu.my.sentry.io cloudflareinsights.com https:\/\/*.google-analytics.com https:\/\/addgene.zendesk.com; script-src *.addgene.org 'self' https:\/\/*.googletagmanager.com 'unsafe-inline' https:\/\/tagmanager.google.com https:\/\/challenges.cloudflare.com https:\/\/assets.zendesk.com https:\/\/widget.surveymonkey.com https:\/\/www.google.com https:\/\/www.usaepay.com https:\/\/static.zdassets.com https:\/\/googletagmanager.com static.cloudflareinsights.com http:\/\/static-assets https:\/\/googleads.g.doubleclick.net https:\/\/ajax.googleapis.com https:\/\/sandbox.usaepay.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/js-agent.newrelic.com; report-uri \/csp-reporting\/","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net betano.com *.betano.com betano.cz *.betano.cz betgenius.com *.betgenius.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org creativecdn.com *.creativecdn.com facebook.net *.facebook.net fullstory.com *.fullstory.com gmlinteractive.com *.gmlinteractive.com googletagmanager.com *.googletagmanager.com kaizengaming.com *.kaizengaming.com kameleoon.eu *.kameleoon.eu optimove.net *.optimove.net sportradar.com *.sportradar.com cloudflareinsights.com *.cloudflareinsights.com app.delivery *.app.delivery google-analytics.com *.google-analytics.com lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com *.brandinsight.tech *.bing.com *.taboola.com *.geocomply.com *.kameleoon.io *.ads-twitter.com *.jsdelivr.net *.kwai.net *.clarity.ms *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.sportradarserving.com *.pa4r.com res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Djb13j4eThBwL6Fak2iVJSkeA.Us836PnuObG4vVIvg-1778724378.6977706-1.0.1.1-dHL._S5Lm0VaissswvZ.672bGY7DH_n2BWfcU1_EIG1lOMRyAmxepyUjGUamzsofmynlzaWtQIJx1BwDDmFunByJpzVMojwEqVWgXkZSEkdrTtYk9t77dXqTNIH3dZsqqdw65iY3Or_UtahwXtga5Z6_as.qT0AiJ6bNa0q6pfFMYmwDso.OGvAi51pb35cC; report-to cf-jsdaukpxnmzmohph","count":1},{"content-security-policy-report-only":" form-action 'self' https:\/\/uwosh.tfaforms.net https:\/\/www.facebook.com\/tr\/; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/syndicatedsearch.goog https:\/\/*.adtrafficquality.google https:\/\/www.google.com https:\/\/tr.snapchat.com https:\/\/player.vimeo.com https:\/\/www.youtube.com https:\/\/static.addtoany.com https:\/\/www.facebook.com https:\/\/public.tableau.com https:\/\/bbox.blackbaudhosting.com https:\/\/cdn.yoshki.com https:\/\/cdnapisec.kaltura.com; frame-ancestors 'self'; object-src 'none'; report-uri https:\/\/sentry.it.uwosh.edu\/api\/3\/security\/?sentry_key=a83fa724347d841bd65fdab57f19925a; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https:\/\/fonts.gstatic.com https:\/\/ws.colissimo.fr *.fontawesome.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com https:\/\/plumrocket.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/www.youtube.com https:\/\/form.typeform.com *.criteo.com *.hotjar.com *.facebook.com *.simply-jobs.fr https:\/\/plumrocket.com payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.bird.eu *.trackedlink.net *.ddlnk.net https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/ws.colissimo.fr https:\/\/*.tile.openstreetmap.fr https:\/\/*.onyourmap.com https:\/\/google.fr magefan.com cm.magefan.com *.disqus.com *.thebrighttag.com *.avis-verifies.com *.adform.net id5-sync.com *.liadm.com *.google.com *.google.fr *.kameleoon.eu *.nr-data.net *.metaffiliation.com *.facebook.com *.d-bi.fr *.adnxs.com *.omnitagjs.com *.casalemedia.com *.dmxleo.com *.360yield.com *.criteo.com *.media.net *.mediavine.com *.outbrain.com *.pubmatic.com *.rubiconproject.com *.sharethrough.com *.smaato.net *.smartadserver.com *.taboola.com *.teads.tv *.3lift.com *.advertising.com *.yahoo.com *.yieldlab.net *.yieldmo.com *.rlcdn.com *.smartclip.net *.tremorhub.com *.twiago.com *.krxd.net *.bing.com *.bidswitch.net *.doubleclick.net *.googletagmanager.com *.googleapis.com *.monnaiedeparis.fr blob: www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com *.disqus.com *.kameleoon.eu *.google.fr *.facebook.net *.d-bi.fr *.hotjar.com *.serving-sys.com *.criteo.com *.criteo.net *.monnaiedeparis.fr *.metaffiliation.com *.eulerian.net *.doubleclick.net *.bing.com *.soundclound.com *.soundcloud.com *.piwik.pro *.gstatic.com *.clarity.ms ipinfo.io *.addtoany.com maps.googleapis.com api.mapbox.com ws.colissimo.fr *.googletagmanager.com *.m1by1.com payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/www.monnaiedeparis.fr 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/fonts.googleapis.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com *.fontawesome.com *.googleapis.com *.addtoany.com 'self' data: *.typekit.net maxcdn.bootstrapcdn.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io commerce.adobe.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com qa-api.magedevteam.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/ws.colissimo.fr https:\/\/maps.googleapis.com https:\/\/nominatim.openstreetmap.org https:\/\/*.onyourmap.com https:\/\/*.mapbox.com http:\/\/dpm.demdex.net *.google-analytics.com *.g.doubleclick.net *.kameleoon.eu *.google.fr *.hotjar.com *.serving-sys.com *.criteo.com *.criteo.net *.monnaiedeparis.fr *.metaffiliation.com *.eulerian.net *.piwik.pro * payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/fonts.googleapis.com; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' 'unsafe-inline' *.drip.com *.hsappstatic.net *.sleeknote.com *.zdassets.com *.zendesk.com *.hubspot.com *.hubspot.net *.hs-analytics.net *.hs-banner.com *.cloudflare.com *.zi-scripts.com *.g2crowd.com unpkg.com *.tiktok.com *.quora.com *.bing.com *.redditstatic.com *.ads-twitter.com *.licdn.com *.facebook.net *.snapchat.com sc-static.net *.clearbitscripts.com *.dreamdata.cloud *.g2.com ai.g2.com; connect-src 'self' *.drip.com ai.g2.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/stats.theglobalfund.org; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:\/\/stats.theglobalfund.org; frame-src 'self' https:; media-src 'self' https:; frame-ancestors 'self'; base-uri 'self'; form-action 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/connect.facebook.net https:\/\/maps.googleapis.com https:\/\/s3-eu-west-1.amazonaws.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/static.inteliwise.com https:\/\/unpkg.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/www.recaptcha.net https:\/\/*.recaptcha.net https:\/\/*.google.com https:\/\/*.doubleclick.net https:\/\/*.googleusercontent.com https:\/\/*.youtube.com https:\/\/*.facebook.net https:\/\/*.hotjar.com https:\/\/*.inteliwise.com https:\/\/bat.bing.com https:\/\/pixel.wp.pl https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/*.clarity.ms https:\/\/analytics.tiktok.com https:\/\/static.ads-twitter.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/microsoft.com https:\/\/perfo.salestube.pl https:\/\/sandbox.przelewy24.pl https:\/\/browser-update.org https:\/\/tenantpluginapiserver1.eloacc.warta.pl https:\/\/public-api-sessionserver1.eloacc.warta.pl; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/s3-eu-west-1.amazonaws.com https:\/\/*.hotjar.com https:\/\/*.inteliwise.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/tenantpluginapiserver1.eloacc.warta.pl https:\/\/public-api-sessionserver1.eloacc.warta.pl; object-src 'none'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https:\/\/inteliwise-eu.s3.amazonaws.com https:\/\/maps.googleapis.com https:\/\/s3-eu-west-1.amazonaws.com https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.recaptcha.net https:\/\/*.hotjar.com https:\/\/*.inteliwise.com https:\/\/pixel.wp.pl https:\/\/rail-publisher.app.inteliwi.se https:\/\/ad.doubleclick.net https:\/\/*.clarity.ms wss:\/\/ws.hotjar.com https:\/\/content.hotjar.io https:\/\/metrics.hotjar.io https:\/\/www.facebook.com https:\/\/analytics.tiktok.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/bat.bing.com https:\/\/unpkg.com https:\/\/vc.hotjar.io https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/microsoft.com https:\/\/perfo.salestube.pl https:\/\/sandbox.przelewy24.pl https:\/\/tenantpluginapiserver1.eloacc.warta.pl https:\/\/public-api-sessionserver1.eloacc.warta.pl; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/tenantpluginapiserver1.eloacc.warta.pl https:\/\/public-api-sessionserver1.eloacc.warta.pl; frame-src 'self' https:\/\/10798259.fls.doubleclick.net https:\/\/9049979.fls.doubleclick.net https:\/\/s3-eu-west-1.amazonaws.com https:\/\/vars.hotjar.com https:\/\/www.google.com https:\/\/www.recaptcha.net https:\/\/*.google.com https:\/\/*.hotjar.com https:\/\/*.inteliwise.com https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net https:\/\/*.youtube.com https:\/\/*.vimeo.com https:\/\/player.vimeo.com https:\/\/www.youtube.com https:\/\/www.wp.pl https:\/\/tenantpluginapiserver1.eloacc.warta.pl; img-src 'self' data: https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.google.pl https:\/\/*.hotjar.com https:\/\/*.inteliwise.com https:\/\/pixel.wp.pl https:\/\/ad.doubleclick.net https:\/\/bat.bing.com https:\/\/*.clarity.ms https:\/\/www.googletagmanager.com https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/c.bing.com https:\/\/t.co https:\/\/analytics.twitter.com https:\/\/fonts.gstatic.com https:\/\/*.ytimg.com https:\/\/*.vimeocdn.com https:\/\/tenantpluginapiserver1.eloacc.warta.pl https:\/\/public-api-sessionserver1.eloacc.warta.pl; manifest-src 'self'; media-src 'self' https:\/\/tenantpluginapiserver1.eloacc.warta.pl https:\/\/public-api-sessionserver1.eloacc.warta.pl; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" default-src 'self' https:; font-src 'self' https: data: https:\/\/use.typekit.net https:\/\/p.typekit.net; img-src 'self' https: data: http:\/\/www.googleadservices.com; object-src 'none'; base-uri 'self'; style-src 'self' https: 'unsafe-inline' https:\/\/use.typekit.net https:\/\/cdn.consentmanager.net; script-src 'self' https: unsafe-inline unsafe-eval strict-dynamic https:\/\/use.typekit.net http:\/\/connect.facebook.net http:\/\/b-code.liadm.com https:\/\/js.intercomcdn.com https:\/\/static.intercomcdn.com https:\/\/widget.intercom.io https:\/\/app.intercom.io 'nonce-sYHQ8YiuYFlMkwESLM4o+g=='; connect-src 'self' https: wss:\/\/nexus-websocket-a.intercom.io","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' tags.tiqcdn.com tags.tiqcdn.cn collect.tealiumiq.com *.criteo.com *.criteo.net *.omtrdc.net *.yimg.jp *.yahoo.co.jp prf.hn *.doubleclick.net *.line.me *.google.com *.google.it *.bing.com *.google-analytics.com *.licdn.com *.tiktok.com sc-static.net *.usehero.com *.contentsquare.net *.demdex.net *.facebook.com *.googletagmanager.com *.facebook.net *.googleadservices.com *.teads.tv zegna.d3.sc.omtrdc.net www.google.* *.zegna.com *.measmerize.com *.googlesyndication.com maps.gstatic.com *.riskified.com sandbox.gestpay.net ecomm.sella.it *.online-metrix.net amp.akamaized.net *.snapchat.com *.gstatic.com *.go-mpulse.net cm.everesttech.net *.googleapis.com *.akstat.io *.akamaihd.net *.line-scdn.net *.algolianet.com *.algolia.net *.algolia.com zegna-cloud-media.s3.amazonaws.com zegna-cloud-media.s3.eu-west-1.amazonaws.com zegna-cloud-media.s3-eu-west-1.amazonaws.com livechat.zegna.cn *.baidu.com blob: data: ; font-src 'self' data: *.googleapis.com *.gstatic.com; report-uri \/cgi-bin\/csp_report.cgi","count":1},{"content-security-policy-report-only":" default-src   'self'; script-src   'self'   'unsafe-inline'   'unsafe-eval'   https:\/\/analytics-eu.clickdimensions.com   https:\/\/www.googletagmanager.com   https:\/\/maps.googleapis.com   https:\/\/www.jscache.com   https:\/\/www.youtube.com   https:\/\/www.google.com   https:\/\/www.riddle.com   https:\/\/p.teads.tv   https:\/\/webservices.data-8.co.uk   https:\/\/www.eventbrite.co.uk   https:\/\/connect.facebook.net   https:\/\/acdn.adnxs.com   https:\/\/c0.adalyser.com   https:\/\/static.hotjar.com   https:\/\/script.hotjar.com   https:\/\/k.r66net.com   https:\/\/www.tripadvisor.com   https:\/\/www.tripadvisor.co.uk   https:\/\/static.tacdn.com; style-src   'self'   'unsafe-inline'   https:\/\/use.typekit.net   https:\/\/p.typekit.net   https:\/\/cdnjs.cloudflare.com   https:\/\/webservices.data-8.co.uk   https:\/\/static.tacdn.com   https:\/\/fonts.googleapis.com; img-src   'self'   data:   https:\/\/ntswebstorage01.blob.core.windows.net   https:\/\/www.tripadvisor.co.uk   https:\/\/ciim-data.nts.org.uk   https:\/\/nts-production.imgix.net   https:\/\/nts-staging-test.imgix.net   https:\/\/t.teads.tv   https:\/\/ib.adnxs.com   https:\/\/www.facebook.com   https:\/\/maps.gstatic.com   https:\/\/maps.googleapis.com; font-src   'self'   https:\/\/www.nts.org.uk   https:\/\/use.typekit.net   https:\/\/static.tacdn.com   https:\/\/fonts.gstatic.com; connect-src   'self'   https:\/\/maps.googleapis.com   https:\/\/googleads.g.doubleclick.net   https:\/\/ciim-data.nts.org.uk   https:\/\/analytics-eu.clickdimensions.com   https:\/\/nts-production.imgix.net   https:\/\/p.typekit.net   https:\/\/use.typekit.net   https:\/\/*.hotjar.com   wss:\/\/*.hotjar.com; frame-src   'self'   https:\/\/www.youtube.com   https:\/\/www.youtube-nocookie.com   https:\/\/www.googletagmanager.com   https:\/\/www.riddle.com   https:\/\/w.soundcloud.com   https:\/\/*.doubleclick.net   https:\/\/*.hotjar.com   https:\/\/www.eventbrite.co.uk media-src   'self'   https:\/\/ntswebstorage01.blob.core.windows.net; object-src   'none'; frame-ancestors   'self'; base-uri   'self'; form-action   'self';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-s-J6OhbzxR7ygYyLqsb9Iw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'none'; report-uri \/next-external\/log\/csp\/violations; report-to csp-violations; connect-src 'self' wss:\/\/www.nordnet.fi https:\/\/www.googletagmanager.com https:\/\/analytics.nordnet.fi https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.fi https:\/\/api.prod.nntech.io https:\/\/api.test.nntech.io https:\/\/experimentation.public.prod.nntech.io https:\/\/www.google.com https:\/\/storage.googleapis.com https:\/\/www.recaptcha.net https:\/\/relay.prod.nntech.io https:\/\/api-poc.prod.nntech.io; font-src 'self' https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.fi; frame-src 'self' https:\/\/analytics.nordnet.fi https:\/\/10961666.fls.doubleclick.net https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/w.soundcloud.com https:\/\/embed.acast.com https:\/\/link.tink.com https:\/\/www.tv2.no https:\/\/checkout.trustly.com https:\/\/www.recaptcha.net https:\/\/www.google.com https:\/\/t.email.nordnet.fi https:\/\/dashboard.fundrella.com; img-src 'self' https:\/\/www.googletagmanager.com https:\/\/analytics.nordnet.fi https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.fi https:\/\/api.prod.nntech.io data: blob: https:\/\/cdn.tink.se https:\/\/images.ctfassets.net https:\/\/i.vimeocdn.com https:\/\/img.youtube.com https:\/\/www.recaptcha.net https:\/\/blogi.nordnet.fi; manifest-src 'self'; media-src https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.fi https:\/\/videos.ctfassets.net; object-src 'self'; script-src 'self' 'nonce-23154861-3808-41fa-a2ed-74f484168e5e' https:\/\/analytics.nordnet.fi https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.fi https:\/\/www.recaptcha.net https:\/\/www.google.com; script-src-attr 'none'; style-src 'unsafe-inline' 'self' https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.fi; worker-src 'none'; base-uri 'none'; form-action 'self' https:\/\/pvu.nets.no https:\/\/pvu.avtalegiro.no https:\/\/online.alandsbanken.fi https:\/\/verkkopankki.danskebank.fi https:\/\/verkkomaksu.handelsbanken.fi https:\/\/epmt.nordea.fi https:\/\/identify.nordea.com https:\/\/verkkomaksu.poppankki.fi https:\/\/verkkomaksu.saastopankki.fi https:\/\/online.s-pankki.fi https:\/\/auth.aktia.fi https:\/\/kirjaudu.aktia.fi https:\/\/ebank.aktia.fi; frame-ancestors 'self' https:\/\/app.contentful.com;","count":1},{"content-security-policy-report-only":" default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.buzzsprout.com *.cookielaw.org *.getblueshift.com *.onetrust.org *.typekit.net *.vercel-scripts.com bat.bing.com connect.facebook.net static.hotjar.com script.hotjar.com vercel.live *.chatbot.com *.clarity.ms crux-api-onerhino.vercel.app unpkg.com cwv.onerhino.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net;style-src 'self' 'unsafe-inline' *.typekit.net vercel.live;img-src 'self' blob: data: *.buzzsprout.com *.cookielaw.org *.ctfassets.net *.facebook.com *.internationalliving.com *.nodebb.com *.youtube.com *.ytimg.com *.vercel.com vercel.com *.bing.com *.clarity.ms https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.ad https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.al https:\/\/*.google.am https:\/\/*.google.co.ao https:\/\/*.google.com.ar https:\/\/*.google.as https:\/\/*.google.at https:\/\/*.google.com.au https:\/\/*.google.az https:\/\/*.google.ba https:\/\/*.google.com.bd https:\/\/*.google.be https:\/\/*.google.bf https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.bi https:\/\/*.google.bj https:\/\/*.google.com.bn https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.bs https:\/\/*.google.bt https:\/\/*.google.co.bw https:\/\/*.google.by https:\/\/*.google.com.bz https:\/\/*.google.ca https:\/\/*.google.cd https:\/\/*.google.cf https:\/\/*.google.cg https:\/\/*.google.ch https:\/\/*.google.ci https:\/\/*.google.co.ck https:\/\/*.google.cl https:\/\/*.google.cm https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.cr https:\/\/*.google.com.cu https:\/\/*.google.cv https:\/\/*.google.com.cy https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.dj https:\/\/*.google.dk https:\/\/*.google.dm https:\/\/*.google.com.do https:\/\/*.google.dz https:\/\/*.google.com.ec https:\/\/*.google.ee https:\/\/*.google.com.eg https:\/\/*.google.es https:\/\/*.google.com.et https:\/\/*.google.fi https:\/\/*.google.com.fj https:\/\/*.google.fm https:\/\/*.google.fr https:\/\/*.google.ga https:\/\/*.google.ge https:\/\/*.google.gg https:\/\/*.google.com.gh https:\/\/*.google.com.gi https:\/\/*.google.gl https:\/\/*.google.gm https:\/\/*.google.gr https:\/\/*.google.com.gt https:\/\/*.google.gy https:\/\/*.google.com.hk https:\/\/*.google.hn https:\/\/*.google.hr https:\/\/*.google.ht https:\/\/*.google.hu https:\/\/*.google.co.id https:\/\/*.google.ie https:\/\/*.google.co.il https:\/\/*.google.im https:\/\/*.google.co.in https:\/\/*.google.iq https:\/\/*.google.is https:\/\/*.google.it https:\/\/*.google.je https:\/\/*.google.com.jm https:\/\/*.google.jo https:\/\/*.google.co.jp https:\/\/*.google.co.ke https:\/\/*.google.com.kh https:\/\/*.google.ki https:\/\/*.google.kg https:\/\/*.google.co.kr https:\/\/*.google.com.kw https:\/\/*.google.kz https:\/\/*.google.la https:\/\/*.google.com.lb https:\/\/*.google.li https:\/\/*.google.lk https:\/\/*.google.co.ls https:\/\/*.google.lt https:\/\/*.google.lu https:\/\/*.google.lv https:\/\/*.google.com.ly https:\/\/*.google.co.ma https:\/\/*.google.md https:\/\/*.google.me https:\/\/*.google.mg https:\/\/*.google.mk https:\/\/*.google.ml https:\/\/*.google.com.mm https:\/\/*.google.mn https:\/\/*.google.com.mt https:\/\/*.google.mu https:\/\/*.google.mv https:\/\/*.google.mw https:\/\/*.google.com.mx https:\/\/*.google.com.my https:\/\/*.google.co.mz https:\/\/*.google.com.na https:\/\/*.google.com.ng https:\/\/*.google.com.ni https:\/\/*.google.ne https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.com.np https:\/\/*.google.nr https:\/\/*.google.nu https:\/\/*.google.co.nz https:\/\/*.google.com.om https:\/\/*.google.com.pa https:\/\/*.google.com.pe https:\/\/*.google.com.pg https:\/\/*.google.com.ph https:\/\/*.google.com.pk https:\/\/*.google.pl https:\/\/*.google.pn https:\/\/*.google.com.pr https:\/\/*.google.ps https:\/\/*.google.pt https:\/\/*.google.com.py https:\/\/*.google.com.qa https:\/\/*.google.ro https:\/\/*.google.ru https:\/\/*.google.rw https:\/\/*.google.com.sa https:\/\/*.google.com.sb https:\/\/*.google.sc https:\/\/*.google.se https:\/\/*.google.com.sg https:\/\/*.google.sh https:\/\/*.google.si https:\/\/*.google.sk https:\/\/*.google.com.sl https:\/\/*.google.sn https:\/\/*.google.so https:\/\/*.google.sm https:\/\/*.google.sr https:\/\/*.google.st https:\/\/*.google.com.sv https:\/\/*.google.td https:\/\/*.google.tg https:\/\/*.google.co.th https:\/\/*.google.com.tj https:\/\/*.google.tl https:\/\/*.google.tm https:\/\/*.google.tn https:\/\/*.google.to https:\/\/*.google.com.tr https:\/\/*.google.tt https:\/\/*.google.com.tw https:\/\/*.google.co.tz https:\/\/*.google.com.ua https:\/\/*.google.co.ug https:\/\/*.google.co.uk https:\/\/*.google.com.uy https:\/\/*.google.co.uz https:\/\/*.google.com.vc https:\/\/*.google.co.ve https:\/\/*.google.co.vi https:\/\/*.google.com.vn https:\/\/*.google.vu https:\/\/*.google.ws https:\/\/*.google.rs https:\/\/*.google.co.za https:\/\/*.google.co.zm https:\/\/*.google.co.zw https:\/\/*.google.cat;connect-src wss:\/\/*.pusher.com 'self' *.cookielaw.org api.getblueshift.com *.onetrust.com *.hotjar.io vercel.live *.chatbot.com bat.bing.com *.clarity.ms crux-api.vercel.app https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.ad https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.al https:\/\/*.google.am https:\/\/*.google.co.ao https:\/\/*.google.com.ar https:\/\/*.google.as https:\/\/*.google.at https:\/\/*.google.com.au https:\/\/*.google.az https:\/\/*.google.ba https:\/\/*.google.com.bd https:\/\/*.google.be https:\/\/*.google.bf https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.bi https:\/\/*.google.bj https:\/\/*.google.com.bn https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.bs https:\/\/*.google.bt https:\/\/*.google.co.bw https:\/\/*.google.by https:\/\/*.google.com.bz https:\/\/*.google.ca https:\/\/*.google.cd https:\/\/*.google.cf https:\/\/*.google.cg https:\/\/*.google.ch https:\/\/*.google.ci https:\/\/*.google.co.ck https:\/\/*.google.cl https:\/\/*.google.cm https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.cr https:\/\/*.google.com.cu https:\/\/*.google.cv https:\/\/*.google.com.cy https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.dj https:\/\/*.google.dk https:\/\/*.google.dm https:\/\/*.google.com.do https:\/\/*.google.dz https:\/\/*.google.com.ec https:\/\/*.google.ee https:\/\/*.google.com.eg https:\/\/*.google.es https:\/\/*.google.com.et https:\/\/*.google.fi https:\/\/*.google.com.fj https:\/\/*.google.fm https:\/\/*.google.fr https:\/\/*.google.ga https:\/\/*.google.ge https:\/\/*.google.gg https:\/\/*.google.com.gh https:\/\/*.google.com.gi https:\/\/*.google.gl https:\/\/*.google.gm https:\/\/*.google.gr https:\/\/*.google.com.gt https:\/\/*.google.gy https:\/\/*.google.com.hk https:\/\/*.google.hn https:\/\/*.google.hr https:\/\/*.google.ht https:\/\/*.google.hu https:\/\/*.google.co.id https:\/\/*.google.ie https:\/\/*.google.co.il https:\/\/*.google.im https:\/\/*.google.co.in https:\/\/*.google.iq https:\/\/*.google.is https:\/\/*.google.it https:\/\/*.google.je https:\/\/*.google.com.jm https:\/\/*.google.jo https:\/\/*.google.co.jp https:\/\/*.google.co.ke https:\/\/*.google.com.kh https:\/\/*.google.ki https:\/\/*.google.kg https:\/\/*.google.co.kr https:\/\/*.google.com.kw https:\/\/*.google.kz https:\/\/*.google.la https:\/\/*.google.com.lb https:\/\/*.google.li https:\/\/*.google.lk https:\/\/*.google.co.ls https:\/\/*.google.lt https:\/\/*.google.lu https:\/\/*.google.lv https:\/\/*.google.com.ly https:\/\/*.google.co.ma https:\/\/*.google.md https:\/\/*.google.me https:\/\/*.google.mg https:\/\/*.google.mk https:\/\/*.google.ml https:\/\/*.google.com.mm https:\/\/*.google.mn https:\/\/*.google.com.mt https:\/\/*.google.mu https:\/\/*.google.mv https:\/\/*.google.mw https:\/\/*.google.com.mx https:\/\/*.google.com.my https:\/\/*.google.co.mz https:\/\/*.google.com.na https:\/\/*.google.com.ng https:\/\/*.google.com.ni https:\/\/*.google.ne https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.com.np https:\/\/*.google.nr https:\/\/*.google.nu https:\/\/*.google.co.nz https:\/\/*.google.com.om https:\/\/*.google.com.pa https:\/\/*.google.com.pe https:\/\/*.google.com.pg https:\/\/*.google.com.ph https:\/\/*.google.com.pk https:\/\/*.google.pl https:\/\/*.google.pn https:\/\/*.google.com.pr https:\/\/*.google.ps https:\/\/*.google.pt https:\/\/*.google.com.py https:\/\/*.google.com.qa https:\/\/*.google.ro https:\/\/*.google.ru https:\/\/*.google.rw https:\/\/*.google.com.sa https:\/\/*.google.com.sb https:\/\/*.google.sc https:\/\/*.google.se https:\/\/*.google.com.sg https:\/\/*.google.sh https:\/\/*.google.si https:\/\/*.google.sk https:\/\/*.google.com.sl https:\/\/*.google.sn https:\/\/*.google.so https:\/\/*.google.sm https:\/\/*.google.sr https:\/\/*.google.st https:\/\/*.google.com.sv https:\/\/*.google.td https:\/\/*.google.tg https:\/\/*.google.co.th https:\/\/*.google.com.tj https:\/\/*.google.tl https:\/\/*.google.tm https:\/\/*.google.tn https:\/\/*.google.to https:\/\/*.google.com.tr https:\/\/*.google.tt https:\/\/*.google.com.tw https:\/\/*.google.co.tz https:\/\/*.google.com.ua https:\/\/*.google.co.ug https:\/\/*.google.co.uk https:\/\/*.google.com.uy https:\/\/*.google.co.uz https:\/\/*.google.com.vc https:\/\/*.google.co.ve https:\/\/*.google.co.vi https:\/\/*.google.com.vn https:\/\/*.google.vu https:\/\/*.google.ws https:\/\/*.google.rs https:\/\/*.google.co.za https:\/\/*.google.co.zm https:\/\/*.google.co.zw https:\/\/*.google.cat;font-src 'self' *.typekit.net vercel.live;frame-src 'self' *.buzzsprout.com *.typeform.com *.youtube-nocookie.com *.youtube.com fast.wistia.net player.vimeo.com td.doubleclick.net vimeo.com vercel.live *.chatbot.com *.googletagmanager.com;object-src 'none';base-uri 'self';form-action 'self';frame-ancestors 'none'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; report-uri https:\/\/greatergiving.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src *.bellroy.com 'self' https: data:; base-uri 'self'; connect-src *.bellroy.com https: wss: www.google.com api.tangiblee.com; font-src *.bellroy.com 'self' data: https: themes.googleusercontent.com fonts.googleapis.com fonts.gstatic.com; frame-src *.bellroy.com 'self' https: data: ms-appx-web: www.facebook.com; img-src *.bellroy.com https: data: blob: android-webview-video-poster:; media-src *.bellroy.com https: data: blob:; script-src *.bellroy.com 'self' https: 'unsafe-inline' 'unsafe-eval' data: opera: google.com *.visa.com d1fc8wv8zag5ca.cloudfront.net; style-src *.bellroy.com https: 'unsafe-inline' data:; worker-src 'self' blob:; child-src 'self' blob:; block-all-mixed-content; report-uri \/csp_reports","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https:\/\/cdn.cookielaw.org https:\/\/www.bnpparibas.de https:\/\/brasil.bnpparibas; script-src 'self' 'unsafe-eval' https:\/\/fast.wistia.com https:\/\/beacon-v2 https:\/\/analyticsgroupcom.bnpparibas.com https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas ajax.googleapis.com www.googletagmanager.com googletagmanager.com tagmanager.google.com 'sha256-F+QMJISS2IIkRUd2a+c+u1owMqMSoidCaHFDAmzUgOo=' 'sha256-iqOPaRlwwgtNy7J3vh\/+LSW9\/QVdN+Fl+YfMS8+GcPo=' 'sha256-yZHeusBmoqYSsqdm5ylf993dfqVyosFaYa5gueKZDsA=' 'sha256-rjfSUjIA2A20p4lATAefLLG7Fy7VJssnkJ+SnJ2TXNo=' 'sha256-NoWu+BuWxBsWAc9iEH0HnQQP7HC05AcUDK7axdIDjwo=' 'sha256-RWn1w3BKiDlDNbD6vM1kYLpeWCwwWPkob0LMWJ2gKJk=' 'sha256-pne4\/GtUykK1g1WYKP5p+INFUg7VLkF2KpRN9V7xT7c=' 'sha256-fPXetwWx4258jL256OrNtQQyvFVR4\/BotkeZKtfk54Q=' 'sha256-yElBEKucE35qwHf8qWcAvqD25zOJ7TqTptcHyzGhOxw=' 'sha256-Xr7tFjKXkiF47o9\/dlJ+izWVWEtr67XyWOK085\/Y43E=' 'sha256-qcT\/R0HkWUs2DMxvtvcMobUms6Z5\/fPtfgUe2hN67gE='; style-src 'self' 'unsafe-inline' data: https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas fonts.googleapis.com www.googletagmanager.com tagmanager.google.com; img-src 'self' data: https:\/\/s.w.org https:\/\/wp-rocket.me https:\/\/c.tile.openstreetmap.org https:\/\/a.tile.openstreetmap.org https:\/\/b.tile.openstreetmap.org blob: https:\/\/www.google.com\/pagead\/landing https:\/\/ade.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/ad.doubleclick.net https:\/\/contrib.territories.bnpparibas https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas secure.gravatar.com www.gravatar.com i.ytimg.com data: www.googletagmanager.com; connect-src 'self' https:\/\/bnp-privacy.my.onetrust.com https:\/\/geolocation.onetrust.com\/cookieconsentpub\/v1\/geo\/location https:\/\/yoast.com https:\/\/cdn.cookielaw.org https:\/\/o173685.ingest.sentry.io https:\/\/analyticsgroupcom.bnpparibas.com https:\/\/contrib.territories.bnpparibas https:\/\/www.google.com\/pagead\/landing https:\/\/pagead2.googlesyndication.com https:\/\/adservice.google.com https:\/\/sourcemap.devowl.io https:\/\/sourcemap.devowl.io\/real-media-library\/4.22.47\/adb9a2f4ef22d5d85978840bd322bf76\/index.js.map www.googletagmanager.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/fast.wistia.com https:\/\/github.com\/google\/fonts https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas fonts.gstatic.com fonts.googleapis.com data:; media-src 'self' https:\/\/asset.mediahub.bnpparibas https:\/\/upload.wikimedia.org https:\/\/broadcast.mediahub.bnpparibas data: https:\/\/mediahub.group.echonet https:\/\/my.mediahub.bnpparibas https:\/\/my.mediahub.bnpparibas\/AssetLink\/1cwfu8n4ki414p6d240ff18r41ver00j.mp4 https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas; frame-src 'self' https:\/\/www.youtube.com https:\/\/wp-rocket.me https:\/\/open.spotify.com https:\/\/www.youtube-nocookie.com https:\/\/centric.bnpparibas.com https:\/\/13179764.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/gateway.zscalertwo.net https:\/\/remove.video https:\/\/mozbar.moz.com blob: https:\/\/fxplus.bnpparibas.com www.youtube.com www.googletagmanager.com; child-src 'self' www.youtube.com www.googletagmanager.com; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/www.nwcg.gov","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-lutWfsIM8DcihGYIjQwDAA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-MvA8LObCilLrkNGXqBV6Aw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" connect-src 'self' https:\/\/analytics.tiktok.com https:\/\/api.hubspot.com https:\/\/app.clearbit.com https:\/\/cdn.cookielaw.org https:\/\/cdn.dreamdata.cloud https:\/\/content.hotjar.io https:\/\/cta-service-cms2.hubspot.com https:\/\/forms.hsforms.com https:\/\/px.ads.linkedin.com https:\/\/script.crazyegg.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/edge.api.brightcove.com https:\/\/bat.bing.com\/ https:\/\/manifest.prod.boltdns.net https:\/\/sdl.brightcovecdn.com https:\/\/logx.optimizely.com https:\/\/*.optimizely.com; default-src 'self'; font-src 'self' data: https:\/\/use.typekit.net https:\/\/*.optimizely.com; frame-ancestors 'none'; frame-src https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/cm.g.doubleclick.net https:\/\/www.facebook.com https:\/\/calendly.com https:\/\/forms.hsforms.com https:\/\/a5098497884553216.cdn.optimizely.com https:\/\/a5098497884553216.cdn-pci.optimizely.com; img-src 'self' data: https:\/\/bat.bing.com https:\/\/forms-na1.hsforms.com https:\/\/ib.adnxs.com https:\/\/perf-na1.hsforms.com https:\/\/px.ads.linkedin.com https:\/\/secure.adnxs.com https:\/\/track.accountinsight.cloud https:\/\/track.hubspot.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.com.ua https:\/\/metrics.brightcove.com https:\/\/www.googletagmanager.com https:\/\/cf-images.us-east-1.prod.boltdns.net https:\/\/cdn.optimizely.com https:\/\/app.optimizely.com; media-src 'self' blob:; script-src 'self' 'nonce-uopCAEcOKv7O14unaGfixg==' https:\/\/a.dpmsrv.com https:\/\/analytics.tiktok.com https:\/\/bat.bing.com https:\/\/cdn.cookielaw.org https:\/\/cdn.dreamdata.cloud https:\/\/cm.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/ib.adnxs.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.hs-scripts.com https:\/\/js.hsforms.net https:\/\/js.hubspot.com https:\/\/js.usemessages.com https:\/\/s.dpmsrv.com https:\/\/script.crazyegg.com https:\/\/script.hotjar.com https:\/\/serve.nrich.ai https:\/\/snap.licdn.com https:\/\/st.getsitecontrol.com https:\/\/static.hotjar.com https:\/\/tag.clearbitscripts.com https:\/\/widgets.getsitecontrol.com https:\/\/www.googletagmanager.com https:\/\/x.clearbitjs.com https:\/\/assets.calendly.com https:\/\/static.hsappstatic.net https:\/\/48752163.fs1.hubspotusercontent-na1.net https:\/\/cdnjs.cloudflare.com https:\/\/players.brightcove.net wss:\/\/ws.hotjar.com\/ https:\/\/*.optimizely.com https:\/\/optimizely.s3.amazonaws.com https:\/\/cdn-assets-prod.s3.amazonaws.com 'unsafe-eval'; style-src 'self' 'unsafe-inline' https:\/\/*.typekit.net https:\/\/assets.calendly.com https:\/\/*.optimizely.com https:\/\/app.optimizely.com; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' https: data:; font-src 'self' https: data:; connect-src 'self' https:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" default-src 'self' https: 'unsafe-inline' data: 'unsafe-eval'; report-uri https:\/\/servix.idnes.cz\/log\/csp-report.aspx?w=emimino","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'none'; object-src 'none'; form-action https:; img-src 'self' https: data: blob:; font-src 'self' https: data:; style-src 'self' 'unsafe-inline' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https: data: blob:; media-src 'self' https: data:; worker-src 'self' blob:; frame-src https:; manifest-src 'self' https:;","count":1},{"content-security-policy-report-only":" script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob *.zuerich.com *.holidu.com *.usercentrics.eu plausible.io *.tomas-travel.com *.dynamics.com *.vimeo.com *.youtube.com *.youtube-nocookie.com *.facebook.net connect.facebook.net *.tiktok.com *.sojern.com static.sojern.com *.licdn.com snap.licdn.com *.datadoghq.com cxppusa1formui01cdnsa01-endpoint.azureedge.net mktdplp102cdn.azureedge.net *.guidle.com *.list-manage.com *.ostendis.com cdnjs.cloudflare.com *.goodguys.ai *.joaia.app *.windows.net *.ddev.site *.platformsh.site *.jsdelivr.net *.siteimprove.net *.siteimprove.com *.cloudfront.net *.newrelic.com *.datatrans.com *.doubleclick.net secured-pixel.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google.com; object-src *.ddev.site; style-src 'self' 'unsafe-inline' *.zuerich.com *.tomas-travel.com *.ostendis.com *.windows.net *.googleapis.com *.goodguys.ai *.ddev.site *.platformsh.site *.datatrans.com *.guidle.com *.joaia.app *.googletagmanager.com; img-src * 'self' data: *.zuerich.com *.isu.pub *.mapz.com *.tomas-travel.com *.tomas.travel *.roundshot.com *.matterport.com *.goodguys.ai *.joaia.app *.ytimg.com *.vimeocdn.com *.usercentrics.eu *.yieldoptimizer.com *.doubleclick.net *.ads.linkedin.com *.adsrvr.org *.sojern.com *.adnxs.com *.giphy.com *.facebook.com *.tiktok.com *.tiktokw.us *.run.app *.ddev.site *.platformsh.site *.canto.de *.googlesyndication.com *.guidle.com bexi.ch *.sky-cam.ch *.yellow.camera *.einsiedeln.ch *.linkedin.com *.dynamics.com *.gstatic.com *.facebook.net *.amazee.io *.amazonaws.com *.brunnialpthal.ch *.honey.io *.phia.com *.pinterest.com *.rapperswil-zuerichsee.ch *.researchsolutions.com *.segelclub-sihlsee.ch *.studen-sz.ch *.waegitalersee.ch *.webcontentassessor.com *.webserve.ch *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google.com; media-src 'self' *.zuerich.com *.vimeo.com *.youtube.com *.youtube-nocookie.com datawrapper.dwcdn.net *.ddev.site *.platformsh.site; frame-src *.googletagmanager.com *.usercentrics.eu *.doubleclick.net *.issuu.com *.vimeo.com *.zuerich.com *.ddev.site *.platformsh.site *.youtube-nocookie.com *.joaia.app *.goodguys.ai *.canto.de *.cloudfront.net *.datatrans.com *.facebook.net *.guidle.com *.dailymotion.com *.roundshot.com *.feratel.com *.youtube.com camserver.ch *.camserver.ch *.tiktok.com *.facebook.com *.fotoshare.co datawrapper.dwcdn.net *.lunchgate.ch *.zscloud.net *.baustoffportal.com *.dynamics.com *.matterport.com *.moving-pictures.com *.it-wms.com *.eyz.swiss *.rapperswil-zuerichsee.ch; frame-ancestors 'self' *.joaia.app *.goodguys.ai; font-src 'self' data: *.gstatic.com *.zuerich.com *.ddev.site *.platformsh.site *.perplexity.ai; connect-src * 'self' *.zuerich.com *.sentry.io *.tomas-travel.com vimeo.com *.vimeo.com *.youtube.com *.youtube-nocookie.com *.usercentrics.eu plausible.io *.doubleclick.net *.g.doubleclick.net *.googlesyndication.com *.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net mktdplp102cdn.azureedge.net *.guidle.com *.ostendis.com cdnjs.cloudflare.com *.goodguys.ai wss:\/\/*.goodguys.ai *.amazonaws.com *.joaia.app *.facebook.net *.ads.linkedin.com px.ads.linkedin.com *.tiktok.com *.tiktokw.us *.run.app *.sojern.com *.conversionsapigateway.com *.logs.datadoghq.com *.browser-intake-datadoghq.com *.ddev.site *.platformsh.site *.siteimprove.com *.facebook.com *.canto.de *.datatrans.com *.azure-api.net *.launchdarkly.com *.linkedin.com *.windows.net *.wordtune.com rumt-zh.com safesearchinc.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google.com; report-uri \/api\/csp-report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-W1P1aLCHFiIIKVajXbtFhw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/cdn.cookielaw.org https:\/\/cdn.branch.io https:\/\/app.link https:\/\/static.hotjar.com https:\/\/cdn.parsely.com https:\/\/cdn.segment.com https:\/\/static.chasecdn.com https:\/\/accounts.google.com https:\/\/cdn.apple-mapkit.com https:\/\/res.cloudinary.com https:\/\/www.googletagmanager.com https:\/\/tag.wknd.ai https:\/\/assets.bounceexchange.com https:\/\/api.bounceexchange.com; connect-src 'self' https:\/\/*.jpmchase.net https:\/\/static.chasecdn.com https:\/\/*.branch.io https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/*.parsely.com https:\/\/cdn.segment.com https:\/\/api.segment.io https:\/\/*.cookielaw.org https:\/\/accounts.google.com https:\/\/*.bugsnag.com https:\/\/*.braze.com https:\/\/*.split.io https:\/\/*.contentful.com https:\/\/*.ctfassets.net https:\/\/res.cloudinary.com https:\/\/*.bounceexchange.com https:\/\/events.bouncex.net https:\/\/*.cdnwidget.com https:\/\/*.cdnbasket.net https:\/\/pippio.com https:\/\/*.wknd.ai https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.apple-mapkit.com https:\/\/*.theinfatuation.com; img-src 'self' data: blob: https:\/\/res.cloudinary.com https:\/\/cdn.apple-mapkit.com https:\/\/*.hotjar.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.bounceexchange.com https:\/\/*.jpmchase.net https:\/\/*.parsely.com https:\/\/*.segment.com https:\/\/*.segment.io https:\/\/*.braze.com https:\/\/*.wknd.ai https:\/\/*.cookielaw.org https:\/\/*.cdnwidget.com https:\/\/pippio.com https:\/\/events.bouncex.net https:\/\/*.ctfassets.net; frame-src 'self' https:\/\/accounts.google.com https:\/\/*.hotjar.com https:\/\/*.cookielaw.org https:\/\/*.bounceexchange.com; style-src 'self' 'unsafe-inline' https:\/\/accounts.google.com https:\/\/assets.bounceexchange.com; font-src 'self' data:; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" base-uri 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'nonce-15w+A0OYWIIo1i1WEppRdw=='","count":1},{"content-security-policy-report-only":" default-src 'none'; report-uri \/next-external\/log\/csp\/violations; report-to csp-violations; connect-src 'self' wss:\/\/www.nordnet.no https:\/\/www.googletagmanager.com https:\/\/analytics.nordnet.no https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.no https:\/\/api.prod.nntech.io https:\/\/api.test.nntech.io https:\/\/experimentation.public.prod.nntech.io https:\/\/www.google.com https:\/\/storage.googleapis.com https:\/\/www.recaptcha.net https:\/\/relay.prod.nntech.io https:\/\/api-poc.prod.nntech.io; font-src 'self' https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.no; frame-src 'self' https:\/\/analytics.nordnet.no https:\/\/10961666.fls.doubleclick.net https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/w.soundcloud.com https:\/\/embed.acast.com https:\/\/link.tink.com https:\/\/www.tv2.no https:\/\/checkout.trustly.com https:\/\/www.recaptcha.net https:\/\/www.google.com https:\/\/t.email.nordnet.no https:\/\/dashboard.fundrella.com; img-src 'self' https:\/\/www.googletagmanager.com https:\/\/analytics.nordnet.no https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.no https:\/\/api.prod.nntech.io data: blob: https:\/\/cdn.tink.se https:\/\/images.ctfassets.net https:\/\/i.vimeocdn.com https:\/\/img.youtube.com https:\/\/www.recaptcha.net https:\/\/blogg.nordnet.no; manifest-src 'self'; media-src https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.no https:\/\/videos.ctfassets.net; object-src 'self'; script-src 'self' 'nonce-f5879766-ba4e-4488-aafd-e9d1e306409e' https:\/\/analytics.nordnet.no https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.no https:\/\/www.recaptcha.net https:\/\/www.google.com; script-src-attr 'none'; style-src 'unsafe-inline' 'self' https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.no; worker-src 'none'; base-uri 'none'; form-action 'self' https:\/\/pvu.nets.no https:\/\/pvu.avtalegiro.no https:\/\/online.alandsbanken.fi https:\/\/verkkopankki.danskebank.fi https:\/\/verkkomaksu.handelsbanken.fi https:\/\/epmt.nordea.fi https:\/\/identify.nordea.com https:\/\/verkkomaksu.poppankki.fi https:\/\/verkkomaksu.saastopankki.fi https:\/\/online.s-pankki.fi https:\/\/auth.aktia.fi https:\/\/kirjaudu.aktia.fi https:\/\/ebank.aktia.fi; frame-ancestors 'self' https:\/\/app.contentful.com;","count":1},{"content-security-policy-report-only":" default-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes' http:\/\/*.uqtr.uquebec.ca http:\/\/*.uqtr.ca data: https: blob:; base-uri 'self' http:\/\/*.uqtr.ca; form-action 'self' https: javascript: inline:; report-to csp-endpoint; report-uri https:\/\/webservice.uqtr.ca\/prod\/nginx\/csp_api\/report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-KDZ_Jrc-pj8YlVuuRRMk3w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Ho6ONhmTeEE7-LjFn0ldqw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' *.engagement.coremedia.cloud *.byside.com wss:\/\/*.engagement.coremedia.cloud wss:\/\/*.byside.com; script-src 'self' *.engagement.coremedia.cloud 'unsafe-inline'; style-src 'self' *.engagement.coremedia.cloud 'unsafe-inline'; img-src 'self' *.engagement.coremedia.cloud data:;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' *.gardners.com;         script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' *.gardners.com\/ js.braintreegateway.com\/ *.cardinalcommerce.com\/ *.gardners.com\/scripts\/jquery-3.7.1.min.js *.google-analytics.com\/ www.googletagmanager.com\/ api.os.uk api.whichosmap.co.uk\/ code.jquery.com\/* maps-api-ssl.google.com\/ songbird.cardinalcommerce.com\/ whichosmap.co.uk\/ www.gstatic.com\/ rum-static.pingdom.net\/ kg668dbov0.execute-api.us-east-1.amazonaws.com\/ *.cardinaltrusted.com\/ code.jquery.com\/jquery-migrate-3.5.2.min.js;  style-src 'report-sample' 'self' 'unsafe-inline' *.gardners.com *.braintreegateway.com *.cardinalcommerce.com *.googleapis.com api.os.uk api.whichosmap.co.uk assets.braintreegateway.com stackpath.bootstrapcdn.com whichosmap.co.uk;  style-src-attr 'report-sample' 'self' 'unsafe-inline' *.gardners.com;  object-src 'none';  base-uri 'self';  connect-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.gardners.com *.braintree-api.com *.braintreegateway.com *.cardinalcommerce.com www.googletagmanager.com *.google-analytics.com api.braintreegateway.com api2.smartrecruitonline.com client-analytics.braintreegateway.com maps.googleapis.com translate.googleapis.com *.cardinaltrusted.com rum-collector-2.pingdom.net www.paypal.com www.paypalobjects.com pay.google.com https:\/\/pay.google.com https:\/\/pay.google.com\/about\/redirect\/ https:\/\/google.com\/pay api.whichosmap.co.uk kg668dbov0.execute-api.us-east-1.amazonaws.com;  font-src 'report-sample' 'self' 'unsafe-inline' data: *.braintreegateway.com *.cardinalcommerce.com *.googleapis.com api.os.uk api.whichosmap.co.uk fonts.gstatic.com stackpath.bootstrapcdn.com *.paypal.com cdn.jsdelivr.net fonts.cdnfonts.com;  frame-src 'report-sample' 'self' *.cardinalcommerce.com www.rsa3dsauth.co.uk *.arcot.com channel-cards-html.lloydsbankinggroup.com verify.monzo.com 3dsecure.starlingbank.com acs.revolut.com acs-challenge.apata.io *.paypal.com api.whichosmap.co.uk assets.braintreegateway.com whichosmap.co.uk www.googletagmanager.com www.youtube.com;  img-src 'report-sample' 'self' blob: data: https: *.braintreegateway.com *.cardinalcommerce.com *.google-analytics.com *.paypal.com *.youtube.com\/ api.os.uk api.whichosmap.co.uk assets.braintreegateway.com jackets.dmmserver.com maps-api-ssl.google.com maps.gstatic.com www.googletagmanager.com;  manifest-src 'self';  media-src 'self';  worker-src 'none';  report-uri https:\/\/67917890e3f085153460661d.endpoint.csper.io?v=10;","count":1},{"content-security-policy-report-only":" default-src * data: 'unsafe-inline'","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com maxcdn.bootstrapcdn.com https:\/\/fonts.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com https:\/\/player.vimeo.com https:\/\/www.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * api.razorpay.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io blueskytechmage.com mageblueskytech.com placehold.jp www.facebook.com *.googletagmanager.com *.google.co.in flagpedia.net blob: https:\/\/updates.themepunch.tools http:\/\/updates.themepunch.tools https:\/\/updates.themepunch-ext-a.tools http:\/\/updates.themepunch-ext-a.tools https:\/\/updates.themepunch-ext-b.tools http:\/\/updates.themepunch-ext-b.tools https:\/\/dev.sliderrevolution.com https:\/\/revolution.themepunch.com http:\/\/revolution5.themepunch.com http:\/\/pbs.twimg.com https:\/\/pbs.twimg.com http:\/\/scontent.cdninstagram.com https:\/\/img.youtube.com http:\/\/live.staticflickr.com https:\/\/live.staticflickr.com www.paypal.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com cdn.razorpay.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ connect.facebook.net tpc.googlesyndication.com www.google.com www.google.co.in s7.addthis.com *.gstatic.com maps.googleapis.com https:\/\/player.vimeo.com https:\/\/www.youtube.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com checkout.razorpay.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.gstatic.com https:\/\/fonts.googleapis.com http:\/\/fonts.googleapis.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com blob: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.facebook.com stats.g.doubleclick.net ekr.zdassets.com\/ www.gstatic.com maps.googleapis.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/api.weatherbit.io www.paypal.com www.sandbox.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com lumberjack.razorpay.com lumberjack-metrics.razorpay.com lumberjack-cx.razorpay.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-coJWndiogPi0Pn4sS0OO2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; base-uri 'self'; object-src 'none'; img-src 'self' https: data: blob:; font-src 'self' https: data:; style-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; connect-src 'self' https: wss:; frame-src 'self' https:; media-src 'self' https: data: blob:; worker-src 'self' blob:; manifest-src 'self'; form-action 'self' https:; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' chosen.jquery.js https:\/\/polyfill-fastly.io https:\/\/unpkg.com; script-src-attr 'self'; style-src 'self' chosen.css https:\/\/use.typekit.net; style-src-attr 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' https:\/\/*.fontawesome.com https:\/\/*.googleapis.com https:\/\/accounts.google.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/*.sentry.io https:\/\/*.google-analytics.com https:\/\/*.gstatic.com https:\/\/google-analytics.com https:\/\/*.leadinfo.net https:\/\/*.leadinfo.com https:\/\/*.doubleclick.net https:\/\/*.hotjar.io https:\/\/*.hotjar.com https:\/\/*.googletagmanager.com https:\/\/unpkg.com https:\/\/*.google.com https:\/\/*.google.be https:\/\/*.google.de https:\/\/*.google.fr https:\/\/*.google.lu https:\/\/*.google.nl https:\/\/*.google.pl https:\/\/*.google.co.uk ; font-src 'self' 'unsafe-inline' https:\/\/*.fontawesome.com https:\/\/fonts.gstatic.com data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.googletagmanager.com https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/accounts.google.com\/gsi\/ https:\/\/*.google-analytics.com https:\/\/js.mollie.com https:\/\/cdn.leadinfo.net\/ ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.googletagmanager.com https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/accounts.google.com\/gsi\/ https:\/\/*.google-analytics.com https:\/\/js.mollie.com https:\/\/cdn.leadinfo.net\/ ; frame-src 'self' https:\/\/*.doubleclick.net\/ https:\/\/accounts.google.com\/ https:\/\/*.mollie.com https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/*.google.be https:\/\/*.google.de https:\/\/*.google.fr https:\/\/*.google.lu https:\/\/*.google.nl https:\/\/*.google.pl https:\/\/*.google.co.uk ; img-src 'self' https:\/\/*.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.doubleclick.net blob: data: https:\/\/tile.openstreetmap.org https:\/\/*.tile.openstreetmap.org https:\/\/*.google.com https:\/\/*.google.be https:\/\/*.google.de https:\/\/*.google.fr https:\/\/*.google.lu https:\/\/*.google.nl https:\/\/*.google.pl https:\/\/*.google.co.uk ;  report-to csp-endpoint; report-uri  https:\/\/www.companyweb.be\/cspviolation","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' https:\/\/api.mapbox.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com unpkg.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem * 'unsafe-inline'; style-src 'self' cdnjs.cloudflare.com https:\/\/api.mapbox.com https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com unpkg.com; style-src-attr 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" object-src 'none'; frame-ancestors 'none'; base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/*.mercdn.net https:\/\/www.google.com https:\/\/*.adtrafficquality.google https:\/\/*.g.doubleclick.net https:\/\/analytics.tiktok.com https:\/\/b99.yahoo.co.jp https:\/\/bat.bing.com https:\/\/*.smartnews-ads.com https:\/\/connect.facebook.net https:\/\/ct.pinterest.com https:\/\/d.line-scdn.net https:\/\/dmp.im-apps.net https:\/\/dynamic.criteo.com https:\/\/h.accesstrade.net https:\/\/s.pinimg.com https:\/\/s.yimg.jp https:\/\/*.criteo.com https:\/\/static.ads-twitter.com https:\/\/statics.a8.net https:\/\/*.blob.core.windows.net https:\/\/trj.valuecommerce.com https:\/\/*.google-analytics.com https:\/\/*.forter.com; style-src 'self' 'unsafe-inline' https:\/\/*.mercdn.net https:\/\/fonts.googleapis.com; font-src https:\/\/fonts.gstatic.com;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' shop2gether.com.br *.shop2gether.com.br wake-components.fbitsstatic.net shop2gether.fbitsstatic.net *.wake.tech fbits.net nr-data.net newrelic.com google.com googletagmanager.com google-analytics.com facebook.net facebook.com jquery.com bootstrapcdn.com *.fbits.net *.nr-data.net *.newrelic.com *.google.com *.googletagmanager.com *.google-analytics.com *.facebook.net *.facebook.com *.jquery.com *.bootstrapcdn.com wss:\/\/signalr.fbits.net k-analytix.com *.k-analytix.com i.konduto.com *.yapay.com.br *.traycheckout.com.br h.online-metrix.net *.clearsale.com.br dzpxyxks1bfmb.cloudfront.net *.gstatic.com *.koin.com.br *.soclminer.com.br *.btg360.com.br *.socialminer.com signalrcore.fbits.net wss:\/\/signalrcore.fbits.net *.cloudfront.net *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadopago.com.br *.paypal.com *.paypalobjects.com gstatic.com *.fbits.store *.adyen.com *.criteo.com *.criteo.net *.g.doubleclick.net *.google.com.br *.googleadservices.com static.zdassets.com clarity.ms assets.zendesk.com *.creativecdn.com *.zdassets.com shop2gether.zendesk.com widget-mediator.zopim.com *.clarity.ms td.doubleclick.net icomm-public.s3.amazonaws.com *.pagar.me *.mundipagg.com *.getnet.com.br *.bt-wake-connector.com.br vm.icommgroup.com.br:3005 *.icommgroup.com.br:3005 *.icommgroup.com.br s3.sa-east-1.amazonaws.com *.sa-east-1.amazonaws.com *.braintree-api.com *.braintreegateway.com *.pagseguro.com.br *.adyen.com *.pagbank.com *.infraicommgroup.com:3005 *.infraicommgroup.com *.vindi.com.br *.cieloecommerce.cielo.com.br *.braspag.com.br *.pagador.com.br *.online-metrix.net bt-wake-connector.com.br *.pagaleve.com.br *.pagaleve.io wake-api.pagaleve.com.br securegtm.despegar.com api.ipify.org browser-intake-datadoghq.com *.datadoghq-browser-agent.com *.datadoghq.com wake.koin.com.br n8n.icommgroup.com.br *.azurewebsites.net *.hotjar.com *.fbits.net koin-custom-conector-gateway.fbits.net *.koin.com.br static.hotjar.com static.fbits.net payments.koin.com.br *.pinterest.com paypal-wake.s3.us-east-1.amazonaws.com lwg-wake-appmax-custom-payment-dmepgudabbcuaud6.brazilsouth-01.azurewebsites.net *.useinsider.com *.api.useinsider.com nocodb.infraicommgroup.com:8080 nocodb.infraicommgroup.com *.sandboxappmax.com.br *.cardinalcommerce.com *.secureacs.com api.globalgetnet.com *.globalgetnet.com *.sandbox.3dsecure.io *.varify.io *.3dsecure.io *.wepowerconnections.com *.sciencebehindecommerce.com *.zenaps.com *.awin1.com *.dwin1.com recommendationv2.api.useinsider.com wake-commerce-scripts.omni.chat viacep.com.br nominatim.openstreetmap.org trackings.nemu.com.br openfpcdn.io api.ipify.org api.bigdatacloud.net firebase.googleapis.com cdn.jsdelivr.net appleid.cdn-apple.com *.visa.com *.wake.tech *.appmax.com.br *.tunagateway.com src.mastercard.com api.fpjs.io *.pagoexpress.com.br *.smarthint.co analytics.tiktok.com s.pinimg.com bat.bing.net *.cardinaltrusted.com ; img-src https: data:; style-src https: 'unsafe-inline'; font-src https: data:; frame-ancestors *.shop2gether.com.br shop2gether.com.br; report-uri https:\/\/pub-csp.fbits.net\/checkout_sem_carrinho; report-to https:\/\/pub-csp.fbits.net\/checkout_sem_carrinho; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" default-src 'self' blob: *.senado.gov.br *.senado.leg.br;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.senado.gov.br *.senado.leg.br *.youtube.com *.google-analytics.com www.googletagmanager.com vlibras.gov.br ajax.googleapis.com www.gstatic.com;img-src 'self' data: blob: *.senado.gov.br *.senado.leg.br *.ytimg.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.gstatic.com vlibras.gov.br;connect-src 'self' *.senado.gov.br *.senado.leg.br vlibras.gov.br *.vlibras.gov.br www.google-analytics.com www.googletagmanager.com;font-src 'self' data: vlibras.gov.br cdnjs.cloudflare.com fonts.gstatic.com;style-src 'self' 'unsafe-inline' *.senado.gov.br *.senado.leg.br cdnjs.cloudflare.com fonts.googleapis.com;worker-src blob: *.senado.leg.br *.senado.gov.br;object-src 'none';frame-src 'self' *.senado.gov.br *.senado.leg.br *.youtube.com www.youtube-nocookie.com;base-uri 'self';frame-ancestors 'self' *.senado.gov.br *.senado.leg.br","count":1},{"content-security-policy-report-only":" default-src 'self' *.ctfassets.net *.trackjs.com *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com *.onetrust.com assets.adobedtm.com script.hotjar.com *.googleapis.com; script-src-elem 'self' 'unsafe-inline' *.hotjar.com assets.adobedtm.com *.go-mpulse.net cdn-ukwest.onetrust.com maps.googleapis.com fonts.googleapis.com static.hotjar.com *.googletagmanager.com; script-src-attr 'self' 'unsafe-inline'; style-src 'self' *.googleapis.com; style-src-elem 'self' 'unsafe-inline' cdn.honey.io *.googleapis.com *.googletagmanager.com; style-src-attr 'self' 'unsafe-inline'; img-src 'self' data: mdm-assets.integration.costacoffee.com *.demdex.net *.ctfassets.net *.trackjs.com costalimited.d3.sc.omtrdc.net *.gstatic.com *.onetrust.com cm.everesttech.net *.googleapis.com; font-src 'self' *.gstatic.com; connect-src 'self' web.costa-loyalty-platform.com ws:\/\/ws27.hotjar.com *.hotjar.com *.hotjar.io *.onetrust.com *.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net *.akstat.io *.demdex.net costalimited.d3.sc.omtrdc.net costalimited.tt.omtrdc.net *.onetrust.io *.trackjs.com maps.googleapis.com *.techlab-cdn.com login.costa.co.uk *.google-analytics.com wss:\/\/ws.hotjar.com; frame-ancestors 'self'; frame-src costalimited.demdex.net *.hotjar.com; report-uri https:\/\/costa.report-uri.com\/r\/t\/csp\/reportonly; report-to default","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/tv_google","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.de https:\/\/www.myheritage.de  'unsafe-eval' 'nonce-8ff4c853d95c2d2d8911bd0d20784e00' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.de https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" font-src *.klevu.com *.ksearchnet.com *.gstatic.com https:\/\/fonts.gstatic.com *.fontawesome.com fonts.gstatic.com https:\/\/pos.snapscan.io *.cloudflare.com *.googleapis.com *.zopim.com *.tawk.to *.jsdelivr.net media.flixfacts.com 'unsafe-inline' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/secure.paygate.co.za\/payweb3\/process.trans https:\/\/sandbox.payfast.co.za https:\/\/www.payfast.co.za\/eng\/process oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com *.facebook.com webchat.jdg.co.za *.jdg.co.za 'self' 'unsafe-inline'; frame-ancestors *.hana.ondemand.com 'self'; style-src *.adobe.com *.klevu.com *.ksearchnet.com *.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.fontawesome.com oppwa.com *.oppwa.com *.peachpayments.com *.cloudflare.com *.jsdelivr.net www.gstatic.com media.flixcar.com 'unsafe-inline' data: https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; connect-src *.google-analytics.com dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/*.ingest.sentry.io *.klevu.com *.ksearchnet.com https:\/\/ipinfo.io *.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/get.geojs.io *.avada.io oppwa.com *.oppwa.com *.peachpayments.com *.testfreaks.com *.nosto.com *.hotjar.io *.hotjar.com *.doubleclick.net *.zendesk.com *.paypal.com *.tawk.to wss:\/\/*.tawk.to *.tawk.link *.addthis.com *.addthisedge.com *.what3words.com *.googleapis.com vsb111.tawk.to ekr.zdassets.com api.magento.com commerce.adobedc.net app.mobicredwidget.co.za wss:\/\/widget-mediator.zopim.com bam.nr-data.net *.googletagmanager.com security-hub.vaimo.network 'unsafe-eval' data: 'self' 'unsafe-inline'; frame-src data:text fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com *.nosto.com *.issuu.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.criteo.net *.criteo.com *.addthis.com *.facebook.com webchat.jdg.co.za *.jdg.co.za 'self' 'unsafe-inline'; img-src *.criteo.com *.krxd.net *.chatlayer.ai assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'unsafe-inline' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.klevu.com *.ksearchnet.com *.google.com *.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com oppwa.com *.oppwa.com *.peachpayments.com *.eu-west-1.amazonaws.com https:\/\/pos.snapscan.io *.cloudflare.com *.google.lv *.google.co.za *.google.com.na *.google.na *.zopim.com *.nosto.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.zopim.io *.sfdr.co sfdr.co *.tawk.to tawk.link *.tawk.link *.addthis.com *.jsdelivr.net *.facebook.com *.azurewebsites.net maps.googleapis.com app.mobicredwidget.co.za media.flixcar.com rt.flix360.com assets.secure.checkout.visa.com data: 'self' 'unsafe-inline'; script-src *.incredible.co.za *.chatlayer.ai assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/browser.sentry-cdn.com *.klevu.com *.ksearchnet.com *.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.avada.io *.oppwa.com oppwa.com *.peachpayments.com *.zopim.com *.videoly.co sfdr.co *.cnetcontent.com *.cloudfront.net *.google.lv *.google.co.za *.google.com.na *.google.na *.cloudflare.com *.cloudflareinsights.com *.nosto.com *.hotjar.com *.googletagmanager.com *.criteo.net *.criteo.com *.sfdr.co *.tawk.to *.tawk.link *.jsdelivr.net *.addthis.com *.addthisedge.com *.moatads.com *.mouseflow.com *.facebook.com *.what3words.com maps.googleapis.com commerce.adobedtm.com magento-recs-sdk.adobe.net static.zdassets.com app.mobicredwidget.co.za www.gstatic.com connect.facebook.net bam.nr-data.net js.testfreaks.com media.flixfacts.com media.flixcar.com security-hub.vaimo.network https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval';","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.kidspot.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net; script-src-elem 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com; style-src-elem 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com; img-src 'self' data: https:\/\/www.google-analytics.com https:\/\/nhentai.website https:\/\/nhentai.jp.net https:\/\/*.nhentai.jp.net; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/cdnjs.cloudflare.com data:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/static.cloudflareinsights.com https:\/\/nhentai.website; frame-src 'self' https:\/\/nhentai-website.disqus.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self'; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' https:\/\/connect.facebook.net https:\/\/am.yahoo.co.jp https:\/\/b99.yahoo.co.jp https:\/\/www.google-analytics.com assets.adobedtm.com https:\/\/www.googletagmanager.com http:\/\/hm.mieru-ca.com https:\/\/hpjp.mieru-ca.com https:\/\/www.everestjs.net https:\/\/s.yimg.jp http:\/\/aigjapan.sc.omtrdc.net https:\/\/www.youtube.com 'sha256-dMIRRtml3Oi21Iaq03PtC+8mIuBozHki1nfF3K1YXgw=' 'sha256-Yw3\/67WDFoT7czVF2RALaOaLaRtweKwjgMzcHEb7oIs=' 'sha256-+\/WzJIUpU+5NsHuQGBp2n0iZvi5LUQ0h8K\/qrDy2YJQ=' 'sha256-T4GdVguKtoAY\/4wetSihwnlAEpUpN0SBr64TOJa8NU0=' 'sha256-KIDFo1cCsPZjm0CKg+wI3amz1hzD9mNUJ2+4AGHa3uU=' 'sha256-LBsTTQlX5+H68ly1EZvOY6Z9bHzQqntXIpb70r7UJis=' 'sha256-U\/nEWHrEPshKXL66+Ph2p6sLJqyHx9w9Sjv8K1Ya0zU=' 'sha256-BcF795XkHI9YEs7DNkb2Auwhmzf0SqcdlO\/cXV17POc=' 'sha256-cQonxShNT1IfSfxwOOa2GnQjv3H9iqQdPYmUrW6Tl9w=' 'sha256-Dsxt1\/qoUZUtAc\/xB2KsqxHj3ORjhh9iGH+ezhmuyks=' 'sha256-UeZ0R36qQ5kcoJ4QcT9JHYwgL70p9095Vm9jdRGAKSc=' 'nonce-ru5jt2xfoxn1rq';script-src-elem 'self' https:\/\/connect.facebook.net https:\/\/am.yahoo.co.jp https:\/\/b99.yahoo.co.jp https:\/\/www.google-analytics.com assets.adobedtm.com https:\/\/www.googletagmanager.com http:\/\/hm.mieru-ca.com https:\/\/hpjp.mieru-ca.com https:\/\/www.everestjs.net https:\/\/s.yimg.jp http:\/\/aigjapan.sc.omtrdc.net https:\/\/www.youtube.com 'sha256-dMIRRtml3Oi21Iaq03PtC+8mIuBozHki1nfF3K1YXgw=' 'sha256-Yw3\/67WDFoT7czVF2RALaOaLaRtweKwjgMzcHEb7oIs=' 'sha256-+\/WzJIUpU+5NsHuQGBp2n0iZvi5LUQ0h8K\/qrDy2YJQ=' 'sha256-T4GdVguKtoAY\/4wetSihwnlAEpUpN0SBr64TOJa8NU0=' 'sha256-KIDFo1cCsPZjm0CKg+wI3amz1hzD9mNUJ2+4AGHa3uU=' 'sha256-LBsTTQlX5+H68ly1EZvOY6Z9bHzQqntXIpb70r7UJis=' 'sha256-U\/nEWHrEPshKXL66+Ph2p6sLJqyHx9w9Sjv8K1Ya0zU=' 'sha256-BcF795XkHI9YEs7DNkb2Auwhmzf0SqcdlO\/cXV17POc=' 'sha256-cQonxShNT1IfSfxwOOa2GnQjv3H9iqQdPYmUrW6Tl9w=' 'sha256-Dsxt1\/qoUZUtAc\/xB2KsqxHj3ORjhh9iGH+ezhmuyks=' 'sha256-UeZ0R36qQ5kcoJ4QcT9JHYwgL70p9095Vm9jdRGAKSc=' 'nonce-ru5jt2xfoxn1rq';","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.mziq.com; script-src 'self' https:\/\/*.mziq.com; script-src-elem 'self' https:\/\/*.mziq.com 'sha256-kQ7PZqRD+DW+OLPgGpzeit+ne5Q32Q7r0bNZq\/\/y0Rw=' 'sha256-2L+nOGxRAxUhUjVdJf\/7Wl9Y9CJvuXyNSb7gUk9APMU=' https:\/\/*.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.tinymce.com https:\/\/*.tiny.cloud; style-src 'self' 'unsafe-inline' https:\/\/*.mziq.com; style-src-elem 'self' 'unsafe-inline' https:\/\/*.mziq.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/*.tinymce.com https:\/\/*.tiny.cloud; font-src 'self' data: https:\/\/*.mziq.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/*.tinymce.com https:\/\/*.tiny.cloud; connect-src 'self' https:\/\/*.mziq.com wss:\/\/*.mziq.com https:\/\/mzai-iq.mzsuite.com https:\/\/*.google.com https:\/\/*.google.com.br https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.g.doubleclick.net https:\/\/*.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.tinymce.com https:\/\/*.tiny.cloud https:\/\/mz-prd-pub-filemanager-external.s3.us-east-1.amazonaws.com https:\/\/mz-prd-pub-mziq-cdn.s3.us-east-1.amazonaws.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com blob:; img-src 'self' data: polygon: https:\/\/*.mziq.com https:\/\/*.google.com https:\/\/*.google.com.br https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.tinymce.com https:\/\/*.tiny.cloud https:\/\/s3.amazonaws.com\/mz-mailer blob:; object-src 'none'; base-uri 'self'; worker-src blob:; report-uri https:\/\/csp-report.mziq.com\/csp-report; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.cloudflare.com *.twitter.com *.facebook.net *.twimg.com *.hotjar.com *.trustedshops.com *.googleapis.com *.magentocommerce.com *.paypal.com *.cardinalcommerce.com *.authorize.net *.fontawesome.com https:\/\/fonts.bunny.net *.mncdn.com *.masterpassturkiye.com *.iyzipay.com *.bkm.com.tr *.akbank.com.tr *.yapikredi.com.tr *.garanti.com.tr *.ingage.tech *.useinsider.com *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.cloudfront.net *.openx.net *.sharethis.com *.google.com.tr *.googlesyndication.com https:\/\/buysoci.al *.agkn.com *.a.run.app *.clarity.ms sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com *.cloudflareinsights.com *.cookiespool.com *.tiktokw.us *.zopim.com *.zopim.io *.personaclick.com *.mnmedya.com *.ipaper.io https:\/\/*.useinsider.com wss:\/\/*.useinsider.com *.tiktok.com *.googleoptimize.com *.creativecdn.com https:\/\/*.amazonaws.com *.criteo.com *.rossmann.com.tr cdn.rossmann.com.tr *.vimeo.com www.rossmann.com.tr *.snapchat.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com *.twitter.com *.facebook.com *.ingage.tech *.useinsider.com *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.cloudfront.net *.openx.net *.sharethis.com *.google.com.tr *.googlesyndication.com https:\/\/buysoci.al *.agkn.com *.a.run.app *.clarity.ms sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com *.cloudflareinsights.com *.cookiespool.com *.tiktokw.us *.mncdn.com *.personaclick.com *.mnmedya.com *.ipaper.io https:\/\/*.useinsider.com wss:\/\/*.useinsider.com *.tiktok.com *.googleoptimize.com *.creativecdn.com https:\/\/*.amazonaws.com *.criteo.com *.rossmann.com.tr cdn.rossmann.com.tr *.vimeo.com *.snapchat.com 'self' 'unsafe-inline'; frame-ancestors *.google.com *.gstatic.com *.ingage.tech *.useinsider.com *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.cloudfront.net *.openx.net *.sharethis.com *.google.com.tr *.googlesyndication.com https:\/\/buysoci.al *.agkn.com *.a.run.app *.clarity.ms sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com *.cloudflareinsights.com *.cookiespool.com *.tiktokw.us *.mncdn.com *.personaclick.com *.mnmedya.com *.ipaper.io https:\/\/*.useinsider.com wss:\/\/*.useinsider.com *.tiktok.com *.googleoptimize.com *.creativecdn.com https:\/\/*.amazonaws.com *.criteo.com *.rossmann.com.tr cdn.rossmann.com.tr *.vimeo.com *.snapchat.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/www.googletagmanager.com\/ *.twitter.com *.gstatic.com *.hotjar.com *.google.com.tr *.veinteractive.com *.demdex.net *.solocpm.com *.facebook.com *.facebook.net *.addthis.com *.livechatinc.com *.yandex.ru *.adyen.com *.vimeo.com *.doubleclick.net *.bluekai.com *.useinsider.com *.masterpassturkiye.com *.iyzipay.com *.bkm.com.tr *.akbank.com.tr *.yapikredi.com.tr *.garanti.com.tr *.ingage.tech *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.cloudfront.net *.openx.net *.sharethis.com *.googlesyndication.com https:\/\/buysoci.al *.agkn.com *.a.run.app *.clarity.ms sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com *.cloudflareinsights.com *.cookiespool.com *.tiktokw.us https:\/\/www.youtube.com http:\/\/www.sandbox.paypal.com www.paypal.com *.mncdn.com *.personaclick.com *.mnmedya.com *.ipaper.io https:\/\/*.useinsider.com wss:\/\/*.useinsider.com *.tiktok.com *.googleoptimize.com *.creativecdn.com https:\/\/*.amazonaws.com *.criteo.com *.rossmann.com.tr cdn.rossmann.com.tr rossmann.api.useinsider.com td.doubleclick.net ams.creativecdn.com *.snapchat.com 'self' 'unsafe-inline'; img-src 'self' data: *.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.swagger.io https:\/\/images.unsplash.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.cloudflare.com *.klarna.com *.googleadservices.com *.paypalobjects.com *.hotjar.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.magentocommerce.com *.cardinalcommerce.com *.authorize.net *.omtrdc.net *.newrelic.com *.doubleclick.net *.google.com *.google.com.tr *.facebook.com *.facebook.net *.demdex.net *.everesttech.net *.googleapis.com *.adis.ws *.livechatinc.com *.yandex.ru *.adyen.com *.setrowid.com *.setrow.com *.instagram.com *.useinsider.com *.googletagmanager.com https:\/\/firebasestorage.googleapis.com *.mncdn.com *.iyzicopwi.com.tr *.masterpassturkiye.com *.iyzipay.com *.bkm.com.tr *.akbank.com.tr *.yapikredi.com.tr *.garanti.com.tr *.ingage.tech *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.cloudfront.net *.openx.net *.sharethis.com *.googlesyndication.com https:\/\/buysoci.al *.agkn.com *.a.run.app *.clarity.ms sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com *.cloudflareinsights.com *.cookiespool.com *.tiktokw.us *.bing.com *.zopim.com *.zopim.io *.google.co.in *.mastercard.com *.personaclick.com *.mnmedya.com *.ipaper.io https:\/\/*.useinsider.com wss:\/\/*.useinsider.com *.tiktok.com *.googleoptimize.com *.creativecdn.com https:\/\/*.amazonaws.com *.criteo.com *.rossmann.com.tr *.vimeo.com *.bidswitch.net *.adnxs.com *.casalemedia.com *.media.net *.360yield.com *.outbrain.com *.rubinproject.com *.sharethrough.com *.smartadserver.net *.taboola.com *.teads.tv *.3lift.com *.emxdgt.com *.adform.net *.omnitagjs.com *.sync.com *.ivitrack.com *.mediavine.com *.pubmatic.com *.tremorhub.com *.yieldlab.net *.yieldmo.com *.semasio.net *.krxd.net *.thebrighttag.com *.smartadserver.com *.yahoo.com https:\/\/id5-sync.com *.rubiconproject.com www.rossmann.com.tr cdn.rossmann.com.tr web-image.useinsider.com image.useinsider.com static.ads-twitter.com ads-twitter.com ads-api.twitter.com analytics.twitter.com t.co www.facebook.com *.snapchat.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.magentocommerce.com *.paypal.com *.hotjar.com *.cardinalcommerce.com *.authorize.net *.omtrdc.net *.instana.io *.google.com.tr *.googletagmanager.com *.veinteractive.com *.facebook.net *.supert.ag *.setrowid.com *.mainadv.com *.doubleclick.net *.googleapis.com *.addthis.com *.moatads.com *.addthisedge.com *.livechatinc.com *.yandex.ru *.adyen.com *.vimeo.com *.jsdelivr.net *.setrow.com *.instagram.com *.criteo.com *.criteo.net *.ciritizr.com *.bkrtx.com *.cloudfront.net *.useinsider.com *.critizr.com *.behance.net *.swagger.io *.avada.io *.shopify.com *.mncdn.com *.iyzicopwi.com.tr *.masterpassturkiye.com *.iyzipay.com *.bkm.com.tr *.akbank.com.tr *.garanti.com.tr *.ingage.tech *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.openx.net *.sharethis.com *.googlesyndication.com https:\/\/buysoci.al *.agkn.com *.a.run.app *.clarity.ms sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com *.cloudflareinsights.com *.cookiespool.com *.tiktokw.us *.bing.com *.zopim.com *.zdassets.com *.personaclick.com *.mnmedya.com *.ipaper.io https:\/\/*.useinsider.com wss:\/\/*.useinsider.com *.tiktok.com *.googleoptimize.com *.creativecdn.com https:\/\/*.amazonaws.com *.rossmann.com.tr www.rossmann.com.tr rossmann.api.useinsider.com connect.facebook.net tags.creativecdn.com static.ads-twitter.com ads-twitter.com ads-api.twitter.com analytics.twitter.com embeds.ipaper.io static.hotjar.com cdn.rossmann.com.tr eitri.api.useinsider.com analytics.tiktok.com script.hotjar.com ams.creativecdn.com *.snapchat.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.facebook.net *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.magentocommerce.com *.fontawesome.com *.paypal.com *.paypalobjects.com *.hotjar.com *.cardinalcommerce.com *.authorize.net *.omtrdc.net *.newrelic.com *.setrowid.com *.setrow.com *.critizr.com *.useinsider.com *.adobedtm.com *.google-analytics.com *.googletagmanager.com *.swagger.io https:\/\/fonts.bunny.net *.mncdn.com *.masterpassturkiye.com *.iyzipay.com *.bkm.com.tr *.akbank.com.tr *.yapikredi.com.tr *.garanti.com.tr *.ingage.tech *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.cloudfront.net *.openx.net *.sharethis.com *.google.com.tr *.googlesyndication.com https:\/\/buysoci.al *.agkn.com *.a.run.app *.clarity.ms sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com *.cloudflareinsights.com *.cookiespool.com *.tiktokw.us *.bing.com *.personaclick.com *.mnmedya.com *.ipaper.io https:\/\/*.useinsider.com wss:\/\/*.useinsider.com *.tiktok.com *.googleoptimize.com *.creativecdn.com https:\/\/*.amazonaws.com *.criteo.com *.rossmann.com.tr *.vimeo.com www.rossmann.com.tr cdn.rossmann.com.tr maxcdn.bootstrapcdn.com assets.api.useinsider.com *.snapchat.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net *.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.cloudflare.com www.google-analytics.com https:\/\/stats.g.doubleclick.net *.twitter.com *.facebook.com *.facebook.net *.paypalobjects.com *.hotjar.com *.hotjar.io *.twimg.com *.magentocommerce.com *.cardinalcommerce.com *.cardinalcommerce.net *.veinteractive.com *.demdex.net *.yandex.ru *.vimeo.com *.setrowid.com *.setrow.com *.useinsider.com *.adobedtm.com *.swagger.io https:\/\/get.geojs.io *.avada.io *.masterpassturkiye.com *.iyzipay.com *.bkm.com.tr *.akbank.com.tr *.yapikredi.com.tr *.garanti.com.tr https:\/\/mnemos-api.ahtapot.ai *.ingage.tech *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.cloudfront.net *.openx.net *.sharethis.com *.google.com.tr *.googlesyndication.com https:\/\/buysoci.al *.agkn.com *.a.run.app *.clarity.ms sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com *.cloudflareinsights.com *.cookiespool.com *.tiktokw.us *.zdassets.com *.zopim.com *.zopim.io wss:\/\/widget-mediator.zopim.com *.mncdn.com *.personaclick.com *.mnmedya.com *.ipaper.io https:\/\/*.useinsider.com wss:\/\/*.useinsider.com *.tiktok.com *.googleoptimize.com *.creativecdn.com https:\/\/*.amazonaws.com *.criteo.com *.rossmann.com.tr analytics.google.com www.rossmann.com.tr cdn.rossmann.com.tr rossmann.api.useinsider.com aryuder.api.useinsider.com hit.api.useinsider.com ams.creativecdn.com recommendationv2.api.useinsider.com *.snapchat.com static.ads-twitter.com ads-twitter.com ads-api.twitter.com analytics.twitter.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.ingage.tech *.useinsider.com *.pinterest.com *.pinimg.com *.connectad.io *.opera.com *.gumgum.com *.rakuten.com *.smaato.net *.adtarget.com *.mgid.com *.onetag-sys.com *.adscale.com *.loopme.me *.smilewanted.com *.wawlabs.com *.dmxleo.com *.cloudfront.net *.openx.net *.sharethis.com *.google.com.tr *.googlesyndication.com *.buysoci.al *.agkn.com *.a.run.app sc-static.net jadserve.postrelease.com sync.1rx.io sync.targeting.unrulymedia.com www.rossmann.com.tr cdn.rossmann.com.tr *.clarity.ms googleads.g.doubleclick.net analytics.tiktok.com *.snapchat.com *.twitter.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-ancestors 'self'; base-uri 'self'; form-action 'self' https:; upgrade-insecure-requests; block-all-mixed-content","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/exlibris.ch https:\/\/*.exlibris.ch https:\/\/*.sentry.io; script-src  'self' 'unsafe-inline' 'unsafe-eval' https:\/\/exlibris.ch https:\/\/*.exlibris.ch https:\/\/googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/epoq-systems.de http:\/\/epoq-systems.de https:\/\/*.epoq-systems.de http:\/\/*.epoq-systems.de https:\/\/epoq.de http:\/\/epoq.de https:\/\/*.epoq.de http:\/\/*.epoq.de https:\/\/connect.facebook.net https:\/\/google.com https:\/\/*.google.com https:\/\/googleanalytics.com https:\/\/*.googleanalytics.com https:\/\/google-analytics.com https:\/\/*.google-analytics.com https:\/\/googlesyndication.com https:\/\/*.googlesyndication.com https:\/\/gstatic.com https:\/\/*.gstatic.com https:\/\/googleapis.com https:\/\/*.googleapis.com https:\/\/googleadservices.com https:\/\/*.googleadservices.com bat.bing.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/datatrans.com https:\/\/*.datatrans.com https:\/\/googleads.g.doubleclick.net https:\/\/cookielaw.org https:\/\/*.cookielaw.org https:\/\/*.trustpilot.com https:\/\/pay.google.com https:\/\/sandbox.secure.checkout.visa.com https:\/\/*.sentry.io analytics.tiktok.com analytics-ipv6.tiktokw.us http:\/\/ads.tiktok.com; worker-src 'self' blob:; connect-src 'self' https:\/\/exlibris.ch https:\/\/*.exlibris.ch exlibris.azureedge.net exlibris.blob.core.windows.net https:\/\/epoq.de https:\/\/*.epoq.de http:\/\/epoq-systems.de https:\/\/epoq-systems.de *.facebook.com https:\/\/migros.ch https:\/\/www.google.at https:\/\/*.google.ba https:\/\/*.migros.ch https:\/\/*.google.de https:\/\/*.google.ch https:\/\/*.google.com https:\/\/www.google.fr https:\/\/*.google.it https:\/\/*.google.li https:\/\/*.google.tn https:\/\/*.google.co.uk https:\/\/*.google.com.sa https:\/\/www.googleadservices.com https:\/\/google-analytics.com https:\/\/*.google-analytics.com https:\/\/google-analytics.ch https:\/\/*.google-analytics.ch https:\/\/google.com https:\/\/*.google.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/analytics.google.ch https:\/\/*.analytics.google.ch https:\/\/googleapis.com https:\/\/*.googleapis.com https:\/\/googlesyndication.com https:\/\/*.googlesyndication.com https:\/\/*.googletagmanager.com bat.bing.com bat.bing.net https:\/\/doubleclick.net https:\/\/*.doubleclick.net https:\/\/g.doubleclick.net https:\/\/*.g.doubleclick.net https:\/\/cookielaw.org https:\/\/*.cookielaw.org https:\/\/onetrust.com https:\/\/*.onetrust.com https:\/\/onetrust.io https:\/\/*.onetrust.io https:\/\/hotjar.com https:\/\/*.hotjar.com https:\/\/hotjar.io https:\/\/*.hotjar.io wss:\/\/*.hotjar.com wss:\/\/hotjar.com https:\/\/*.sentry.io analytics.tiktok.com analytics-ipv6.tiktokw.us http:\/\/ads.tiktok.com https:\/\/widget.trustpilot.com; style-src 'self' 'unsafe-inline' https:\/\/exlibris.ch https:\/\/*.exlibris.ch https:\/\/googleapis.com https:\/\/*.googleapis.com https:\/\/google.com https:\/\/*.google.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com fast.fonts.net https:\/\/epoq-systems.de https:\/\/*.epoq-systems.de https:\/\/epoq.de https:\/\/*.epoq.de http:\/\/epoq-systems.de http:\/\/*.epoq-systems.de http:\/\/epoq.de http:\/\/*.epoq.de; img-src 'self' dhttps data: *.facebook.com https:\/\/exlibris.ch https:\/\/*.exlibris.ch exlibris.azureedge.net https:\/\/epoq-systems.de https:\/\/*.epoq-systems.de https:\/\/epoq.de https:\/\/*.epoq.de http:\/\/epoq-systems.de http:\/\/*.epoq-systems.de http:\/\/epoq.de http:\/\/*.epoq.de https:\/\/gstatic.com https:\/\/*.gstatic.com https:\/\/googleapis.com https:\/\/*.googleapis.com https:\/\/google-analytics.com https:\/\/*.google-analytics.com https:\/\/doubleclick.net https:\/\/*.doubleclick.net https:\/\/g.doubleclick.net https:\/\/*.g.doubleclick.net https:\/\/googlesyndication.com https:\/\/*.googlesyndication.com https:\/\/*.google.at https:\/\/*.google.ch https:\/\/*.google.de https:\/\/*.google.dz https:\/\/*.google.es https:\/\/*.google.fr https:\/\/*.google.hr https:\/\/*.google.it https:\/\/*.google.li https:\/\/*.google.lu https:\/\/*.google.nl https:\/\/*.google.sc https:\/\/*.google.si https:\/\/*.google.co.uk https:\/\/*.google.co.in https:\/\/*.google.com https:\/\/*.google.com.pa https:\/\/*.google.com.ph https:\/\/*.google.com.gh https:\/\/*.google.com.tr https:\/\/*.google.com.br https:\/\/*.google.com.cy https:\/\/www.googleadservices.com https:\/\/googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/hotjar.com https:\/\/*.hotjar.com https:\/\/hotjar.io https:\/\/*.hotjar.io bat.bing.com https:\/\/cookielaw.org https:\/\/*.cookielaw.org optanon.blob.core.windows.net exlibris.blob.core.windows.net https:\/\/migros.ch https:\/\/*.migros.ch analytics.tiktok.com analytics-ipv6.tiktokw.us http:\/\/ads.tiktok.com https:\/\/ytimg.com https:\/\/*.ytimg.com; media-src 'self' data https:\/\/exlibris.ch https:\/\/*.exlibris.ch exlibris.blob.core.windows.net https:\/\/*.phononet.de\/ exlibris.azureedge.net; frame-src 'self' bytedance: sslocal: https:\/\/exlibris.ch https:\/\/*.exlibris.ch https:\/\/google.de https:\/\/*.google.de https:\/\/google.com https:\/\/*.google.com https:\/\/googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/googlesyndication.com https:\/\/*.googlesyndication.com https:\/\/youtube.com https:\/\/*.youtube.com https:\/\/datatrans.com https:\/\/*.datatrans.com https:\/\/*.fls.doubleclick.net https:\/\/bic-media.com https:\/\/*.bic-media.com https:\/\/youtube-nocookie.com https:\/\/*.youtube-nocookie.com https:\/\/doubleclick.net https:\/\/*.doubleclick.net https:\/\/hotjar.com https:\/\/*.hotjar.com https:\/\/hotjar.io https:\/\/*.hotjar.io https:\/\/tradedoubler.com https:\/\/*.tradedoubler.com https:\/\/blickinsbuch.de https:\/\/*.blickinsbuch.de https:\/\/book2look.com https:\/\/*.book2look.com https:\/\/postfinance.ch https:\/\/*.postfinance.ch https:\/\/viseca.ch\/ https:\/\/*.viseca.ch\/ https:\/\/bonuscard.ch\/ https:\/\/*.bonuscard.ch\/ https:\/\/3ds.bonuscard.ch\/ https:\/\/*.3ds.bonuscard.ch\/ https:\/\/arcot.com\/ https:\/\/*.arcot.com\/ https:\/\/*.trustpilot.com https:\/\/pay.google.com https:\/\/sandbox.secure.checkout.visa.com https:\/\/3d.datatrans.com https:\/\/3d.sandbox.datatrans.com; font-src 'self' data: https:\/\/exlibris.ch https:\/\/*.exlibris.ch https:\/\/gstatic.com https:\/\/*.gstatic.com https:\/\/google.com https:\/\/*.google.com https:\/\/hotjar.com https:\/\/*.hotjar.com https:\/\/hotjar.io https:\/\/*.hotjar.io; manifest-src 'self' https:\/\/exlibris.ch https:\/\/*.exlibris.ch; frame-ancestors 'self' https:\/\/exlibris.ch https:\/\/*.exlibris.ch; report-uri \/loc\/csp-report","count":1},{"content-security-policy-report-only":" default-src data: 'self' blob: 'unsafe-inline' 'unsafe-eval' *.atyarisi.com wss:\/\/*.atyarisi.com *.google.com *.google.com.tr *.googletagmanager.com *.google-analytics.com *.support.google.com *.doubleclick.net *.googleadservices.com *.microsoft.com *.apple.com *.facebook.com *.facebook.net *.yahoo.com *.newrelic.com *.twitter.com *.instagram.com *.youtube.com tjktv.ercdn.net *.tjk.org *.broadage.com *.media.net *.liderform.com.tr *.googleapis.com *.googlevideo.com *.gstatic.com *.nsoft-cdn.com *.stg-digi.com *.rlcdn.com *.crwdcntrl.net *.dengage.com *.nr-data.net *.taboola.com *.tiktok.com *.dengagecdn.com *.sisalsanstech.com *.ondigitalocean.app *.millipiyangoonline.com *.rsc.cdn77.org *.clarity.ms scripts.clarity.ms *.tiktokw.us *.tiktokv.com *.byteoversea.com https:\/\/106gamesgalaxsys.online *.mobilproses.com football.playbook-fusion.com *.trhosted.com *.biahosted.net; img-src * data:; report-uri \/csp\/cspreport\/","count":1},{"content-security-policy-report-only":" connect-src 'self' https:\/\/correspondent.report-uri.com https:\/\/static.cdn-decorrespondent.nl https:\/\/useruploads.cdn-decorrespondent.nl https:\/\/decorrespondent.matomo.cloud https:\/\/o206126.ingest.sentry.io https:\/\/space-corre.video-dns.com; media-src 'self' https:\/\/static.cdn-decorrespondent.nl https:\/\/traffic.omny.fm https:\/\/*.pdn.tritondigital.com https:\/\/useruploads.cdn-decorrespondent.nl blob: https:\/\/space-corre.video-dns.com; form-action 'self' https:\/\/www.mollie.com https:\/\/pay.ideal.nl https:\/\/www.paypal.com; report-uri https:\/\/correspondent.report-uri.com\/r\/d\/csp\/reportOnly; report-to csp-report-only-endpoint","count":1},{"content-security-policy-report-only":" default-src 'none'; report-uri \/next-external\/log\/csp\/violations; report-to csp-violations; connect-src 'self' wss:\/\/www.nordnet.dk https:\/\/www.googletagmanager.com https:\/\/analytics.nordnet.dk https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.dk https:\/\/api.prod.nntech.io https:\/\/api.test.nntech.io https:\/\/experimentation.public.prod.nntech.io https:\/\/www.google.com https:\/\/storage.googleapis.com https:\/\/www.recaptcha.net https:\/\/relay.prod.nntech.io https:\/\/api-poc.prod.nntech.io; font-src 'self' https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.dk; frame-src 'self' https:\/\/analytics.nordnet.dk https:\/\/10961666.fls.doubleclick.net https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/w.soundcloud.com https:\/\/embed.acast.com https:\/\/link.tink.com https:\/\/www.tv2.no https:\/\/checkout.trustly.com https:\/\/www.recaptcha.net https:\/\/www.google.com https:\/\/t.email.nordnet.dk https:\/\/dashboard.fundrella.com; img-src 'self' https:\/\/www.googletagmanager.com https:\/\/analytics.nordnet.dk https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.dk https:\/\/api.prod.nntech.io data: blob: https:\/\/cdn.tink.se https:\/\/images.ctfassets.net https:\/\/i.vimeocdn.com https:\/\/img.youtube.com https:\/\/www.recaptcha.net https:\/\/blog.nordnet.dk; manifest-src 'self'; media-src https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.dk https:\/\/videos.ctfassets.net; object-src 'self'; script-src 'self' 'nonce-6bd154bb-ef90-48da-8966-f55ab36032a7' https:\/\/analytics.nordnet.dk https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.dk https:\/\/www.recaptcha.net https:\/\/www.google.com; script-src-attr 'none'; style-src 'unsafe-inline' 'self' https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.dk; worker-src 'none'; base-uri 'none'; form-action 'self' https:\/\/pvu.nets.no https:\/\/pvu.avtalegiro.no https:\/\/online.alandsbanken.fi https:\/\/verkkopankki.danskebank.fi https:\/\/verkkomaksu.handelsbanken.fi https:\/\/epmt.nordea.fi https:\/\/identify.nordea.com https:\/\/verkkomaksu.poppankki.fi https:\/\/verkkomaksu.saastopankki.fi https:\/\/online.s-pankki.fi https:\/\/auth.aktia.fi https:\/\/kirjaudu.aktia.fi https:\/\/ebank.aktia.fi; frame-ancestors 'self' https:\/\/app.contentful.com;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-nkhxgJXGICAi4KJX2Zu2Gg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/ajax.cloudflare.com  https:\/\/*.migracion.gob.do https:\/\/cdn.userway.org https:\/\/eticket.migracion.gob.do https:\/\/personal.migracion.gob.do https:\/\/cdn.jsdelivr.net https:\/\/connect.facebook.net https:\/\/www.google-analytics.com https:\/\/challenges.cloudflare.com https:\/\/static.cloudflareinsights.com; worker-src https:\/\/migracion.gob.do blob:; style-src 'self' 'unsafe-inline' https:\/\/cdn.userway.org https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net; font-src 'self' https:\/\/cdn.userway.org https:\/\/fonts.gstatic.com https:\/\/cdn.jsdelivr.net; media-src https:\/\/cdn.userway.org; img-src 'self' https:\/\/secure.gravatar.com https:\/\/s.w.org https:\/\/a.tile.openstreetmap.org https:\/\/b.tile.openstreetmap.org https:\/\/c.tile.openstreetmap.org data: https:\/\/cdn.userway.org https:\/\/*.migracion.gob.do https:\/\/cdn.jsdelivr.net https:\/\/www.google-analytics.com; connect-src 'self' https:\/\/cdn.userway.org https:\/\/api.userway.org https:\/\/*.migracion.gob.do https:\/\/www.google-analytics.com https:\/\/challenges.cloudflare.com; frame-src 'self' https:\/\/cdn.userway.org https:\/\/www.facebook.com https:\/\/www.youtube.com https:\/\/be.nortic.ogtic.gob.do https:\/\/eticket.migracion.gob.do https:\/\/challenges.cloudflare.com; object-src 'self'; base-uri 'self'; form-action 'self' https:\/\/*.migracion.gob.do; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https:\/\/report-uri.migracion.gob.do\/api\/reports; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com https:\/\/cdnjs.cloudflare.com *.cloudfront.net *.googleapis.com *.webformatlabs.com *.pu.subcom.it *.passionebeauty.com https:\/\/fonts.gstatic.com *.zdassets.com *.zopim.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com 'self' data: *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/forms-eu1.hsforms.com *.zdassets.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.bolt.com *.passionebeauty.com cloudfront.net self https: *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com *.bolt.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.firework.com *.fwcdn1.com *.fwcdn2.com *.fwcdn3.com self https: integration.api.scalapay.com api.scalapay.com consentcdn.cookiebot.com www.paypalobjects.com *.hipay-tpp.com *.hipay.com *.facebook.com www.youtube.com www.twitter.com *.nr-data.net *.criteo.net\/ *.criteo.com\/ *.hotjar.com https:\/\/optimize.google.com https:\/\/*.adform.net https:\/\/cdn.smooch.io\/ *.hsforms.com *.hubspot.com https:\/\/*.hs-sites-eu1.com *.zdassets.com *.zopim.com https:\/\/app-eu1.hubspot.com *.typeform.com https:\/\/passione-toolkit.replit.app\/ *.cloudfront.net *.passionebeauty.com *.omtrdc.net *.demdex.net assets.adobedtm.com cm.everesttech.net *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net commerce.adobe.io widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.ftcdn.net *.behance.net data: https:\/\/images.unsplash.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.firework.com *.fw-assets1.com *.fwcdn1.com *.fwcdn2.com *.fwcdn3.com asset.fwcdn2.com *.asset.fwcdn2.com asset.fwcdn1.com *.asset.fwcdn1.com fireworktv.com *.fireworktv.com p2.fwpixel.com *.p2.fwpixel.com integration.api.scalapay.com api.scalapay.com www.sandbox.paypal.com *.hipay-tpp.com *.hipay.com *.cloudfront.net *.googleadservices.com *.google-analytics.com https:\/\/www.googletagmanager.com www.google.it *.google.com *.webformatlabs.com *.pu.subcom.it *.passionebeauty.com *.criteo.net\/ *.criteo.com\/ *.facebook.com https:\/\/s.thebrighttag.com https:\/\/beacon.krxd.net https:\/\/ad.yieldlab.net https:\/\/matching.ivitrack.com https:\/\/visitor.omnitagjs.com https:\/\/*.adform.net https:\/\/ups.analytics.yahoo.com https:\/\/eb2.3lift.com https:\/\/criteo-sync.teads.tv https:\/\/sync-t1.taboola.com https:\/\/rtb-csync.smartadserver.com https:\/\/pixel.rubiconproject.com https:\/\/simage2.pubmatic.com https:\/\/exchange.mediavine.com https:\/\/contextual.media.net https:\/\/ad.360yield.com https:\/\/ib.adnxs.com https:\/\/dis.criteo.com https:\/\/cm.g.doubleclick.net https:\/\/x.bidswitch.net https:\/\/r.casalemedia.com https:\/\/sync.outbrain.com https:\/\/match.sharethrough.com https:\/\/id5-sync.com https:\/\/criteo-partners.tremorhub.com https:\/\/sync-criteo.ads.yieldmo.com *.hsforms.com *.hubspot.com https:\/\/track.hubspot.com https:\/\/perf-eu1.hsforms.com https:\/\/cta-eu1.hubspot.com https:\/\/js-eu1.hubspot.com https:\/\/static.hubspot.com *.hsappstatic.net https:\/\/optimize.google.com *.googleapis.com *.etrusted.com https:\/\/analytics.tiktok.com https:\/\/cdn.qapla.it https:\/\/s.pinimg.com *.zdassets.com *.zopim.com https:\/\/imgsct.cookiebot.com https:\/\/c.clarity.ms *.postrelease.com app.passionebeauty.test fireworkapi1.com asset.fwcdn3.com fireworkadservices1.com asset.fwbiz1.com asset.fwpub1.com asset.fwadcdn1.com cdn1.fireworkn.com fireworkanalytics.com *.agora.io *.sd-rtn.com business.firework.com api.firework.com ig-importer.firework-prod.com cdn.fw-assets1.com *.execute-api.us-west-2.amazonaws.com *.omtrdc.net *.demdex.net 'self' blob: *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com commerce.adobe.io geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.bolt.com *.commerce-quick-checkout.com http:\/\/localhost:8082 https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.firework.com *.fw-assets1.com *.fwcdn1.com *.fwcdn2.com *.fwcdn3.com asset.fwcdn1.com *.asset.fwcdn1.com asset.fwcdn3.com *.asset.fwcdn3.com asset.fwcdn2.com *.asset.fwcdn2.com https:\/\/cdnjs.cloudflare.com integration.api.scalapay.com api.scalapay.com *.paypal.com *.cloudfront.net *.fontawesome.com *.google-analytics.com googletagmanager.com *.gstatic.com js-agent.newrelic.com *.webformatlabs.com *.pu.subcom.it *.passionebeauty.com consent.cookiebot.com consentcdn.cookiebot.com bam.eu01.nr-data.net https:\/\/www.googleoptimize.com https:\/\/optimize.google.com *.criteo.net\/ *.criteo.com\/ *.hotjar.com s7.addthis.com *.hipay-tpp.com *.hipay.com zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com www.recaptcha.net *.facebook.com *.doubleclick.net https:\/\/*.adform.net *.hs-scripts.com *.hs-banner.com *.hs-analytics.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hubspot.com *.hubspotfeedback.com https:\/\/www.googleanalytics.com https:\/\/cdn.logico3c.com *.webgains.io *.solocpm.com *.tangooserver.com https:\/\/api.qapla.it *.googleapis.com *.onyourmap.com *.mapbox.com https:\/\/analytics.tiktok.com *.euh.stape.io *.euh.stape.net https:\/\/ajax.googleapis.com https:\/\/s.pinimg.com *.zdassets.com *.zopim.com *.clarity.ms https:\/\/js-eu1.usemessages.com https:\/\/pagead2.googlesyndication.com https:\/\/app-eu1.hubspot.com https:\/\/rum.hlx.page *.goaffpro.com *.hsadspixel.net *.typeform.com *.impactcdn.com cdn.jsdelivr.net\/npm\/photoswipe\/ player.vimeo.com *.omtrdc.net *.demdex.net cm.everesttech.net bat.bing.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com integration.api.scalapay.com api.scalapay.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com *.hipay-tpp.com *.hipay.com *.paypal.com *.cloudfront.net *.gstatic.com js-agent.newrelic.com *.webformatlabs.com *.pu.subcom.it *.passionebeauty.com *.facebook.com https:\/\/optimize.google.com *.etrusted.com https:\/\/api.qapla.it *.zdassets.com *.zopim.com https:\/\/webgains.io *.typeform.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.googleapis.com *.stripe.network *.stripecdn.com *.amazon.com *.yotpo.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.firework.com *.fw-assets1.com *.fwcdn1.com *.fwcdn2.com *.fwcdn3.com *.live-video.net *.playback.live-video.net cdn4.fireworktv.com *.cdn4.fireworktv.com 'self' data: blob: * *.passionebeauty.com 'self' 'unsafe-inline'; manifest-src *.cloudfront.net 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bolt.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.firework.com *.live-video.net *.playback.live-video.net *.agora.io *.sd-rtn.com *.execute-api.us-west-2.amazonaws.com *.pixelsdata.com wss: p2.fwpixel.com *.p2.fwpixel.com fireworkapi1.com *.fireworkapi1.com fireworkadservices1.com *.fireworkadservices1.com fireworkanalytics.com *.fireworkanalytics.com consentcdn.cookiebot.com api-staging.oney.io api.oney.io integration.api.scalapay.com api.scalapay.com *.hipay-tpp.com *.hipay.com *.cloudfront.net consent.cookiebot.com *.doubleclick.net *.pu.subcom.it *.webformatlabs.com *.passionebeauty.com bam.eu01.nr-data.net pagead2.googlesyndication.com *.facebook.com zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com www.recaptcha.net *.hotjar.com commerce.adobe.io *.criteo.net\/ *.criteo.com\/ *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https:\/\/*.adform.net *.webgains.io *.googleapis.com *.onyourmap.com *.mapbox.com api.qapla.it https:\/\/analytics.tiktok.com *.euh.stape.io *.euh.stape.net https:\/\/s.pinimg.com *.zendesk.com https:\/\/passionebeauty-it.zendesk.com *.zdassets.com *.zopim.com *.clarity.ms https:\/\/rum.hlx.page *.hubapi.com *.pinterest.com *.typeform.com passionebeauty.sjv.io *.fireworktv.com wss:\/\/fireworkapi1.com asset.fwcdn3.com asset.fwcdn1.com asset.fwcdn2.com asset.fwbiz1.com asset.fwpub1.com asset.fwadcdn1.com cdn1.fireworkn.com business.firework.com api.firework.com ig-importer.firework-prod.com cdn.fw-assets1.com *.2o7.net *.omtrdc.net *.demdex.net assets.adobedtm.com cm.everesttech.net cdn.scalapay.com bat.bing.com *.google-analytics.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https:\/\/hsselite.zendesk.com; connect-src 'self' https: wss: https:\/\/*.zendesk.com https:\/\/*.zdassets.com https:\/\/*.onesignal.com https:\/\/api.onesignal.com; img-src 'self' https: data:; font-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https:\/\/static.zdassets.com https:\/\/*.onesignal.com https:\/\/*.zendesk.com https:\/\/ajax.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/cmp.osano.com https:\/\/static.ada.support https:\/\/cdn.onesignal.com https:\/\/www.googletagmanager.com https:\/\/js.go2sdk.com 'unsafe-inline'; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.vrr.de; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.cookiebot.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/*.google.com https:\/\/*.youtube.com https:\/\/*.facebook.net https:\/\/*.snapchat.com https:\/\/w.soundcloud.com https:\/\/*.flockler.com https:\/\/*.sc-static.net https:\/\/*.gstatic.com https:\/\/*.labs.sabio.de https:\/\/*.patty-awseuc1.swops.cloud https:\/\/mobilnrw.wvg-online.de https:\/\/*.clarity.ms https:\/\/cdn.jsdelivr.net 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/*.vrr.de https:\/\/invest-staging.vrr.de https:\/\/sbrr-staging.vrr.de https:\/\/nvp-staging.vrr.de https:\/\/*.vrr.test.webit.de http:\/\/imgsct.cookiebot.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.cdninstagram.com https:\/\/*.facebook.com https:\/\/connect.facebook.net https:\/\/*.xx.fbcdn.net https:\/\/media.licdn.com https:\/\/*.flockler.com https:\/\/i.ytimg.com https:\/\/img.youtube.com https:\/\/social-proxy.flocklr.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/osmap.vrr.de https:\/\/translate.google.com; base-uri 'none'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com blob: https:\/\/consentcdn.cookiebot.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.youtube.com\/ https:\/\/*.google.com\/ https:\/\/*.facebook.com https:\/\/*.snapchat.com https:\/\/w.soundcloud.com\/ https:\/\/*.patty-awseuc1.swops.cloud https:\/\/www.vrr.de https:\/\/umap.openstreetmap.de https:\/\/kontakt.vrr.de https:\/\/gateway.zscloud.net; object-src blob:; script-src-elem 'self' 'unsafe-inline' https:\/\/*.vrr.de https:\/\/*.cookiebot.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/mobilnrw.wvg-online.de https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.youtube.com https:\/\/*.facebook.net https:\/\/*.snapchat.com https:\/\/w.soundcloud.com https:\/\/*.flockler.com https:\/\/*.sc-static.net https:\/\/sc-static.net https:\/\/*.gstatic.com https:\/\/*.labs.sabio.de https:\/\/*.patty-awseuc1.swops.cloud https:\/\/*.clarity.ms https:\/\/cdn.jsdelivr.net 'report-sample'; style-src 'self' https:\/\/*.vrr.de 'unsafe-inline' 'report-sample'; style-src-elem 'self' 'unsafe-inline' https:\/\/*.vrr.de https:\/\/*.cookiebot.com https:\/\/cdn.jsdelivr.net https:\/\/www.gstatic.com 'report-sample'; font-src 'self' https:\/\/*.vrr.de data: https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/*.vrr.de https:\/\/consentcdn.cookiebot.com https:\/\/consent.cookiebot.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.google.com https:\/\/*.clarity.ms https:\/\/*.facebook.net https:\/\/*.facebook.com https:\/\/*.snapchat.com https:\/\/*.flockler.app https:\/\/*.patty-awseuc1.swops.cloud https:\/\/eezy.nrw https:\/\/chatbotbackend.wvg-online.de https:\/\/translate.googleapis.com; media-src 'self' https:\/\/*.vrr.de https:\/\/media-api.flockler.com https:\/\/dms.licdn.com; script-src-attr 'unsafe-inline' 'report-sample'; report-uri https:\/\/www.vrr.de\/@http-reporting?csp=report&requestTime=1778726836849848&requestHash=3ce4a821cd71c9c9842e0ff497b14799a78a5354","count":1},{"content-security-policy-report-only":" frame-ancestors https:\/\/*.facebook.com https:\/\/*.youtube.com https:\/\/*.cleverwebserver.com https:\/\/*.graphic.com.gh https:\/\/*.x.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-nspEyS1ILlxXxAum1uX9dw=='; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' https:\/\/kit.fontawesome.com https:\/\/ka-p.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdn.trustindex.io https:\/\/embed.typeform.com dev-hellowork.com *.dev-hellowork.com; img-src 'self' data: blob: https:\/\/www.google.bj https:\/\/www.google.cm https:\/\/fonts.gstatic.com https:\/\/www.google.tg https:\/\/www.googleadservices.com https:\/\/www.netreviews.eu c.clarity.ms lh3.googleusercontent.com phosphor.utils.elfsightcdn.com i.ytimg.com googleusercontent.com https:\/\/cdn.trustindex.io f.maformation.fr hellowork.com *.hellowork.com dev-hellowork.com *.dev-hellowork.com googletagmanager.com *.googletagmanager.com google.com *.google.com *.google.fr *.google.cm *.google.ie *.google.be *.google.co.uk *.google.co.id *.google.de *.google.it *.google.es *.google.nl *.google.ch googlesyndication.com *.googlesyndication.com cl.avis-verifies.com *.dmcdn.net linkedin.com *.linkedin.com *.bing.com *.facebook.com *.facebook.net *.smartadserver.com *.bidswitch.net *.doubleclick.net *.casalemedia.com *.criteo.com *.criteo.net id5-sync.com *.id5-sync.com *.360yield.com *.media.net *.mediavine.com *.postrelease.com *.outbrain.com *.pubmatic.com *.rubiconproject.com *.teads.tv *.tremorhub.com *.3lift.com *.yieldlab.net *.1rx.io *.demdex.net *.unrulymedia.com *.agkn.com *.taboola.com *.dmxleo.com joko-mobile-app-media.s3.eu-west-1.amazonaws.com *.tiktok.com analytics.tiktok.com https:\/\/googleads.g.doubleclick.net; font-src 'self' data: https:\/\/ka-p.fontawesome.com https:\/\/cdn.trustindex.io https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/ka-p.fontawesome.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/safesearchinc.com sslwidget.criteo.com *.clarity.ms hellowork.com *.hellowork.com dev-hellowork.com *.dev-hellowork.com hellowork-group.com *.hellowork-group.com https:\/\/infra-hellowork.com https:\/\/*.infra-hellowork.com infra-hellowork.com *.infra-hellowork.com regionsjob.com *.regionsjob.com https:\/\/www.google.com https:\/\/*.google.com https:\/\/*.google.com:443 google.com *.google.fr *.google.de *.google.it *.google.es *.google.nl *.google.be *.google.ch https:\/\/www.googleadservices.com https:\/\/*.googleadservices.com https:\/\/*.doubleclick.net googletagmanager.com *.googletagmanager.com googlesyndication.com *.googlesyndication.com googleadservices.com *.googleadservices.com abtasty.com *.abtasty.com aticdn.net *.aticdn.net bing.com *.bing.com linkedin.com *.linkedin.com facebook.com *.facebook.com *.tiktok.com analytics-ipv6.tiktokw.us *.skeepers.io *.doubleclick.net trustindex.io *.trustindex.io *.elfsight.com api.typeform.eu *.typeform.com https:\/\/googleads.g.doubleclick.net; frame-src https:\/\/form.typeform.* *.typeform.com *.typeform.eu cl.avis-verifies.com widget.trustpilot.com youtube-nocookie.com *.youtube-nocookie.com dailymotion.com *.dailymotion.com player.vimeo.com *.player.vimeo.com googletagmanager.com *.googletagmanager.com google.com *.google.com criteo.com *.criteo.com *.criteo.net *.doubleclick.net facebook.com *.facebook.com abtasty.com *.abtasty.com *.zscloud.net https:\/\/googleads.g.doubleclick.net; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/www.facebook.com; frame-ancestors 'none'; report-to csp-endpoint; report-uri \/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self' https: *.channel.io *.channel.app *.cdninstagram.com; font-src 'self' https: data:; img-src 'self' https: data: blob: https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com *.channel.io *.cdninstagram.com *.with.is; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.stripe.com https:\/\/connect.facebook.net https:\/\/platform.twitter.com https:\/\/cdn.jsdelivr.net https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com *.channel.io *.sentry-cdn.com https:\/\/static.ads-twitter.com https:\/\/js-agent.newrelic.com *.with.is; style-src 'self' https: 'unsafe-inline'; connect-src 'self' https:\/\/api.stripe.com https:\/\/analytics.twitter.com https:\/\/www.facebook.com https:\/\/support.with.is *.channel.io *.channel.app *.sentry.io wss:\/\/*.channel.io wss:\/\/*.desk-ws.channel.io wss:\/\/*.front-ws.channel.io https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.co.jp https:\/\/*.google.com wss:\/\/ntjp.mieru-ca.com https:\/\/bam.nr-data.net *.with.is; frame-src 'self' https:\/\/js.stripe.com https:\/\/www.facebook.com https:\/\/www.youtube.com https:\/\/cdn.d2-apps.net https:\/\/10252404.fls.doubleclick.net https:\/\/www.google.com https:\/\/with-1923.firebaseapp.com; report-uri \/csp-violation-report","count":1},{"content-security-policy-report-only":" script-src 'nonce-7ZuIYI3QpgXBAmB4JVAAHA==' 'self' 'unsafe-eval' cdn.orsted.com *.googletagmanager.com *.app.cookieinformation.com cdn.appdynamics.com *.googletagmanager.com *.gstatic.com *.googleoptimize.com www.googleadservices.com *.googleapis.com *.bing.com *.doubleclick.net *.t.co *.pardot.com *.youtube.com *.linkedin.com *.twitter.com *.globenewswire.com *.23video.com delivery.twentythree.com orsted.containers.piwik.pro orsted.piwik.pro *.crazyegg.com unpkg.com cs.lf-discover.com *.puzzel.com *.arcgis.com code.jquery.com *.lfeeder.com orsted-global-graduate-programme.simplecast.com omny.fm cdnjs.cloudflare.com *.bootstrapcdn.com *.defgo.com *.defgo.net *.vimeo.com presscloud.com *.ritzau.dk *.simplecast.com *.elnet.danskenergi.dk *.sli.do *.audioboom.com *.licdn.com *.adsrvr.org *.soundcloud.com *.google.com *.google.com.my *.google.nl *.google.dk *.facebook.net;       style-src 'nonce-7ZuIYI3QpgXBAmB4JVAAHA==' 'self' cdn.orsted.com fonts.googleapis.com;       style-src-attr 'unsafe-inline' cdn.orsted.com;       img-src 'self' data: cdn.orsted.com *.azureedge.net *.youtube.com *.23video.com delivery.twentythree.com www.googletagmanager.com *.lfeeder.com *.linkedin.com *.doubleclick.net *.pardot.com;       media-src 'self' blob: cdn.orsted.com *.youtube.com *.23video.com delivery.twentythree.com;       font-src 'self' data: fonts.gstatic.com cdn.orsted.com;       frame-src *.app.cookieinformation.com *.youtube.com *.23video.com delivery.twentythree.com *.google.com *.google.nl *.googletagmanager.com *.doubleclick.net *.pardot.com;       connect-src *.app.cookieinformation.com *.euroland.com *.eum-appdynamics.com *.googletagmanager.com *.google.com *.doubleclick.net *.googleadservices.com *.crazyegg.com *.linkedin.com orsted.piwik.pro *.pardot.com *.signalfx.com;       worker-src 'self';","count":1},{"content-security-policy-report-only":" font-src *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.staging-pbffinancecalculator.info *.pbffinancecalculator.info *.paybyfinance.co.uk *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com *.staging-pbffinancecalculator.info *.pbffinancecalculator.info *.paybyfinance.co.uk 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.googletagmanager.com\/ *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.staging-pbffinancecalculator.info *.pbffinancecalculator.info *.paybyfinance.co.uk c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.bing.com *.google-analytics.com *.googleadservices.com *.google.co.uk *.googletagmanager.com *.expressentry.melissadata.net *.paypalobjects.com *.ometria.services *.feefo.com *.adobedtm.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.ometria.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/firebasestorage.googleapis.com *.pbffinancecalculator.info cdn.shopify.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.bing.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com expressentry.melissadata.net *.paypalobjects.com *.ometria.services *.noibu.com https:\/\/www.noibu.com https:\/\/cdn.noibu.com *.facebook.net https:\/\/cdn.jsdelivr.net http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.dixa.io x.klarnacdn.net *.klarnaservices.com *.avada.io *.shopify.com *.staging-pbffinancecalculator.info *.pbffinancecalculator.info *.paybyfinance.co.uk https:\/\/api.ometria.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.ometria.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com fonts.googleapis.com *.stripe.network *.stripecdn.com *.amazon.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bing.com *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com maps.googleapis.com expressentry.melissadata.net *.paypalobjects.com *.ometria.services *.advancedcommerce.services *.algolia.net https:\/\/cdn.noibu.com wss:\/\/input.noibu.com https:\/\/input.noibu.com *.noibu.com *.facebook.net https:\/\/cdn.jsdelivr.net http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.dixa.io x.klarnacdn.net *.klarnaservices.com https:\/\/get.geojs.io *.avada.io *.staging-pbffinancecalculator.info *.pbffinancecalculator.info wss:\/\/*.staging-pbffinancecalculator.info wss:\/\/*.pbffinancecalculator.info *.paybyfinance.co.uk https:\/\/api.ometria.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.ometria.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src ws: wss: http: https: data: 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/app.cyberimpact.com\/csp-violation-report\/","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.modo.com.ar fonts.googleapis.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.gocuotas.com 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.mercadopago.com.ar mercadopago.com.ar *.getblue.io *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/mobbex.com *.gocuotas.com www.facebook.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.google.com.ar *.google.es *.google.com.uy *.mercadopago.com.ar *.modo.com.ar *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.mobbex.com *.gocuotas.com flagpedia.net blob: *.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.woowup.com *.hotjar.com *.pageimprove.io pageimprove.io *.getblue.io *.adidas.com *.modo.com.ar *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.mobbex.com *.gocuotas.com *.gstatic.com maps.googleapis.com cdn.ampproject.org www.gstatic.com connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms unpkg.com *.doubleclick.net https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com maxcdn.bootstrapcdn.com *.gstatic.com www.gstatic.com *.tagmanager.google.com *.googletagmanager.com https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.pangle-ads.com *.modo.com.ar *.google.com.ar *.google.com *.magerocket.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.mobbex.com *.gocuotas.com www.gstatic.com maps.googleapis.com cdn.ampproject.org www.googleapis.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.clarity.ms *.doubleclick.net *.run.app https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net *.brandinsight.tech *.bing.com *.taboola.com *.fullstory.com *.geocomply.com *.kameleoon.eu *.ads-twitter.com *.google-analytics.com *.kaizengaming.com *.jsdelivr.net *.kwai.net *.clarity.ms *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.sportradarserving.com *.pa4r.com res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co *.app.delivery *.betano.co *.betgenius.com *.cloudflare.com *.cloudflareinsights.com *.cookielaw.org *.creativecdn.com *.facebook.net *.gmlinteractive.com *.googletagmanager.com *.kameleoon.io *.lgrckt-in.com *.optimove.net *.sportradar.com *.tostarsbuilding.com; worker-src 'self' blob:; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=WW00EZdlD7_3RKDMUfZUnoTiPnDGMYzmWFn..ByJymE-1778727806.4481397-1.0.1.1-nX0gYiwywiGAHsU5QJGkuc3n9c24HDTZtoxvEwkYrONPwB6bvbUxIQGN8ECObRfbOEthl5vI1cRnHS7dKTwNRYrKi1BA9ONAJclBL8XN8Uof_iFiR0ZAjysKG1MLpyKJm_UA4FN3FpT91pTTD.Xa2UuwNf6zrZFChopCJyW1yxM2HGzWpiNLr_9ePj2jA8Y4; report-to cf-iucojlflrcqzucxr","count":1},{"content-security-policy-report-only":" default-src 'self'; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; frame-src 'self' https:; connect-src 'self' https:;","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'none'; script-src 'nonce-RqkMchGNoIAJLu0rB54pdQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' 'self' https:\/\/assets.puzzlefactory.com https: http:; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' https: data: blob:; img-src 'self' https: data: blob:; font-src 'self' https: data: blob:; frame-src 'self' https: blob:; connect-src 'self' https: wss: blob: http:\/\/localhost:6969; media-src 'self' https: data: blob:; worker-src 'self' blob:; manifest-src 'self' https:; form-action 'self'; frame-ancestors 'self'; report-uri \/csp-report; report-to csp;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net https:\/\/cdn.checkout.com *.bglobale.com *.global-e.com https:\/\/fonts.gstatic.com *.klarnacdn.net *.fontawesome.com *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.twitter.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com https:\/\/js.checkout.com *.klarna.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com sandbox.secure.checkout.visa.com secure.checkout.visa.com thm.visa.com sandbox.src.mastercard.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com *.bglobale.com *.global-e.com https:\/\/www.googletagmanager.com\/ js.mollie.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.youtube.com\/ *.googletagmanager.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.afd.co.uk https:\/\/images.unsplash.com *.brsrvr.com *.bloomreach.cloud sandbox.secure.checkout.visa.com secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com assets.secure.checkout.visa.com thm.visa.com *.bglobale.com *.global-e.com *.klarna.com *.klarnaevt.com *.klarnacdn.net http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: *.paypal.com *.cloudflare.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com www.google.com *.afd.co.uk *.jsdelivr.net https:\/\/maps.googleapis.com cdn.brcdn.com https:\/\/*.checkout.com *.klarnacdn.net *.online-metrix.net testflex.cybersource.com flex.cybersource.com x.klarnacdn.net sandbox.secure.checkout.visa.com secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com assets.secure.checkout.visa.com thm.visa.com sandbox.src.mastercard.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.bglobale.com *.global-e.com *.klarna.com *.klarnaservices.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.trackedlink.net cdn.jsdelivr.net *.exponea.com *.cookiepro.com *.mention-me.com *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com https:\/\/cdn.checkout.com *.bglobale.com *.global-e.com https:\/\/fonts.googleapis.com *.klarnacdn.net *.fontawesome.com unsafe-inline assets.braintreegateway.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io *.afd.co.uk https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.dxpapi.com https:\/\/js.checkout.com *.klarnaevt.com thm.visa.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.klarnauserservices.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.cloudflare.com *.twitter.com *.twimg.com *.googleadservices.com *.google-analytics.com *.sandbox.paypal.com *.paypalobjects.com *.trackedlink.net *.ampproject.org experiments-api.fabric-analytics.com *.exponea.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:;","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; img-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; script-src 'self' https:\/\/www.googletagmanager.com; connect-src 'self' https:","count":1},{"content-security-policy-report-only":" default-src none blob: data: gap:; script-src 'self' 'nonce-7FGR99SnoVxFbUtHJ3tdkBoAuo6H6H10JB42VtJUbmOYX5dQicFHWQ' 'strict-dynamic' https:\/\/www.utrecht.nl https:\/\/www.utrecht.nl.internal https:\/\/accept.utrecht.typocloud.nl data: https:\/\/virtuele-gemeente-assistent.nl https:\/\/siteimproveanalytics.com https:\/\/cdn-eu.readspeaker.com formulieren.digitaal.utrecht.nl stats.utrecht.nl 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/translate.google.com https:\/\/stats.utrecht.nl https:\/\/www.toegankelijkheidsverklaring.nl https:\/\/nieuwsbrieven.utrecht.nl https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com *.googleusercontent.com https:\/\/web.archive.org *.6006206.global.siteimproveanalytics.io https:\/\/6006206.global.siteimproveanalytics.io\/image.aspx https:\/\/www.utrecht.nl https:\/\/www.utrecht.nl.internal https:\/\/accept.utrecht.typocloud.nl https:\/\/*.siteimproveanalytics.io https:\/\/virtuele-gemeente-assistent.nl https:\/\/*.siteimproveanalytics.com; base-uri none; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https:\/\/kaarten.utrecht.onatlas.nl https:\/\/subsidie-checker.nl https:\/\/sdk.companywebcast.com https:\/\/infogram.com https:\/\/nieuwsbrieven.utrecht.nl *.google.com *.gu-geo.maps.arcgis.com https:\/\/infogram-download-eu.s3.eu-west-1.amazonaws.com https:\/\/app-eu.readspeaker.com https:\/\/sketchfab.com https:\/\/utrecht-kaarten-review-acc-skda4g.delta10-review.nl https:\/\/e.infogram.com https:\/\/vttts-eu.readspeaker.com https:\/\/www.utrecht.nl https:\/\/www.utrecht.nl.internal https:\/\/accept.utrecht.typocloud.nl https:\/\/www.youtube-nocookie.com; style-src-elem 'self' 'nonce-7FGR99SnoVxFbUtHJ3tdkBoAuo6H6H10JB42VtJUbmOYX5dQicFHWQ' https:\/\/formulieren.digitaal.utrecht.nl https:\/\/cdn-eu.readspeaker.com https:\/\/virtuele-gemeente-assistent.nl https:\/\/mijn.virtuele-gemeente-assistent.nl https:\/\/www.gstatic.com https:\/\/formulieren.digitaal.utrecht.nl\/static\/sdk\/open-forms-sdk.css https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com *.formulieren.digitaal.utrecht.nl *.mijn.virtuele-gemeente-assistent.nl *.virtuele-gemeente-assistent.nl https:\/\/virtuele-gemeente-assistent.nl\/static\/css\/widget-v25.3.1-base.css https:\/\/virtuele-gemeente-assistent.nl\/static\/css\/widget-v25.3.1-custom.css https:\/\/mijn.virtuele-gemeente-assistent.nl\/utrecht\/_styling https:\/\/cdn.honey.io\/css\/empty.css *.www.gstatic.com https:\/\/v.kcmg.nl\/surveyembedding\/assets\/css\/standard_controls_inline.css https:\/\/v.kcmg.nl\/surveyembedding\/assets\/css\/ng-survey.component.css https:\/\/v.kcmg.nl\/surveyembedding\/assets\/css\/bootstrapslider.css https:\/\/v.kcmg.nl\/surveyembedding\/assets\/css\/surveyjs-readded-csp-styles.css https:\/\/v.kcmg.nl https:\/\/v.kcmg.nl\/surveyembedding\/assets\/css\/surveyjs-defaultv2css@1.12.23\/defaultV2.fontless.min.css *.v.kcmg.nl https:\/\/v.kcmg.nl\/surveyembedding\/assets\/css\/survey.component.css https:\/\/openstad-cdn.nl 'sha256-JQEHXnSrj4DJZ2DOwDDXtfkDs5+y7\/1gFxshQP2KBoA=' https:\/\/*.utrecht.nl https:\/\/viewer.kcmg.nl 'report-sample'; connect-src 'self' https:\/\/public.pandosearch.com https:\/\/www.utrecht.nl wss:\/\/virtuele-gemeente-assistent.nl https:\/\/formulieren.digitaal.utrecht.nl *.google.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com blob: data: https:\/\/translate.googleapis.com https:\/\/mijn.virtuele-gemeente-assistent.nl https:\/\/api.kcmg.nl https:\/\/viewerapi.kcmg.nl\/StartSurvey https:\/\/viewerapi.kcmg.nl *.viewerapi.kcmg.nl https:\/\/api.utrecht.openstad.dev *.obi4wan.com *.readspeaker.com *.pandosearch.com https:\/\/stats.utrecht.nl https:\/\/chatapi.obi4wan.com\/api https:\/\/cloudstatic.obi4wan.com\/api https:\/\/virtuele-gemeente-assistent.nl wss:\/\/virtuele-gemeente-assistent.nl\/socket.io\/ wss:\/\/ws-eu.pusher.com\/app https:\/\/cdn-eu.readspeaker.com; font-src 'self' https:\/\/formulieren.digitaal.utrecht.nl https:\/\/www.utrecht.nl https:\/\/fonts.gstatic.com https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-brands-400.ttf https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-regular-400.woff https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-solid-900.woff https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-regular-400.ttf https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-regular-400.svg https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-brands-400.eot https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/Radnika-Medium.otf https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-solid-900.svg https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-solid-900.woff2 https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-regular-400.woff2 https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-solid-900.eot https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-solid-900.ttf https:\/\/v.kcmg.nl\/surveyembedding\/assets\/webfonts\/fa-brands-400.woff2 https:\/\/v.kcmg.nl *.v.kcmg.nl https:\/\/openstad-cdn.nl https:\/\/cdn.faceworks.nl data: https:\/\/cdn-eu.readspeaker.com; script-src-elem 'self' 'nonce-7FGR99SnoVxFbUtHJ3tdkBoAuo6H6H10JB42VtJUbmOYX5dQicFHWQ' https:\/\/stats.utrecht.nl https:\/\/formulieren.digitaal.utrecht.nl https:\/\/virtuele-gemeente-assistent.nl https:\/\/siteimproveanalytics.com https:\/\/e.infogram.com https:\/\/infogram.com 'strict-dynamic' https: 'unsafe-eval' blob: https:\/\/www.utrecht.nl https:\/\/formulieren.digitaal.utrecht.nl\/static\/sdk\/open-forms-sdk.js *.virtuele-gemeente-assistent.nl https:\/\/www.utrecht.nl\/templates\/js\/wijkvoorkeuren-wijzigen.js https:\/\/www.utrecht.nl\/templates\/js\/eventtracking.js *.www.utrecht.nl https:\/\/www.utrecht.nl\/fileadmin\/open-forms.js https:\/\/virtuele-gemeente-assistent.nl\/static\/js\/widget.js *.formulieren.digitaal.utrecht.nl https:\/\/www.utrecht.nl.internal https:\/\/accept.utrecht.typocloud.nl data: https:\/\/cdn-eu.readspeaker.com formulieren.digitaal.utrecht.nl stats.utrecht.nl https:\/\/viewer.kcmg.nl 'report-sample'; worker-src 'self' 'nonce-7FGR99SnoVxFbUtHJ3tdkBoAuo6H6H10JB42VtJUbmOYX5dQicFHWQ' blob:; style-src none blob: data: gap: 'self' *.obi4wan.com *.readspeaker.com https:\/\/www.utrecht.nl https:\/\/www.utrecht.nl.internal https:\/\/accept.utrecht.typocloud.nl https:\/\/redactie-acceptatie.utrecht.nl https:\/\/virtuele-gemeente-assistent.nl https:\/\/mijn.virtuele-gemeente-assistent.nl https:\/\/cdn-eu.readspeaker.com formulieren.digitaal.utrecht.nl 'report-sample'; form-action 'self' https:\/\/action.spike.email https:\/\/app-eu.readspeaker.com; media-src none blob: data: gap: https:\/\/app-eu.readspeaker.com https:\/\/cdn-eu.readspeaker.com https:\/\/vttts-eu.readspeaker.com; object-src none; report-uri https:\/\/www.utrecht.nl\/@http-reporting?csp=report&requestTime=1778722355704531&requestHash=1019a85c25c9846036f1441bd14cb870c51adb69","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.typo3.com https:\/\/*.typo3.org https:\/\/*.typo3.community; script-src 'self' 'nonce-6MxE7XRhngXgvbfNj8-4bnBtlZAYHuktOPtA8-eoGpuf-SGE7OuopA' https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/*.typo3.com https:\/\/*.typo3.org https:\/\/*.typo3.community https:\/\/*.usercentrics.eu https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/*.googleusercontent.com https:\/\/www.google.com https:\/\/www.google.de https:\/\/my.typo3.org https:\/\/translate.google.com https:\/\/fonts.gstatic.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/ https:\/\/*.usercentrics.eu https:\/\/open.spotify.com https:\/\/*.google.com; style-src-elem 'self' 'nonce-6MxE7XRhngXgvbfNj8-4bnBtlZAYHuktOPtA8-eoGpuf-SGE7OuopA' https:\/\/*.usercentrics.eu https:\/\/fonts.googleapis.com 'sha256-47DEQpj8HBSa+\/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-qpPKhzMFkMiirjWjPurV6cjuOjQ9FoLd7uN4fNsVRgo=' 'sha256-TRl8JAZebd3YtH6TZcu8kfonvqVF+OKsaGJ0G7U307g=' 'sha256-gSkVI6xXOH1kRz+tSaq\/SWXkzrcr2osWi5gG30rvWHo=' 'sha256-\/RjbedBQLIFCuvmQMF8SoKFxKnlqZ5KhkPT3IrJDW44=' 'report-sample'; script-src-elem 'self' 'nonce-6MxE7XRhngXgvbfNj8-4bnBtlZAYHuktOPtA8-eoGpuf-SGE7OuopA' https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/cdn.typo3.com\/ https:\/\/*.usercentrics.eu https:\/\/*.googletagmanager.com https:\/\/app.mailjet.com https:\/\/open.spotify.com\/embed https:\/\/*.embed-cdn.spotifycdn.com https:\/\/maps.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com blob: 'sha256-X1DZ06RTPik7itxvM8C+isx9eTyVr\/S32SPzKSvPwC8=' 'sha256-7nyb6QYODe8q9C2KMh5zaMIAolsyBx8bbjhwwClxvnc=' 'report-sample'; font-src 'self' https:\/\/*.typo3.com https:\/\/*.typo3.org https:\/\/*.typo3.community https:\/\/fonts.gstatic.com data: moz-extension:; connect-src 'self' https:\/\/*.typo3.com https:\/\/*.typo3.org https:\/\/*.typo3.community https:\/\/*.usercentrics.eu https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/*.google-analytics.com https:\/\/maps.googleapis.com https:\/\/*.gstatic.com data: blob:; report-uri https:\/\/typo3.com\/@http-reporting?csp=report&requestTime=1778723690103136&requestHash=1398fc3173f19a02d2009923965bbbe0f4f31b2c","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' ajax.aspnetcdn.com *.plexonline.com *.plexus-online.com *.plex.com web-sdk.aptrinsic.com; style-src 'report-sample' 'self' data: 'unsafe-inline' ajax.aspnetcdn.com *.plexonline.com *.plexus-online.com *.plex.com web-sdk.aptrinsic.com; img-src 'self' data: ajax.aspnetcdn.com *.plexonline.com *.plexus-online.com www.gstatic.com 127.0.0.1:18623 *.plex.com; font-src 'self' *.plex.com data: *.plexus-online.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.plexonline.com at.alicdn.com use.typekit.net; connect-src 'self' web-sdk.aptrinsic.com esp.aptrinsic.com *.plex.com pcn-move.plexdev.io cdnma.cdnservice.space cdnma.global-cache.online cdnmb.global-cache.online 127.0.0.1:18623 js.authorize.net tablet.sigwebtablet.com:47290; media-src 'self' *.plex.com; object-src 'self'; child-src 'self'; frame-src 'self'; worker-src 'self'; frame-ancestors 'self' www.plexonline.com www.plexus-online.com; form-action 'self' *.plexus-online.com *.plexonline.com *.plex.com; base-uri 'self'; manifest-src 'self'; script-src-elem 'self' 'unsafe-inline' web-sdk.aptrinsic.com www.gstatic.com *.plexonline.com *.plex.com js.authorize.net jstest.authorize.net *.google-analytics.com www.pagespeed-mod.com *.plexus-online.com www.gstatic.com; style-src-elem 'unsafe-inline' *.plexonline.com web-sdk.aptrinsic.com www.gstatic.com maxcdn.bootstrapcdn.com *.plex.com *.plexus-online.com; report-uri https:\/\/csp.security.plex.com\/csp\/reporting","count":1},{"content-security-policy-report-only":" default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.ambitojuridico.com www.googletagmanager.com www.google.com code.jquery.com  static.addtoany.com  pautas.legis.com.co prepautas.legis.com.co  js-agent.newrelic.com lablegis.azurewebsites.net js-agent.newrelic.com  use.fontawesome.com www.gstatic.com www.google-analytics.com static.hotjar.com cdn.mouseflow.com snap.licdn.com js.hs-scripts.com connect.facebook.net legislab.legis.com.co www.googleadservices.com crested-timer-310514-default-rtdb.firebaseio.com script.hotjar.com js.hsleadflows.net js.hs-analytics.net js.hscollectedforms.net js.hs-banner.com platform.twitter.com stackpath.bootstrapcdn.com td.doubleclick.net legislab.azurewebsites.net  *.youtube.com legislab.azurewebsites.net lablegis.azurewebsites.net data: www.datos.gov.co cdn.jsdelivr.net www.instagram.com www.facebook.com; object-src 'self'; style-src 'self' 'unsafe-inline'  'unsafe-eval' https:\/\/www.ambitojuridico.com https:\/\/ambitojuridico.com use.fontawesome.com lablegis.azurewebsites.net legislab.legis.com.co www.googletagmanager.com www.google.com code.jquery.com  static.addtoany.com  pautas.legis.com.co prepautas.legis.com.co  js-agent.newrelic.com lablegis.azurewebsites.net js-agent.newrelic.com  use.fontawesome.com www.gstatic.com www.google-analytics.com static.hotjar.com cdn.mouseflow.com snap.licdn.com js.hs-scripts.com connect.facebook.net legislab.legis.com.co www.googleadservices.com crested-timer-310514-default-rtdb.firebaseio.com script.hotjar.com js.hsleadflows.net js.hs-analytics.net js.hscollectedforms.net js.hs-banner.com platform.twitter.com stackpath.bootstrapcdn.com td.doubleclick.net legislab.azurewebsites.net *.youtube.com legislab.azurewebsites.net lablegis.azurewebsites.net data: www.datos.gov.co cdn.jsdelivr.net fonts.googleapis.com; img-src 'self' blob:  https:\/\/www.ambitojuridico.com cdn2.iconfinder.com is1-ssl.mzstatic.com lh3.googleusercontent.com cdn3.iconfinder.com lablegis.azurewebsites.net px.ads.linkedin.com www.facebook.com googleads.g.doubleclick.net www.linkedin.com track.hubspot.com forms.hsforms.com www.google.com.co data: www.google.com www.google-analytics.com pautas.legis.com.co www.ambitojuridico.com www.googletagmanager.com prepautas.legis.com.co legislab.azurewebsites.net lablegis.azurewebsites.net www.datos.gov.co cdn.jsdelivr.net ambitojuridico.com; media-src 'self'; frame-src 'self' https:\/\/www.ambitojuridico.com static.addtoany.com widget.spreaker.com www.googletagmanager.com platform.twitter.com *.youtube.com es.surveymonkey.com https:\/\/www.facebook.com\/ td.doubleclick.net legislab.azurewebsites.net lablegis.azurewebsites.net www.datos.gov.co cdn.jsdelivr.net https:\/\/formulariocontactenos.legis.com.co; frame-ancestors 'self' https:\/\/silvia.legis.co https:\/\/prd-silvia-front.azurewebsites.net https:\/\/prd-silvia-services.azurewebsites.net https:\/\/presilvia.legis.com.co:444 https:\/\/presilvia.legis.com.co https:\/\/prebacksilviacp.legis.com.co https:\/\/pregestionhumana.legis.com.co https:\/\/www.gestionhumana.com presilvia.legis.com.co:444 https:\/\/presilviacp.legis.com.co; child-src 'self'; font-src 'self' https:\/\/www.ambitojuridico.com use.fontawesome.com lablegis.azurewebsites.net stackpath.bootstrapcdn.com legislab.azurewebsites.net lablegis.azurewebsites.net data: www.datos.gov.co cdn.jsdelivr.net fonts.gstatic.com https:\/\/presilvia.legis.com.co:444 https:\/\/presilvia.legis.com.co https:\/\/prebacksilviacp.legis.com.co ; connect-src 'self' https:\/\/www.ambitojuridico.com lablegis.azurewebsites.net pautas.legis.com.co bam.nr-data.net www.google.com analytics.google.com www.google-analytics.com px.ads.linkedin.com forms.hscollectedforms.net www.google.com forms.hubspot.com prepautas.legis.com.co legislab.legis.com.co www.google.com stats.g.doubleclick.net www.facebook.com legislab.azurewebsites.net lablegis.azurewebsites.net data: www.datos.gov.co cdn.jsdelivr.net vc.hotjar.io wss:; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; frame-src 'self' https:; frame-ancestors 'self'; font-src 'self' data: https:; connect-src 'self' https:; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/cdn.levelaccess.net https:\/\/cdn.segment.com https:\/\/js-agent.newrelic.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/static.khealth.com https:\/\/static.legitscript.com; style-src 'self'; object-src 'none'; base-uri 'self'; img-src 'self' data: https:\/\/static.legitscript.com; font-src 'self'; connect-src 'self' https:\/\/cdn.levelaccess.net https:\/\/api.segment.io https:\/\/bam.nr-data.net https:\/\/cdn.segment.com; frame-src 'none'; manifest-src 'self'; media-src 'self'; worker-src 'self'; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" font-src https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com https:\/\/*.gopersonal.ai *.yotpo.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com https:\/\/plumrocket.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ https:\/\/*.gopersonal.ai https:\/\/plumrocket.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com validator.swagger.io *.gstatic.com https:\/\/*.gopersonal.ai *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ tagmanager.google.com https:\/\/www.googletagmanager.com https:\/\/assets.emarsys.net https:\/\/cdn.scarabresearch.com https:\/\/*.gopersonal.ai https:\/\/*.gstatic.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com https:\/\/production-tailoy-repo-magento-statics.s3.us-east-2.amazonaws.com https:\/\/*.gopersonal.ai *.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com https:\/\/www.google-analytics.com https:\/\/recommender.scarabresearch.com https:\/\/*.gopersonal.ai https:\/\/*.goshops.ai https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval' cdn2.hubspot.net *.hubspot.com *.hubspotusercontent10.net js.hscollectedforms.net js.hsleadflows.net js.hs-scripts.com js.hsadspixel.net js.hs-analytics.net js.hs-banner.com js.hs-banner.net *.hsforms.net *.hsforms.com static.hsappstatic.net js.hubspotfeedback.com feedback.hubapi.com js.usemessages.com *.vidyard.com cdnjs.cloudflare.com cdnjs.cloudflare.com 10921146.fls.doubleclick.net plausible.io *.hotjar.com *.hotjar.io *.qualified.com bttrack.com *.googletagmanager.com *.force.com *.thycotic.com *.centrify.com *.bidr.io *.rlcdn.cm t.co *.twitter.com burly.io *.clickagy.com *.doubleclck.net *.zoominfo.com lltrck.com facebook.com *.facebook.net *.redditstatic.com *.linkedin.com *.licdn.com *.demandbase.com *.zoominfo.com 'strict-dynamic' 'nonce-p4T3pA+da\/5MpynAkuoaBQ=='","count":1},{"content-security-policy-report-only":" font-src *.oct8ne.com *.salesforce-sites.com *.lightning.force.com fonts.gstatic.com *.azureedge.net *.doofinder.com *.typekit.net *.googleapis.com data: 'self' 'unsafe-inline'; frame-ancestors *.storyblok.com 'self'; style-src *.doofinder.com assets.braintreegateway.com *.salesforce-sites.com *.lightning.force.com *.photoslurp.com *.nosto.com *.klaviyo.com *.typekit.net *.storyblok.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.salesforce-sites.com *.lightning.force.com *.storyblok.com *.zdassets.com *.doofinder.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; form-action https:\/\/www.facebook.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; img-src https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.facebook.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com https:\/\/images.unsplash.com *.doofinder.com *.oct8ne.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.salesforce-sites.com *.lightning.force.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.facebook.com *.google.com *.google.es widgets.trustedshops.com *.twitter.com t.co *.azureedge.net *.pinterest.com *.bing.com *.storyblok.com www.googletagmanager.com data: 'self' 'unsafe-inline'; frame-src https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.facebook.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.oct8ne.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.salesforce-sites.com *.lightning.force.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.hotjar.com *.pinterest.com *.doofinder.com *.empathybroker.com *.empathy.co *.criteo.com www.googletagmanager.com 'self' 'unsafe-inline'; script-src https:\/\/analytics.tiktok.com\/ https:\/\/ui.swogo.net\/ https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com *.doofinder.com *.oct8ne.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.salesforce-sites.com *.lightning.force.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com www.googletagmanager.com *.googleoptimize.com widgets.trustedshops.com static-eu.oct8ne.com static.zdassets.com *.facebook.net *.tradedoubler.com *.doubleclick.net *.hotjar.com *.ads-twitter.com smct.co *.bsmartdata.com *.retargeted.co *.bing.com *.clarity.ms *.smartsuppcdn.com *.smartsuppchat.com *.smartsupp.com *.connectif.cloud *.klaviyo.com *.photoslurp.com *.pinimg.com *.nosto.com *.empathybroker.com *.unpkg.com *.storyblok.com 'self' 'unsafe-inline' 'unsafe-eval'; connect-src https:\/\/analytics.tiktok.com\/ https:\/\/tracking.swogo.net\/ https:\/\/api.swogo.net\/ https:\/\/api.trustedshops.com\/ https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.facebook.com https:\/\/connect.facebook.net www.google-analytics.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.doofinder.com wss:\/\/*.doofinder.com *.oct8ne.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.salesforce-sites.com *.lightning.force.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.zendesk.com *.zopim.com *.doubleclick.net *.hotjar.com *.hotjar.io *.clarity.ms *.smartsuppcdn.com *.googleapis.com *.gstatic.com *.google-analytics.com *.google.es *.connectif.cloud *.klaviyo.com *.photoslurp.com *.zdassets.com *.pinterest.com *.nosto.com *.empathybroker.com *.empathy.co www.googletagmanager.com 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src *; script-src data: http: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: 'unsafe-inline' https: *.bootstrapcdn.com; img-src * 'self' data: blob:; font-src *; connect-src https:; media-src *; object-src 'none'; frame-src *; report-uri https:\/\/www.hsag.com\/_csp;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'nonce-'; base-uri 'none'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.mxpnl.com www.googletagmanager.com cdn.cookiehub.eu www.google-analytics.com cdnjs.cloudflare.com cdn-4.convertexperiments.com www.convert.com leadbooster-chat.pipedrive.com cdn.pdx-1.pipedriveassets.com public.our-trace.com googleads.g.doubleclick.net snap.licdn.com bat.bing.com tracking-api.g2.com; style-src 'self' 'unsafe-inline' www.convert.com cookiehub.net cdn.cookiehub.eu; img-src 'self' data: blob: www.w3.org public.our-trace.com leadbooster-chat.pipedrive.com px.ads.linkedin.com bat.bing.com www.googletagmanager.com www.google.com www.google.com.au; frame-src 'self' www.googletagmanager.com; child-src 'none'; font-src 'self' data: cdn.pdx-1.pipedriveassets.com; connect-src 'self' cdn-4.convertexperiments.com api.our-trace.com pagead2.googlesyndication.com leadbooster-chat.pipedrive.com www.google.com px.ads.linkedin.com api-js.mixpanel.com www.google-analytics.com consent.cookiehub.net snap.licdn.com bat.bing.com tracking-api.g2.com googleads.g.doubleclick.net; manifest-src 'self'; media-src 'self'; object-src 'none';","count":1},{"content-security-policy-report-only":" default-src 'none'; base-uri 'self'; child-src 'self' blob:; connect-src 'self' bam.nr-data.net links.services.disqus.com cdn.cookielaw.org api.segment.io *.mapbox.com *.mux.com analytics.google.com www.google-analytics.com geolocation.onetrust.com wss: bat.bing.com *.clarity.ms wahoofitness-us.attn.tv wahoofitness.attn.tv events.attentivemobile.com stats.g.doubleclick.net region1.analytics.google.com www.google.com privacyportal.onetrust.com api.rudderstack.com vc.hotjar.io region1.google-analytics.com www.google.cz www.google.au cdn.segment.com fonts.googleapis.com cdn.wahooligan.com www.google.no *.wahooligan.com; font-src 'self' cdn.wahooligan.com fonts.gstatic.com moz-extension data:; form-action 'self' www.wahooligan.com *.wahoofitness.com wahoofitness.zendesk.com api.wahooligan.com www.facebook.com bat.bing.com n.clarity.ms analytics.google.com wahoofitness.centercode.com api.wahooligan.com\/oauth\/authorize api.staging.wahooligan.com\/oauth\/authorize *.wahooligan.com; frame-ancestors 'self' *.zendesk.com *.wahooligan.com *.wahoofitness.com; frame-src 'self' disqus.com metabase.wahooligan.com www.youtube-nocookie.com js.stripe.com www.googletagmanager.com td.doubleclick.net www.facebook.com; img-src * data: blob:; media-src blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.wahooligan.com www.google-analytics.com api.tiles.mapbox.com code.jquery.com cdn.segment.com cdnjs.cloudflare.com js.stripe.com js-agent.newrelic.com bam.nr-data.net bam.nr-data.com *.zendesk.com static.zdassets.com cdn.cookielaw.org c.disquscdn.com optanon.blob.core.windows.net www.gstatic.com www.googletagmanager.com cdn.rudderlabs.com data: *.wahooligan.com; script-src-elem 'self' 'unsafe-inline' cdn.wahooligan.com code.jquery.online code.jquery.com cdn.cookielaw.org cdn.segment.com bam.nr-data.com bam.nr-data.net www.googletagmanager.com js-agent.newrelic.com optanon.blob.core.windows.net assets.zendesk.com static.zdassets.com www.google-analytics.com api.tiles.mapbox.com cdnjs.cloudflare.com geolocation.onetrust.com www.gstatic.com js.stripe.com cdn.rudderlabs.com cdn.attn.tv *.zendesk.com www.clarity.ms script.hotjar.com static.hotjar.com resources.xg4ken.com googleads.g.doubleclick.net bat.bing.com connect.facebook.net n.clarity.ms analytics.google.com *.wahooligan.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com cdn.cookielaw.org fonts.googleapis.com api.tiles.mapbox.com cdn.wahooligan.com c.disquscdn.com www.gstatic.com; style-src-elem 'self' 'unsafe-inline' cdn.wahooligan.com cdn.cookielaw.org assets.zendesk.com api.tiles.mapbox.com fonts.googleapis.com www.gstatic.com connect.facebook.net cdnjs.cloudflare.com; report-uri https:\/\/www.wahooligan.com\/csp_reports","count":1},{"content-security-policy-report-only":" default-src 'none'; report-uri \/api\/sec-csp\/110000764\/report","count":1},{"content-security-policy-report-only":" default-src 'self' *.apsiyon.com; style-src 'self' 'unsafe-inline' analytics.tiktok.com analytics.tiktok.com\/api\/v2\/monitor cdn.apsiyon.com cdnjs.cloudflare.com translate.googleapis.com fonts.googleapis.com *.apsiyon.com wchat.freshchat.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.apsiyon.com www.google.com www.clarity.ms cdn.apsiyon.com analytics.tiktok.com analytics.tiktok.com\/api\/v2\/monitor www.analytics.tiktok.com\/api\/v2\/monitor connect.facebook.net www.googledservices.com www.googleadservices.com code.jquery.com cdn.jsdelivr.net maps.googleapis.com www.googletagmanager.com  www.google-analytics.com googleads.g.doubleclick.net cdn.taboola.com trc.taboola.com  www.gstatic.com wchat.freshchat.com  snap.licdn.com; frame-src 'self' www.googletagmanager.com www.googleadservices.com connect.facebook.net web.facebook.com *.apsiyon.com m.facebook.com  www.google.ro www.youtube.com youtube.com httpsapsiyoncom.webpush.freshchat.com www.google.com bid.g.doubleclick.net wchat.freshchat.com www.facebook.com analytics.tiktok.com analytics.tiktok.com\/api\/v2\/monitor; img-src data: * ; connect-src 'self' 'unsafe-inline' localhost:51192 analytics.tiktok.com analytics.tiktok.com\/api\/v2\/monitor www.google.bg www.google.li www.google.com.bd www.google.ro www.google.com.hk www.google.co.jp www.google.tm www.google.ps www.google.pl www.google.ba www.google.co.za www.google.cz www.google.md www.google.com.ua www.google.com.qa www.google.ba www.google.com.et www.google.jo www.google.hu www.google.ph stats.g.doubleclick.net www.google.at www.google.com.cy www.google.nl www.google.kz www.google.co.in www.google.com.sa www.google.es www.google.kg  www.google.co.id www.google.dk www.google.com.kw www.google.co.kr www.google.cn www.google.co.th www.google.co.uz www.google.co.uk www.google.ae www.google.ch www.google.az www.google.lu www.google.it www.google.com.pk www.google.be www.google.fi www.google.no www.google.sn www.bing.com www.google.se www.google.iq www.google.ie www.google.fr www.googleanalytics.com www.google.de www.google.ru *.taboola.com www.google.co.il  www.facebook.com  www.google.com.tr *.clarity.ms  *.apsiyon.com  analytics.google.com www.google-analytics.com; font-src 'self' data: fonts.googleapis.com use.fontawesome.com themes.googleusercontent.com *.apsiyon.com themes.googleusercontent.com static3.avast.com cdnjs.cloudflare.com fonts.gstatic.com;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-attr 'self'; base-uri 'self'; frame-ancestors 'self' https:","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.es https:\/\/www.myheritage.es  'unsafe-eval' 'nonce-2f4c113823b7344935a41f9c503b4440' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.es https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.fr https:\/\/www.myheritage.fr  'unsafe-eval' 'nonce-b4dcb9a5d57ba99c48d9f38d4a82f99f' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.fr https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.dm.hr https:\/\/mpsnare.iesnare.com https:\/\/omt.dm.hr https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.dm.hr https:\/\/www.google.com https:\/\/www.gstatic.com; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.dm.hr https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.dm.hr https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.dm.hr https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.dm.hr https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.dm.hr; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.dm.hr https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.dm.hr https:\/\/app.datadoghq.eu https:\/\/checkout.dm.hr https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.dm.hr https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.dm.hr https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.dm.hr https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.dm.hr https:\/\/player.podigee-cdn.net https:\/\/sandbox.om.dm.hr https:\/\/signin.dm.hr https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.dm.hr; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":1},{"content-security-policy-report-only":" font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com https:\/\/static.dhlecommerce.nl https:\/\/fonts.gstatic.com *.fontawesome.com * data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.googlesyndication.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com https:\/\/www.paypal.com https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io js.mollie.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com https:\/\/portal.payconiq.com https:\/\/static.buckaroo.nl https:\/\/www.paypalobjects.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/www.mollie.com * data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net https:\/\/static.buckaroo.nl https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/buckaroo.nl https:\/\/www.paypal.com https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io https:\/\/static.dhlecommerce.nl js.mollie.com * 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/static.dhlecommerce.nl https:\/\/maps.googleapis.com https:\/\/fonts.googleapis.com *.fontawesome.com * 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com * 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com wss:\/\/websocketservice-externalapi.prod.buckaroo.io https:\/\/static.buckaroo.nl wss:\/\/websockets.buckaroo.io\/ https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io https:\/\/applepay.buckaroo.io https:\/\/www.paypal.com https:\/\/api-gw.dhlparcel.nl https:\/\/static.dhlecommerce.nl * 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' https:\/\/*.csidetm.com https:\/\/*.csidefd.com https:\/\/simonwijckmans.com https:\/\/*.simonwijckmans.com; style-src 'self' 'unsafe-inline'; connect-src 'self' https:; img-src 'self' data: https:; font-src 'self' data:; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google.com; report-uri https:\/\/proxy.csidetm.com\/csp; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src https:\/\/*.hotjar.com https:\/\/*.fontawesome.com maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' 'unsafe-inline'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googletagmanager.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com sandbox.secure.checkout.visa.com secure.checkout.visa.com thm.visa.com sandbox.src.mastercard.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com business.facebook.com landofcoder.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com api-static.mercadopago.com *.doubleclick.net http:\/\/*.twitter.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com www.gstatic.com sandbox.secure.checkout.visa.com secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com assets.secure.checkout.visa.com thm.visa.com https:\/\/facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/*.paypal.com *.sandbox.paypal.com https:\/\/*.paypalobjects.com https:\/\/assets.adobedtm.com https:\/\/amcglobal.sc.omtrdc.net https:\/\/dpm.demdex.net https:\/\/cm.everesttech.net https:\/\/*.adobe.com https:\/\/widgets.magentocommerce.com https:\/\/t.paypal.com https:\/\/fpdbs.paypal.com https:\/\/fpdbs.sandbox.paypal.com https:\/\/*.ftcdn.net https:\/\/*.behance.net https:\/\/*.vimeocdn.com https:\/\/i.ytimg.com https:\/\/d3sbl0c71oxeok.cloudfront.net https:\/\/dhkkzdfmpzvap.cloudfront.net https:\/\/d2bpzs5y44q6e0.cloudfront.net https:\/\/d37shgu97oizpd.cloudfront.net https:\/\/d1zlqll3enr74n.cloudfront.net https:\/\/d1jynp0fpwn93a.cloudfront.net https:\/\/d2cb3tokgpwh3v.cloudfront.net https:\/\/d1re8bfxx3pw6e.cloudfront.net https:\/\/d35u8xwkxs8vpe.cloudfront.net https:\/\/d13s9xffygp5o.cloudfront.net https:\/\/d388nbw0dwi1jm.cloudfront.net https:\/\/d11p2vtu3dppaw.cloudfront.net https:\/\/d3r89hiip86hka.cloudfront.net https:\/\/dc7snq0c8ipyk.cloudfront.net https:\/\/d5c7kvljggzso.cloudfront.net https:\/\/d2h8yg3ypfzua1.cloudfront.net https:\/\/d1b556x7apj5fb.cloudfront.net https:\/\/draz1ib3z71v2.cloudfront.net https:\/\/dr6hdp4s5yzfc.cloudfront.net https:\/\/d2bomicxw8p7ii.cloudfront.net https:\/\/d3aypcdgvjnnam.cloudfront.net https:\/\/d2a3iuf10348gy.cloudfront.net https:\/\/*.ssl-images-amazon.com https:\/\/*.ssl-images-amazon.co.uk https:\/\/*.ssl-images-amazon.co.jp https:\/\/*.ssl-images-amazon.it https:\/\/*.ssl-images-amazon.fr https:\/\/*.ssl-images-amazon.es https:\/\/*.ssl-images-amazon.de https:\/\/*.media-amazon.com https:\/\/*.media-amazon.co.uk https:\/\/*.media-amazon.co.jp https:\/\/*.media-amazon.it https:\/\/*.media-amazon.fr https:\/\/*.media-amazon.es https:\/\/*.media-amazon.de https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/graph.facebook.com https:\/\/business.facebook.com https:\/\/sandbox.secure.checkout.visa.com https:\/\/secure.checkout.visa.com https:\/\/sandbox-assets.secure.checkout.visa.com https:\/\/assets.secure.checkout.visa.com https:\/\/thm.visa.com https:\/\/cdn.aplazo.mx https:\/\/*.mercadopago.com https:\/\/*.mercadolivre.com https:\/\/*.mercadolibre.com https:\/\/*.mercadolibre.com.br https:\/\/*.mercadopago.com.br https:\/\/*.mlstatic.com https:\/\/*.mercadolivre.com.br https:\/\/*.mercadolibre.com.mx https:\/\/*.mercadolibre.com.ar https:\/\/*.mercadopago.com.mx https:\/\/b.stats.paypal.com https:\/\/dub.stats.paypal.com https:\/\/assets.braintreegateway.com https:\/\/c.paypal.com https:\/\/checkout.paypal.com https:\/\/*.sandbox.paypal.com https:\/\/*.yotpo.com https:\/\/*.steren.com.mx https:\/\/*.ocularsolution.com https:\/\/0.s3.envato.com https:\/\/*.hsforms.com https:\/\/*.hubspot.com\/ https:\/\/bat.bing.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googletagmanager.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net sandbox.secure.checkout.visa.com secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com assets.secure.checkout.visa.com thm.visa.com sandbox.src.mastercard.com songbirdstag.cardinalcommerce.com business.facebook.com landofcoder.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com *.bootstrapcdn.com https:\/\/*.hotjar.com https:\/\/*.fontawesome.com https:\/\/*.ocularsolution.com https:\/\/diffuser-cdn.app-us1.com https:\/\/*.liveperson.net https:\/\/*.omappapi.com http:\/\/js-na1.hs-scripts.com https:\/\/prism.app-us1.com http:\/\/*.twitter.com https:\/\/*.googleapis.com https:\/\/static.cloudflareinsights.com https:\/\/analytics.tiktok.com https:\/\/googleads.g.doubleclick.net https:\/\/calidad.steren.com.mx https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com maxcdn.bootstrapcdn.com cdn.jsdelivr.net https:\/\/*.hotjar.com https:\/\/*.fontawesome.com https:\/\/use.fontawesome.com https:\/\/*.omappapi.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com thm.visa.com business.facebook.com landofcoder.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/*.ocularsolution.com https:\/\/*.googleapis.com https:\/\/*.omappapi.com https:\/\/*.hubspot.com https:\/\/*.hscollectedforms.net https:\/\/bat.bing.com https:\/\/analytics.google.com https:\/\/analytics.tiktok.com *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.bunny.net *.cloudflare.com *.cookiebot.com fonts.gstatic.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.feedaty.com https:\/\/firebasestorage.googleapis.com *.gumlet.io *.cookiebot.com *.google.it stileo.it *.adnxs.com *.sharethrough.com *.doubleclick.net *.bidswitch.net *.smartadserver.com *.taboola.com *.omnitagjs.com *.casalemedia.com *.criteo.com *.media.net *.mediavine. *.postrelease.com *.outbrain.com *.pubmatic.com *.rubiconproject.com *.teads.tv *.tremorhub.com *.ivitrack.com *.3lift.com *.yieldlab.net ad.360yield.com id5-sync.com sync.1rx.io sync-criteo.ads.yieldmo.com *.emxdgt.com *.servenobid.com *.unrulymedia.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.gstatic.com pay.google.com google.com\/pay ecomms2s.sella.it sandbox.gestpay.net img.riskified.com *.gstatic.com *.facebook.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/unpkg.com *.feedaty.com *.avada.io *.shopify.com https:\/\/widget.feedaty.com https:\/\/insights.algolia.io *.cookiebot.com *.dwin1.com *.criteo.com glamipixel.com *.cookieless-data.com *.cloudfront.net *.datnova.com *.sddan.com fonts.googleapis.com consent.cookiebot.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.google.com www.gstatic.com beacon.riskified.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.feedaty.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/widget.feedaty.com *.cloudflare.com *.cookiebot.com fonts.googleapis.com unsafe-inline assets.braintreegateway.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.algolia.net *.algolia.com *.algolianet.com insights.algolia.io *.feedaty.com https:\/\/get.geojs.io *.avada.io https:\/\/widget.feedaty.com *.cookiebot.com wss:\/\/ws.salecycle.com *.salecycle.com *.criteo.com *.doubleclick.net *.fontawesome.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com www.google.com www.gstatic.com pay.google.com google.com\/pay ecomms2s.sella.it sandbox.gestpay.net c.riskified.com *.google-analytics.com *.facebook.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/js.stripe.com; connect-src 'self' https:\/\/api.opensanctions.org https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/forms.hsforms.com https:\/\/forms-eu1.hsforms.com https:\/\/api.stripe.com; img-src 'self' data: https:\/\/assets.opensanctions.org https:\/\/opensanctions.directus.app https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/forms-eu1.hsforms.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src https:\/\/js.stripe.com https:\/\/hooks.stripe.com https:\/\/forms-eu1.hsforms.com https:\/\/share-eu1.hsforms.com; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/forms-eu1.hsforms.com","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.fontawesome.com https:\/\/cdnjs.cloudflare.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.adyen.com *.awin1.com *.zenaps.com *.fls.doubleclick.net account.wmf.com accountuat.wmf.com ad4m.at ct.pinterest.com fledge.eu.criteo.com groupe-seb.my.salesforce-sites.com gum.criteo.com service.force.com static.criteo.com static.criteo.net td.doubleclick.net www.paypalobjects.com www.sovendus-connect.com backoffice-eu.oct8ne.com static.trbo.com collect.trbo.com track2.trbo.com charger-v2.trbo.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.adyen.com *.awin1.com *.zenaps.com *.wepowerconnections.com magefan.com cm.magefan.com https:\/\/images.unsplash.com *.disqus.com https:\/\/img.youtube.com * https:\/\/api.mapbox.com *.hsforms.net *.hsforms.com 'self' data: *.contentsquare.net static.trbo.com collect.trbo.com track2.trbo.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.adyen.com *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com *.disqus.com * https:\/\/cdnjs.cloudflare.com *.hsforms.net *.hsforms.com *.google.com *.gstatic.com *.contentsquare.net *.contentsquare.com halc.iadvize.com static.trbo.com api-v4.trbo.com charger-v2.trbo.com https:\/\/www.dwin1.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.googleapis.com *.gstatic.com service.force.com static.trbo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.adyen.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com https:\/\/maps.googleapis.com autocomplete2.postdirekt.de t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com *.contentsquare.net app.contentsquare.com api.paypal.com ariane.abtasty.com bat.bing.com cdn.cookielaw.org content.hotjar.io ct.pinterest.com dcinfos-cache.abtasty.com geolocation.onetrust.com googleads.g.doubleclick.net identification-api.sovendus.com maps.googleapis.com measurement-api.criteo.com pagead2.googlesyndication.com privacyportal-eu.onetrust.com region1.analytics.google.com stats.g.doubleclick.net tag.commander1.com try.abtasty.com ws.hotjar.com www.google.com www.google.de www.pinterest.com halc.iadvize.com data.trbo.com newsletter-api.trbo.com api-v4.trbo.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.dm.rs https:\/\/mpsnare.iesnare.com https:\/\/omt.dm.rs https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.dm.rs https:\/\/www.google.com https:\/\/www.gstatic.com; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.dm.rs https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.dm.rs https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.dm.rs https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.dm.rs https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.dm.rs; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.dm.rs https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.dm.rs https:\/\/app.datadoghq.eu https:\/\/checkout.dm.rs https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.dm.rs https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.dm.rs https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.dm.rs https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.dm.rs https:\/\/player.podigee-cdn.net https:\/\/sandbox.om.dm.rs https:\/\/signin.dm.rs https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.dm.rs; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":1},{"content-security-policy-report-only":" default-src 'self' blob: *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com connect.facebook.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 'nonce-91ZlvL0I' blob: 'self' https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.googletagmanager.com https:\/\/*.youtube.com;style-src data: blob: 'unsafe-inline' *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com 'unsafe-eval';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss:\/\/*.facebook.com:* wss:\/\/*.metacareers.com:* attachment.fbsbx.com ws:\/\/localhost:* blob: *.cdninstagram.com 'self' *.facebookcareers.com *.metacareers.com gateway.metacareers.com wss:\/\/gateway.metacareers.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com;font-src 'self' data: blob: *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com connect.facebook.net;img-src 'self' data: blob: *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com *.fbsbx.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/www.googletagmanager.com https:\/\/*.ytimg.com *.youtube.com jsv3.recruitics.com;media-src 'self' data: blob: *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com connect.facebook.net;child-src 'self' data: blob: *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com connect.facebook.net;frame-src 'self' *.facebook.com *.fbcdn.net *.fbsbx.com https:\/\/*.youtube.com;manifest-src 'self' data: blob: *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com connect.facebook.net;object-src 'self' data: blob: *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com connect.facebook.net;worker-src 'self' data: blob: *.facebookcareers.com *.metacareers.com *.fbcdn.net *.facebook.com connect.facebook.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https:\/\/www.facebook.com\/csp\/reporting\/?m=tr_exp&minimize=0;","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.nl https:\/\/www.myheritage.nl  'unsafe-eval' 'nonce-fff0d745532445633233eb7c8970779a' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.nl https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" base-uri https:\/\/*.adnami.io; worker-src blob: data:","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com *.googleapis.com data: *.bic.com *.shopbic.com *.bazaarvoice.com *.googleusercontent.com *.slant.co *.aws.projects.clever-age.net *.fontawesome.com fonts.googleapis.com https:\/\/cdnjs.cloudflare.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de api.bazaarvoice.com stg.api.bazaarvoice.com *.facebook.com *.wlp-acs.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com pay.google.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.certcapture.com *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com * www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.certcapture.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.bic.com *.shopbic.com *.adsrvr.org *.amazon-adsystem.com *.criteo.com *.doubleclick.net *.googletagmanager.com *.pinterest.com *.sitescout.com *.snapchat.com *.tradedoubler.com *.wlp-acs.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com pay.google.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net * *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.certcapture.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.bic.com *.shopbic.com *.aws.projects.clever-age.net *.adsrvr.org *.bazaarvoice.com *.bing.com *.clarity.ms *.contentsquare.net *.criteo.net *.doubleclick.net *.facebook.com *.facebook.net *.google.com *.googlesyndication.com *.googletagmanager.com *.googleusercontent.com *.ipredictive.com *.linkedin.com *.outbrain.com *.privacy-center.org *.sitescout.com *.tiktok.com s3.amazonaws.com www.google.ca www.google.es www.google.fr www.google.it www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.openstreetmap.org maps.googleapis.com maps.gstatic.com *.authorize.net assets.secure.checkout.visa.com sandbox.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com pay.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.certcapture.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com *.bic.com *.shopbic.com *.aws.projects.clever-age.net *.abtasty.com *.adsrvr.org *.amazon-adsystem.com *.bazaarvoice.com *.bing.com *.clarity.ms *.contentsquare.net *.criteo.com *.criteo.net *.doubleclick.net *.facebook.net *.googlesyndication.com *.googletagmanager.com *.licdn.com *.noibu.com *.outbrain.com *.pinimg.com *.pinterest.com *.pixel.ad *.privacy-center.org *.skeepers.io *.snapchat.com *.tiktok.com sc-static.net targetemsecure.blob.core.windows.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ https:\/\/cdnjs.cloudflare.com *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app *.certcapture.com display.ugc.bazaarvoice.com *.bic.com *.shopbic.com *.aws.projects.clever-age.net *.bazaarvoice.com *.googletagmanager.com *.typekit.net *.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.bic.com *.shopbic.com *.bing.com *.gstatic.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.certcapture.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com *.bic.com *.shopbic.com *.aws.projects.clever-age.net *.abtasty.com *.adsrvr.org *.amazon-adsystem.com *.bazaarvoice.com *.bing.com *.clarity.ms *.contentsquare.net *.criteo.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.gstatic.com *.linkedin.com *.noibu.com *.outbrain.com *.paa-reporting-advertising.amazon *.pinterest.com *.privacy-center.org *.samsung.com *.skeepers.io *.slgnt.eu *.snapchat.com *.tiktok.com *.typekit.net www.google.ca www.google.es www.google.fr www.google.it www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com maps.googleapis.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com pay.google.com 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src *.bic.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/b5d2d853-cb54-412f-93ec-9e1c49a8e581.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' dropbox.okta.com *.oktacdn.com; connect-src 'self' dropbox.okta.com dropbox-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com dropbox.kerberos.okta.com dropbox.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-odEaD1O6rCc3mJHky21JoA' 'self' 'report-sample' dropbox.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'nonce-odEaD1O6rCc3mJHky21JoA' 'self' 'report-sample' dropbox.okta.com *.oktacdn.com; frame-src 'self' dropbox.okta.com dropbox-admin.okta.com login.okta.com *.vidyard.com com-okta-authenticator: api-37ec43d7.duosecurity.com; img-src 'self' dropbox.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' dropbox.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https:\/\/app.dropboxer.net","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/securepubads.g.doubleclick.net https:\/\/tpc.googlesyndication.com https:\/\/cdn.cookielaw.org https:\/\/connect.facebook.net https:\/\/platform.twitter.com https:\/\/www.instagram.com https:\/\/www.tiktok.com https:\/\/open.spotify.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:\/\/cdn.sanity.io https:\/\/*.googleusercontent.com https:\/\/www.google-analytics.com https:\/\/pagead2.googlesyndication.com; font-src 'self'; connect-src 'self' https:\/\/*.sanity.io https:\/\/www.google-analytics.com https:\/\/*.algolia.net https:\/\/*.algolianet.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.instagram.com https:\/\/www.tiktok.com https:\/\/open.spotify.com https:\/\/player.vimeo.com https:\/\/players.brightcove.net https:\/\/securepubads.g.doubleclick.net https:\/\/tpc.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/console.googletagservices.com https:\/\/cm.g.doubleclick.net https:\/\/*.safeframe.googlesyndication.com https:\/\/ep2.adtrafficquality.google https:\/\/www.google.com https:\/\/vercel.live; media-src 'self' https:\/\/cdn.sanity.io; object-src 'none'; base-uri 'self'","count":1},{"content-security-policy-report-only":" style-src-elem preprod-cdn.otter.ro cdn.otter.ro dev.otter247.local stage2.otter.ro stage2.tezyo.ro stage2.gryxx.ro stage2.aldoshoes.ro data: https:\/\/static.klaviyo.com https:\/\/cdn.jsdelivr.net https:\/\/*.adobe.com https:\/\/fonts.googleapis.com https:\/\/*.doubleclick.net https:\/\/*.facebook.com https:\/\/fonts.gstatic.com https:\/\/*.googletagmanager.com https:\/\/*.googlesyndication.com https:\/\/*.fontawesome.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/fonts.bunny.net https:\/\/fonts.static.com https:\/\/*.nosto.com https:\/\/*.nos.to https:\/\/assets.braintreegateaway.com https:\/\/*.cloudfront.net https:\/\/*.reviews.io https:\/\/*.reviews.co.uk https:\/\/preprod-cdn.otter.ro https:\/\/cdn.otter.ro 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.googlesyndication.com https:\/\/use.fontawesome.com https:\/\/assets.braintreegateway.com https:\/\/d2c7ipcroan06u2.cloudfront.net; font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com maxcdn.bootstrapcdn.com *.cloudfront.net *.reviews.io *.reviews.co.uk *.googleapis.com https:\/\/fonts.bunny.net fonts.googleapis.com preprod-cdn.otter.ro cdn.otter.ro static.klaviyo.com cdn.jsdelivr.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com *.reviews.io *.reviews.co.uk *.nosto.com *.nos.to 'self' 'unsafe-inline'; frame-ancestors https:\/\/www.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.google.com\/ *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.innoship.ro *.reviews.io *.reviews.co.uk *.nosto.com *.nos.to preprod-cdn.otter.ro cdn.otter.ro static.klaviyo.com cdn.jsdelivr.net https:\/\/www.googletagmanager.com https:\/\/consentcdn.cookiebot.eu https:\/\/event.2performant.com https:\/\/ams.creativecdn.com https:\/\/www.gstatic.com\/ 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com *.tiktok.com *.tile.openstreetmap.org *.openstreetmap.org * https:\/\/www.magezon.com *.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/firebasestorage.googleapis.com quickchart.io img.youtube.com *.nosto.com *.nos.to www.google.com.ua preprod-cdn.otter.ro cdn.otter.ro static.klaviyo.com cdn.jsdelivr.net https:\/\/ss.otter.ro data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net https:\/\/www.google.com\/ *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com cdn.jsdelivr.net *.tiktok.com * *.reviews.io *.reviews.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.fontawesome.com *.googleapis.com https:\/\/www.gstatic.com\/ *.avada.io *.shopify.com *.nosto.com *.nos.to maps.googleapis.com preprod-cdn.otter.ro cdn.otter.ro static.klaviyo.com https:\/\/cdn.otter.ro https:\/\/ss.otter.ro 'self' 'unsafe-inline' 'unsafe-eval'; style-src https:\/\/*.adobe.com fonts.googleapis.com *.googleapis.com https:\/\/*.doubleclick.net https:\/\/*.facebook.com *.gstatic.com https:\/\/*.googletagmanager.com https:\/\/*.googlesyndication.com *.tiktok.com https:\/\/*.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/*.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/static.klaviyo.com https:\/\/fonts.bunny.net fonts.gstatic.com https:\/\/*.nosto.com *.nos.to preprod-cdn.otter.ro cdn.otter.ro dev.otter247.local stage2.otter.ro stage2.tezyo.ro stage2.gryxx.ro stage2.aldoshoes.ro data: https:\/\/cdn.jsdelivr.net https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/fonts.static.com https:\/\/*.nos.to https:\/\/assets.braintreegateaway.com https:\/\/*.reviews.io https:\/\/*.reviews.co.uk https:\/\/preprod-cdn.otter.ro https:\/\/cdn.otter.ro 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.googlesyndication.com https:\/\/use.fontawesome.com https:\/\/assets.braintreegateway.com https:\/\/d2c7ipcroan06u2.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com preprod-cdn.otter.ro cdn.otter.ro static.klaviyo.com cdn.jsdelivr.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.facebook.com *.facebook.net https:\/\/www.google.com\/ *.doubleclick.net *.googlesyndication.com *.tiktok.com *.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io *.nosto.com *.nos.to maps.googleapis.com preprod-cdn.otter.ro cdn.otter.ro stage2.otter.ro stage2.tezyo.ro stage2.gryxx.ro stage2.aldoshoes.ro static.klaviyo.com cdn.jsdelivr.net https:\/\/tezyo.zendesk.com https:\/\/ekr.zdassets.com https:\/\/*.zendesk.com https:\/\/*.zdassets.com https:\/\/event.2performant.com https:\/\/tidytracking.com https:\/\/ss.otter.ro 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'nonce-pv4hN5emWLjm5RPq+GYCvw==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=df1c5837-38bf-41ef-8e04-e5744ca74659; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" frame-src 'self' https:\/\/www.google.com  https:\/\/www.youtube.com https:\/\/vars.hotjar.com www.googletagmanager.com e.issuu.com *.recaptcha.net td.doubleclick.net; style-src 'self' 'report-sample' 'unsafe-inline' services.postcodeanywhere.co.uk fonts.googleapis.com feeds.trac.jobs www.cqc.org.uk www.gstatic.com; base-uri 'self'; object-src 'none'; img-src 'self' data: *.gosh.nhs.uk *.google-analytics.com *.googletagmanager.com i.ytimg.com *.cqc.org.uk *.gstatic.com *.google.com stats.g.doubleclick.net feeds.trac.jobs https:\/\/static.trac.jobs static.trac.jobs healthjobsuk.com services.postcodeanywhere.co.uk dx4nr741tfc02.cloudfront.net www.healthjobsuk.com 'sha384-YephmBv2489Q13yLaARSHqhDtSlHeIs5DEiq8I1fyh4aQcG+nRoz5Y6eWndd5cVz' *.onetrust.com cdn-ukwest.onetrust.com script.hotjar.com survey-images.hotjar.com www.google.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat; default-src 'self' *.gosh.nhs.uk; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'report-sample' https:\/\/www.googletagmanager.com https:\/\/www.google.co.uk https:\/\/www.google.com https:\/\/feeds.trac.jobs feeds.trac.jobs 'nonce-8UBYsqF1OBYv8yuyw6OjWQ=='; media-src 'self' gosh.shorthandstories.com cdn.plyr.io data: media.gosh.nhs.uk ssl.gstatic.com *.s3.amazonaws.com; font-src 'self' https:\/\/fonts.gstatic.com  script.hotjar.com https:\/\/fonts.googleapis.com data:; manifest-src 'self' *.gosh.nhs.uk; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'report-sample' *.gosh.nhs.uk www.gosh.nhs.uk feeds.trac.jobs *.googletagmanager.com www.cqc.org.uk e.issuu.com 'nonce-8UBYsqF1OBYv8yuyw6OjWQ=='; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.doubleclick.net www.google.co.uk https:\/\/analytics.google.com https:\/\/vc.hotjar.io https:\/\/in.hotjar.com https:\/\/content.hotjar.io https:\/\/csmetrics.hotjar.com metrics.hotjar.io wss:\/\/ws.hotjar.com surveystats.hotjar.io https:\/\/feeds.trac.jobs sentry.issuu.com stats.g.doubleclick.net translate.googleapis.com *.onetrust.com cdn-ukwest.onetrust.com adservice.google.com https:\/\/ask.hotjar.io www.googleadservices.com www.google.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat; report-uri https:\/\/o516378.ingest.sentry.io\/api\/5622733\/security\/?sentry_key=c5f8a650e74b48a889ccadeaa5014261&sentry_environment=production","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' www.uscc.gov www.google.com analytics.google.com fonts.googleapis.com www.googletagmanager.com www.gstatic.com fonts.gstatic.com use.fontawesome.com s7.addthis.com www.senate.gov;","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com https:\/\/fonts.gstatic.com cdn1.stamped.io stamped.io *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.twitter.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.twitter.com *.trustpilot.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com cdn.stamped.io static.addtoany.com *.cookiebot.com *.doubleclick.net consentcdn.cookiebot.com bat.bing.com www.googletagmanager.com hose.gardeningexpress.co.uk pipe.gardeningexpress.co.uk consent.cookiebot.com pixel.thoughtmetric.io www.clarity.ms stats.g.doubleclick.net www.google.com www.gstatic.com cdn.tangoo.it cdn.tangooserver.com  ban.tangooserver.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com services.postcodeanywhere.co.uk *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.paypal.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cloudfront.net cdn1.stamped.io stamped.io www.google.com.ua magefan.com cm.magefan.com mageside.com flagpedia.net cdn.stamped.io www.ojrq.net *.clarity.ms *.bing.com *.cookiebot.com help.gardeningexpress.co.uk\/ www.google.de www.google.co.uk bat.bing.com hose.gardeningexpress.co.uk fonts.gstatic.com bat.bing.net https:\/\/pipe.gardeningexpress.co.uk data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ polyfill.io chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com api.addressy.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.googleapis.com *.trustpilot.com cdn1.stamped.io stamped.io *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com maps.googleapis.com cdn.stamped.io static.addtoany.com *.cookiebot.com *.clarity.ms bam.nr-data.net cdn.jsdelivr.net *.impactcdn.com *.newrelic.com consent.cookiebot.com ajax.googleapis.com bat.bing.com pagead2.googlesyndication.com pipe.gardeningexpress.co.uk pixel.thoughtmetric.io www.clarity.ms stats.g.doubleclick.net www.gstatic.com cdn.tangoo.it cdn.tangooserver.com  ban.tangooserver.com https:\/\/pipe.gardeningexpress.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com downloads.mailchimp.com *.fontawesome.com api.addressy.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.trustpilot.com cdn1.stamped.io stamped.io *.stripe.network *.stripecdn.com *.amazon.com *.addtoany.com maxcdn.bootstrapcdn.com www.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com cdn1.stamped.io stamped.io 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io form-assets.mailchimp.com *.intuit.com *.amazonaws.com https:\/\/gardeningexpress.us12.list-manage.com api.addressy.com *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com cdn1.stamped.io stamped.io *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com http:\/\/dpm.demdex.net www.gstatic.com maps.googleapis.com cdn.stamped.io static.addtoany.com *.cookiebot.com *.clarity.ms bam.nr-data.net cdn.jsdelivr.net *.impactcdn.com pagead2.googlesyndication.com gardeningexpress.pxf.io *.doubleclick.net *.google.com bat.bing.com hose.gardeningexpress.co.uk google.com bat.bing.net pipe.gardeningexpress.co.uk consent.cookiebot.com pixel.thoughtmetric.io www.clarity.ms data.thoughtmetric.io stats.g.doubleclick.net www.google.com cdn.tangoo.it cdn.tangooserver.com  ban.tangooserver.com https:\/\/pipe.gardeningexpress.co.uk 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src bat.bing.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action *.googlesyndication.com *.clarity.ms *.google.com *.facebook.com  'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ bid.g.doubleclick.net *.youtube-nocookie.com www.google.com *.tbibank.ro consentcdn.cookiebot.com *.google.ro *.facebook.com *.weltpixel.com  https:\/\/*.sameday.ro *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: *.vimeocdn.com i.ytimg.com *.youtube.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https:\/\/images.unsplash.com *.tbicp.com *.tbibank.ro imgsct.cookiebot.com *.google.ro *.clarity.ms *.bing.com https:\/\/a.tile.openstreetmap.org https:\/\/b.tile.openstreetmap.org https:\/\/c.tile.openstreetmap.org https:\/\/www.selfawb.ro t.themarketer.com cdn1.themarketer.com https:\/\/firebasestorage.googleapis.com flagpedia.net *.facebook.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com *.tbicp.com *.tbibank.ro consentcdn.cookiebot.com *.cookiebot.com *.google.ro *.clarity.ms *.aqurate.ai *.themarketer.com t.themarketer.com cdn1.themarketer.com *.avada.io https:\/\/*.sameday.ro *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.google.ro *.fontawesome.com t.themarketer.com cdn1.themarketer.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com https:\/\/*.sameday.ro *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.google.ro *.google.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com consentcdn.cookiebot.com *.googlesyndication.com *.clarity.ms *.google.com google.com *.facebook.com *.aqurate.ai *.themarketer.com https:\/\/ecommerce.fancourier.ro https:\/\/nominatim.openstreetmap.org https:\/\/api.fancourier.ro t.themarketer.com cdn1.themarketer.com https:\/\/get.geojs.io *.avada.io www.gstatic.com  *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/251703a9-46ab-4e4f-ab25-1de6ee452399.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" worker-src https:\/\/www.googletagmanager.com; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com *.klarnacdn.net maxcdn.bootstrapcdn.com https:\/\/geowidget.easypack24.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de sandbox.przelewy24.pl secure.przelewy24.pl 'self' 'unsafe-inline'; frame-ancestors pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.adyen.com pay.google.com consentcdn.cookiebot.com consentcdn.cookiebot.eu *.google.com\/ *.klarna.com *.packeta.com apm.przelewy24.pl secure.payu.com merch-prod.snd.payu.com https:\/\/geowidget-app.inpost.pl\/ https:\/\/sandbox-easy-geowidget.easypack24.net\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com https:\/\/images.unsplash.com imgsct.cookiebot.com imgsct.cookiebot.eu magefan.com cm.magefan.com *.disqus.com https:\/\/www.magezon.com *.klarna.com *.klarnaevt.com *.klarnacdn.net tile.openstreetmap.org mapa.orlenpaczka.pl ruch-osm.sysadvisors.pl https:\/\/img.youtube.com static.przelewy24.pl www.gstatic.com gstatic.com static.payu.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org https:\/\/load.a.tatuum.com https:\/\/a.tatuum.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com https:\/\/maps.googleapis.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js consent.cookiebot.com consent.cookiebot.eu *.disqus.com https:\/\/cdn.jsdelivr.net *.google.com\/ *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com mapa.orlenpaczka.pl *.packeta.com sandbox.przelewy24.pl secure.przelewy24.pl apm.przelewy24.pl secure.payu.com secure.snd.payu.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org unpkg.com *.snrbox.com https:\/\/load.a.tatuum.com https:\/\/a.tatuum.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/cdn.jsdelivr.net *.klarnacdn.net maxcdn.bootstrapcdn.com *.googleapis.com https:\/\/geowidget.easypack24.net https:\/\/geowidget.inpost.pl *.snrcdn.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/geowidget.easypack24.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.adyen.com payments-eu.amazon.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com consentcdn.cookiebot.com consentcdn.cookiebot.eu consent.cookiebot.com consent.cookiebot.eu *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com nominatim.openstreetmap.org *.packeta.com sandbox.przelewy24.pl secure.przelewy24.pl wss:\/\/sandbox-ws.przelewy24.pl wss:\/\/secure-ws.przelewy24.pl apple-pay-gateway.apple.com apm.przelewy24.pl www.google.com pay.google.com secure.payu.com merch-prod.snd.payu.com *.easypack24.net *.inpost.pl *.openstreetmap.org *.snrbox.com https:\/\/load.a.tatuum.com https:\/\/a.tatuum.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com https:\/\/fonts.gstatic.com *.kueskipay.com *.fontawesome.com *.tiktok.com *.ttcdn-row.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.kueskipay.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com www.google.com *.kueskipay.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.sandbox.paypal.com *.paypalobjects.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com *.kueskipay.com *.google.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.sandbox.paypal.com *.paypalobjects.com www.google.com.ua *.tiktok.com *.ttcdn-row.com https:\/\/static.addtoany.com\/ https:\/\/cdn.livechatinc.com\/ https:\/\/api.livechatinc.com\/ https:\/\/cdn.livechat-static.com\/ https:\/\/cdn.files-text.com\/ https:\/\/widgets.pinterest.com\/ https:\/\/api.tumblr.com\/ https:\/\/graph.facebook.com\/ https:\/\/load.gtm.waldos.com.mx data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.googleapis.com *.gstatic.com https:\/\/testup.cybersource.com https:\/\/up.cybersource.com *.kueskipay.com *.googletagmanager.com *.mxpnl.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com *.tiktok.com *.ttcdn-row.com *.bytedance.com analytics.tiktok.com *.api.useinsider.com https:\/\/static.addtoany.com\/ https:\/\/cdn.livechatinc.com\/ https:\/\/api.livechatinc.com\/ https:\/\/cdn.livechat-static.com\/ https:\/\/cdn.files-text.com\/ https:\/\/widgets.pinterest.com\/ https:\/\/api.tumblr.com\/ https:\/\/graph.facebook.com\/ https:\/\/load.gtm.waldos.com.mx 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.kueskipay.com *.googletagmanager.com *.mxpnl.com *.fontawesome.com *.googleapis.com *.addtoany.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com *.tiktok.com *.ttcdn-row.com 'self' 'unsafe-inline'; object-src *.tiktok.com 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/static.addtoany.com\/ https:\/\/cdn.livechatinc.com\/ https:\/\/api.livechatinc.com\/ https:\/\/cdn.livechat-static.com\/ https:\/\/cdn.files-text.com\/ https:\/\/widgets.pinterest.com\/ https:\/\/api.tumblr.com\/ https:\/\/graph.facebook.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.googleapis.com testup.cybersource.com up.cybersource.com *.kueskipay.com *.doubleclick.net http:\/\/dpm.demdex.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.facebook.com graph.facebook.com\/ graph.facebook.com business.facebook.com *.sandbox.paypal.com *.paypalobjects.com analytics.tiktok.com business-api.tiktok.com *.ttcdn-row.com *.bytedance.com *.api.useinsider.com static.addtoany.com\/ cdn.livechatinc.com\/ api.livechatinc.com\/ cdn.livechat-static.com\/ cdn.files-text.com\/ widgets.pinterest.com\/ api.tumblr.com\/ api.mercadopago.com\/ wss:\/\/tm.filter:1503 https:\/\/load.gtm.waldos.com.mx 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https:; connect-src 'self' https:; frame-src https:; child-src https:; frame-ancestors 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com cdn.jsdelivr.net cdn.almapay.com https:\/\/fonts.gstatic.com https:\/\/ws.colissimo.fr *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud https:\/\/cdnjs.cloudflare.com 'self' data: static.sensefuel.live data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.sips-services.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com https:\/\/www.youtube.com *.youtube-nocookie.com bid.g.doubleclick.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.getalma.eu *.almapay.com\/ *.stripe.com\/ *.checkout.com\/ *.adyen.com\/ *.truefitcorp.com *.weltpixel.com https:\/\/form.typeform.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud *.google.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.ftcdn.net *.behance.net *.afd.co.uk t.powerreviews.com assets-manager.abtasty.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/ws.colissimo.fr https:\/\/*.tile.openstreetmap.fr https:\/\/*.onyourmap.com https:\/\/google.fr https:\/\/www.magezon.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud ebizmarts-website.s3.amazonaws.com *.openstreetmap.org www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com maps.gstatic.com maps.googleapis.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.afd.co.uk cdn.jsdelivr.net js-agent.newrelic.com party.spockee.io app.ekoo.co ui.powerreviews.com *.truefitcorp.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com widget.proximis.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com maps.googleapis.com *.hsforms.net *.hsforms.com *.gstatic.com https:\/\/www.googletagmanager.com tagmanager.google.com  tag.search.sensefuel.live pdata.damart.fr try.abtasty.com                  'self' 'unsafe-eval' 'nonce-bjEweXhndXBhYzNvZzZzd29scDV2OGdubzgycmlkMWU=' 'sha256-W5akSSK6LD5BjIlNICMcXaUObQSRAaj6bs7JHADURBA=' 'sha256-3qVqeAdyxxTdPkkRzqapjGkAUYLahxSrB7Mdup+GPQ0=' 'sha256-2rvfFrggTCtyF5WOiTri1gDS8Boibj4Njn0e+VCBmDI=' 'sha256-p8MCfMHqrovsjRYU9z0bU17dd0z81k\/fVbGrtBBiM9g=' 'sha256-0pk2s4oXwBELlC6IBVb3nNaM2PjfjwI2N6OGIX5lx8Y=' 'sha256-nkEZknO0IxNxY\/CkTMBhjNhwPvglpYumjx31B4fjkY8='; style-src *.adobe.com fonts.googleapis.com cdn.jsdelivr.net ui.powerreviews.com https:\/\/fonts.googleapis.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud https:\/\/cdnjs.cloudflare.com assets.braintreegateway.com *.googleapis.com *.gstatic.com tagmanager.google.com tag.search.sensefuel.live 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net vimeo.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.afd.co.uk *.getalma.eu *.almapay.com api.spockee.io backoffice-api.spockee.io ui.powerreviews.com display.powerreviews.com app.ekoo.co maps.googleapis.com https:\/\/ws.colissimo.fr https:\/\/maps.googleapis.com https:\/\/nominatim.openstreetmap.org https:\/\/*.onyourmap.com https:\/\/*.mapbox.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud *.openstreetmap.org api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com c.search.sensefuel.live 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'self' https:; style-src 'self' https:; report-uri https:\/\/csp-collector-qt0v.onrender.com\/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri \/__vsctcspreport__","count":1},{"content-security-policy-report-only":" connect-src 'self' data: https:\/\/www.motonet.fi https:\/\/graphql.datocms.com https:\/\/*.doubleclick.net https:\/\/www.instagram.com https:\/\/*.broman.group https:\/\/*.litix.io https:\/\/vimeo.com https:\/\/*.klarna.com https:\/\/*.klarnaevt.com\/v1\/ https:\/\/*.adyen.com\/checkoutanalytics\/ https:\/\/*.adyen.com\/checkoutshopper\/ https:\/\/api.checkout.uat.walleydev.com\/checkout\/ https:\/\/api.checkout.walleypay.com\/checkout\/ https:\/\/api.postmarkapp.com https:\/\/www.youtube.com https:\/\/api.videoly.co https:\/\/js.testfreaks.com https:\/\/api.testfreaks.com https:\/\/reviews.testfreaks.com https:\/\/policy.app.cookieinformation.com https:\/\/consent.app.cookieinformation.com\/api\/consent https:\/\/api.custobar.com https:\/\/*.google-analytics.com https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/ https:\/\/*.googlesyndication.com https:\/\/*.adform.net https:\/\/*.creativecdn.com https:\/\/connect.facebook.net https:\/\/browser-intake-datadoghq.eu https:\/\/*.broman.group https:\/\/js.playground.kustom.co https:\/\/eu.klarnaevt.com https:\/\/*.cdn.adyen.com\/checkoutshopper\/ https:\/\/i.ytimg.com https:\/\/www.datocms-assets.com https:\/\/stagingaksapimanagementbroman.azure-api.net https:\/\/testapimanagementbroman.azure-api.net https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com https:\/\/*.ggpht.com https:\/\/*.mux.com https:\/\/*.vimeocdn.com https:\/\/dapi.videoly.co https:\/\/*.facebook.com https:\/\/*.seadform.net https:\/\/*.adform.net https:\/\/*.criteo.net https:\/\/*.criteo.com https:\/\/www.googletagmanager.com\/ https:\/\/ib.adnxs.com\/setuid https:\/\/ib.adnxs.com\/getuid https:\/\/cm.g.doubleclick.net https:\/\/dev.visualwebsiteoptimizer.com https:\/\/qr.motonet.fi https:\/\/*.googletagmanager.com; img-src 'self' data: https:\/\/www.datocms-assets.com https:\/\/i.ytimg.com https:\/\/image.mux.com https:\/\/*.broman.group https:\/\/js.playground.kustom.co https:\/\/eu.klarnaevt.com https:\/\/*.cdn.adyen.com\/checkoutshopper\/ https:\/\/i.ytimg.com https:\/\/www.datocms-assets.com https:\/\/stagingaksapimanagementbroman.azure-api.net https:\/\/testapimanagementbroman.azure-api.net https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com https:\/\/*.ggpht.com https:\/\/*.mux.com https:\/\/*.vimeocdn.com https:\/\/dapi.videoly.co https:\/\/*.facebook.com https:\/\/*.seadform.net https:\/\/*.adform.net https:\/\/*.criteo.net https:\/\/*.criteo.com https:\/\/www.googletagmanager.com\/ https:\/\/ib.adnxs.com\/setuid https:\/\/ib.adnxs.com\/getuid https:\/\/cm.g.doubleclick.net https:\/\/dev.visualwebsiteoptimizer.com https:\/\/qr.motonet.fi; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/js.playground.kustom.co https:\/\/osm.klarnaservices.com\/ https:\/\/checkout.uat.walleydev.com\/ https:\/\/checkout.walleypay.com\/ https:\/\/*.adyen.com\/ https:\/\/*.vimeo.com https:\/\/app.ecoonline.com https:\/\/www.maston.fi https:\/\/websds.volvo.com https:\/\/policy.app.cookieinformation.com\/ https:\/\/*.criteo.com https:\/\/*.adform.net https:\/\/*.creativecdn.com https:\/\/www.facebook.com https:\/\/*.googletagmanager.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.broman.group https:\/\/maps.googleapis.com https:\/\/js.playground.kustom.co https:\/\/js.klarna.com https:\/\/js.klarna.com\/web-sdk\/ https:\/\/api.walleypay.com\/walley-checkout-loader.js https:\/\/api.videoly.co\/1\/quchbox\/0\/299\/quch.js https:\/\/www.paypal.com\/sdk\/js https:\/\/dapi.videoly.co https:\/\/www.youtube.com https:\/\/*.vimeo.com https:\/\/policy.app.cookieinformation.com https:\/\/script.custobar.com https:\/\/*.criteo.net https:\/\/*.criteo.com https:\/\/*.adform.net https:\/\/connect.facebook.net https:\/\/tags.creativecdn.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/*.googletagmanager.com; object-src 'none'; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: 'self' data: *.doubleclick.net *.facebook.com *.alicdn.com *.cloudflare.com *.faceworks.nl *.font.im ncspublicasset.s3.eu-west-3.amazonaws.com *.typekit.net data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; form-action *.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.sharethis.com www.google.com *.google.com *.doubleclick.net *.facebook.com *.multisafepay.com https:\/\/pay.google.com www.paypal.com www.sandbox.paypal.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * www.xtento.com *.googletagmanager.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.sharethis.com *.gstatic.com *.googleapis.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.multisafepay.com www.paypal.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.xtento.com cdn.xtento.com *.alicdn.com *.bing.com *.bing.net *.cookiebot.com europe-west1-maxlead-dwh-test.cloudfunctions.net *.googleadservices.com *.google-analytics.com www.google.ad www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cd www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.bw www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.com.af www.google.com.ag www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.za www.google.co.zm www.google.co.zw www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gr www.google.gy www.google.hn www.google.hr www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.pl www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.td www.google.tg www.google.tl www.google.tn www.google.to www.google.tt google.com *.googlesyndication.com *.licdn.com *.linkedin.com *.magento.cloud *.mailplus.nl s3.amazonaws.com data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.sharethis.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.multisafepay.com https:\/\/pay.google.com m17.mailplus.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.xtento.com cdn.xtento.com 9292.nl *.bing.com *.clarity.ms *.cloudflare.com *.cookiebot.com *.cookiebot.eu *.googleadservices.com *.googlesyndication.com *.hotjar.com *.ipify.org *.licdn.com *.mailplus.nl *.marker.io *.oribi.io *.pinimg.com *.pinterest.com *.thinglink.me *.vimeo.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src *.adobe.com *.sharethis.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.multisafepay.com unsafe-inline assets.braintreegateway.com *.mailplus.nl *.typekit.net *.vimeocdn.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.gstatic.com *.vimeocdn.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.sharethis.com *.googleapis.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.multisafepay.com www.paypal.com www.sandbox.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com t.elasticsuite.io 9292.nl *.alicdn.com *.bing.com *.bing.net *.clarity.ms *.cookiebot.com *.cookiebot.eu *.doubleclick.net *.googleadservices.com www.google.ad www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bj www.google.bs www.google.by www.google.ca www.google.cd www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.bw www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ma www.google.com.af www.google.com.ag www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.za www.google.co.zm www.google.co.zw www.google.cv www.google.cz www.google.de www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ga www.google.ge www.google.gg www.google.gr www.google.gy www.google.hn www.google.hr www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.mn www.google.mu www.google.mw www.google.nl www.google.no www.google.pl www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.se www.google.si www.google.sk www.google.sn www.google.so www.google.sr www.google.tg www.google.tn www.google.tt *.googlesyndication.com *.gstatic.com *.hotjar.com *.hotjar.io *.jquery.com *.linkedin.com *.marker.io *.pinterest.com s3.ap-east-1.amazonaws.com s3.eu-west-1.amazonaws.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/95b39a76-7377-449c-a715-7f75d8431eb4.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net cash-f.squarecdn.com converse.com.br https:\/\/magento.com *.converse.com.br *.fontawesome.com https:\/\/fonts.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * www.facebook.com 'self' connect.facebook.net graph.facebook.com business.facebook.com https:\/\/plumrocket.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com * www.google.com https:\/\/gum.criteo.com\/ api.sunset.systems targeting.voxus.tv https:\/\/springmedia.go2cloud.org\/ https:\/\/googleads.g.doubleclick.net\/ https:\/\/www.google.com.br\/ https:\/\/tpc.googlesyndication.com\/ https:\/\/static.criteo.net\/ td.doubleclick.net https:\/\/fledge.us.criteo.com\/ https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com https:\/\/plumrocket.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net * converse.com.br www.facebook.com https:\/\/mcstaging.converse.com.br www.google.com.br conectiva.io https:\/\/s.ad.smaato.net https:\/\/simage2.pubmatic.com https:\/\/ade.clmbtech.com\/ https:\/\/sync-criteo.ads.yieldmo.com https:\/\/e1.emxdgt.com https:\/\/x.bidswitch.net\/ https:\/\/cm.g.doubleclick.net https:\/\/ib.adnxs.com\/ secure.adnxs.com https:\/\/pixel.rubiconproject.com\/ https:\/\/match.sharethrough.com https:\/\/rtb-csync.smartadserver.com https:\/\/sync-t1.taboola.com\/ https:\/\/criteo-sync.teads.tv https:\/\/eb2.3lift.com\/ https:\/\/ups.analytics.yahoo.com\/ https:\/\/tg.socdm.com\/ https:\/\/visitor.omnitagjs.com https:\/\/gum.criteo.com https:\/\/r.casalemedia.com https:\/\/ads.stickyadstv.com https:\/\/ad.360yield.com https:\/\/matching.ivitrack.com https:\/\/i.liadm.com\/ https:\/\/exchange.mediavine.com https:\/\/c.bing.com\/ https:\/\/trends.revcontent.com https:\/\/criteo-partners.tremorhub.com\/ https:\/\/secure.adnxs.com https:\/\/contextual.media.net https:\/\/dis.criteo.com https:\/\/tags.bluekai.com https:\/\/cm.adgrx.com https:\/\/sync.outbrain.com bat.bing.com https:\/\/device.clearsale.com.br https:\/\/c.clarity.ms https:\/\/rsp.servername.net http:\/\/rsp.servername.net https:\/\/googleads.g.doubleclick.net\/ http:\/\/www.googleadservices.com\/ https:\/\/idsync.rlcdn.com\/ https:\/\/*.rakuten.com https:\/\/*.linksynergy.com https:\/\/*.nxtck.com https:\/\/*.xg4ken.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.com.br *.converse.com.br http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ connect.facebook.net graph.facebook.com business.facebook.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com https:\/\/adobe.com\/ www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net https:\/\/amcglobal.sc.omtrdc.net\/ commerce.adobe.net use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com https:\/\/adyen.com pay.google.com *.payments-amazon.com http:\/\/www.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https:\/\/rum.hlx.page www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ converse.com.br js-agent.newrelic.com js.go2sdk.com tag.rmp.rakuten.com ads01.groovinads.com img.metaffiliation.com https:\/\/assets.adobedtm.com\/ https:\/\/secure.authorize.net\/ https:\/\/test.authorize.net\/ https:\/\/js.braintreegateway.com\/ https:\/\/unpkg.com\/ https:\/\/commerce.adobe.net\/ https:\/\/use.typekit.net\/ https:\/\/t.paypal.com https:\/\/s.ytimg.com https:\/\/magento-ds.com www.facebook.com connect.facebook.net https:\/\/graph.facebook.com\/ https:\/\/business.facebook.com\/ https:\/\/google.com.br\/ https:\/\/gstatic.com\/ http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ http:\/\/www.paypalobjects.com https:\/\/www.googleoptimize.com https:\/\/static.zdassets.com\/ https:\/\/device.clearsale.com.br https:\/\/dynamic.criteo.com www.rtb123.com conectiva.io analytics.tiktok.com cdn.targeting.voxus.com.br https:\/\/app.cartstack.com.br bat.bing.com https:\/\/static.hotjar.com https:\/\/service.maxymiser.net https:\/\/widget-mediator.zopim.com https:\/\/sslwidget.criteo.com https:\/\/bat.bing.com www.clarity.ms targeting.voxus.com.br https:\/\/script.hotjar.com\/ https:\/\/tpc.googlesyndication.com https:\/\/*.rakuten.com https:\/\/*.linksynergy.com https:\/\/*.nxtck.com https:\/\/*.xg4ken.com https:\/\/*.googletagmanager.com *.converse.com.br *.collect.igodigital.com https:\/\/cdn.pmweb.com.br graph.facebook.com business.facebook.com *.googleapis.com *.google.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src https:\/\/adobe.com fonts.googleapis.com *.cash.app converse.com.br https:\/\/fonts.googleapis.com https:\/\/magento.com *.fontawesome.com https:\/\/gstatic.com use.typekit.net p.typekit.net *.converse.com.br *.googleapis.com *.google.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/static.zdassets.com\/ *.converse.com.br http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io commerce.adobe.net qa-api.magedevteam.com *.sentry.io * fcmregistrations.googleapis.com firebaseinstallations.googleapis.com k.clarity.ms bam.nr-data.net converse.com.br https:\/\/dpm.demdex.net https:\/\/amcglobal.sc.omtrdc.net *.google-analytics.com https:\/\/commerce.adobedtm.com https:\/\/commerce.adobedc.net https:\/\/*.snplow.net https:\/\/api.magento.com https:\/\/*.adobe.io https:\/\/performance.typekit.net https:\/\/www.sandbox.paypal.com https:\/\/www.paypalobjects.com https:\/\/www.paypal.com https:\/\/pilot-payflowlink.paypal.com https:\/\/commerce.adobe.io https:\/\/commerce.adobe.net https:\/\/qa-api.magedevteam.com https:\/\/*.sentry.io https:\/\/*.adyen.com http:\/\/magento.com https:\/\/magento.com http:\/\/stats.g.doubleclick.net https:\/\/stats.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com www.facebook.com https:\/\/connect.facebook.net https:\/\/graph.facebook.com https:\/\/business.facebook.com https:\/\/t.elasticsuite.io https:\/\/analytics.google.com\/ https:\/\/ekr.zdassets.com\/ https:\/\/conscooper.zendesk.com wss:\/\/widget-mediator.zopim.com https:\/\/analytics.tiktok.com targeting.voxus.com.br api.performa.ai https:\/\/www.google.com.br https:\/\/bat.bing.com\/ https:\/\/api.ipify.org logs-01.loggly.com https:\/\/api.voxus.tv https:\/\/conectiva.io https:\/\/coopershoes.zendesk.com\/ https:\/\/*.clarity.ms\/ https:\/\/vc.hotjar.io\/ https:\/\/pagead2.googlesyndication.com\/ https:\/\/measurement-api.criteo.com\/ https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.com.br *.converse.com.br http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ connect.facebook.net graph.facebook.com business.facebook.com http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src converse.com.br bat.bing.com k.clarity.ms www.google.com commerce.adobedc.net analytics.tiktok.com *.converse.com.br *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; script-src * 'unsafe-inline' 'unsafe-eval' data: blob:; connect-src * 'unsafe-inline' 'unsafe-eval' data: blob:; img-src * data: blob:; font-src * data:; style-src * 'unsafe-inline' data:; style-src-elem * 'unsafe-inline' data:; frame-src * data: blob:; media-src * data: blob:; object-src *; frame-ancestors 'none'; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/*.mastercontrol.com mastercontrol.service-now.com; object-src 'none'; form-action 'self' https:\/\/*.mastercontrol.com *.rise.com *.service-now.com mastercontrol.influitive.com gateway.zscloud.net mastercontrol.uservoice.com https:\/\/*.facebook.com https:\/\/connect.facebook.net; base-uri 'self' https:\/\/*.mastercontrol.com https:\/\/*.clarity.ms; report-uri https:\/\/reportcsp.azurewebsites.net\/api\/CSPViolation","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-ZnVtnSmMDIjeir6lZPXxcw' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.payu.in https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' *.payu.in www.facebook.com *.apitest.payu.in *.google.com 'self' 'unsafe-inline'; frame-ancestors 'self' *.payu.in 'self'; frame-src fast.amc.demdex.net https:\/\/*.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net https:\/\/*.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com https:\/\/*.facebook.com *.criteo.com\/ *.sandbox.paypal.com *.paypalobjects.com *.criteo.net *.apitest.payu.in https:\/\/fast.amc.demdex.net https:\/\/geostag.cardinalcommerce.com https:\/\/geo.cardinalcommerce.com https:\/\/1eafstag.cardinalcommerce.com https:\/\/1eaf.cardinalcommerce.com https:\/\/centinelapistag.cardinalcommerce.com https:\/\/centinelapi.cardinalcommerce.com https:\/\/bid.g.doubleclick.net https:\/\/*.demdex.net https:\/\/*.youtube-nocookie.com https:\/\/www.paypal.com https:\/\/www.sandbox.paypal.com https:\/\/pilot-payflowlink.paypal.com https:\/\/www.paypalobjects.com https:\/\/player.vimeo.com https:\/\/www.google.com https:\/\/*.braintreegateway.com https:\/\/*.paypal.com https:\/\/www.googletagmanager.com https:\/\/*.criteo.com https:\/\/*.criteo.net https:\/\/*.apitest.payu.in https:\/\/*.payu.in https:\/\/api.razorpay.com https:\/\/*.pickrr.com https:\/\/*.shiprocket.in https:\/\/cdn.lightwidget.com cdn.lightwidget.com 'self' *.payu.in api.razorpay.com *.pickrr.com *.shiprocket.in 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.muftijeans.in *.google.co.in *.google.com *.bing.com *.pinterest.com *.criteo.com *.bidswitch.net *.doubleclick.net *.adnxs.com *.socdm.com *.casalemedia.com *.adingo.jp *.360yield.com *.rlcdn.com *.outbrain.com *.pubmatic.com *.rubiconproject.com *.smartadserver.com *.taboola.com *.teads.tv *.clmbtech.com *.3lift.com *.1rx.io *.media.net *.unrulymedia.com *.www.googleadservices.com *.www.google.com *.facebook.com *.cloudfront.net *.dmxleo.com *.facebook.net *.agkn.com cdn.lightwidget.com https:\/\/firebasestorage.googleapis.com flagpedia.net *.payu.in cdn.razorpay.com maps.gstatic.com *.pickrr.com *.netlify.app aa.agkn.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.youtube.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.gstatic.com *.facebook.com *.criteo.com *.criteo.net https:\/\/www.google.com\/recaptcha\/api2\/webworker.js *.muftijeans.in *.hotjar.com https:\/\/static.hotjar.com *.googleapis.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.vimeo.com https:\/\/www.googletagmanager.com *.smartlook.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com *.google.co.in *.www.google.co.in *.facebook.net cdn.lightwidget.com *.avada.io *.shopify.com maps.googleapis.com *.payu.in checkout.razorpay.com *.pickrr.com *.netlify.app *.shiprocket.in https:\/\/otpless.com *.shiprocket.com connect.facebook.net *.adobedtm.com sc-static.net tr.snapchat.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.coolzcloud.com *.amazonaws.com *.googletagmanager.com cdn.lightwidget.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com *.payu.in *.pickrr.com *.netlify.app *.shiprocket.com https:\/\/fonts.googleapis.com 'self' 'unsafe-inline'; object-src *.muftijeans.in *.paypal.com *.sandbox.paypal.com *.paypalobjects.com 'self' 'unsafe-inline'; media-src *.adobe.com *.muftijeans.in 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.doubleclick.net *.facebook.com *.googleapis.com *.criteo.com *.pinterest.com *.facebook.net *.hotjar.com *.hotjar.io wss:\/\/ws.hotjar.com *.sandbox.paypal.com *.paypalobjects.com *.google.co.in *.www.google.co.in https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com *.payu.in lumberjack.razorpay.com lumberjack-metrics.razorpay.com *.pickrr.com *.netlify.app *.fastrr.com *.shiprocket.in https:\/\/cred.club *.razorpay.com tr.snapchat.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src data: 'self' blob: 'unsafe-inline' 'unsafe-eval' *.nesine.com wss:\/\/*.nesine.com *.google.com *.google.com.tr *.googletagmanager.com *.google-analytics.com *.support.google.com *.doubleclick.net *.googleadservices.com *.microsoft.com *.apple.com *.facebook.com *.facebook.net connect.facebook.net *.betsolutions.com *.ertgaming.com *.yahoo.com *.newrelic.com *.twitter.com *.instagram.com *.youtube.com *.ytimg.com *.aboutcookies.org *.mobilproses.com *.omnitagjs.com *.outbrain.com *.nr-data.net *.bidswitch.net wss:\/\/*.sportradar.com *.sportradar.com *.akamaized.net *.performfeeds.com *.betradar.com *.dge.imggaming.com tjktv.ercdn.net *.tjk.org *.broadage.com *.pubmatic.com *.mediavine.com *.demdex.net *.krxd.net *.thebrighttag.com *.tremorhub.com *.adnxs.com *.casalemedia.com *.360yield.com *.media.net *.rubiconproject.com *.sharethrough.com *.smartadserver.com *.teads.tv *.3lift.com *.emxdgt.com *.sync.com *.ivitrack.com *.yieldmo.com *.yieldlab.net *.imgarena.com *.liderform.com.tr *.googleapis.com *.googlevideo.com *.gstatic.com *.azureedge.net *.semasio.net *.7platform.net *.7platform.com *.7platform.live *.nsoft-cdn.com *.launchdigi.net *.106digital.com *.gameturboz.cloud *.turboexplorer.online *.1rx.io *.adsrvr.org aa.agkn.com *.postrelease.com *.revcontent.com *.rqtrk.eu *.bing.com *.smaato.net *.narrative.io *.socdm.com *.mediawallahscript.com *.liadm.com *.stickyadstv.com *.linkedin.com *.rlcdn.com *.dable.io *.adingo.jp *.twiago.com *.bluekai.com *.crwdcntrl.net *.hs.llnwd.net *.ucweb.com *.dengage.com *.playbetman.com *.turbolabs.online *.aleaplay.com *.turbogg4u.online *.turbodiscovery.xyz *.ofmicropod.com *.dengagecdn.com launchdigi.net *.eskimi.com *.tiktok.com *.rsc.cdn77.org *.igamemedia.com *.castr.net data.widgets.sir.sportradar.com *.inseincvirtuals.com wss:\/\/data.widgets.sir.sportradar.com wss:\/\/*.sportradar.com wss:\/\/*.akamaized.net cdn.alsgp0.fds.api.mi-img.com apm-rum-sgp.inf.miui.com infragrid.v.network metrics-dre.dt.dbankcloud.cn cdn-uicons.flaticon.com *.cloudfront.net *.mobilproses.com *.codezania.com https:\/\/106gamesgalaxsys.online https:\/\/www.millipiyangoonline.com\/ www.google.de www.google.com.cy www.google.nl www.google.fr www.google.co.uk www.google.iq www.google.ca www.google.pt www.google.ch www.google.bg www.google.az www.google.it www.google.no www.google.se www.google.com.sa www.google.com.qa www.google.ru www.google.be www.google.com.kw www.google.co.tz www.google.ro www.google.hu www.google.ba www.google.at www.google.rs *.millipiyangoonline.com www.google.dk www.google.co.uz www.google.dz www.google.es www.google.pl www.google.com.ly www.googletagmanager.com digital.millipiyangoonline.com www.google.at www.google.hu www.google.ro www.google.ru www.google.be dbox1.sisalsanstech.com www.millipiyangoonline.com pagead2.googlesyndication.com https:\/\/bulten.sm.mncdn.com sisal.queue-it.net football.playbook-fusion.com *.clarity.ms; img-src * data:; report-uri \/csp\/cspreport\/","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src https:\/\/* 'self' epichttp: https:\/\/premier.trustcommerce.com;script-src 'nonce-2552f63bc4df4a9b8ea7e41927b4b4f3' https:\/\/www.novantmychart.org 'self';img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp:;style-src https:\/\/www.novantmychart.org 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.se https:\/\/www.myheritage.se  'unsafe-eval' 'nonce-ef5d40e9bf6b19ef1577f26a76c6fee2' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.se https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/wallet_google","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'sha256-ujLcj5yEttqott2YU37Bbk5ax6znG+BhD69pxS73e9A=' https:\/\/*.i.posthog.com https:\/\/maps.googleapis.com https:\/\/challenges.cloudflare.com https:\/\/www.googletagmanager.com; connect-src 'self' https:\/\/*.i.posthog.com https:\/\/maps.googleapis.com https:\/\/*.googleapis.com https:\/\/challenges.cloudflare.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net; frame-src https:\/\/challenges.cloudflare.com https:\/\/player.vimeo.com; img-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com data:; frame-ancestors 'none'; base-uri 'none'; form-action 'self'; object-src 'none'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/sdk.privacy-center.org; object-src 'none'; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https:\/\/*.gstatic.com https:\/\/www.google-analytics.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/player.vimeo.com; frame-ancestors 'self'; font-src 'self' https:\/\/fonts.gstatic.com data:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com; report-uri \/report-csp-violation; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com maxcdn.bootstrapcdn.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com x.klarnacdn.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.doubleclick.net *.facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.bird.eu flagpedia.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.adobedtm.com dev.visualwebsiteoptimizer.com *.exacttarget.com google.it\/pagead\/1p-conversion self data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.avada.io maps.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.cardinalcommerce.com *.authorize.net *.ccdc02.com *.googleadservices.com *.paypalobjects.com  *.braintreegateway.com   *.paypal.com   *.ytimg.com www.gstatic.com\/recaptcha www.google.com\/recaptcha *.js-agent.newrelic.com unpkg.com\/@googlemaps\/markerclusterer\/dist\/index.min.js self *.criteo.com *.yandex.com *.yandex.ru *.teads.tv *.mainadv.com *.bing.com *.clarity.ms *.pinterest.com *.tiktok.com *.amazon-adsystem.com *.quantserve.com 'sha256-g\/qbQ8sW5eJ9JO8sQzRJ1OvARbUyKpJXFeof9SLw1eI=' 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.fontawesome.com maxcdn.bootstrapcdn.com assets.braintreegateway.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.stripe.network *.stripecdn.com *.amazon.com service.force.com x.klarnacdn.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.google-analytics.com *.facebook.com *.facebook.net https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.adobe.com assets.adobedtm.com *.googletagmanager.com *.authorize.net *.ccdc02.com *.googleadservices.com *.paypalobjects.com  *.braintreegateway.com   *.paypal.com   *.ytimg.com *.vimeocdn.com www.gstatic.com\/recaptcha www.google.com\/recaptcha *.google.bg *.doubleclick.net unpkg.com\/@googlemaps\/markerclusterer\/dist\/index.min.js unpkg.com\/@googlemaps\/markerclusterer\/dist\/* self consentcdn.cookiebot.com *.googlesyndication.com dev.visualwebsiteoptimizer.com js.klarna.com na.klarnaevt.com trustpilot.com googleads.g.doubleclick.net bam.nr-data.net *.criteo.com *.yandex.com *.yandex.ru *.teads.tv *.mainadv.com *.bing.com *.clarity.ms *.pinterest.com *.tiktok.com *.amazon-adsystem.com *.quantserve.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src bam.nr-data.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; style-src 'unsafe-inline' *; default-src 'none'; worker-src 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io; base-uri 'none'; media-src *; script-src 'self' 'unsafe-inline' 'report-sample' 'nonce-7VuZHoWqnbr300cIYgsdTw=='; img-src blob: data: *; font-src 'self' data:; frame-ancestors 'none'","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klarnacdn.net 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.vaude.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.klarna.com js.mollie.com td.doubleclick.net app.usercentrics.eu web.cmp.usercentrics.eu v1.api.service.cmp.usercentrics.eu *.outtra.com *.googletagmanager.com *.fls.doubleclick.net *.amazon-adsystem.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com magefan.com cm.magefan.com *.disqus.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/img.youtube.com https:\/\/www.mollie.com *.hsforms.net *.hsforms.com 'self' data: www.vaude.com vaude.localhost https:\/\/vaude.localhost\/ www.google.de app.usercentrics.eu web.cmp.usercentrics.eu v1.api.service.cmp.usercentrics.eu uct.service.usercentrics.eu *.equalweb.com *.weglot.com ad.doubleclick.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.disqus.com https:\/\/cdn.jsdelivr.net *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com js.mollie.com *.hsforms.net *.hsforms.com *.gstatic.com *.abtasty.com ion.vaude.com id.vaude.com analytics.vaude.com js-agent.newrelic.com vaude.matomo.cloud app.usercentrics.eu web.cmp.usercentrics.eu v1.api.service.cmp.usercentrics.eu api.usercentrics.eu graphql.usercentrics.eu privacy-proxy.usercentrics.eu *.scarabresearch.com *.equalweb.com cdn.matomo.cloud cdn.scarabresearch.com static.scarabresearch.com webchannel-content.eservice.emarsys.net https:\/\/vaude.homepagerecruiter.de https:\/\/cdn.tailwindcss.com https:\/\/production.neocomapp.com *.weglot.com *.outtra.com *.amazon-adsystem.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/cdn.jsdelivr.net *.klarnacdn.net *.googleapis.com *.gstatic.com *.equalweb.com *.weglot.com *.outtra.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.abtasty.com analytics.vaude.com bam.nr-data.net pagead2.googlesyndication.com vaude.matomo.cloud app.usercentrics.eu web.cmp.usercentrics.eu v1.api.service.cmp.usercentrics.eu api.usercentrics.eu graphql.usercentrics.eu privacy-proxy.usercentrics.eu aggregator.service.usercentrics.eu consent-api.service.consent.usercentrics.eu *.scarabresearch.com *.equalweb.com cdn.matomo.cloud cdn.scarabresearch.com static.scarabresearch.com webchannel-content.eservice.emarsys.net https:\/\/production.neocomapp.com https:\/\/prompts.api.production.neocomapp.com *.weglot.com https:\/\/cdn-api-weglot.com *.outtra.com *.amazon-adsystem.com *.paa-reporting-advertising.amazon 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-2k8xypgG8Tu6xDZQYt9iPA' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src https:\/\/* 'self' epichttp: https:\/\/epic.integration.gateway.patientco.com https:\/\/epic.production.paymentfusion.com https:\/\/epic.sandbox.paymentfusion.com https:\/\/pay.instamed.com https:\/\/premier.trustcommerce.com https:\/\/stagepremier.trustcommerce.com;script-src 'nonce-cb924a2ef7e74208b6ecf717efbd56aa' https:\/\/mychart.et0965.epichosted.com 'self';img-src https:\/\/* 'self' blob: data: http:\/\/altondoctors.com http:\/\/doctors.bjc.org;connect-src 'self' epichttp:;style-src https:\/\/mychart.et0965.epichosted.com 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self' http:\/\/127.0.0.1 https:\/\/localhost.lambdatest.com https:\/\/mychart-np.et0965.epichosted.com https:\/\/scheduling-dev.bjc.org https:\/\/scheduling-test.bjc.org https:\/\/scheduling.bjc.org https:\/\/www.mypatientchart.org;media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src 'self' data:; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/instinet-matomo.teamricochet.com\/ https:\/\/js-agent.newrelic.com\/ https:\/\/www.google-analytics.com\/ cdnjs.cloudflare.com https:\/\/cdn.datatables.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/www.google.com stackpath.bootstrapcdn.com unpkg.com; style-src 'self' cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/cdn.datatables.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/live-instinet-drupal.pantheonsite.io https:\/\/unpkg.com stackpath.bootstrapcdn.com; style-src-attr 'self' 'unsafe-inline'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src 'self' epichttp: https:\/\/*.kaltura.com https:\/\/doctors.wvumedicine.org\/ https:\/\/mychart.personapay.com https:\/\/wvumedicine.org;script-src 'nonce-aeb0e4392e98402fa85739c0cad2d313' https:\/\/mywvuchart.com 'self' https:\/\/doctors.wvumedicine.org\/ https:\/\/wvumedicine.org\/ https:\/\/wvumedicinestg.local\/ https:\/\/wvumedicinestg.wpenginepowered.com\/ https:\/\/www.wvumedicine.org\/;img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp:;style-src https:\/\/mywvuchart.com 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src 'self' epichttp: https:\/\/pay-staging.instamed.com https:\/\/pay.instamed.com;script-src 'nonce-2301685d77514b5da687eea42bc2519c' https:\/\/myhealthatvanderbilt.com 'self';img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp:;style-src https:\/\/myhealthatvanderbilt.com 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com cdn.jsdelivr.net cdn.almapay.com https:\/\/fonts.gstatic.com https:\/\/ws.colissimo.fr *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud https:\/\/cdnjs.cloudflare.com 'self' data: static.sensefuel.live data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.sips-services.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com https:\/\/www.youtube.com *.youtube-nocookie.com bid.g.doubleclick.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.getalma.eu *.almapay.com\/ *.stripe.com\/ *.checkout.com\/ *.adyen.com\/ *.truefitcorp.com *.weltpixel.com https:\/\/form.typeform.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud *.google.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.ftcdn.net *.behance.net *.afd.co.uk t.powerreviews.com assets-manager.abtasty.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/ws.colissimo.fr https:\/\/*.tile.openstreetmap.fr https:\/\/*.onyourmap.com https:\/\/google.fr https:\/\/www.magezon.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud ebizmarts-website.s3.amazonaws.com *.openstreetmap.org www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com maps.gstatic.com maps.googleapis.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.afd.co.uk cdn.jsdelivr.net js-agent.newrelic.com party.spockee.io app.ekoo.co ui.powerreviews.com *.truefitcorp.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com widget.proximis.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com maps.googleapis.com *.hsforms.net *.hsforms.com *.gstatic.com https:\/\/www.googletagmanager.com tagmanager.google.com  tag.search.sensefuel.live pdata.damart.fr try.abtasty.com                  'self' 'unsafe-eval' 'nonce-ZDhhZzgwMmpzOWowNGJrZ2h4eDR4enByeTJ5Z2E1ejA=' 'sha256-W5akSSK6LD5BjIlNICMcXaUObQSRAaj6bs7JHADURBA=' 'sha256-3qVqeAdyxxTdPkkRzqapjGkAUYLahxSrB7Mdup+GPQ0=' 'sha256-2rvfFrggTCtyF5WOiTri1gDS8Boibj4Njn0e+VCBmDI=' 'sha256-p8MCfMHqrovsjRYU9z0bU17dd0z81k\/fVbGrtBBiM9g=' 'sha256-0pk2s4oXwBELlC6IBVb3nNaM2PjfjwI2N6OGIX5lx8Y=' 'sha256-nkEZknO0IxNxY\/CkTMBhjNhwPvglpYumjx31B4fjkY8='; style-src *.adobe.com fonts.googleapis.com cdn.jsdelivr.net ui.powerreviews.com https:\/\/fonts.googleapis.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud https:\/\/cdnjs.cloudflare.com assets.braintreegateway.com *.googleapis.com *.gstatic.com tagmanager.google.com tag.search.sensefuel.live 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net vimeo.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.afd.co.uk *.getalma.eu *.almapay.com api.spockee.io backoffice-api.spockee.io ui.powerreviews.com display.powerreviews.com app.ekoo.co maps.googleapis.com https:\/\/ws.colissimo.fr https:\/\/maps.googleapis.com https:\/\/nominatim.openstreetmap.org https:\/\/*.onyourmap.com https:\/\/*.mapbox.com *.sagepay.com *.opayo.eu.elavon.com *.opayo.cloud *.openstreetmap.org api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com c.search.sensefuel.live 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-5VwVnimkqLLJNM7xMYyvHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com cash-f.squarecdn.com *.klevu.com *.ksearchnet.com *.fontawesome.com https:\/\/fonts.bunny.net *.stripe.com *.klarna.com *.klarnaevt.com *.klarnacdn.net klarna.com https:\/\/fonts.gstatic.com https:\/\/static.klaviyo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de 'self' *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors *.facebook.com * 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.braintreegateway.com *.paypal.com google.com *.google.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.awin1.com *.zenaps.com *.fls.doubleclick.net account.fetchify.com *.google.com\/ *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.stripe.com *.weltpixel.com consentcdn.cookiebot.com consentcdn.cookiebot.eu c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com challenges.cloudflare.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de static-eu.payments-amazon.com *.awin1.com *.zenaps.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com magefan.com cm.magefan.com *.disqus.com https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com imgsct.cookiebot.com imgsct.cookiebot.eu www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.pushalert.co www.xtento.com cdn.xtento.com lookaside.fbsbx.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.awin1.com www.dwin1.com *.zenaps.com https:\/\/the.sciencebehindecommerce.com chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com cc-cdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.disqus.com *.avada.io *.shopify.com *.google.com\/ *.facebook.com https:\/\/connect.facebook.net graph.facebook.com business.facebook.com *.stripe.com https:\/\/maps.googleapis.com https:\/\/static.hotjar.com * consent.cookiebot.com consent.cookiebot.eu js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com challenges.cloudflare.com *.pushalert.co https:\/\/www.googletagmanager.com tagmanager.google.com www.xtento.com cdn.xtento.com *.loudcrowd.com https:\/\/consent.cookiebot.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app downloads.mailchimp.com cc-cdn.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com https:\/\/fonts.bunny.net *.stripe.com *.klarna.com *.klarnaevt.com *.klarnacdn.net assets.braintreegateway.com tagmanager.google.com https:\/\/fonts.googleapis.com *.loudcrowd.com https:\/\/consent.cookiebot.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com lookaside.fbsbx.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de https:\/\/the.sciencebehindecommerce.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk cc-cdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/get.geojs.io *.avada.io *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.stripe.com https:\/\/developer.adobe.com https:\/\/maps.googleapis.com consentcdn.cookiebot.com consentcdn.cookiebot.eu api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.pushalert.co https:\/\/www.google-analytics.com *.loudcrowd.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/8fd11ad9-7da9-4946-bc96-2e043f30b371.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' data:; frame-ancestors *.weirdfish.co.uk *.adyen.com *.amazon.com *.paypal.com *.google.com *.exponea.com *.monetate.net; connect-src * data:; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline' data:;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/ddwl4m2hdecbv.cloudfront.net https:\/\/b-code.liadm.com https:\/\/rp.liadm.com https:\/\/idx.liadm.com; connect-src 'self' https:\/\/pro.ip-api.com https:\/\/alocdn.com https:\/\/*.liadm.com https:\/\/9xgnrndqve.execute-api.us-west-2.amazonaws.com https:\/\/a.usbrowserspeed.com; img-src 'self' data:; style-src 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.pl https:\/\/www.myheritage.pl  'unsafe-eval' 'nonce-f352922652f1596ff03d302d9b19d6bf' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.pl https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.dropbox.com\/csp_log?policy_name=dash&report_only=true; default-src 'none'; img-src 'self' data: https:\/\/*; font-src 'self' data:; object-src 'none'; frame-src https:\/\/www.dropbox.com https:\/\/snippet.meticulous.ai https:\/\/*.dropboxusercontent.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; connect-src 'self' blob: https:\/\/*.dropbox.com https:\/\/*.logs.datadoghq.com https:\/\/*.logs.datadoghq.eu https:\/\/*.sentry.io https:\/\/api.dropboxapi.com https:\/\/content.dropboxapi.com https:\/\/cdn.dropboxexperiment.com https:\/\/api.sprig.com https:\/\/cognito-identity.us-west-2.amazonaws.com https:\/\/user-events-v3.s3-accelerate.amazonaws.com https:\/\/*.dropboxusercontent.com https:\/\/cfl.dropboxstatic.com https:\/\/edge.fullstory.com https:\/\/rs.fullstory.com https:\/\/browser.sentry-cdn.com https:\/\/s2.googleusercontent.com https:\/\/paper.dropboxstatic.com https:\/\/app.dropboxer.net https:\/\/cdn.prod.website-files.com; media-src 'self' https:\/\/*.dropbox.com https:\/\/*.dropboxusercontent.com blob:; script-src 'self' 'report-sample' 'wasm-unsafe-eval' 'sha256-roap\/WuzYB2wh2tvlLixXzzse29Pczg3jgvuJlmqVfI=' https:\/\/www.dropbox.com https:\/\/browser.sentry-cdn.com https:\/\/snippet.meticulous.ai https:\/\/cfl.dropboxstatic.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagservices.com *.googleadservices.com *.cdnwebcloud.com https:\/\/apis.google.com https:\/\/www.googleoptimize.com https:\/\/connect.facebook.net https:\/\/www.gstatic.com *.google-analytics.com https:\/\/ajax.googleapis.com https:\/\/gstatic.com https:\/\/www.googletagmanager.com *.womtp.com https:\/\/api.ipify.org https:\/\/maps.googleapis.com *.google.com *.vo.msecnd.net https:\/\/static.criteo.net https:\/\/bucket.cdnwebcloud.com *.doubleclick.net https:\/\/static.hotjar.com https:\/\/ws.walmeric.com https:\/\/sslwidget.criteo.com https:\/\/script.hotjar.com https:\/\/pagead2.googlesyndication.com https:\/\/neural29.cdnwebcloud.com https:\/\/sb.scorecardresearch.com https:\/\/ads.profilemkt.com https:\/\/snap.licdn.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com gstatic.com *.womtp.com *.walmeric.com *.google.com; img-src 'self' data: *.azureedge.net *.gstatic.com *.googleapis.com *.gstatic.com *.doubleclick.net *.google-analytics.com *.womtp.com *.walmeric.com https:\/\/magazine.solvia.es *.blob.core.windows.net https:\/\/plataforma-des.infosolvia.es https:\/\/imagenes.solvia.es *.google.com https:\/\/www.google.es https:\/\/sb.scorecardresearch.com https:\/\/ceres-tk3f2sxfca-ey.a.run.app *.doubleclick.net https:\/\/www.facebook.com https:\/\/t.womtp.com https:\/\/pagead2.googlesyndication.com *.cdnwebcloud.com https:\/\/px.ads.linkedin.com *.googletagmanager.com; font-src 'self' *.googleapis.com *.gstatic.com; connect-src 'self' *.solvia.es https:\/\/dc.services.visualstudio.com *.hotjar.com *.linkedin.com *.cdnwebcloud.com *.google.com *.googleapis.com *.googlesyndication.com *.indigitall.com *.doubleclick.net *.google-analytics.com; object-src 'self' https:\/\/www.google.com; frame-ancestors 'none'; form-action 'self' https:\/\/www.facebook.com","count":1},{"content-security-policy-report-only":" script-src 'nonce-4YfxNFu8WgQxRVG392t11g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/static-on-bigtable; base-uri 'none'","count":1},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; report-uri \/csp-violation","count":1},{"content-security-policy-report-only":" font-src *.gstatic.com *.fontawesome.com * *.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com maxcdn.bootstrapcdn.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de 'self' 'unsafe-inline'; frame-ancestors https:\/\/api.clerk.io https:\/\/cdn.clerk.io self www.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.sharethis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de https:\/\/www.paypal.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.vimeo.com https:\/\/f.vimeocdn.com https:\/\/adyen.com https:\/\/checkoutshopper-test.adyen.com https:\/\/checkoutshopper-live.adyen.com https:\/\/pal-test.adyen.com https:\/\/pal-live.adyen.com https:\/\/amazon.com https:\/\/www.yotpo.com https:\/\/int-ecommerce.nexi.it *.kasanova.com * https:\/\/www.googletagmanager.com\/ www.google.com www.gstatic.com apis.google.com accounts.google.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.sharethis.com https:\/\/cdn.clerk.io d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de static-eu.payments-amazon.com *.google.com *.gstatic.com https:\/\/www.vimeo.com https:\/\/f.vimeocdn.com *.googleapis.com *.ggpht https:\/\/ecommerce.nexi.it *.cloudfront.net *.kasanova.com * https:\/\/static.zdassets.com\/ http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com https:\/\/www.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/rum.hlx.page *.sharethis.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.google.com *.googleapis.com https:\/\/f.vimeocdn.com *.gstatic.com https:\/\/googleads.g.doubleclick.net *.clerk.io https:\/\/int-ecommerce.nexi.it *.kasanova.com https:\/\/assets.livestory.io https:\/\/js-agent.newrelic.com *.consentcdn.cookiebot.com\/ * http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ accounts.google.com cdn.jsdelivr.net *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com https:\/\/accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.sharethis.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io *.googleapis.com * *.fontawesome.com *.google.com *.gstatic.com accounts.google.com cdn.jsdelivr.net maxcdn.bootstrapcdn.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/static.zdassets.com\/ http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.sharethis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de https:\/\/assets.livestory.io https:\/\/api.livestory.io https:\/\/www.google-analytics.com https:\/\/int-ecommerce.nexi.it *.kasanova.com *.googleapis.com * http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com accounts.google.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.gstatic.com t.elasticsuite.io *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.facebook.net webchat.jdg.co.za *.jdg.co.za 'self' 'unsafe-inline'; frame-ancestors *.hana.ondemand.com 'self'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'unsafe-inline' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.klevu.com *.ksearchnet.com magefan.com cm.magefan.com *.facebook.com *.facebook.net https:\/\/www.magezon.com ozow-live-cdn.s3.eu-west-1.amazonaws.com *.cloudflare.com https:\/\/cdn.klarna.com *.widgets.magentocommerce.com *.fpdbs.paypal.com *.t.paypal.com *.paypal.com *.fpdbs.sandbox.paypal.com *.googleapis.com *.gstatic.com *.addthis.com *.pinterest.com *.cdninstagram.com *.google.com *.google.lv *.google.co.za *.google.com.na *.google.na *.zopim.com *.nosto.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.zopim.io *.sfdr.co sfdr.co *.tawk.to tawk.link *.tawk.link *.jsdelivr.net *.azurewebsites.net maps.googleapis.com app.mobicredwidget.co.za media.flixcar.com rt.flix360.com assets.secure.checkout.visa.com *.adobedtm.com data: 'self' 'unsafe-inline'; style-src *.adobe.com fonts.googleapis.com downloads.mailchimp.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.googleapis.com *.cloudflare.com *.jsdelivr.net www.gstatic.com media.flixcar.com 'unsafe-inline' data: https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zdassets.com *.amazonaws.com *.googleapis.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; font-src https:\/\/www.roomvo.com fonts.gstatic.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.fonts.googleapis.com *.gstatic.com 'unsafe-inline' data: *.cloudflare.com *.googleapis.com *.zopim.com *.tawk.to *.jsdelivr.net media.flixfacts.com data: 'self' 'unsafe-inline'; connect-src https:\/\/agents.engati.ai wt.omnisendlink.com dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com cdn.ampproject.org https:\/\/*.ingest.sentry.io *.klevu.com *.ksearchnet.com ekr.zdassets.com\/ *.facebook.com *.facebook.net https:\/\/get.geojs.io *.avada.io *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com https:\/\/graph.instagram.com *.testfreaks.com *.google.com *.nosto.com *.hotjar.io *.hotjar.com *.doubleclick.net *.zendesk.com *.tawk.to wss:\/\/*.tawk.to *.tawk.link *.addthisedge.com *.what3words.com vsb111.tawk.to ekr.zdassets.com api.magento.com commerce.adobedc.net app.mobicredwidget.co.za wss:\/\/widget-mediator.zopim.com bam.nr-data.net *.googletagmanager.com security-hub.vaimo.network 'unsafe-eval' data: cdn.plyr.io noembed.com 'self' 'unsafe-inline'; frame-src https:\/\/unicons.iconscout.com https:\/\/youtube.com fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.facebook.com *.facebook.net *.google.com *.addthis.com *.pinterest.com *.nosto.com *.issuu.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.criteo.net *.criteo.com webchat.jdg.co.za *.jdg.co.za www.youtube.com 'self' 'unsafe-inline'; script-src https:\/\/unicons.iconscout.com https:\/\/agents.engati.ai https:\/\/bb.branding-element.com *.convertexperiments.com www.roomvo.com omnisnippet1.com bat.bing.com *.omnisnippet1.com static.ads-twitter.com analytics.tiktok.com https:\/\/s.pinterest.com https:\/\/scripts.clarity.ms assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ cdn.ampproject.org raw.githubusercontent.com chimpstatic.com downloads.mailchimp.com *.list-manage.com https:\/\/polyfill-fastly.io https:\/\/browser.sentry-cdn.com js.klevu.com *.ksearchnet.com s7.addthis.com *.facebook.com *.facebook.net *.avada.io *.google.com *.googleapis.com *.addthis.com *.moatads.com *.addthisedge.com *.pinterest.com *.zopim.com *.videoly.co sfdr.co *.cnetcontent.com *.cloudfront.net *.klevu.com *.google.lv *.google.co.za *.google.com.na *.google.na *.cloudflare.com *.cloudflareinsights.com *.nosto.com *.hotjar.com *.googletagmanager.com *.criteo.net *.criteo.com *.sfdr.co *.tawk.to *.tawk.link *.jsdelivr.net *.mouseflow.com *.what3words.com maps.googleapis.com commerce.adobedtm.com magento-recs-sdk.adobe.net static.zdassets.com app.mobicredwidget.co.za www.gstatic.com connect.facebook.net bam.nr-data.net js.testfreaks.com media.flixfacts.com media.flixcar.com security-hub.vaimo.network www.youtube.com player.vimeo.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-F4of8TZaQa+naABNHtHS1g==' 'strict-dynamic' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'sha256-f9ms\/4u9WrRYV3p93xXv88VDowcvTVxabxYcmCxoxBE=' https:\/\/connect.facebook.net https:\/\/accounts.google.com https:\/\/www.googletagmanager.com https:\/\/cdn.jifo.co https:\/\/s.infogram.com https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/www.google.com.au https:\/\/www.googleadservices.com https:\/\/www.google.co.in https:\/\/www.gstatic.com https:\/\/securepubads.g.doubleclick.net https:\/\/bat.bing.com https:\/\/www.clarity.ms https:\/\/play.google.com https:\/\/can.canstar.com.au https:\/\/graph.canstar.com.au https:\/\/jnn-pa.googleapis.com https:\/\/logx.optimizely.com https:\/\/identitytoolkit.googleapis.com https:\/\/sso.canstar.com.au https:\/\/ad.doubleclick.net https:\/\/adservice.google.com https:\/\/analytics.google.com https:\/\/sdk-02.moengage.com https:\/\/metrics.hotjar.io https:\/\/siteintercept.qualtrics.com https:\/\/collector-px58c3a4zy.perimeterx.net https:\/\/platform.twitter.com https:\/\/syndication.twitter.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/gfonts.jifo.co https:\/\/cdn.jifo.co https:\/\/themes.jifo.co https:\/\/accounts.google.com https:\/\/graph.canstar.com.au https:\/\/platform.twitter.com; style-src-attr 'self' 'unsafe-inline'; script-src-attr 'self' 'unsafe-inline' https:\/\/cns-angular-content-uat-2.freetls.fastly.net https:\/\/cns-angular-content-prod-1.freetls.fastly.net https:\/\/cns-angular-content-prod-2.freetls.fastly.net; img-src 'self' data: blob: https:\/\/graph.canstar.com.au https:\/\/snapshots.uat.canstar.com.au https:\/\/snapshots.canstar.com.au https:\/\/www.youtube.com https:\/\/i.ytimg.com https:\/\/yt3.ggpht.com https:\/\/images.jifo.co https:\/\/www.google.com https:\/\/www.google.com.au https:\/\/www.google.co.in https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com https:\/\/securepubads.g.doubleclick.net https:\/\/bat.bing.com https:\/\/www.clarity.ms https:\/\/play.google.com https:\/\/can.canstar.com.au https:\/\/graph.canstar.com.au https:\/\/jnn-pa.googleapis.com https:\/\/logx.optimizely.com https:\/\/identitytoolkit.googleapis.com https:\/\/sso.canstar.com.au https:\/\/ad.doubleclick.net https:\/\/adservice.google.com https:\/\/analytics.google.com https:\/\/sdk-02.moengage.com https:\/\/fonts.gstatic.com https:\/\/themes.jifo.co https:\/\/gfonts.jifo.co https:\/\/cdn.jifo.co https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/analytics.tiktok.com https:\/\/www.canstarblue.com.au https:\/\/www.canstar.com.au https:\/\/secure.gravatar.com https:\/\/ep1.adtrafficquality.google https:\/\/adtrafficquality.google; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/themes.jifo.co https:\/\/gfonts.jifo.co https:\/\/cdn.jifo.co https:\/\/script.hotjar.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/accounts.google.com https:\/\/e.infogram.com https:\/\/www.googletagmanager.com http:\/\/www.googletagmanager.com https:\/\/10445216.fls.doubleclick.net https:\/\/10420344.fls.doubleclick.net https:\/\/can.canstar.com.au https:\/\/can.canstarblue.com.au https:\/\/securepubads.g.doubleclick.net https:\/\/platform.twitter.com https:\/\/syndication.twitter.com https:\/\/a25480140109.cdn.optimizely.com; connect-src 'self' https:\/\/graph.canstar.com.au https:\/\/can.canstar.com.au https:\/\/can.canstarblue.com.au https:\/\/jnn-pa.googleapis.com https:\/\/www.google-analytics.com https:\/\/bat.bing.com https:\/\/www.clarity.ms https:\/\/sdk-02.moengage.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/accounts.google.com https:\/\/www.googletagmanager.com https:\/\/cdn.jifo.co https:\/\/s.infogram.com https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/www.google.com.au https:\/\/www.googleadservices.com https:\/\/www.google.co.in https:\/\/www.gstatic.com https:\/\/securepubads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/play.google.com https:\/\/logx.optimizely.com https:\/\/identitytoolkit.googleapis.com https:\/\/sso.canstar.com.au https:\/\/ad.doubleclick.net https:\/\/adservice.google.com https:\/\/analytics.google.com https:\/\/clerk.canstar.com.au https:\/\/vital-wasp-63.clerk.accounts.dev https:\/\/faithful-gannet-95.clerk.accounts.dev https:\/\/clerk-telemetry.com https:\/\/analytics.tiktok.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/metrics.hotjar.io https:\/\/surveystats.hotjar.io https:\/\/siteintercept.qualtrics.com https:\/\/collector-px58c3a4zy.perimeterx.net https:\/\/ep1.adtrafficquality.google https:\/\/adtrafficquality.google https:\/\/cns-angular-content-uat-2.freetls.fastly.net https:\/\/cns-angular-content-prod-1.freetls.fastly.net https:\/\/cns-angular-content-prod-2.freetls.fastly.net; worker-src 'self' blob:; base-uri 'self'; form-action 'self'; report-uri https:\/\/graph.canstar.com.au\/csp-report;","count":1},{"content-security-policy-report-only":" frame-ancestors 'none'; report-uri https:\/\/endpoint3.collection.us2.sumologic.com\/receiver\/v1\/http\/ZaVnC4dhaV30Tj5vtZfuZ0tYPfqb8xOSxI9TJ5CbQ_ZE4W4aGoGW8HViqViD0nttCcDqHOZNNhObvJtSbYn1XDP7uSjlITCzSLlNsuSdwZ46El5dcVC6kg==","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ZilDza3DnDxd6WAbEiRO' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'report-sample';report-uri https:\/\/csp.withgoogle.com\/csp\/scfe","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self' https:\/\/cancercarespecialists.org\/mychart\/;frame-src 'self' epichttp: https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/*.zipnosis.com\/ https:\/\/cdnapisec.kaltura.com\/ https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/integrations-core.fabrichealth.com https:\/\/integrations-core.stage.fabrichealth.com https:\/\/mychart-stg.personapay.com https:\/\/mychart.personapay.com https:\/\/pay.instamed.com https:\/\/premier.trustcommerce.com https:\/\/s3.amazonaws.com\/assets.gyant.com\/ https:\/\/securecheckout-test.onplanprocessing.com https:\/\/securecheckout.onplanprocessing.com https:\/\/stagepremier.trustcommerce.com wss:\/\/*.gyantts.com\/;script-src 'nonce-f0f9294be85243b29a8a2b8bbd9361fb' https:\/\/www.osfmychart.org 'self' https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ https:\/\/siteimproveanalytics.com\/ wss:\/\/*.gyantts.com\/;img-src https:\/\/* 'self' blob: data: https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;connect-src 'self' epichttp: https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;style-src https:\/\/www.osfmychart.org 'self' 'unsafe-inline' https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;manifest-src 'self' https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;worker-src 'self' blob: https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;child-src 'self' blob: https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;font-src 'self' https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;object-src 'self' https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;form-action https:\/\/central.mychart.org\/MyChart\/ 'self' https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/*.zipnosis.com\/ https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;media-src https:\/\/* 'self' blob: https:\/\/*.appcues.com https:\/\/*.dermengine.com https:\/\/*.gyantts.com\/ https:\/\/*.intranet.osfnet.org\/ https:\/\/*.kyruus.com\/ https:\/\/*.mixpanel.com https:\/\/*.neurotrack.com\/ https:\/\/*.neurotrack.io\/ https:\/\/*.osfhealthcare.org\/ https:\/\/*.skin.app https:\/\/*.stripe.com https:\/\/d2y285dhddzdli.cloudfront.net https:\/\/s3.amazonaws.com\/assets.gyant.com\/ wss:\/\/*.gyantts.com\/;","count":1},{"content-security-policy-report-only":" default-src *; style-src 'self'  https:\/\/* 'unsafe-inline'; script-src 'self' https:\/\/* 'unsafe-inline'; img-src 'self' data:;","count":1},{"content-security-policy-report-only":" frame-ancestors 'none'; default-src 'self'; script-src 'self' 'nonce-MjlkYWFhNGItODI1Ni00YjMyLWJjZTUtNDAzZjQ5NDYwM2Mw' https:\/\/status.livepix.gg https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com https:\/\/js.intercomcdn.com https:\/\/widget.intercom.io https:\/\/www.youtube.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/fonts.intercomcdn.com; img-src 'self' https:\/\/static.livepix.gg https:\/\/cdn.livepix.gg https:\/\/www.googletagmanager.com https:\/\/downloads.intercomcdn.com https:\/\/static.intercomassets.com https:\/\/js.intercomcdn.com https:\/\/messenger-apps.intercom.io https:\/\/i.ytimg.com; frame-src 'self' https:\/\/checkout.livepix.gg https:\/\/rlgrjlrv2czy.statuspage.io https:\/\/www.googletagmanager.com https:\/\/intercom-sheets.com https:\/\/www.google.com https:\/\/www.youtube.com; connect-src 'self' https:\/\/webservice.livepix.gg https:\/\/unleash.livepix.gg https:\/\/fingerprint.livepix.gg https:\/\/fp.livepix.gg https:\/\/livia.livepix.gg https:\/\/www.google.com https:\/\/www.google-analytics.com https:\/\/api-iam.intercom.io wss:\/\/nexus-websocket-a.intercom.io https:\/\/o4508013286391808.ingest.us.sentry.io; manifest-src 'self' https:\/\/static.livepix.gg; media-src 'self' blob: https:\/\/static.livepix.gg https:\/\/js.intercomcdn.com","count":1},{"content-security-policy-report-only":" object-src 'none'; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdn.jsdelivr.net cdnjs.cloudflare.com unpkg.com cdn3.theuaelottery.ae cdn3.uat-uaenl.ae www.gstatic.com;report-uri https:\/\/muddy-meadow-fb56.swang-203.workers.dev\/csp-report","count":1},{"content-security-policy-report-only":" default-src   'self' 'unsafe-inline';  img-src   'self' *.akamaihd.net *.boltdns.net *.brightcove.com *.brightcovecdn.com *.clarity.ms *.karte.io *.line.me *.reproio.com *.revico.jp *.visumo.io *.visumo.jp ajax.googleapis.com analytics.tiktok.com analytics.twitter.com analytics-ipv6.tiktokw.us b98.yahoo.co.jp b99.yahoo.co.jp bat.bing.com bat.bing.net bs.nakanohito.jp c.bing.com connect.facebook.net contents.online.checkout.rakuten.co.jp d1r147hdvhiup1.cloudfront.net d1y1ejsnfr35ye.cloudfront.net googleads.g.doubleclick.net img-karte-io.s3.amazonaws.com io.repro-booster.com m.media-amazon.com maihada.jp maison.kose.co.jp masvc-prod-function-outside-accesslog.azurewebsites.net players.brightcove.net production-image-proxy.reproio.com promolayer-images.b-cdn.net s3-ap-northeast-1.amazonaws.com sdk.hellouniweb.com sekkisei.jp static-fe.payments-amazon.com static-na.payments-amazon.com stats.g.doubleclick.net test.yuki-oshio.com tr.line.me uncn.jp www.addiction-beauty.com www.cosmedecorte.com www.decorte.com www.facebook.com www.google.at www.google.ca www.google.ch www.google.cl www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.kr www.google.co.th www.google.co.uk www.google.com www.google.com.au www.google.com.eg www.google.com.hk www.google.com.kh www.google.com.mx www.google.com.my www.google.com.ph www.google.com.sa www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.vn www.google.de www.google.es www.google.fi www.google.fr www.google.ie www.google.it www.google.nl www.google.pl www.google.pt www.google.ru www.google.se www.googleadservices.com www.googletagmanager.com www.jillstuart-floranotisjillstuart.com data:;  font-src   'self' 'unsafe-inline' *.karte.io *.revico.jp assets.payments-amazon.com fonts.googleapis.com fonts.gstatic.com players.brightcove.net data:;  connect-src   'self' *.akamaihd.net *.boltdns.net *.brightcove.com *.brightcovecdn.com *.clarity.ms *.karte.io *.line.me *.reproio.com *.revico.jp *.visumo.io *.visumo.jp a.promolayer.io ac.fanp.me analytics.google.com analytics.tiktok.com analytics.twitter.com analytics-ipv6.tiktokw.us apac.account.amazon.com api.amazon.co.jp api.amazon.com api.rollbar.com apis.google.com apm.yahoo.co.jp ara.paa-reporting-advertising.amazon bat.bing.com bat.bing.net bs.nakanohito.jp c.amazon-adsystem.com dc.services.visualstudio.com displayscdn.promolayer.io dm.slim02.jp dpolc4ci3j.execute-api.ap-northeast-1.amazonaws.com edge.api.brightcove.com googleads.g.doubleclick.net liffsdk.line-scdn.net lightning-recommend.io m.media-amazon.com maps.googleapis.com mws.amazonservices.com mws.amazonservices.jp payments-fe.amazon.com payments-jp.amazon.com payments.amazon.co.jp players.brightcove.net production-dual-proxy.reproio.com region1.analytics.google.com region1.google-analytics.com s.amazon-adsystem.com sdk.hellouniweb.com stats.g.doubleclick.net ufoyaxubucivumen.conversion.jp.zeals.ai uncn.jp wss:\/\/*.karte.io www.decorte.com www.facebook.com www.google.at www.google.ca www.google.ch www.google.cl www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.kr www.google.co.th www.google.co.uk www.google.com www.google.com.au www.google.com.eg www.google.com.hk www.google.com.kh www.google.com.mx www.google.com.my www.google.com.ph www.google.com.sa www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.vn www.google.de www.google.es www.google.fi www.google.fr www.google.ie www.google.it www.google.nl www.google.pl www.google.pt www.google.ru www.google.se www.google-analytics.com www.googleadservices.com www.googletagmanager.com blob:;  frame-src   'self' *.revico.jp cache.send.microad.jp payments-jp.amazon.com payments.amazon.co.jp players.brightcove.net recaptcha.google.com s.amazon-adsystem.com static-fe.payments-amazon.com static-na.payments-amazon.com toolytics.pa.clients6.google.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com;  media-src   'self' *.akamaihd.net *.boltdns.net *.brightcovecdn.com *.cf.brightcove.com *.media.brightcove.com *.visumo.io *.visumo.jp blob:;  script-src   'self' 'unsafe-inline' 'unsafe-eval' *.clarity.ms *.ebis.ne.jp *.karte.io *.mul-pay.jp *.reproio.com *.revico.jp *.visumo.io *.visumo.jp ac.fanp.me adebisns.decorte.com ajax.googleapis.com analytics.tiktok.com apis.google.com as.uncn.jp assets.payments-amazon.com b98.yahoo.co.jp b99.yahoo.co.jp bat.bing.com blitz-production-action.s3.ap-northeast-1.amazonaws.com c.amazon-adsystem.com cdn.credit.gmo-ab.com cdn-blocks.karte.io connect.facebook.net contents.online.checkout.rakuten.co.jp cs.nakanohito.jp d.line-scdn.net d1r147hdvhiup1.cloudfront.net dmp.im-apps.net fraud-buster.appspot.com googleads.g.doubleclick.net idangero.us jacklmoore.com lightning-recommend.io maps.googleapis.com masvcuploadprodstorage.blob.core.windows.net masvcuploadstagestorage.blob.core.windows.net modules.promolayer.io players.brightcove.net s.yimg.jp s.yjtag.jp sdk.hellouniweb.com static.jp.zeals.ai static.line-scdn.net static-fe.payments-amazon.com static-na.payments-amazon.com swiperjs.com vjs.zencdn.net www.decorte.com www.google.com www.google-analytics.com www.googletagmanager.com www.gstatic.com blob:;  style-src   'self' 'unsafe-inline' *.karte.io *.revico.jp *.visumo.jp ajax.googleapis.com assets.payments-amazon.com d1r147hdvhiup1.cloudfront.net fonts.googleapis.com fonts.gstatic.com players.brightcove.net;  worker-src   'self' blob:;  report-to   csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self' https:\/\/*.epic.com https:\/\/*.geisinger.edu https:\/\/*.geisinger.org https:\/\/*.mycarecompass.edu https:\/\/*.mycarecompass.org https:\/\/*.mygeisinger.org https:\/\/geisinger.org https:\/\/www.geisinger.org;frame-src https:\/\/* 'self' epichttp: https:\/\/*.geisinger.edu https:\/\/pay.instamed.com https:\/\/paymentsafe.experianhealth.com;script-src https:\/\/mychart.mycarecompass.org 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.geisinger.edu https:\/\/*.geisinger.org https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.gyantts.com https:\/\/*.jquery.com https:\/\/*.mycarecompass.org https:\/\/*.virtualearth.net https:\/\/ajax.microsoft.com https:\/\/mycarecompass.org https:\/\/twemoji.maxcdn.com https:\/\/unpkg.com https:\/\/www.gstatic.com;img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp: https:\/\/*.amazonaws.com https:\/\/*.gyantts.com wss:\/\/web.production.gyantts.com wss:\/\/web2.dev.gyantts.com wss:\/\/web2.production.gyantts.com;style-src https:\/\/mychart.mycarecompass.org 'self' 'unsafe-inline' https:\/\/*.geisinger.edu https:\/\/*.geisinger.org https:\/\/*.gyantts.com https:\/\/*.mycarecompass.org https:\/\/mycarecompass.org https:\/\/s3.amazonaws.com;worker-src 'self' blob:;child-src 'self' blob:;font-src 'self' https:\/\/*.gyantts.com https:\/\/s3.amazonaws.com;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com uat.pinepg.in https:\/\/uat.pinepg.in\/api\/PG\/V2 secure.pinepg.in https:\/\/secure.pinepg.in\/payment 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com landofcoder.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.ftcdn.net *.behance.net *.googleapis.com maps.gstatic.com www.pinelabs.com https:\/\/www.pinelabs.com\/img\/logo.png *.gstatic.com https:\/\/www.magezon.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ maps.googleapis.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com landofcoder.com https:\/\/storage.googleapis.com *.googletagmanager.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.fontawesome.com tagmanager.google.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.magento-datasolutions.com *.magento-ds.com maps.googleapis.com https:\/\/www.google-analytics.com https:\/\/fonts.gstatic.com *.googleapis.com https:\/\/www.gstatic.com landofcoder.com https:\/\/storage.googleapis.com *.googletagmanager.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri www.googleadservices.com 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline'   https:\/\/*.googlesyndication.com   https:\/\/*.doubleclick.net   https:\/\/googleads.g.doubleclick.net   https:\/\/pagead2.googlesyndication.com   https:\/\/tpc.googlesyndication.com   https:\/\/www.googletagmanager.com   https:\/\/www.google-analytics.com   https:\/\/*.google.com   https:\/\/adservice.google.com https:\/\/adservice.google.co.uk   https:\/\/challenges.cloudflare.com   https:\/\/www.gstatic.com https:\/\/www.recaptcha.net   https:\/\/static.cloudflareinsights.com   https:\/\/*.adtrafficquality.google; connect-src 'self' https:; img-src 'self' data: blob: https:; frame-src 'self'   https:\/\/*.doubleclick.net https:\/\/*.googlesyndication.com   https:\/\/googleads.g.doubleclick.net https:\/\/tpc.googlesyndication.com   https:\/\/fundingchoicesmessages.google.com   https:\/\/*.google.com https:\/\/www.gstatic.com https:\/\/www.recaptcha.net   https:\/\/challenges.cloudflare.com   https:\/\/*.adtrafficquality.google; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; base-uri 'self'; frame-ancestors 'self'; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" script-src 'none'; connect-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=KhOzJJnwcHt49qvazVfM4Ux5XunE5Tv1H7j8NqbSvtk-1778720572-1.0.1.1-3imit.XyD3GRZIrghsgrThdf5HEsFIsyv7TyrZHJJ5R_.AeacRRj1sJ22mY_8pWbWmiG002XtlUjdUjwm1T5tnlUA531kzGJq.GokSDixVqVKWEMhi89HQ5IA286L_GpNBvn7YW77LW1Vt0L0XCKRCZw9VMAOziIUoWHNO3d__3WNbKQfBfDUG_Q9TS8r9EF; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' https: data:; img-src 'self' https: data: blob:; connect-src 'self' https:; frame-src https:; frame-ancestors 'none':; base-uri 'self'; form-action https:; object-src 'none'; upgrade-insecure-requests; report-uri https:\/\/api.fwicloud.com\/common\/v1\/csp-reports; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com maxcdn.bootstrapcdn.com *.pushpushgo.com *.klevu.com data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.facebook.com *.googlesyndication.com *.constructor.com *.constructor.dev 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com *.pushpushgo.com *.klevu.com *.constructor.com *.constructor.dev data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com https:\/\/browser.sentry-cdn.com *.pushpushgo.com *.klevu.com *.constructor.com *.constructor.dev 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com maxcdn.bootstrapcdn.com *.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com https:\/\/*.ingest.sentry.io *.constructor.com *.constructor.dev *.cnstrc.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data:; report-uri \/report-csp-violation; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/code.jquery.com https:\/\/www.googletagmanager.com https:\/\/pxl-csumbedu.terminalfour.net https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/cbe.capturehighered.net https:\/\/s.adroll.com https:\/\/d.adroll.com https:\/\/www.google.com https:\/\/cse.google.com https:\/\/www.gstatic.com https:\/\/siteimproveanalytics.com https:\/\/bot.io.gravyty.com 'unsafe-inline'; style-src 'self' https:\/\/fonts.googleapis.com https:\/\/pxl-csumbedu.terminalfour.net https:\/\/www.google.com https:\/\/www.csuci.edu 'unsafe-inline'; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/pxl-csumbedu.terminalfour.net data:; img-src 'self' https:\/\/www.csuci.edu https:\/\/pxl-csumbedu.terminalfour.net https:\/\/40230.global.siteimproveanalytics.io data:; media-src 'self' https:\/\/player.vimeo.com https:\/\/vimeocdn.com; connect-src 'self' https:\/\/region1.google-analytics.com https:\/\/content.hotjar.io wss:\/\/ws.hotjar.com https:\/\/bot.io.gravyty.com; frame-src 'self' https:\/\/www.google.com; frame-ancestors 'self'; object-src 'none'; base-uri 'none';","count":1},{"content-security-policy-report-only":" font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.easypack24.net *.klarnacdn.net *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/*.accessiblyapp.com https:\/\/*.accessibly.app https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.scalapay.com https:\/\/*.oct8ne.com https:\/\/*.channelize.io data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.scalapay.com https:\/\/*.channelize.io *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.klarna.com https:\/\/*.accessiblyapp.com https:\/\/*.accessibly.app https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.scalapay.com https:\/\/*.channelize.io c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https:\/\/cdn.clerk.io *.connectif.cloud *.feedaty.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.development.scalapay.com *.staging.scalapay.com *.scalapay.com cdn.doofinder.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.easypack24.net *.inpost.pl *.inpost.com *.openstreetmap.org *.klarna.com *.klarnaevt.com *.klarnacdn.net intpaye.netsgroup.com https:\/\/*.accessiblyapp.com https:\/\/*.accessibly.app https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.clarity.ms https:\/\/*.bing.com https:\/\/*.awin1.com https:\/\/*.scalapay.com https:\/\/*.anticafarmaciaorlandi.it https:\/\/*.oct8ne.com https:\/\/*.google.it https:\/\/*.channelize.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.gstatic.com pay.google.com google.com\/pay ecomms2s.sella.it sandbox.gestpay.net img.riskified.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.channelize.io https:\/\/api.clerk.io https:\/\/cdn.clerk.io https:\/\/*.connectif.cloud *.feedaty.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.development.scalapay.com *.staging.scalapay.com *.scalapay.com cdn.doofinder.com chimpstatic.com downloads.mailchimp.com *.list-manage.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.inpost.pl *.inpost.it *.easypack24.net *.klarna.com *.klarnacdn.net *.klarnaservices.com *.avada.io https:\/\/*.clerk.io https:\/\/*.accessiblyapp.com https:\/\/*.accessibly.app https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.facebook.net https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.clarity.com https:\/\/*.clarity.ms https:\/\/*.outbrain.com https:\/\/*.onesignal.com https:\/\/*.dwin1.com https:\/\/*.gestpay.net https:\/\/*.scalapay.com https:\/\/*.iubenda.com https:\/\/*.oct8ne.com https:\/\/*.getblue.io https:\/\/*.channelize.io https:\/\/*.bing.com https:\/\/*.cookieless-data.com https:\/\/*.sddan.com https:\/\/*.airtable.com https:\/\/*.awin1.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.google.com www.gstatic.com beacon.riskified.com tracking.trovaprezzi.it www.trovaprezzi.it tps.trovaprezzi.it 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io *.feedaty.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com *.doofinder.com downloads.mailchimp.com geowidget.easypack24.net *.klarnacdn.net *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/*.accessiblyapp.com https:\/\/*.accessibly.app https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.scalapay.com https:\/\/*.channelize.io unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/*.accessiblyapp.com https:\/\/*.accessibly.app https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.scalapay.com https:\/\/*.channelize.io 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.channelize.io https:\/\/*.connectif.cloud *.feedaty.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.doofinder.com wss:\/\/*.doofinder.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.inpost.pl *.inpost.it *.easypack24.net *.klarnaevt.com *.klarnacdn.net *.klarna.com *.klarnaservices.com https:\/\/get.geojs.io *.avada.io *.paypal.com https:\/\/*.accessiblyapp.com https:\/\/*.accessibly.app https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.google.com https:\/\/google.com https:\/\/*.google-analytics.com https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.outbrain.com https:\/\/*.clarity.ms https:\/\/*.amplitude.com https:\/\/*.bing.com https:\/\/*.scalapay.com https:\/\/*.iubenda.com https:\/\/*.oct8ne.com https:\/\/*.channelize.io https:\/\/*.wepowerconnections.com https:\/\/*.sciencebehindecommerce.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.google.com google.com www.google.com www.gstatic.com pay.google.com google.com\/pay ecomms2s.sella.it sandbox.gestpay.net c.riskified.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/www.googletagmanager.com *.googleapis.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.klaviyo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.awin1.com *.zenaps.com *.fls.doubleclick.net *.klarna.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * sibautomation.com *.criteo.com *.gelproximity.com *.trustpilot.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.awin1.com *.zenaps.com *.wepowerconnections.com https:\/\/cdn.clerk.io https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klarna.com *.klarnaevt.com *.klarnacdn.net magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com flagpedia.net https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.elfsight.com *.elfsightcdn.com *.trustpilot.com *.trustpilot.net *.doofinder.com *.google.com *.google.it *.bidswitch.net *.doubleclick.net *.adnxs.com *.media.net *.rubiconproject.com *.sharethrough.com *.smartadserver.com *.taboola.com *.teads.tv eb2.3lift.com *.yahoo.com *.adform.net *.criteo.com *.popupsmart.com *.onesignal.com upstream.heidipay.com sbx-upstream.heidipay.io *.casalemedia.com id5-sync.com *.360yield.com *.mediavine.com *.postrelease.com *.outbrain.com *.pubmatic.com *.tremorhub.com *.yieldlab.net *.1rx.io *.agkn.com *.unrulymedia.com www.gstatic.com pay.google.com google.com\/pay ecomms2s.sella.it sandbox.gestpay.net img.riskified.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com https:\/\/maps.googleapis.com tagmanager.google.com https:\/\/www.googletagmanager.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.avada.io *.gstatic.com maps.googleapis.com js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.elfsight.com *.doofinder.com sibautomation.com *.iubenda.com *.popupsmart.com *.criteo.com *.onesignal.com onesignal.com *.gelproximity.com *.clerk.io *.hotjar.com www.google.com www.gstatic.com beacon.riskified.com tracking.trovaprezzi.it tps.trovaprezzi.it www.trovaprezzi.it *.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com https:\/\/api.clerk.io https:\/\/cdn.clerk.io https:\/\/static.klaviyo.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.gstatic.com assets.braintreegateway.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.doofinder.com onesignal.com *.popupsmart.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/get.geojs.io *.avada.io www.gstatic.com maps.googleapis.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.development.scalapay.com *.staging.scalapay.com *.integration.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com *.onesignal.com onesignal.com *.popupsmart.com *.elfsight.com *.doofinder.com wss:\/\/*.doofinder.com *.brevo.com *.iubenda.com *.doubleclick.net *.criteo.com *.google-analytics.com www.google.com pay.google.com google.com\/pay ecomms2s.sella.it sandbox.gestpay.net c.riskified.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net self data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de https:\/\/store.plumrocket.com pal-test.adyen.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.paypal.com self *.doubleclick.net *.criteo.com *.easydmp.net *.snapchat.com https:\/\/store.plumrocket.com https:\/\/accounts.google.com checkoutshopper-test.adyen.com pal-test.adyen.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com self *.bing.com *.paypal.com *.google.fr *.electrodepot.fr *.electrodepot.be *.electrodepot.es *.cookielaw.org *.snapchat.com checkoutshopper-test.adyen.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com self sc-static.net *.abtasty.com *.jsdelivr.net *.gstatic.com *.facebook.net *.tiktok.com *.googleapis.com *.easydmp.net *.vzbl.eu *.aticdn.net *.m1by1.com *.woosmap.com *.doubleclick.net *.cookielaw.org *.snapchat.com *.valiuz.com *.mediarithmics.com *.prediggo.services https:\/\/accounts.google.com checkoutshopper-test.adyen.com 'self' 'unsafe-eval' 'nonce-NWYzeWFubmVlYTV5Zzhycjd5cjB0bHMyY2VobXN4bXo=' 'sha256-W5akSSK6LD5BjIlNICMcXaUObQSRAaj6bs7JHADURBA=' 'sha256-3qVqeAdyxxTdPkkRzqapjGkAUYLahxSrB7Mdup+GPQ0=' 'sha256-2rvfFrggTCtyF5WOiTri1gDS8Boibj4Njn0e+VCBmDI=' 'sha256-p8MCfMHqrovsjRYU9z0bU17dd0z81k\/fVbGrtBBiM9g=' 'sha256-0pk2s4oXwBELlC6IBVb3nNaM2PjfjwI2N6OGIX5lx8Y=' 'sha256-nkEZknO0IxNxY\/CkTMBhjNhwPvglpYumjx31B4fjkY8='; style-src *.adobe.com fonts.googleapis.com self *.gstatic.com *.electrodepot.fr *.electrodepot.be *.electrodepot.es *.snapchat.com https:\/\/accounts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.adyen.com *.google.com google.com payments-eu.amazon.com *.paypal.com self *.snapchat.com *.cookielaw.org *.abtasty.com *.googleapis.com *.vzbl.eu *.criteo.com *.easydmp.net *.xiti.com *.valiuz.com *.doubleclick.net *.mediarithmics.com https:\/\/accounts.google.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.electrodepot.fr *.electrodepot.be *.electrodepot.es *.bing.com *.criteo.net *.snapchat.com *.netvigie.com *.xiti.com *.valiuz.com *.googletagmanager.com *.google.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https:; frame-src https:\/\/www.google.com; object-src 'none'; base-uri 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net https:\/\/cdnjs.cloudflare.com *.fontawesome.com https:\/\/fonts.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com http:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.googleadservices.com *.paypal.com *.google-analytics.com https:\/\/l.clarity.ms\/collect  *.paypal.com  https:\/\/get.geojs.io  https:\/\/js-agent.newrelic.com  https:\/\/royaloak-dev.codilar.in https:\/\/mcstaging.royaloakindia.com  https:\/\/royaloakindia.com  https:\/\/bam.nr-data.net https:\/\/f.clarity.ms https:\/\/sdk-01.moengage.com\/ https:\/\/mcprod.royaloakindia.com https:\/\/cdnjs.cloudflare.com https:\/\/commerce.adobedtm.com https:\/\/js-agent.newrelic.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/plumrocket.com 'self' 'unsafe-inline'; frame-ancestors https:\/\/cdnjs.cloudflare.com https:\/\/js-agent.newrelic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.googleadservices.com *.paypal.com *.google-analytics.com https:\/\/l.clarity.ms\/collect  *.paypal.com  https:\/\/get.geojs.io  https:\/\/js-agent.newrelic.com  https:\/\/royaloak-dev.codilar.in  https:\/\/mcstaging.royaloakindia.com  https:\/\/royaloakindia.com  https:\/\/bam.nr-data.net https:\/\/f.clarity.ms https:\/\/sdk-01.moengage.com\/ https:\/\/mcprod.royaloakindia.com https:\/\/cdnjs.cloudflare.com https:\/\/commerce.adobedtm.com https:\/\/js-agent.newrelic.com api.razorpay.com www.youtube-nocookie.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com http:\/\/x.nitrocommerce.ai https:\/\/x.nitrocommerce.ai http:\/\/t.makehook.ws https:\/\/t.makehook.ws c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/plumrocket.com testourcode.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.googleadservices.com *.paypalobjects.com *.google-analytics.com https:\/\/l.clarity.ms\/collect  *.paypal.com  https:\/\/get.geojs.io  https:\/\/js-agent.newrelic.com  https:\/\/royaloak-dev.codilar.in  https:\/\/mcstaging.royaloakindia.com  https:\/\/royaloakindia.com  https:\/\/bam.nr-data.net https:\/\/f.clarity.ms https:\/\/sdk-01.moengage.com\/ https:\/\/mcprod.royaloakindia.com https:\/\/cdnjs.cloudflare.com https:\/\/commerce.adobedtm.com https:\/\/js-agent.newrelic.com https:\/\/pdp.gokwik.co https:\/\/res.shopster.chat https:\/\/x.nitrocommerce.ai https:\/\/staging.royaloakindia.com https:\/\/www.facebook.com cdn.razorpay.com magefan.com cm.magefan.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com http:\/\/x.nitrocommerce.ai http:\/\/t.makehook.ws https:\/\/t.makehook.ws www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com assets.snapmint.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com www.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com *.googleadservices.com *.paypal.com *.google-analytics.com https:\/\/l.clarity.ms\/collect  *.paypal.com  https:\/\/get.geojs.io  https:\/\/js-agent.newrelic.com  https:\/\/royaloak-dev.codilar.in  https:\/\/mcstaging.royaloakindia.com  https:\/\/royaloakindia.com  https:\/\/bam.nr-data.net https:\/\/f.clarity.ms https:\/\/sdk-01.moengage.com\/ https:\/\/mcprod.royaloakindia.com https:\/\/cdnjs.cloudflare.com https:\/\/commerce.adobedtm.com https:\/\/js-agent.newrelic.com https:\/\/pdp.gokwik.co https:\/\/offer-widget.gokwik.co https:\/\/x.nitrocommerce.ai https:\/\/urlbird.nitrocommerce.ai https:\/\/assets.snapmint.com https:\/\/cdn.razorpay.com https:\/\/checkout.razorpay.com https:\/\/clarity.ms https:\/\/www.clarity.ms www.facebook.com https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/bat.bing.com https:\/\/unpkg.com checkout.razorpay.com *.googleapis.com *.google.com *.gstatic.com connect.facebook.net graph.facebook.com business.facebook.com http:\/\/x.nitrocommerce.ai http:\/\/t.makehook.ws https:\/\/t.makehook.ws js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com api.snapmint.com assets.snapmint.com sandboxapi.snapmint.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com http:\/\/x.nitrocommerce.ai https:\/\/x.nitrocommerce.ai http:\/\/t.makehook.ws https:\/\/t.makehook.ws http:\/\/fonts.googleapis.com https:\/\/fonts.googleapis.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io commerce.adobe.net qa-api.magedevteam.com *.sentry.io *.googleadservices.com *.paypal.com *.google-analytics.com https:\/\/l.clarity.ms\/collect  *.paypal.com  https:\/\/get.geojs.io  https:\/\/js-agent.newrelic.com  https:\/\/royaloak-dev.codilar.in  https:\/\/mcstaging.royaloakindia.com  https:\/\/royaloakindia.com  https:\/\/bam.nr-data.net https:\/\/f.clarity.ms https:\/\/sdk-01.moengage.com\/ https:\/\/mcprod.royaloakindia.com https:\/\/cdnjs.cloudflare.com https:\/\/commerce.adobedtm.com https:\/\/js-agent.newrelic.com https:\/\/pdp.gokwik.co https:\/\/x.nitrocommerce.ai https:\/\/urlbird.nitrocommerce.ai https:\/\/t.makehook.ws https:\/\/assets.snapmint.com https:\/\/api.snapmint.com https:\/\/lumberjack.razorpay.com https:\/\/lumberjack-metrics.razorpay.com https:\/\/googleads.g.doubleclick.net https:\/\/clarity.ms https:\/\/mpc2-prod-26-is5qnl632q-uc.a.run.app https:\/\/api.braintreegateway.com https:\/\/client-analytics.braintreegateway.com lumberjack.razorpay.com lumberjack-metrics.razorpay.com www.youtube.com http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.gstatic.com http:\/\/x.nitrocommerce.ai http:\/\/t.makehook.ws api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.transbank.cl 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com https:\/\/construmart-help.freshchat.com *.mercadolibre.com *.mercadolivre.com *.mlstatic.com *.mercadopago.com *.mercadopago.com.ar *.mercadopago.cl *.mercadopago.com.co *.mercadopago.com.br *.mercadopago.com.mx *.mercadopago.com.uy *.mercadopago.com.ve *.mercadopago.com.pe 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/www.clarity.ms https:\/\/c.clarity.ms https:\/\/construmart-help.freshchat.com https:\/\/www.construmart.cl https:\/\/bat.bing.com https:\/\/c.bing.com https:\/\/www.facebook.com https:\/\/www.google.com.ar *.pubmatic.com maps.gstatic.com maps.googleapis.com *.mercadolibre.com *.mercadolivre.com *.mlstatic.com *.mercadopago.com *.mercadopago.com.ar *.mercadopago.cl *.mercadopago.com.co *.mercadopago.com.br *.mercadopago.com.mx *.mercadopago.com.uy *.mercadopago.com.ve *.mercadopago.com.pe data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/construmart-help.freshchat.com https:\/\/bat.bing.com https:\/\/connect.facebook.net https:\/\/scripts.icommkt.online https:\/\/web-sdk.smartlook.com *.pubmatic.com www.google.com www.gstatic.com maps.googleapis.com *.mercadolibre.com *.mercadolivre.com *.mlstatic.com *.mercadopago.com *.mercadopago.com.ar *.mercadopago.cl *.mercadopago.com.co *.mercadopago.com.br *.mercadopago.com.mx *.mercadopago.com.uy *.mercadopago.com.ve *.mercadopago.com.pe 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/construmart-help.freshchat.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/construmartpro.cl 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/l.clarity.ms https:\/\/construmart-help.freshchat.com *.doubleclick.net *.facebook.com *.smartlook.cloud *.pubmatic.com maps.googleapis.com *.mercadolibre.com *.mercadolivre.com *.mlstatic.com *.mercadopago.com *.mercadopago.com.ar *.mercadopago.cl *.mercadopago.com.co *.mercadopago.com.br *.mercadopago.com.mx *.mercadopago.com.uy *.mercadopago.com.ve *.mercadopago.com.pe 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-2vDi6MxjZWK0NEKZ3b7JhQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' *.wistia.com *.wistia.net embedwistia-a.akamaihd.net\/ https:\/\/fonts.googleapis.com\/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/edge.fullstory.com https:\/\/rs.fullstory.com https:\/\/ajax.googleapis.com\/ https:\/\/first.iovation.com\/ https:\/\/mpsnare.iesnare.com\/ https:\/\/128-koi-090.mktoresp.com\/ *.gskydev.net *.gskydev.com https:\/\/auth.prod.greensky.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/code.jquery.com https:\/\/cdn.jsdelivr.net https:\/\/pages.greenskycredit.com https:\/\/www.google.com\/ https:\/\/www.gstatic.com https:\/\/cdnjs.cloudflare.com https:\/\/app-ab27.marketo.com https:\/\/munchkin.marketo.net https:\/\/abrtp1-cdn.marketo.com blob: http:\/\/static.site24x7rum.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com *.wistia.com https:\/\/rtp-static.marketo.com https:\/\/abrtp1.marketo.com https:\/\/js.driftt.com; style-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com\/ https:\/\/pages.greenskycredit.com\/ https:\/\/cdn.jsdelivr.net\/ https:\/\/www.greensky.com\/ *.gskydev.com *.gskydev.net https:\/\/use.fontawesome.com\/ https:\/\/pro.fontawesome.com\/ https:\/\/rtp-static.marketo.com\/ https:\/\/fonts.googleapis.com\/ https:\/\/fonts.googleapis.com\/css\/ https:\/\/app-ab27.marketo.com\/ https:\/\/munchkin.marketo.net; font-src 'self' https:\/\/cdnjs.cloudflare.com https:\/\/pro.fontawesome.com\/ data: https:\/\/fonts.gstatic.com https:\/\/fast.wistia.com https:\/\/use.fontawesome.com; img-src 'self' https:\/\/www.googletagmanager.com https:\/\/rs.fullstory.com *.greensky.com\/ *.gskydev.com\/ *.gskydev.net\/ https:\/\/embed-ssl.wistia.com data: https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/fast.wistia.com https:\/\/greensky.dotcmscloud.com https:\/\/*.greensky.dotcmscloud.com embedwistia-a.akamaihd.net\/ https:\/\/embed-fastly.wistia.com http:\/\/embed.wistia.com\/ https:\/\/www.google.com https:\/\/www.google.de https:\/\/app-ab27.marketo.com https:\/\/pages.greenskycredit.com; media-src 'self' blob: https:\/\/js.driftt.com; frame-src 'self' https:\/\/pages.greenskycredit.com\/ https:\/\/app-ab27.marketo.com\/ https:\/\/www.google.com\/ https:\/\/js.driftt.com; connect-src 'self' https:\/\/analytics.google.com https:\/\/edge.fullstory.com https:\/\/rs.fullstory.com *.gskydev.com\/ *.gskydev.net\/ https:\/\/128-koi-090.mktoresp.com\/ https:\/\/abrtp1.marketo.com https:\/\/*.google-analytics.com https:\/\/stats.g.doubleclick.net *.greensky.dotcmscloud.com https:\/\/greensky.dotcmscloud.com *.greensky.com *.litix.io embedwistia-a.akamaihd.net\/ *.wistia.com https:\/\/128-koi-090.mktoresp.com; object-src 'self' https:\/\/app-ab27.marketo.com\/ ; base-uri 'self';manifest-src 'self'; worker-src 'none'; report-to https:\/\/www.greensky.com","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com cash-f.squarecdn.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com https:\/\/fonts.bunny.net *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com *.klarnacdn.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.doubleclick.net *.facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com consentcdn.cookiebot.com service.force.com *.livestory.io *.trustpilot.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com img.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io s.ytimg.com *.ftcdn.net *.behance.net * *.bird.eu 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com https:\/\/firebasestorage.googleapis.com *.alothemes.com *.magepow.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.adobedtm.com dev.visualwebsiteoptimizer.com *.exacttarget.com *.google.it\/pagead\/1p-user-list serverside.stiga.com *.cookiebot.com via.placeholder.com maps.googleapis.com *.teads.tv www.xtento.com *.trustpilot.com imgsct.cookiebot.com *.livestory.io cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com *.newrelic.com *.nr-data.net *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com *.magento-datasolutions.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.youtube.com video.google.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https:\/\/rum.hlx.page *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.avada.io *.shopify.com *.alothemes.com *.magepow.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com maps.googleapis.com *.klarna.com consent.cookiebot.com *.collect.igodigital.com serverside.stiga.com cdnjs.cloudflare.com service.force.com *.salesforceliveagent.com *.salesforce-scrt.com *.site.com *.mczbf.com *.emjcd.com dev.visualwebsiteoptimizer.com *.clarity.ms *.imedia.cz consentcdn.cookiebot.com *.teads.tv *.seznam.cz *.xtento.com *.livestory.io *.trustpilot.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com getfirebug.com *.cash.app *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.fontawesome.com https:\/\/fonts.bunny.net *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com assets.braintreegateway.com service.force.com *.klarnacdn.net *.site.com *.livestory.io *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.snplow.net commerce.adobedc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.magento-datasolutions.com *.magento-ds.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * fcmregistrations.googleapis.com firebaseinstallations.googleapis.com *.google-analytics.com *.facebook.com *.facebook.net api.addressy.com https:\/\/get.geojs.io *.avada.io *.alothemes.com *.magepow.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com maps.googleapis.com consentcdn.cookiebot.com *.googlesyndication.com dev.visualwebsiteoptimizer.com serverside.stiga.com *.klarna.com *.klarnaevt.com trustpilot.com googleads.g.doubleclick.net *.teads.tv *.clarity.ms noembed.com *.livestory.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=zhLtyez04RxxEbN5GFbdOi_D4NdVjaJGf5nIY3vzgjQ-1778721674.5760348-1.0.1.1-5fBHM1dw2owlSsxgRKCw8k7mRWF4YLFC_6YDNfOYH7.xoyHd3tLviSyYgNlNpv4JckSQhrQbE4Rj8pTJE5GGIhESXFT13rIAd2dmq4lICOH8ZmZD7BoTA1_X6bXLoKL5vkCaSzZQw0xll2nY9sHGhiMD_HSblRwnFQR4CPVambNP6SD7g3QBir84vT_xQrGq; report-to cf-zqojiavgouhrckko","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob: https:\/\/*.hubspot.com https:\/\/*.hubapi.com https:\/\/*.hsforms.com https:\/\/*.hs-scripts.com https:\/\/*.hscollectedforms.net https:\/\/*.hs-banner.com https:\/\/*.hubspotusercontent.com https:\/\/*.hubspotusercontent-eu1.net https:\/\/js.hs-analytics.net https:\/\/js.hsforms.net https:\/\/api.hsforms.com https:\/\/api.hubapi.com https:\/\/*.hsleadflows.net https:\/\/*.hsadspixel.net https:\/\/*.hs-web-analytics.net https:\/\/static.hsappstatic.net https:\/\/cdn2.hubspot.net https:\/\/cdn.hubspot.com https:\/\/*.cloudfront.net https:\/\/cdn.jsdelivr.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/stats.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/cdn.cookielaw.org https:\/\/www.youtube.com; style-src 'self' 'unsafe-inline' https: data:; img-src 'self' https: data: blob:; font-src 'self' https: data:; frame-src 'self' https: data:; connect-src 'self' https: wss: https:\/\/www.cadburydessertscorner.com; media-src 'self' https: data: blob:; worker-src 'self' https: blob:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'self' https:\/\/*.hubspot.com;","count":1},{"content-security-policy-report-only":" script-src 'self' *.fallcoweb.it fallcoweb.it *.portalenotarile.it portalenotarile.it 'unsafe-eval' 'nonce-Ifn1ECaX6BXO+BYosp2ZvxhYtBS6xwOMmDviTd7V0Cc=' 'strict-dynamic' 'report-sample';  script-src-attr 'unsafe-inline' 'report-sample';  img-src http: https: data: blob: ;  object-src 'self' firma.fallcoweb.it firma-test.fallcoweb.it;  base-uri 'self';  frame-ancestors 'self' *.fallcoweb.it fallcoweb.it *.portalenotarile.it portalenotarile.it;  report-uri https:\/\/o4510754677194752.ingest.de.sentry.io\/api\/4510872859639888\/security\/?sentry_key=67749a8c401880af5dd5dacefaff505d;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/static.cloudflareinsights.com https:\/\/static.contactlab.it https:\/\/ingestion.webanalytics.italia.it https:\/\/www.youtube.com; object-src 'none'; style-src 'self' 'unsafe-inline' https:\/\/static.cineca.it; img-src 'self' data: https:; media-src 'self'; frame-src 'self'; frame-ancestors 'self'; child-src 'self'; font-src 'self' data: https:\/\/static.cineca.it; connect-src 'self' https:\/\/static.cloudflareinsights.com https:\/\/ingestion.webanalytics.italia.it https:\/\/www.youtube.com; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/octane.co https:\/\/*.octane.co https:\/\/ride-static.octane.co https:\/\/ride-api.octane.co https:\/\/octane.co https:\/\/*.octane.co https:\/\/octanelending.com https:\/\/*.octanelending.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.google.com *.vwo.com *.visualwebsiteoptimizer.com *.intercom.io *.intercomcdn.com *.onetrust.com https:\/\/cdn.cookielaw.org; style-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/octane.co https:\/\/*.octane.co https:\/\/ride-static.octane.co https:\/\/ride-api.octane.co https:\/\/octane.co https:\/\/*.octane.co https:\/\/octanelending.com https:\/\/*.octanelending.com fonts.googleapis.com www.gstatic.com app.vwo.com www.googletagmanager.com translate.googleapis.com; frame-ancestors 'self' https:\/\/polarisxchange.com https:\/\/slingshot.polarisxchange.com https:\/\/indianmotorcycle.polarisxchange.com https:\/\/www.rvs.com https:\/\/rvs.com https:\/\/buy.cycletrader.com https:\/\/www.atvrider.com https:\/\/www.cyclevolta.com https:\/\/www.cycleworld.com https:\/\/www.dirtrider.com https:\/\/www.motorcyclecruiser.com https:\/\/www.motorcyclistonline.com https:\/\/www.utvdriver.com https:\/\/octane.co https:\/\/*.octane.co https:\/\/ride-static.octane.co https:\/\/ride-api.octane.co https:\/\/octanelending.com https:\/\/*.octanelending.com https:\/\/*.dev-octanelisting.com https:\/\/*.octanelisting.com; worker-src 'self' blob:; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com https:\/\/fonts.bunny.net *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com webpay3g.transbank.cl webpay3gint.transbank.cl *.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.twitter.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.twitter.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: *.googleapis.com *.facebook.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.cloudflare.com *.klarna.com *.googleadservices.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cloudfront.net *.google.com.mx *.clarity.ms *.bing.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com https:\/\/rum.hlx.page *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com dbschile.api.useinsider.com *.queue-it.net *.clarity.ms *.getblue.io *.gorgias.chat *.mouseflow.com www.googleoptimize.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.tagmanager.google.com *.googletagmanager.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com *.yango.com *.clarity.ms *.gorgias.chat *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.cloudflare.com *.twitter.com *.twimg.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri http:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/cdnjs.cloudflare.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com 'self' data: https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com ewniosek.credit-agricole.pl sandbox.przelewy24.pl secure.przelewy24.pl wniosek.eraty.pl api.santanderconsumer.pl *.twitter.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.instagram.com ewniosek.credit-agricole.pl pay.google.com apm.przelewy24.pl *.googletagmanager.com secure.payu.com merch-prod.snd.payu.com wniosek.eraty.pl https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.twitter.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src 'self' data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.cdninstagram.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com https:\/\/ssl.ceneo.pl https:\/\/*.google.pl https:\/\/*.bing.com *.wp.pl https:\/\/*.fbcdn.net https:\/\/*.facebook.com static.przelewy24.pl www.gstatic.com gstatic.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com *.focusgarden.pl *.focus-garden.cz static.payu.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.bing.com *.google.pl *.analytics.google.com *.bidswitch.net *.doubleclick.net *.pubmatic.com *.casalemedia.com *.criteo.com id5-sync.com *.360yield.com *.postrelease.com *.outbrain.com *.rubiconproject.com *.smartadserver.com *.taboola.com *.teads.tv *.tremorhub.com *.3lift.com *.yieldlab.net *.1rx.io *.agkn.com *.facebook.com *.facebook.net *.media.net *.cloudflare.com *.klarna.com *.googleadservices.com *.google.de *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cloudfront.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.instagram.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com https:\/\/*.ceneo.pl https:\/\/unpkg.com https:\/\/*.criteo.com https:\/\/*.facebook.net https:\/\/*.hotjar.com *.pinimg.com *.bing.com https:\/\/*.pinimg.com *.favicdn.net *.onet.pl *.wp.pl *.tiktok.com *.startquestion.com *.clarity.ms sandbox.przelewy24.pl secure.przelewy24.pl pay.google.com apm.przelewy24.pl *.googletagmanager.com tagmanager.google.com https:\/\/cdnjs.cloudflare.com secure.payu.com secure.snd.payu.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com sgtm.focusgarden.pl focusgarden.pl *.facebook.net *.googlesyndication.com *.criteo.com *.pinterest.com *.hotjar.com *.cloudflare.com *.cloudflareinsights.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com tagmanager.google.com fonts.google.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com maxcdn.bootstrapcdn.com assets.braintreegateway.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com ewniosek.credit-agricole.pl https:\/\/*.hotjar.com wss:\/\/*.hotjar.com https:\/\/*.hotjar.io *.tiktok.com *.pinterest.com *.startquestion.com *.wp.pl *.ocdn.eu *.onet.pl https:\/\/*.doubleclick.net sandbox.przelewy24.pl secure.przelewy24.pl wss:\/\/ws.przelewy24.pl wss:\/\/sandbox-ws.przelewy24.pl wss:\/\/secure-ws.przelewy24.pl apple-pay-gateway.apple.com apm.przelewy24.pl www.google.com pay.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com secure.payu.com merch-prod.snd.payu.com api.santanderconsumer.pl wniosek.eraty.pl https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com sgtm.focusgarden.pl focusgarden.pl *.facebook.net *.googlesyndication.com *.favicdn.net *.hotjar.com *.hotjar.io *.pinimg.com wss:\/\/ws.hotjar.com *.bing.com *.cloudflare.com *.twitter.com *.twimg.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src 'self' fonts.gstatic.com; img-src 'self' cdn.conservadoresdigitales.cl www.google-analytics.com www.googletagmanager.com; script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com ajax.googleapis.com analytics.google.com; style-src 'self' inline fonts.googleapis.com; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.bodyandsoul.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' *.angusrobertson.com.au; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.secure-afterpay.com.au bam.nr-data.net *.hotjar.com googleads.g.doubleclick.net *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.bing.com *.google.com *.gstatic.com *.forter.com *.visualwebsiteoptimizer.com *.cloudfront.net static.scarabresearch.com cdn.scarabresearch.com apis.google.com *.criteo.com static.criteo.net *.newrelic.com connect.facebook.net platform.twitter.com d.impactradius-event.com *.afterpay.com; connect-src 'self' blob: *.cloudfront.net *.google-analytics.com *.hotjar.io *.nr-data.net stats.g.doubleclick.net *.emarsys.net *.scarabresearch.com *.hotjar.com *.salecycle.com  *.forter.com opentag-stats.qubit.com *.visualwebsiteoptimizer.com recommender.scarabresearch.com angusrobertson.4tqiav.net; img-src 'self' data: *.criteo.net *.google-analytics.com *.google.com *.bing.com *.google.com.au *.pinterest.com *.cloudfront.net *.visualwebsiteoptimizer.com *.facebook.com syndication.twitter.com *.secure-afterpay.com.au *.angusrobertson.com.au *.loggly.com; frame-src 'self' *.cloudfront.net *.angusrobertson.com.au *.google.com platform.twitter.com www.facebook.com staticxx.facebook.com www.youtube.com *.criteo.com *.criteo.net *.hotjar.com *.salecycle.com bid.g.doubleclick.net","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: ajax.googleapis.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com fonts.googleapis.com ssl.gstatic.com www.gstatic.com contents.online.checkout.rakuten.co.jp download.paidy.com static-fe.payments-amazon.com images-fe.ssl-images-amazon.com m.media-amazon.com api.amazon.co.jp apay-up-banner.com cdn.credit.gmo-ab.com show.revico.jp mail.revico.jp event.lib.visumo.io tagdelivery.visumo.io www.visumo.jp video.visumo.jp video.visumo.io media.visumo.io contents.visumo.io track.api.visumo.io dpolc4ci3j.execute-api.ap-northeast-1.amazonaws.com image.visumo.io s3-ap-northeast-1.amazonaws.com contents.api.visumo.jp *.staff-start.com *.sprocket.bz assets.v2.sprocket.bz sprocket-ping.s3.amazonaws.com *.worldshopping.jp *.worldshopping.global *.worldshopping.biz zigzag-checkout-screenshots-dev.s3.ap-northeast-1.amazonaws.com s.yimg.jp *.yahoo.co.jp *.google-analytics.com *.g.doubleclick.net *.google.com *.analytics.google.com *.google.co.jp www.googleadservices.com connect.facebook.net www.facebook.com *.awoo.org asset.c-rings.net *.treasuredata.com *.c-rings.net maxcdn.bootstrapcdn.com fonts.gstatic.com https:\/\/*.clarity.ms bat.bing.com files-m01.lightning-search.io cdn.jsdelivr.net lightning-recommend.io d.line-scdn.net tr.line.me *.cribnotes.jp *.bing.com dm.slim02.jp payments-fe.amazon.com payments.amazon.co.jp d341j04libduye.cloudfront.net www.line-website.com d.line-scdn.net syndication.twitter.com platform.twitter.com log.pinterest.com assets.pinterest.com tr.line.me social-plugins.line.me shoes.regal.co.jp s-evt.rmp.rakuten.co.jp s-cdn.rmp.rakuten.co.jp bat.bing.net travel.fraudprevention.jp www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com www.youtube.com;frame-ancestors 'none'; report-uri \/api\/csp_report.aspx;","count":1},{"content-security-policy-report-only":" default-src 'self';  script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/events.framer.com\/script https:\/\/framer.com https:\/\/framerusercontent.com https:\/\/www.googletagmanager.com\/gtm.js https:\/\/www.googletagmanager.com\/gtag\/js;  style-src 'report-sample' 'self' 'unsafe-inline';  object-src 'none';  base-uri 'self';  connect-src 'self' https:\/\/events.framer.com https:\/\/lottie.host https:\/\/region1.google-analytics.com https:\/\/website-data-beta.vercel.app https:\/\/www.google-analytics.com;  font-src 'self' https:\/\/cdnjs.cloudflare.com https:\/\/framerusercontent.com;  frame-src 'self' https:\/\/embeds.beehiiv.com https:\/\/framer.com;  img-src 'self' data: https:\/\/framerusercontent.com https:\/\/www.googletagmanager.com https:\/\/yastatic.net;  manifest-src 'self';  media-src 'self' https:\/\/framerusercontent.com;  worker-src 'none';  frame-ancestors 'self';  report-uri https:\/\/68af03dee39705929f59b2eb.endpoint.csper.io?builder=true&v=9;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com *.googleapis.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/cdnjs.cloudflare.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * https:\/\/plumrocket.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.instagram.com https:\/\/plumrocket.com *.dotdigital-pages.com *.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.trustpilot.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * *.cdninstagram.com *.googleapis.com *.openstreetmap.org maps.googleapis.com maps.gstatic.com *.trackedlink.net magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com 'self' data: *.cookielaw.org *.facebook.com *.google.fr data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com *.instagram.com *.googleapis.com *.gstatic.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal *.avada.io https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com https:\/\/paul-marius.my.join-stories.com *.hsforms.net *.hsforms.com https:\/\/genki.paulmarius.fr https:\/\/genki.paulmarius.de https:\/\/genki.paulmarius.es https:\/\/genki.paulmarius.it https:\/\/genki.paulmarius.nl https:\/\/genki.paulmarius.com https:\/\/genki.paulmarius.us https:\/\/genki.paulmarius.co.uk *.bing.com *.clarity.ms https:\/\/js.klarna.com *.trustpilot.com *.cookielaw.org *.cookieless-data.com *.paulmarius.fr *.googlesyndication.com *.doubleclick.net *.apicit.net *.clickintext.net *.facebook.net *.googletagmanager.com apicit.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com assets.braintreegateway.com *.googleapis.com *.gstatic.com https:\/\/x.klarnacdn.net *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com * *.googleapis.com maps.googleapis.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com *.cookielaw.org *.googlesyndication.com *.db-ip.com *.doubleclick.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.adtrafficquality.google https:\/\/pagead2.googlesyndication.com https:\/\/googleads.g.doubleclick.net https:\/\/partner.googleadservices.com https:\/\/adservice.google.com https:\/\/www.gstatic.com https:\/\/www.googleapis.com https:\/\/apis.google.com https:\/\/js.stripe.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https: https:\/\/gifftme-pull.b-cdn.net; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/www.gstatic.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.firebaseio.com https:\/\/*.firebasedatabase.app https:\/\/securetoken.googleapis.com https:\/\/identitytoolkit.googleapis.com https:\/\/firebaseinstallations.googleapis.com https:\/\/firebaseappcheck.googleapis.com https:\/\/firestore.googleapis.com https:\/\/api.stripe.com https:\/\/*.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/gifftme-pull.b-cdn.net; frame-src 'self' https:\/\/js.stripe.com https:\/\/hooks.stripe.com https:\/\/*.google.com https:\/\/*.adtrafficquality.google https:\/\/*.doubleclick.net https:\/\/*.googlesyndication.com; worker-src 'self' blob:; manifest-src 'self'; media-src 'self' blob: https: https:\/\/gifftme-pull.b-cdn.net; form-action 'self' https:\/\/checkout.stripe.com;","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self' https:\/\/communityconnect.essentiahealth.org https:\/\/lintonregionalmedicalcenter.org https:\/\/mychart.ridgeviewmedical.org https:\/\/ridgeview.dev.geonetric.com https:\/\/www.ridgeviewmedical.org;frame-src 'self' epichttp: https:\/\/*.essentiahealth.org https:\/\/cdnapisec.kaltura.com\/ https:\/\/ehr.carecredit.com https:\/\/ehr.carecredit.com\/ https:\/\/pay.instamed.com https:\/\/premier.trustcommerce.com https:\/\/stagepremier.trustcommerce.com https:\/\/www.essentiahealth.org https:\/\/www.ridgeviewmedical.org;script-src 'nonce-37888696315147b7862646694d6b407c' https:\/\/essentiamychart.org 'self' 'sha256-Qkxe1qM2p+AhSSPfmWtjhk7TC0XxKliynZ1DEvWnkxQ=' https:\/\/emyhtst.essentiahealth.org https:\/\/www.google.com https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.gstatic.com;img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp:;style-src https:\/\/essentiamychart.org 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src cdnjs.cloudflare.com fonts.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com magento.buildify.shop *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.sharethis.com platform.twitter.com magento.buildify.shop c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * https:\/\/www.paypal.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.sharethis.com s3.amazonaws.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/tr.lfeeder.com https:\/\/*.lfeeder.com https:\/\/www.google.by https:\/\/*.google.by https:\/\/media.aheadworks.com https:\/\/*.aheadworks.com https:\/\/firebasestorage.googleapis.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/cdn.polyfill.io *.sharethis.com platform.twitter.com platform.instagram.com apis.google.com magento.buildify.shop https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/www.paypal.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/browser.sentry-cdn.com *.avada.io *.shopify.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.sharethis.com cdnjs.cloudflare.com fonts.googleapis.com magento.buildify.shop https:\/\/static.klaviyo.com *.fontawesome.com unsafe-inline assets.braintreegateway.com https:\/\/fonts.bunny.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io *.sharethis.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/www.paypal.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/*.ingest.sentry.io https:\/\/get.geojs.io *.avada.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; img-src 'self' *.taiko-p.jp data: https:\/\/www.googletagmanager.com\/ https:\/\/www.google.co.jp\/ https:\/\/cdn-au.onetrust.com\/; style-src 'self' 'unsafe-inline'; script-src 'self' 'nonce-6a0521c0e742c' *\/gtm.js https:\/\/www.googletagmanager.com\/ https:\/\/cdn-au.onetrust.com\/; connect-src *\/ajax\/ https:\/\/stats.g.doubleclick.net\/ https:\/\/cdn-au.onetrust.com\/ https:\/\/www.google-analytics.com https:\/\/geolocation.onetrust.com\/ https:\/\/privacyportal-au.onetrust.com\/ https:\/\/analytics.google.com\/ https:\/\/www.google.co.jp\/; report-uri csp_report.php;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.mercadolibre.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar *.mercadolivre.com maps.googleapis.com maps.gstatic.com 'self' data: gpsfarma.com www.afip.gob.ar www.google.com.ar https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.mlstatic.com *.mercadopago.com maps.googleapis.com *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com fonts.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.mercadopago.com *.mercadolibre.com maps.googleapis.com stats.g.doubleclick.net https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/code.jquery.com https:\/\/ajax.googleapis.com https:\/\/api.tiles.mapbox.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/unpkg.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.paypal.com; style-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com https:\/\/unpkg.com; img-src 'self' data: https: http:\/\/*.google.com; font-src 'self' data: https: https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/www.google.com https:\/\/www.paypal.com https:\/\/www.komoot.com https:\/\/www.komoot.fr; connect-src 'self' https:\/\/cdn.jsdelivr.net https:\/\/www.paypal.com https:\/\/code.jquery.com https:\/\/www.google.com https:\/\/nominatim.openstreetmap.org https:\/\/www.komoot.com https:\/\/www.komoot.fr https:\/\/unpkg.com; object-src 'none'; base-uri 'self';","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self' https:\/\/deaconess.com https:\/\/eprp.deaconess.com https:\/\/www.deaconess.com;frame-src https:\/\/* 'self' epichttp: https:\/\/api.demo.convergepay.com https:\/\/cdnapisec.kaltura.com\/ https:\/\/deaconess-uat.pay.ci.healthpay24.cloud https:\/\/deaconess.com https:\/\/deaconess.pay.ci.healthpay24.cloud https:\/\/elavon.medepay-solutions.com https:\/\/elavonuat.medepay.net https:\/\/epic-pes-sc-test.healthpay24.net https:\/\/epic-pes-sc.healthpay24.net https:\/\/eprp.deaconess.com https:\/\/mychart-stg.personapay.com https:\/\/mychart.personapay.com https:\/\/pay.instamed.com https:\/\/www.deaconess.com;script-src 'nonce-9509212fbdb4434e8968e88e0e2616a2' https:\/\/www.viewmychart.com 'self' https:\/\/eprp.deaconess.com\/Web-BLOB\/References\/MyChart\/MyChart.js;img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp:;style-src https:\/\/www.viewmychart.com 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com *.oney.io *.staging.oney.io *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.gelproximity.com *.hipay-tpp.com *.hipay.com *.googleapis.com https:\/\/www.googletagmanager.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.openstreetmap.org *.salesmanago.pl *.salesmanago.es *.salesmanago.com https:\/\/maps.googleapis.com *.hipay.com *.googleapis.com *.oney.io *.staging.oney.io http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ magefan.com cm.magefan.com *.disqus.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.gelproximity.com *.hipay.com *.hipay-tpp.com https:\/\/mpsnare.iesnare.com *.zdassets.com *.zipchat.ai *.salesmanago.pl *.salesmanago.es *.salesmanago.com widget.freshworks.com m2epro.freshdesk.com mpsnare.iesnare.com *.paypal.com *.googleapis.com *.oney.io *.staging.oney.io http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.disqus.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com cdn.scalapay.com b2c-cdn.scalapay.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com widget.freshworks.com m2epro.freshdesk.com *.hipay.com *.googleapis.com *.fontawesome.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.zdassets.com data: mpsnare.iesnare.com *.googleapis.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.zendesk.com *.zdassets.com *.zopim.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.openstreetmap.org https:\/\/maps.googleapis.com widget.freshworks.com m2epro.freshdesk.com *.hipay-tpp.com *.hipay.com wss:\/\/mpsnare.iesnare.com *.googleapis.com *.oney.io *.staging.oney.io http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" connect-src 'self' *.google.com *.google.cz *.leady.com *.google-analytics.com *.facebook.net connect.facebook.net https:\/\/cdn.jsdelivr.net https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net; script-src 'self' 'nonce-YTVkOTJhODU3Y2U4NzRiMw==' *.google.com *.google.cz *.leady.com *.google-analytics.com *.facebook.net connect.facebook.net https:\/\/cdn.jsdelivr.net https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net 'sha256-Ry5VVOTX8NJGEP4t9KtV\/jWVgiv7ZcNmtZxCQScUTlk=' 'sha256-8iiJTU1Hf\/vwORdni3nM30l8Ko0NMb8bqvTfGeIbIA4='; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/cdnjs.cloudflare.com; img-src 'self' 'self' https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/www.facebook.com\/ https:\/\/*.google.cz\/ https:\/\/*.googleusercontent.com https:\/\/ct.leady.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com; report-uri https:\/\/www.expats.cz\/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' *.stripe.com data: *.alicdn.com *.clientgear.com *.pinterest.com *.doubleclick.net *.stripe.com *.googletagmanager.com *.bing.com *.pinimg.com *.taboola.com *.criteo.com *.criteo.net *.facebook.com omnisnippet1.com *.facebook.net *.soundestlink.com *.zdassets.com *.google-analytics.com *.pubmatic.com *.revcontent.com *.sharethrough.com *.smaato.net *.tremorhub.com *.clmbtech.com *.tpmn.co.kr *.vieldmo.com *.emxdgt.com *.bidswitch.net *.adnxs.com *.mediawallahscript.com contextual.media.net *.rubiconproject.com *.samrtadserver.com *.teads.tv *.31ift.com *.yahoo.com *.omnitagjs.com *.casalemedia.com *.stickyadstv.com *.360yield.com *.liadm.com *.tpmn.io *.mediavine.com *.postrelease.com *.outbrain.com *.tapad.com *.tapad.com *.yieldmo.com *.smartadserver.com *.demdex.net 'unsafe-eval' *.sentry.io *.imgdb.cn *.superbed.cn *.3lift.com *.rezync.com *.rfihub.com *.bluekai.com *.pippio.com *.turn.com *.zendesk.com *.google.com *.klaviyo.com *.googleadservices.com *.socdm.com *.adtdp.com *.dable.io *.adingo.jp *.rlcdn.com *.krxd.net *.yahoo.net *.recaptcha.net *.gstatic.com *.fridayparts.com *.tiktok.com *.paypal.com *.mczbf.com *.googleusercontent.com *.paypalobjects.com *.twitter.com *.ads-twitter.com *.omnisendlink.com *.impactcdn.com *.dotomi.com *.emjcd.com *.clarity.ms *.agkn.com *.adgrx.com *.aralego.com *.aralego.net *.targeting.unrulymedia.com *.1rx.io fridayparts.sjv.io *.jeeda.net *.bxtag.com *.youtube.com dev.visualwebsiteoptimizer.com","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com https:\/\/api-gw-v4.dev.gokwik.io https:\/\/sandbox.pdp.gokwik.co https:\/\/pdp.gokwik.co *.adobe.com *.adobedtm.com *.cardinalcommerce.com *.ccdc02.com *.jsdelivr.net unpkg.com *.kapturecrm.com *.wizzy.ai *.gozayaan.com *.googletagmanager.com *.supabase.co *.hotjar.com swopstore.com script.google.com *.facebook.net *.matomo.cloud *.soch.com *.bing.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.adobedtm.com *.cardinalcommerce.com *.ccdc02.com *.jsdelivr.net unpkg.com *.kapturecrm.com *.wizzy.ai *.gozayaan.com *.googletagmanager.com *.supabase.co *.hotjar.com swopstore.com script.google.com *.facebook.net *.matomo.cloud *.soch.com *.bing.com api.razorpay.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com * 'self' 'unsafe-inline'; img-src *.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com https:\/\/api-gw-v4.dev.gokwik.io https:\/\/sandbox.pdp.gokwik.co https:\/\/pdp.gokwik.co *.adtrafficquality.google *.clarity.ms *.cardinalcommerce.com *.ccdc02.com *.jsdelivr.net unpkg.com *.kapturecrm.com *.wizzy.ai *.gozayaan.com *.googletagmanager.com *.supabase.co *.hotjar.com swopstore.com script.google.com *.facebook.net *.matomo.cloud *.soch.com *.bing.com cdn.razorpay.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net assets.adobedtm.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.magento-datasolutions.com *.googleapis.com *.gstatic.com http:\/\/sp-kf-collector.dev.gokwik.io https:\/\/api-gw-v4.dev.gokwik.io https:\/\/sandbox.pdp.gokwik.co https:\/\/pdp.gokwik.co *.lightwidget.com *.artfut.com *.adtrafficquality.google *.googlesyndication.com s3-ap-southeast-1.amazonaws.com *.cloudflare.com *.clarity.ms *.vimeo.com *.mxpnl.com *.bing.com *.cardinalcommerce.com *.ccdc02.com *.jsdelivr.net unpkg.com *.kapturecrm.com *.wizzy.ai *.gozayaan.com *.googletagmanager.com *.supabase.co *.hotjar.com swopstore.com script.google.com *.facebook.net *.matomo.cloud *.soch.com cdn.jsdelivr.net checkout.razorpay.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.adobedtm.com *.cardinalcommerce.com *.ccdc02.com *.jsdelivr.net unpkg.com *.kapturecrm.com *.wizzy.ai *.gozayaan.com *.googletagmanager.com *.supabase.co *.hotjar.com swopstore.com script.google.com *.facebook.net *.matomo.cloud *.soch.com *.bing.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.snplow.net commerce.adobedc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.magento-datasolutions.com *.magento-ds.com *.googleapis.com http:\/\/sp-kf-collector.dev.gokwik.io https:\/\/api-gw-v4.dev.gokwik.io https:\/\/sandbox.pdp.gokwik.co https:\/\/pdp.gokwik.co *.onedirect.in *.adtrafficquality.google *.clarity.ms *.mixpanel.com *.adobe.com *.adobedtm.com *.cardinalcommerce.com *.ccdc02.com *.jsdelivr.net unpkg.com *.kapturecrm.com *.wizzy.ai *.gozayaan.com *.googletagmanager.com *.supabase.co *.hotjar.com swopstore.com script.google.com *.facebook.net *.matomo.cloud *.soch.com *.bing.com lumberjack.razorpay.com lumberjack-metrics.razorpay.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com wss:\/\/sockets.wizzy.ai *.wizsearch.in wss:\/\/sockets.wizsearch.in 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; img-src 'self' data: https:; font-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; script-src 'self' https:; connect-src 'self' https:; upgrade-insecure-requests; block-all-mixed-content","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-HmtE9QfitacmUDJJIkBrRw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob: https:\/\/*.hubspot.com https:\/\/*.hubapi.com https:\/\/*.hsforms.com https:\/\/*.hs-scripts.com https:\/\/*.hscollectedforms.net https:\/\/*.hs-banner.com https:\/\/*.hubspotusercontent.com https:\/\/*.hubspotusercontent-eu1.net https:\/\/js.hs-analytics.net https:\/\/js.hsforms.net https:\/\/api.hsforms.com https:\/\/api.hubapi.com https:\/\/*.hsleadflows.net https:\/\/*.hsadspixel.net https:\/\/*.hs-web-analytics.net https:\/\/static.hsappstatic.net https:\/\/cdn2.hubspot.net https:\/\/cdn.hubspot.com https:\/\/*.cloudfront.net https:\/\/cdn.jsdelivr.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/stats.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/cdn.cookielaw.org https:\/\/www.youtube.com; style-src 'self' 'unsafe-inline' https: data:; img-src 'self' https: data: blob:; font-src 'self' https: data:; frame-src 'self' https: data:; connect-src 'self' https: wss: https:\/\/www.tayyarijeetki.in; media-src 'self' https: data: blob:; worker-src 'self' https: blob:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'self' https:\/\/*.hubspot.com;","count":1},{"content-security-policy-report-only":" font-src https:\/\/fonts.gstatic.com\/ https:\/\/fonts.googleapis.com\/ https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/ https:\/\/maps.googleapis.com\/ https:\/\/www.google-analytics.com\/ https:\/\/static.cloudflareinsights.com\/ data: https:\/\/maps.gstatic.com https:\/\/credomatic.compassmerchantsolutions.com\/ *.core.windows.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com self *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * secure.nmi.com secure.networkmerchants.com collectcheckout.com  'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ https:\/\/*.doubleclick.net\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * secure.nmi.com secure.networkmerchants.com collectcheckout.com  'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/kalicr.com https:\/\/www.google.co.cr\/ https:\/\/www.facebook.com\/ https:\/\/almaceneselrey.com\/ https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/ https:\/\/maps.googleapis.com\/ https:\/\/www.google-analytics.com\/ https:\/\/static.cloudflareinsights.com\/ https:\/\/maps.gstatic.com https:\/\/fonts.googleapis.com\/ https:\/\/credomatic.compassmerchantsolutions.com\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.core.windows.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ data: https:\/\/connect.facebook.net\/ https:\/\/applepay.cdn-apple.com https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/ https:\/\/maps.googleapis.com\/ https:\/\/www.google-analytics.com\/ https:\/\/static.cloudflareinsights.com\/ https:\/\/maps.gstatic.com https:\/\/fonts.googleapis.com\/ https:\/\/credomatic.compassmerchantsolutions.com\/ s7.addthis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.core.windows.net secure.nmi.com secure.networkmerchants.com collectcheckout.com  'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/credomatic.compassmerchantsolutions.com\/ https:\/\/fonts.gstatic.com\/ https:\/\/fonts.googleapis.com\/ https:\/\/googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ data: https:\/\/secure.networkmerchants.com\/ https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/ https:\/\/maps.googleapis.com\/ https:\/\/www.google-analytics.com\/ https:\/\/static.cloudflareinsights.com\/ https:\/\/maps.gstatic.com unsafe-inline assets.braintreegateway.com *.core.windows.net secure.nmi.com  'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.core.windows.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/credomatic.compassmerchantsolutions.com\/ https:\/\/googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/*.doubleclick.net\/ data: https:\/\/www.facebook.com\/ https:\/\/places.googleapis.com\/ https:\/\/www.google.co.cr https:\/\/www.google.com\/ https:\/\/www.gstatic.com\/ https:\/\/maps.googleapis.com\/ https:\/\/www.google-analytics.com\/ https:\/\/static.cloudflareinsights.com\/ https:\/\/maps.gstatic.com https:\/\/fonts.googleapis.com\/ ekr.zdassets.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.core.windows.net secure.nmi.com secure.networkmerchants.com collectcheckout.com  'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" base-uri 'self'; block-all-mixed-content; default-src 'self'; form-action 'self'; frame-ancestors 'self'; plugin-types 'none'; script-src 'self' 'report-sample' 'unsafe-inline'; style-src 'self' 'report-sample' 'unsafe-inline'; object-src 'none'; worker-src 'none'; report-uri https:\/\/prod.ap.batic.cudasvc.com\/xenios\/api\/v1\/error\/report??paid=151&spid=26980&v=v1.0&payload=OQqrUogt9k7lwV4dxklwb3ac73asuZ5HWxxXQytKO-nsZwVPi7K_pOJ3ScMEpUDjyj0Cv22sbP1nvHqr4GMar6J6A1S7OD1aHh5Iww2BHGbVc4aMavTiyajIOBiAIIAOfmtPZdQwNFnfKydvQqnfPLujBEjKxwMn8KpQjld_v5jbMwOExcnIxoAv2Nd_7ROeoJ7V5dWOExdL4SPK-XcFvA==;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-pBi58q-zFwLjBU3FkegWPw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' blob: 'unsafe-inline'; script-src 'self' 'nonce-L5oiM7eHRpJVXvvpKij9l4lL2nQXIaqd' 'wasm-unsafe-eval' 'unsafe-eval' *.consentmanager.net https:\/\/secure.quantserve.com\/ https:\/\/platform.twitter.com https:\/\/*.vattenfall.se https:\/\/rules.quantcount.com\/ https:\/\/www.gstatic.com https:\/\/www.youtube.com https:\/\/connect.facebook.net https:\/\/bat.bing.com https:\/\/platform.twitter.com\/ https:\/\/rules.quantcount.com\/ https:\/\/*.snapchat.com\/ https:\/\/dev.visualwebsiteoptimizer.com https:\/\/www.google.com https:\/\/survey-cdn.lumoa.me\/ https:\/\/cdn.optimizely.com\/ https:\/\/vattenfallnordic.containers.piwik.pro\/ https:\/\/vattenfallnordic.piwik.pro\/ https:\/\/js.hsforms.net\/; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' data: *.consentmanager.net https:\/\/secure.quantserve.com\/ https:\/\/app.readpeak.com\/* https:\/\/connect.facebook.net\/ https:\/\/platform.twitter.com\/* https:\/\/www.youtube.com\/ https:\/\/*.vattenfall.se\/ https:\/\/bat.bing.com\/ https:\/\/dev.visualwebsiteoptimizer.com\/ https:\/\/www.gstatic.com\/ https:\/\/www.google.com\/ https:\/\/ecpacc-gwe.vattenfall.se\/ https:\/\/rules.quantcount.com\/ https:\/\/cdn.optimizely.com\/ https:\/\/vattenfallnordic.containers.piwik.pro\/ https:\/\/vattenfallnordic.piwik.pro\/ https:\/\/js.hsforms.net\/ https:\/\/cdn.jsdelivr.net\/ https:\/\/*.lumoa.me\/ https:\/\/www.googletagmanager.com\/ https:\/\/s.pinimg.com\/ https:\/\/snap.licdn.com\/ https:\/\/googleads.g.doubleclick.net\/ https:\/\/www.googletagmanager.com\/ https:\/\/ct.pinterest.com\/ https:\/\/js.hs-scripts.com\/ https:\/\/js-eu1.hs-scripts.com\/ https:\/\/js-eu1.usemessages.com\/ https:\/\/js-eu1.hubspot.com\/ https:\/\/js-eu1.hs-analytics.net\/ https:\/\/js-eu1.hsadspixel.net\/ https:\/\/js-eu1.hs-banner.com\/ https:\/\/sc-static.net\/ https:\/\/tr.snapchat.com\/ https:\/\/cdn.adt393.com\/; img-src 'self' data: blob: *.consentmanager.net *.vattenfall.se https:\/\/www.facebook.com https:\/\/analytics.twitter.com\/ https:\/\/sync.taboola.com https:\/\/bat.bing.com\/ https:\/\/www.linkedin.com\/ https:\/\/cm.g.doubleclick.net\/ https:\/\/*.visualwebsiteoptimizer.com\/ https:\/\/app.readpeak.com https:\/\/www.google.com\/ https:\/\/www.google.se\/ https:\/\/*.linkedin.com\/ https:\/\/*.pinterest.com\/ https:\/\/pixel.quantserve.com\/ https:\/\/platform.twitter.com\/* https:\/\/*.snapchat.com\/ https:\/\/www.gstatic.com\/ https:\/\/t.co\/ https:\/\/prreqcroab.icu\/ https:\/\/forms-eu1.hsforms.com\/ https:\/\/forms-na1.hsforms.com\/ https:\/\/ad.doubleclick.net\/ https:\/\/adservice.google.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/perf-eu1.hsforms.com\/ https:\/\/track-eu1.hubspot.com\/ https:\/\/connect.facebook.net\/ https:\/\/i.ytimg.com\/; style-src 'self' 'unsafe-inline' 'strict-dynamic' data:; style-src-elem 'self' https:\/\/*.vattenfall.se\/ 'unsafe-inline' 'unsafe-eval' data: https:\/\/fonts.googleapis.com https:\/\/elements.vattenfall.se https:\/\/ecp-gwe.vattenfall.se\/; font-src 'self' https:\/\/*.vattenfall.nl https:\/\/vfsalesstorageprd.blob.core.windows.net\/ https:\/\/*.vattenfall.se\/ https:\/\/fonts.gstatic.com\/ https:\/\/incharge.azureedge.net\/ data:; connect-src 'self' wss:\/\/*.vattenfall.se\/ data: blob: properties https:\/\/*.doubleclick.net https:\/\/dev.visualwebsiteoptimizer.com\/* https:\/\/*.visualwebsiteoptimizer.com\/ https:\/\/dc.services.visualstudio.com\/* https:\/\/bat.bing.com\/* https:\/\/*.vattenfall.se\/ https:\/\/*.visualwebsiteoptimizer.com\/* https:\/\/pixel.quantcount.com\/ https:\/\/*.visualstudio.com\/ https:\/\/*.pinterest.com\/ https:\/\/bat.bing.com\/ https:\/\/www.facebook.com\/ https:\/\/app.readpeak.com\/ https:\/\/adservice.google.com\/ https:\/\/cdn.linkedin.oribi.io\/ https:\/\/www.google.com\/ https:\/\/businessspecificapimanglobal.azure-api.net\/ https:\/\/tr.snapchat.com https:\/\/logx.optimizely.com\/ https:\/\/vattenfallnordic.piwik.pro\/ https:\/\/vattenfallnordic.containers.piwik.pro\/ https:\/\/cdn.optimizely.com\/ https:\/\/forms.hsforms.com\/ https:\/\/forms-eu1.hsforms.com\/ https:\/\/rum.optimizely.com\/ https:\/\/px.ads.linkedin.com\/ https:\/\/cta-eu1.hubspot.com\/ https:\/\/api-eu1.hubapi.com\/ https:\/\/api-eu1.hubspot.com\/ https:\/\/mpc-prod-27-s6uit34pua-uk.a.run.app\/ https:\/\/bat.bing.net\/ https:\/\/rum.optimizely.com\/ https:\/\/*.snapchat.com\/ https:\/\/eu-api.friendlycaptcha.eu\/; frame-src 'self' https:\/\/*.doubleclick.net https:\/\/*.snapchat.com https:\/\/*.pinterest.com https:\/\/www.youtube.com https:\/\/www.facebook.com https:\/\/forms-eu1.hsforms.com\/ https:\/\/*.cdn.optimizely.com\/ https:\/\/heatoutagemap.vattenfall.se\/ https:\/\/player.admiralcloud.com\/ mailto: anwebconsole; worker-src blob:; object-src 'none'; report-uri https:\/\/selfserviceapi.www.vattenfall.se\/api\/csp-report\/report-uri?key=sedaca04a6;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/www.lbma.org.uk; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.crazyegg.com *.googletagmanager.com *.clickdimensions.com https:\/\/prices.lbma.org.uk\/precious-metal-prices\/js\/app.js https:\/\/prices.lbma.org.uk\/precious-metal-prices\/js\/chunk-vendors.js player.vimeo.com https:\/\/cdn.jsdelivr.net\/npm\/fuse.js@6.4.3 https:\/\/code.jquery.com\/jquery-3.5.1.min.js *.cookiebot.com https:\/\/34izj6oc0dlymb5gp-1.a1.typesense.net https:\/\/lbma.ddev.site:3001; style-src 'self' 'unsafe-inline' *.typekit.net https:\/\/p.typekit.net *.lbma.org.uk https:\/\/code.highcharts.com\/css\/highcharts.css *.googleapis.com https:\/\/cdn.jsdelivr.net\/npm\/instantsearch.css@8.5.1\/themes\/satellite-min.css https:\/\/lbma.ddev.site:3001; worker-src 'self' blob:; img-src 'self' data: cdn.lbma.org.uk *.ads.linkedin.com *.doubleclick.net *.vod-progressive.akamaized.net  *.googletagmanager.com lbma.ams3.digitaloceanspaces.com i.vimeocdn.com *.cookiebot.com; media-src 'self' *.vimeo.com *.youtube.com  *.vod-progressive.akamaized.net *.lbma.org.uk; connect-src 'self' *.google-analytics.com px.ads.linkedin.com *.lbma.org.uk *.lpmcl.com *.crazyegg.com *.cookiebot.com 34izj6oc0dlymb5gp-1.a1.typesense.net; frame-src 'self' *.vimeo.com *.youtube.com *.doubleclick.net https:\/\/www.google.com\/ cdn.lbma.org.uk https:\/\/cdn.knightlab.com *.cookiebot.com; font-src 'self' use.typekit.net fonts.gstatic.com prices.lbma.org.uk;","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.fontawesome.com *.bootstrapcdn.com *.gstatic.com 'self' data: www.googleadservices.com www.googletagmanager.com *.reevoo.com\/ *.googleapis.com *.feefo.com *.speedex.gr data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com unpkg.com *.unpkg.com www.facebook.com *.magedeploy.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ bid.g.doubleclick.net challenges.cloudflare.com unpkg.com *.unpkg.com cdnjs.cloudflare.com www.facebook.com consentcdn.cookiebot.eu 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com https:\/\/images.unsplash.com *.designer-images.net 'self' data: unpkg.com *.unpkg.com www.facebook.com assets.themart.gr www.themart.gr cdn.themart.gr *.cdninstagram.com sp.analytics.yahoo.com *.cookiebot.com *.google.gr *.sharethrough.com *.outbrain.com *.bidswitch.net *.dnxs.com *.smartadserver.com *.taboola.com *.omnitagjs.com *.casalemedia.com *.criteo.com id5-sync.com *.360yield.com *.ivitrack.com *.media.net *.mediavine.com *.adnxs.com *.id5-sync.com *.pubmatic.com *.postrelease.com *.rubiconproject.com *.teads.tv *.tremorhub.com *.3lift.com *.yieldlab.net *.emxdgt.com *.yieldmo.com *.unrulymedia.com *.1rx.io data: 'self' 'unsafe-inline'; script-src www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.stat-track.com polyfill.io *.moosend.com challenges.cloudflare.com *.google.com *.gstatic.com unpkg.com *.unpkg.com cdnjs.cloudflare.com consentcdn.cookiebot.eu onesignal.com cdn.onesignal.com consent.cookiebot.eu connect.facebook.net *.feefo.com *.clarity.ms skroutza.skroutz.gr static.cloudflareinsights.com *.skroutz.gr dynamic.criteo.com sslwidget.criteo.com widgets.reevoo.com go.linkwi.se s.yimg.com measurement-api.criteo.com metrics.find.gr plausible.io *.cookiebot.com *.hotjar.com *.pinimg.com *.pinterest.com *.magedeploy.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.fontawesome.com *.moosend.com *.bootstrapcdn.com *.googleapis.com *.gstatic.com unpkg.com *.unpkg.com *.reevoo.com\/ *.feefo.com *.speedex.gr *.magedeploy.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.stat-track.com *.m-pages.com *.m-operations.com unpkg.com *.unpkg.com consentcdn.cookiebot.eu www.google.com *.feefo.com *.hotjar.com wss:\/\/ws.hotjar.com *.hotjar.io widgets.reevoo.com skynet.reevoo.com measurement-api.criteo.com s.yimg.com metrics.find.gr plausible.io *.doubleclick.net *.pinterest.com *.clarity.ms *.cookiebot.com *.magedeploy.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.cloudflare.com *.bootstrapcdn.com *.twitter.com nitropack.io *.nitrocdn.com *.cakebox.com fonts.googleapis.com cdn.jsdelivr.net *.klaviyo.com cdnjs.cloudflare.com *.cdn-apple.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com consentcdn.cookiebot.com consentcdn.cookiebot.eu *.addthis.com *.trustpilot.com *.twitter.com *.vimeo.com *.doubleclick.net nitropack.io *.weltpixel.com *.adobedtm.com widget.trustpilot.com vars.hotjar.com app.involve.me ssl.kaptcha.com *.onetrust.com js.ryft.com embedded.ryftpay.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com *.cookiebot.com imgsct.cookiebot.eu https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.cloudflare.com *.twitter.com *.contentsquare.net nitropack.io *.nitrocdn.com *.adobedtm.com s.ytimg.com services.postcodeanywhere.co.uk bat.bing.com *.facebook.com *.google.co.in lantern.roeye.com static-tracking.klaviyo.com *.cloudfront.net *.cakebox.com *.cookiepro.com *.googletagmanager.com *.wepowerconnections.com *.zenaps.com ad.doubleclick.net cm.g.doubleclick.net *.google.com *.google.com.vn *.google.co.uk *.onetrust.com *.adroll.com x.bidswitch.net ml314.com pixel.tapad.com dsum-sec.casalemedia.com dsync.rlcdn.com pixel.rubiconproject.com *.openx.net sync.outbrain.com idsync.rlcdn.com *.pubmatic.com sync.taboola.com ib.adnxs.com eb2.3lift.com match.adsrvr.org *.stickyadstv.com *.sitescout.com *.springserve.com *.ipredictive.com *.turn.com *.mdhv.io dsp.360yield.com www.eggfreecake.co.uk *.usercentrics.eu https:\/\/www.ryft.com embedded.ryftpay.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com *.cookiebot.com consent.cookiebot.eu https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com *.addthis.com *.cloudflare.com *.fontawesome.com *.google-analytics.com googletagmanager.com graph.facebook.com *.moatads.com *.trustpilot.com widgets.pinterest.com *.contentsquare.com *.contentsquare.net cdn.tailwindcss.com cdn.jsdelivr.net https:\/\/www.googletagmanager.com tagmanager.google.com *.adobedtm.com *.cardinalcommerce.com unpkg.com *.paypal.com *.livechatinc.com *.pcapredict.com storage.googleapis.com maps.google.com services.postcodeanywhere.co.uk bat.bing.com *.hotjar.com s.pinimg.com c3.adalyser.com connect.facebook.net rum-static.pingdom.net ct.pinterest.com lantern.roeyecdn.com *.soakandsleep.com cdn.bronto.com dynamic.criteo.com *.apptrian.com *.dwin1.com paperplaneslive.com *.cloudfront.net *.cookiepro.com *.googletagmanager.com stats.g.doubleclick.net *.amplitude.com *.sovendus.com *.zenaps.com www.google.com *.involve.me *.onetrust.com *.adroll.com www.subconvertize.com js-agent.newrelic.com *.googlesyndication.com *.config-security.com *.triplewhale.com *.cookiebot.eu *.ryftpay.com https:\/\/embedded.ryftpay.com\/v2\/ryft.min.js 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.cloudflare.com *.googleapis.com *.gstatic.com *.twitter.com cdn.tailwindcss.com nitropack.io cdnjs.cloudflare.com *.nitrocdn.com cdn.jsdelivr.net *.trustpilot.com tagmanager.google.com static-tracking.klaviyo.com *.soakandsleep.com services.postcodeanywhere.co.uk www.google.com *.typekit.net *.cdn-apple.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com consentcdn.cookiebot.com consentcdn.cookiebot.eu consent.cookiebot.com consent.cookiebot.eu https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.cloudflare.com *.twitter.com *.contentsquare.net *.nitrocdn.com nitropack.io https:\/\/www.google-analytics.com *.adobedtm.com *.adobe.com *.gstatic.com *.telemetry-dev.adobe.io services.postcodeanywhere.co.uk ct.pinterest.com rum-collector-2.pingdom.net api.livechatinc.com paperplaneslive.com *.cloudfront.net *.trustpilot.com api2.amplitude.com *.googletagmanager.com *.onetrust.com invitejs.trustpilot.com *.sovendus.com *.cookiepro.com *.bing.com www.google.com stats.g.doubleclick.net *.involve.me *.adroll.com bam.nr-data.net *.hotjar.* wss:\/\/ws.hotjar.com content.hotjar.io *.config-security.com *.ryftpay.com https:\/\/embedded.ryftpay.com\/v2\/ryft.min.js.map embedded.ryftpay.com smp-paymentservices.apple.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" connect-src  'unsafe-inline' https: https:\/\/chat.tendertech.ru  wss:\/\/chat.tendertech.ru:7272 https:\/\/blacklist.tendertech.ru https:\/\/storage.tendertech.ru","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-gHDH6vkyolOnpoT6BeET2Q' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" font-src *.gstatic.com fonts.gstatic.com use.typekit.net *.typekit.net www.paypalobjects.com *.googleapis.com data: https:\/\/www.googletagmanager.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action www.facebook.com ecommerce.raiffeisenbank.rs *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self' *.jasmin.rs *.cookiebot.com *.hotjar.com *.googletagmanager.com www.gstatic.com 'self'; frame-src www.facebook.com bid.g.doubleclick.net storifyme.com storifyme.xyz *.storifyme.com *.storifyme.xyz *.jasmin.rs *.yandex.com *.yandex.md *.doubleclick.net *.cookiebot.com *.googletagmanager.com *.yango.com fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.paypal.com www.sandbox.paypal.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.google.com 'self' 'unsafe-inline'; img-src *.googleapis.com *.gstatic.com stats.g.doubleclick.net www.google.com www.google.rs www.facebook.com www.googletagmanager.com storifyme.com storifyme.xyz *.storifyme.com *.storifyme.xyz assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net bid.g.doubleclick.net analytics.google.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io maps.googleapis.com maps.gstatic.com *.yandex.ru https:\/\/yandex.ru *.yandex.com *.yandex.md *.cookiebot.com *.yads.tech *.sharethis.com *.ymmobi.com *.doubleclick.net *.opera.com *.jasmin.rs jasmin.b-cdn.net kickoffcrm.com *.google.ru *.yango.com *.facebook.net *.linkedin.com i0.wp.com data: www.googleadservices.com www.google-analytics.com p.typekit.net *.paypal.com *.typekit.net www.paypal.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com data: 'self' 'unsafe-inline'; script-src *.googleapis.com *.gstatic.com *.googletagmanager.com www.google-analytics.com connect.facebook.net googleads.g.doubleclick.net stats.g.doubleclick.net storifyme.com storifyme.xyz *.storifyme.com *.storifyme.xyz *.hotjar.com *.yandex.ru *.yandex.com *.cookiebot.com *.jasmin.rs mc.yango.com jasmin.sales-snap.com *.licdn.com *.tiktok.com assets.adobedtm.com *.adobe.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com tagmanager.google.com https:\/\/www.googletagmanager.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.disqus.com *.avada.io *.shopify.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.googleapis.com *.jasmin.rs jasmin.sales-snap.com *.adobe.com fonts.googleapis.com assets.braintreegateway.com https:\/\/www.googletagmanager.com tagmanager.google.com *.fontawesome.com https:\/\/fonts.bunny.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.b-cdn.net storifyme.com storifyme.xyz *.storifyme.com *.storifyme.xyz *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.googleapis.com *.google.com google.com www.google-analytics.com connect.facebook.net stats.g.doubleclick.net *.facebook.com dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com analytics.google.com www.googletagmanager.com *.cardinalcommerce.com vimeo.com ekr.zdassets.com get.geojs.io *.avada.io *.hotjar.com *.hotjar.io wss:\/\/ws.hotjar.com storifyme.com storifyme.xyz *.storifyme.com *.storifyme.xyz *.yandex.ru *.yandex.com yandex.com *.yandex.md *.doubleclick.net *.jasmin.rs *.googlesyndication.com *.yango.com jasmin.sales-snap.com *.linkedin.com *.cookiebot.com *.tiktok.com *.newrelic.com *.nr-data.net *.adobe.io performance.typekit.net *.sentry.io *.paypal.com *.braintreegateway.com *.braintree-api.com www.paypal.com www.sandbox.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/get.geojs.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com webchat.jdg.co.za *.jdg.co.za 'self' 'unsafe-inline'; frame-ancestors *.hana.ondemand.com 'self'; object-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; media-src *.gstatic.com *.google.com capitracking.istore.co.za analytics.twitter.com t.co sp.analytics.yahoo.com cdn1.stamped.io stamped.io *.zdassets.com 'self' 'unsafe-inline'; font-src *.gstatic.com fonts.gstatic.com use.typekit.net *.typekit.net *.klevu.com *.ksearchnet.com https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net cdn1.stamped.io stamped.io *.cloudflare.com *.googleapis.com *.zopim.com *.tawk.to *.jsdelivr.net media.flixfacts.com 'unsafe-inline' data: data: 'self' 'unsafe-inline'; style-src *.googleapis.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.klevu.com *.ksearchnet.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com oppwa.com *.oppwa.com *.peachpayments.com cdn1.stamped.io stamped.io *.cloudflare.com *.jsdelivr.net www.gstatic.com media.flixcar.com 'unsafe-inline' data: https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; connect-src *.googleapis.com *.google.com *.gstatic.com s.yimg.com in.visitors.live dsp-trk.eskimi.com dsp-ap.eskimi.com sslwidget.criteo.com wss:\/\/in.visitors.live analytics.tiktok.com\/* portal.immerss.live *.linkedin.com *.creativecdn.com wss:\/\/ws.hotjar.com *.istore.co.za *.tiktok.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.magento-datasolutions.com *.magento-ds.com *.paypal.com google.com *.braintreegateway.com *.braintree-api.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/*.ingest.sentry.io *.klevu.com *.ksearchnet.com sandbox-api.layup.co.za layup.co.za https:\/\/ipinfo.io https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com oppwa.com *.oppwa.com *.peachpayments.com cdn1.stamped.io stamped.io *.testfreaks.com *.nosto.com *.hotjar.io *.hotjar.com *.doubleclick.net *.zendesk.com *.tawk.to wss:\/\/*.tawk.to *.tawk.link *.addthis.com *.addthisedge.com *.what3words.com vsb111.tawk.to ekr.zdassets.com app.mobicredwidget.co.za wss:\/\/widget-mediator.zopim.com bam.nr-data.net *.googletagmanager.com security-hub.vaimo.network 'unsafe-eval' data: 'self' 'unsafe-inline'; frame-src *.google.com ams.creativecdn.com portal.immerss.live *.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com *.nosto.com *.issuu.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.criteo.net *.criteo.com *.addthis.com webchat.jdg.co.za *.jdg.co.za 'self' 'unsafe-inline'; img-src *.googleapis.com *.gstatic.com *.google.com *.googleusercontent.com capitracking.istore.co.za analytics.twitter.com t.co sp.analytics.yahoo.com pixel.rubiconproject.com cm.g.doubleclick.net r.casalemedia.com eb2.3lift.com simage2.pubmatic.com contextual.media.net sync-t1.taboola.com exchange.mediavine.com s.ad.smaato.net match.sharethrough.com jadserve.postrelease.com c.bing.com sync.outbrain.com rtb-csync.smartadserver.com secure.adnxs.com ib.adnxs.com ads.yahoo.com ups.analytics.yahoo.com dis.criteo.com *.doubleclick.net *.linkedin.com *.tribalfusion.com sync.go.sonobi.com istore.co.za cm.adform.net ams.creativecdn.com bh.contextweb.com widgets.magentocommerce.com 'unsafe-inline' data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.klevu.com *.ksearchnet.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com https:\/\/firebasestorage.googleapis.com store.paradoxlabs.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: oppwa.com *.oppwa.com *.peachpayments.com *.eu-west-1.amazonaws.com cdn1.stamped.io stamped.io *.cloudflare.com *.google.lv *.google.co.za *.google.com.na *.google.na *.zopim.com *.nosto.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.zopim.io *.sfdr.co sfdr.co *.tawk.to tawk.link *.tawk.link *.addthis.com *.jsdelivr.net *.azurewebsites.net maps.googleapis.com app.mobicredwidget.co.za amcglobal.sc.omtrdc.net media.flixcar.com rt.flix360.com assets.secure.checkout.visa.com data: 'self' 'unsafe-inline'; script-src *.google.com *.googleapis.com *.gstatic.com capitracking.istore.co.za s.yimg.com platform2.cloud-iq.com static.ads-twitter.com rookdsp.com dsp-media.eskimi.com portal.immerss.live snap.licdn.com tags.creativecdn.com *.tiktok.com *.tribalfusion.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.typekit.net google.com *.cdn-apple.com *.braintreegateway.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/browser.sentry-cdn.com js.klevu.com *.ksearchnet.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.avada.io *.shopify.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.oppwa.com oppwa.com *.peachpayments.com cdn1.stamped.io stamped.io *.zopim.com *.videoly.co sfdr.co *.cnetcontent.com *.cloudfront.net *.klevu.com *.google.lv *.google.co.za *.google.com.na *.google.na *.cloudflare.com *.cloudflareinsights.com *.nosto.com *.hotjar.com *.googletagmanager.com *.criteo.net *.criteo.com *.sfdr.co *.tawk.to *.tawk.link *.jsdelivr.net *.addthis.com *.addthisedge.com *.moatads.com *.mouseflow.com *.facebook.com *.what3words.com maps.googleapis.com static.zdassets.com app.mobicredwidget.co.za www.gstatic.com bam.nr-data.net js.testfreaks.com media.flixfacts.com media.flixcar.com security-hub.vaimo.network https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval';","count":1},{"content-security-policy-report-only":" default-src 'none'; connect-src 'self' https:\/\/*.icfcdn.com https:\/\/www.google.com https:\/\/cdn.plyr.io https:\/\/*.gstatic.com; script-src 'nonce-0e76f9a54b456f1ff967271f5a27606c7140ebaf76504491849c9dc927032320' 'strict-dynamic' 'report-sample' 'self' https:\/\/*.icfcdn.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/*.googleapis.com; style-src 'self' 'nonce-0e76f9a54b456f1ff967271f5a27606c7140ebaf76504491849c9dc927032320' 'report-sample' https:\/\/fonts.googleapis.com; style-src-elem 'unsafe-inline' 'report-sample' https:\/\/fonts.googleapis.com; style-src-attr 'unsafe-inline' 'report-sample'; font-src https:\/\/fonts.gstatic.com https:\/\/fonts.googleapis.com; img-src 'self' blob: https:\/\/*.gstatic.com https:\/\/*.nsimg.net https:\/\/*.icfcdn.com; media-src 'self' data: https:\/\/cdn.plyr.io https:\/\/*.nsimg.net https:\/\/live.metamediafonts.com; frame-src https:; frame-ancestors 'self'; base-uri 'self'; report-to report-only; report-uri \/reporting\/cspReport?reportOnly","count":1},{"content-security-policy-report-only":" default-src https:; style-src 'self' 'unsafe-inline' *.liveperson.net *.addressy.com *.freshchat.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleconnerce.com *.liveperson.net *.googletagmanager.com *.facebook.net *.googleapis.com bat.bing.com *.google.com connect.facebook.com *.freshchat.com *.google-analytics.com *.googleadservices.com schwaab.oro-cloud.com *.doubleclick.net *.bootstrapcdn.com *.googlecommerce.com *.addressy.com *.lpsnmedia.net;  font-src 'self' fonts.gstatic.com; report-uri https:\/\/www.stampxpress.com\/report.aspx","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-pOjO8uGu_Yj6Xz6VcB6SKQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src 'self' epichttp: https:\/\/cdnapisec.kaltura.com https:\/\/pay.instamed.com;script-src 'nonce-75558de27fd84d2ea053dbca282be061' https:\/\/www.mylghealth.org 'self' http:\/\/fad.Lghealth.org https:\/\/cdc.gov https:\/\/patientportal.natera.com https:\/\/www.healthwise.net https:\/\/www.lancastergeneralhealth.org;img-src https:\/\/* 'self' blob: data: http:\/\/fad.lghealth.org https:\/\/fad.lghealth.org;connect-src 'self' epichttp: https:\/\/acrobat.adobe.com;style-src https:\/\/www.mylghealth.org 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com data: likeme.com.co *.likeme.com.co maxcdn.bootstrapcdn.com s3.amazonaws.com *.fontawesome.com *.gstatic.com 'self' data: https:\/\/maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.mercadopago.com *.mlstatic.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/www.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com https:\/\/www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ cdn.dnky.co amc.demdex.net www.google.com www.facebook.com youtube.com gum.criteo.com likeme.com.co *.likeme.com.co *.criteo.com fledge.criteo.com app.zinrelo.com www.youtube.com *.addi.com td.doubleclick.net *.mercadolibre.com *.blob.core.windows.net\/* *.mercadopago.com *.mlstatic.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com https:\/\/ibang-webviews.ibang.ai https:\/\/app.zinrelo.com https:\/\/vars.hotjar.com https:\/\/static.criteo.net http:\/\/static.criteo.net https:\/\/td.doubleclick.net https:\/\/fledge.us.criteo.com https:\/\/fledge.eu.criteo.com 'self' 'unsafe-inline'; img-src https:\/\/assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io maps.gstatic.com maps.googleapis.com accounts.google.com www.facebook.com *.likeme.com.co *.cloudfront.net www.google.cl www.google.com.uy www.google.com.ar www.google.com.co dis.criteo.com criteo-sync.teads.tv criteo-partners.tremorhub.com d1qbqkkh49kht1.cloudfront.net zinrelo-notification-images.s3.amazonaws.com *.addi.com *.clarity.ms *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar *.mercadolivre.com connect.facebook.net graph.facebook.com business.facebook.com 'self' data: https:\/\/ibangblob.blob.core.windows.net www.mercadolivre.com http:\/\/imgmp.mlstatic.com https:\/\/cdn.stickyadstv.com https:\/\/www.google.com.ar https:\/\/www.mercadopago.com.co http:\/\/img.mlstatic.com https:\/\/pixel.rubiconproject.com https:\/\/likeme.com.co https:\/\/*.g.doubleclick.net https:\/\/*.smartadserver.com https:\/\/*.cloudfront.net https:\/\/sync.outbrain.com https:\/\/contextual.media.net https:\/\/ad.360yield.com https:\/\/r.casalemedia.com https:\/\/cm.adform.net https:\/\/x.bidswitch.net https:\/\/match.sharethrough.com https:\/\/ads.stickyadstv.com https:\/\/exchange.mediavine.com https:\/\/sync-t1.taboola.com https:\/\/sync-criteo.ads.yieldmo.com https:\/\/c.bing.com https:\/\/e1.emxdgt.com https:\/\/s.ad.smaato.net https:\/\/i.liadm.com https:\/\/ads.yahoo.com https:\/\/ups.analytics.yahoo.com https:\/\/secure.adnxs.com https:\/\/ib.adnxs.com https:\/\/sp.analytics.yahoo.com https:\/\/dis.criteo.com https:\/\/i6.liadm.com https:\/\/simage2.pubmatic.com https:\/\/eb2.3lift.com https:\/\/jadserve.postrelease.com https:\/\/www.google.com.co https:\/\/criteo-sync.teads.tv https:\/\/tg.socdm.com https:\/\/visitor.omnitagjs.com https:\/\/gum.criteo.com https:\/\/matching.ivitrack.com https:\/\/trends.revcontent.com https:\/\/ade.clmbtech.com https:\/\/idsync.rlcdn.com https:\/\/tags.bluekai.com https:\/\/s3.amazonaws.com https:\/\/criteo-partners.tremorhub.com https:\/\/hb.yahoo.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ cdn.dnky.co r1-t.trackedlink.net www.gstatic.com js-agent.newrelic.com bam.nr-data.net maps.googleapis.com connect.facebook.net player.vimeo.com dynamic.c static.criteo.net dynamic.criteo.com sslwidget.criteo.com fast.amc.demdex.net widget.eu.criteo.com likeme.com.co *.likeme.com.co *.cloudfront.net *.zinrelo.com cdnjs.cloudflare.com www.googleoptimize.com www.clarity.ms analytics.tiktok.com *.embluemail.com s3.amazonaws.com cdn.addi.com www.youtube.com static.doubleclick.net www.google.com ajax.googleapis.com connect.nosto.com *.taboola.com *.hotjar.com *.mlstatic.com *.mercadopago.com *.google.com https:\/\/maps.googleapis.com *.blob.core.windows.net\/* www.facebook.com graph.facebook.com business.facebook.com *.gstatic.com https:\/\/www.google.com https:\/\/cdn.zinrelo.com http:\/\/cdn.zinrelo.com https:\/\/www.wheelofpopups.com https:\/\/*.cloudfront.net https:\/\/app.zinrelo.com https:\/\/www.googleoptimize.com https:\/\/cdn.embluemail.com https:\/\/widgets-static.embluemail.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/cdnjs.cloudflare.com https:\/\/*.g.doubleclick.net https:\/\/*.mailmunch.com https:\/\/widgets-api.embluemail.com https:\/\/analytics.tiktok.com https:\/\/www.clarity.ms 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com cdn.dnky.co likeme.com.co *.likeme.com.co use.fontawesome.com *.cloudfront.net maxcdn.bootstrapcdn.com www.youtube.com *.fontawesome.com *.mercadopago.com *.mlstatic.com *.googleapis.com *.gstatic.com https:\/\/trazosvisuales.com https:\/\/trazosvisuales.info https:\/\/maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.comapi.com bam.nr-data.net likeme.com.co *.likeme.com.co maxcdn.bootstrapcdn.com gum.criteo.com s.clarity.ms app.zinrelo.com www.youtube.com channels-public-api.addi.com www.google.cl www.google.com.uy www.google.com.ar www.google.com.co *.google.com *.clarity.ms mug.criteo.com connect.nosto.com googleads.g.doubleclick.net jnn-pa.googleapis.com *.mercadopago.com *.mercadolibre.com *.sistecredito.com\/* *.blob.core.windows.net\/* *.mlstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.google-analytics.com https:\/\/www.google-analytics.com https:\/\/*.g.doubleclick.net https:\/\/trazosvisuales.info https:\/\/maxcdn.bootstrapcdn.com https:\/\/trazosvisuales.com https:\/\/measurement-api.criteo.com\/ https:\/\/analytics.tiktok.com\/ https:\/\/v.clarity.ms https:\/\/pagead2.googlesyndication.com\/ https:\/\/cdnjs.cloudflare.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src bam.nr-data.net s.clarity.ms *.google.com www.google-analytics.com analytics.tiktok.com likeme.com.co *.likeme.com.co *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-fqXgk41bsVevZ7BKsmTn1Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline' data:; frame-ancestors 'none'; worker-src blob:; connect-src * 'unsafe-inline'; img-src * blob: data: 'unsafe-inline'; object-src 'self' blob:; report-uri \/cspapi\/report\/CspReport;","count":1},{"content-security-policy-report-only":" base-uri 'self'; connect-src 'self' wss:\/\/localhost:9500 https:\/\/matomo-web.chuv.ch https:\/\/prompts.maze.co https:\/\/axeptio.imgix.net https:\/\/*.facil-iti.app https:\/\/*.infomaniak.cloud https:\/\/*.axept.io; default-src 'self'; font-src 'self' data: https:\/\/localhost:9500 https:\/\/fonts.gstatic.com https:\/\/*.axept.io; frame-ancestors 'self' https:\/\/*.chuv.ch; frame-src 'self' https:\/\/pro.medigo.ch https:\/\/www.medigo.ch https:\/\/challenges.cloudflare.com https:\/\/player.vimeo.com https:\/\/www.youtube-nocookie.com https:\/\/*.facil-iti.app; img-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/i.vimeocdn.com https:\/\/i.ytimg.com https:\/\/favicons.axept.io https:\/\/axeptio.imgix.net https:\/\/*.chuv.ch https:\/\/*.infomaniak.cloud; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.facil-iti.app https:\/\/matomo-web.chuv.ch https:\/\/snippet.maze.co https:\/\/challenges.cloudflare.com https:\/\/*.axept.io; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/localhost:9500 https:\/\/cdn.facil-iti.app https:\/\/matomo-web.chuv.ch https:\/\/snippet.maze.co https:\/\/challenges.cloudflare.com https:\/\/www.youtube.com https:\/\/connect.facebook.net https:\/\/*.axept.io; style-src 'self' 'unsafe-inline' https:\/\/fonts.axept.io; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' blob: https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/fonts.axept.io; worker-src 'none'; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" default-src *; script-src *; object-src *; style-src *; img-src *; media-src *; frame-src *; font-src *; connect-src *","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=VQ11pQHBRbG3lr_uUWq4V0Cz.yRfl4CMuw7m0MAorg0-1778723875.9445193-1.0.1.1-X4bFZeK9YlTMUVGf8_JW7tIdhM1Oxcv6x5zUyJMqEPsNGZ.9T7vnQxZFz8ukE6K7H9ku8hh7hlFZgwBToWM9j38w1DquOm0ohYmuATR_U1cuYGqWeqMU.8Vzi76JM1GhxedgAYDL.V3rimtz6Kr91RH8hvNme87dRuayFcg45a4; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" connect-src 'self' https:\/\/www.google-analytics.com https:\/\/muneer.cx https:\/\/www.googletagmanager.com; base-uri 'self' *.mindrocketsapis.com cdn.mindrocketsapis.com","count":1},{"content-security-policy-report-only":" script-src 'strict-dynamic' 'unsafe-inline' https: 'nonce-9e9e4a6e7bd0c48b31643dda8070faee';object-src 'none';base-uri 'none';frame-src 'self' https:\/\/paywall.imoje.pl https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/wchat.freshchat.com https:\/\/*.webpush.freshchat.com https:\/\/www.youtube.com https:\/\/youtube.com https:\/\/youtu.be https:\/\/www.youtube-nocookie.com https:\/\/youtube-nocookie.com https:\/\/www.facebook.com https:\/\/open.spotify.com\/embed\/ https:\/\/podcasters.spotify.com\/pod\/show\/ https:\/\/player.vimeo.com\/video\/ https:\/\/td.doubleclick.net https:\/\/platform.twitter.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.wp.pl https:\/\/ssp.wp.pl","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=iMJfqURmJ4irJYp7PZ6aH2aMEu1Spp8kjxIXfE8JqOY-1778727517.8573937-1.0.1.1-.SlOye9OiEBqBX7E.HNCmb0Ze8nXLhxkdxn1dEATX0_It1kJlOt_DeQDZcH7wJ.myjUx4feVyth6sQ3E0.YeRyqCjTGAwDwDodSLqJUXSwn2Xo7_w7uT.2vJMeDukuPgo4W06V1zso4iTb1uCjClo3O0vcPlI7Bii6FEDqrcOf4; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-qo1ZZKzMlPdvHk5VTOdFqA' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" script-src 'self' 'report-sample' https:\/\/static.mycasavi.com 'sha256-HqcrltV\/add35ktFKnghPtUZD86xFk2tNSOVuSxlxZI=' 'sha256-nP0EI9B9ad8IoFUti2q7EQBabcE5MS5v0nkvRfUbYnM=' https:\/\/app.eu.pendo.io https:\/\/cdn.eu.pendo.io https:\/\/data.eu.pendo.io https:\/\/pendo-eu-static.storage.googleapis.com https:\/\/pendo-eu-static-5744612903485440.storage.googleapis.com https:\/\/browser.sentry-cdn.com https:\/\/widget.moin.ai https:\/\/cdn.crowdin.com https:\/\/crowdin.com https:\/\/cdn-a.cumul.io https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/maps.googleapis.com https:\/\/cdn.segment.com https:\/\/agent.b4u-cloud.de 'nonce-Z2OXPBn0e7ohY74p4pscBA==';worker-src 'self' blob: https:\/\/static.mycasavi.com;frame-ancestors 'self';report-uri \/csp-report;base-uri 'self';object-src 'none';script-src-attr 'none'","count":1},{"content-security-policy-report-only":" default-src 'self'; frame-src https:\/\/www.youtube-nocookie.com\/ https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/*.fls.doubleclick.net https:\/\/tracking.arcraiders.com https:\/\/preview.tracking.arcraiders.com; img-src 'self' https:\/\/* data:; font-src 'self' https:\/\/fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https:\/\/googletagmanager.com https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/fonts.googleapis.com; script-src 'self' 'unsafe-inline' https:\/\/connect.facebook.net https:\/\/www.redditstatic.com https:\/\/www.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/*.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/googleads.g.doubleclick.net; connect-src 'self' https:\/\/*.sibforms.com\/ https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/*.reddit.com https:\/\/www.redditstatic.com www.googletagmanager.com https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/google.com https:\/\/ad.doubleclick.net https:\/\/tracking.arcraiders.com https:\/\/preview.tracking.arcraiders.com; report-uri \/api\/csp-report; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bing.com *.cookiebot.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.google.com *.gstatic.com *.doubleclick.net *.curator.io *.elfsight.com *.hotjar.com *.facebook.net *.cloudfront.net *.micpn.com *.searchstax.com *.wisepops.com wisepops.com *.wisepops.net wisepops.net *.sentry-cdn.com *.thehotelsnetwork.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.fonts.net *.myfonts.net *.doubleclick.net *.curator.io; img-src 'self' data: blob: *.google.co.uk *.facebook.com *.doubleclick.net *.google-analytics.com *.micpn.com *.googleapis.com *.gstatic.com *.cloudfront.net *.curator.io *.tripadvisor.com; connect-src 'self' *.bing.com *.cookiebot.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.google.com *.gstatic.com *.doubleclick.net *.micpn.com *.facebook.com *.mapbox.com *.curator.io *.wisepops.net *.wisepops.com wisepops.net wisepops.com *.thehotelsnetwork.com; font-src 'self' data: *.fonts.net *.myfonts.net *.gstatic.com; worker-src 'self' blob:; child-src 'self' blob: *.google.com *.googleapis.com *.googletagmanager.com *.doubleclick.net; frame-src 'self' *.google.com *.doubleclick.net *.facebook.com; media-src 'self'; object-src 'none'; base-uri 'self'; report-uri https:\/\/3chillies.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" script-src 'none'; script-src-elem 'none'; script-src-attr 'none'; report-uri https:\/\/csp-report.apptrana.com\/csp\/report\/11447","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/send.hsbrowserreports.com\/csp\/report?resource=website-grader-ui\/static-1.8102\/html\/public-en.html&cfRay=9fb62aa5795d7d12-IAD","count":1},{"content-security-policy-report-only":" default-src 'self'; child-src 'none'; connect-src 'self' https:\/\/*.bozar.be https:\/\/*.contentsquare.net https:\/\/*.facebook.com https:\/\/*.google-analytics.com https:\/\/*.onetrust.com https:\/\/*.recombee.com https:\/\/*.secutix.com https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.vwo.com https:\/\/o419740.ingest.sentry.io\/api\/5336472\/envelope\/; font-src 'self' https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/*.matterport.com https:\/\/*.soundcloud.com https:\/\/*.spotify.com https:\/\/*.vimeo.com https:\/\/*.youtube.com; img-src 'self' https:\/\/*.cookielaw.org https:\/\/*.facebook.com https:\/\/*.googletagmanager.com https:\/\/*.vimeocdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.bozar.be https:\/\/*.hotjar.com https:\/\/*.cookielaw.org https:\/\/*.contentsquare.net https:\/\/*.googletagmanager.com cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/script.crazyegg.com https:\/\/unpkg.com; script-src-elem 'self' 'unsafe-inline' https:\/\/*.bozar.be https:\/\/*.cookielaw.org https:\/\/*.facebook.net https:\/\/*.googletagmanager.com https:\/\/*.hotjar.com https:\/\/matomojs.trackify.info https:\/\/*.visualwebsiteoptimizer.com https:\/\/*.vwo.com https:\/\/*.youtube.com cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/script.crazyegg.com https:\/\/unpkg.com; style-src 'self' 'report-sample' 'unsafe-inline' https:\/\/unpkg.com; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https:\/\/unpkg.com; webrtc 'block'; worker-src 'self'; base-uri 'none'; form-action 'self'; frame-ancestors 'self' https:\/\/*.bozar.be https:\/\/*.secutix.com; report-uri https:\/\/o419740.ingest.sentry.io\/api\/5336472\/security\/?sentry_key=352ab04e14224ad0804d381177289653&sentry_environment=master-7rqtwti&sentry_release=92dac9888baa9f9e06c80e0cf716eb25d57fbc68; block-all-mixed-content","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-yxg2uW-wext37aOvtM29cA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-src 'self' td.doubleclick.net youtube.com *.youtube.com oneconnect.opendigitaleducation.com google.com www.google.com *.doubleclick.net www.googletagmanager.com; report-to \/infra\/monitoring\/csp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ZsFAgnFyxfI97i-0WvNJ2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-TxX6cB6a8R6Z4Pb3T9qvUw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' nearpod.com *.nearpod.com *.nearpod.us; report-uri https:\/\/nearpod.report-uri.com\/r\/t\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" font-src *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com fonts.gstatic.com use.typekit.net *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action *.twitter.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com eu-gateway.mastercard.com ap-gateway.mastercard.com na-gateway.mastercard.com *.gateway.mastercard.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com *.youtube.com\/ bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com eu-gateway.mastercard.com ap-gateway.mastercard.com na-gateway.mastercard.com *.gateway.mastercard.com *.paytabs.com *.paytabs.sa * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.paypal.com *.twitter.com *.twimg.com *.vimeocdn.com *.ytimg.com 'self' data: *.lightemporium.com *.usercentrics.eu www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io https:\/\/firebasestorage.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.nr-data.net *.newrelic.com *.trackedlink.net *.facebook.net *.googletagmanager.com *.google.com *.jsdelivr.net www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.avada.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com eu-gateway.mastercard.com ap-gateway.mastercard.com na-gateway.mastercard.com *.gateway.mastercard.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com fonts.googleapis.com https:\/\/fonts.bunny.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com *.googleadservices.com *.google-analytics.com *.equiti.com *.sandbox.paypal.com *.paypalobjects.com *.trackedlink.net *.nr-data.net *.newrelic.com *.ampproject.org www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io https:\/\/get.geojs.io *.avada.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.adyen.com https:\/\/acsbapp.com https:\/\/bat.bing.com https:\/\/widget.us.criteo.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/*.flos.com https:\/\/*.salesforce.com https:\/\/service.force.com https:\/\/*.cquotient.com https:\/\/*.hotjar.com https:\/\/*.vimeo.com https:\/\/*.contentful.com https:\/\/*.clarity.ms https:\/\/a.omappapi.com https:\/\/api.omappapi.com https:\/\/*.optimonk.com https:\/\/*.contentsquare.net https:\/\/*.outbrain.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/consent.cookiebot.com https:\/\/*.cookiebot.com https:\/\/d.la1-c2-fra.salesforceliveagent.com https:\/\/d.la11-core1.sfdc-3d0u2f.salesforceliveagent.com https:\/\/maps.googleapis.com https:\/\/dev.flos.com https:\/\/pay.google.com https:\/\/www.paypal.com https:\/\/d.ratepay.com https:\/\/*.collect.igodigital.com https:\/\/dynamic.criteo.com https:\/\/sslwidget.criteo.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/acdn.adnxs.com https:\/\/analytics.webgains.io https:\/\/googleads.g.doubleclick.net; connect-src 'self' https:\/\/*.flos.com https:\/\/cdn.acsbapp.com https:\/\/bat.bing.com https:\/\/cdn-renderer.optimonk.com https:\/\/*.paypal.com https:\/\/*.salesforce.com https:\/\/service.force.com https:\/\/api.omappapi.com https:\/\/*.google.com\/pagead\/ https:\/\/*.adyen.com https:\/\/*.contentful.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.clarity.ms https:\/\/front.optimonk.com https:\/\/cdn-account.optimonk.com https:\/\/cdn-limit.optimonk.com https:\/\/jfapiprod.optimonk.com https:\/\/pagead2.googlesyndication.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/maps.googleapis.com https:\/\/mapsresources-pa.googleapis.com https:\/\/google.com\/pay https:\/\/www.google.com\/pay https:\/\/pay.google.com\/about\/redirect\/ https:\/\/pay.google.com\/gp\/p\/ https:\/\/pay.google.com\/gp\/p\/payment_method_manifest.json https:\/\/www.sandbox.paypal.com\/xoplatform\/logger\/api\/logger https:\/\/checkoutanalytics-test.adyen.com https:\/\/www.google.com\/ccm\/collect https:\/\/*.googleadservices.com https:\/\/www.googleadservices.com https:\/\/amplify.outbrain.com https:\/\/tr.outbrain.com https:\/\/ib.adnxs.com https:\/\/px.ads.linkedin.com https:\/\/ct.pinterest.com https:\/\/measurement-api.criteo.com https:\/\/consentcdn.cookiebot.com; img-src 'self' data: blob: https:\/\/*.flos.com https:\/\/*.dam.flos.net https:\/\/bat.bing.com https:\/\/x.bidswitch.net https:\/\/cm.g.doubleclick.net https:\/\/simage4.pubmatic.com https:\/\/r.casalemedia.com https:\/\/gum.criteo.com https:\/\/id5-sync.com https:\/\/ad.360yield.com https:\/\/contextual.media.net https:\/\/exchange.mediavine.com https:\/\/jadserve.postrelease.com https:\/\/sync.outbrain.com https:\/\/simage2.pubmatic.com https:\/\/pixel.rubiconproject.com https:\/\/rtb-csync.smartadserver.com https:\/\/sync-t1.taboola.com https:\/\/criteo-sync.teads.tv https:\/\/criteo-partners.tremorhub.com https:\/\/eb2.3lift.com https:\/\/ad.yieldlab.net https:\/\/sync.1rx.io https:\/\/dis.criteo.com https:\/\/dpm.demdex.net https:\/\/aa.agkn.com https:\/\/editor-upload-cdn.optimonk.com https:\/\/cdn-content.optimonk.com https:\/\/dam.flos.net https:\/\/*.adyen.com https:\/\/*.google-analytics.com https:\/\/*.googlesyndication.com https:\/\/*.googleadservices.com https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/www.googletagmanager.com https:\/\/maps.gstatic.com https:\/\/mapsresources-pa.googleapis.com https:\/\/www.paypalobjects.com https:\/\/www.gstatic.com https:\/\/tau.collect.igodigital.com https:\/\/px.ads.linkedin.com https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/ib.adnxs.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/www.google.it https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/imgsct.cookiebot.com; frame-src 'self' https:\/\/*.adyen.com https:\/\/*.facebook.com https:\/\/*.paypal.com https:\/\/*.googletagmanager.com https:\/\/*.salesforce.com https:\/\/*.vimeo.com https:\/\/*.cookiebot.com https:\/\/*.criteo.com https:\/\/*.pinterest.com https:\/\/pay.google.com https:\/\/service.force.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' https:\/\/cdn-content.optimonk.com https:\/\/*.googleapis.co https:\/\/*.adyen.com https:\/\/*.salesforce.com https:\/\/a.omappapi.com https:\/\/service.force.com https:\/\/cdn-asset.optimonk.com https:\/\/*.googleapis.com https:\/\/*.adyen.com https:\/\/*.salesforce.com https:\/\/a.omappapi.com https:\/\/service.force.com https:\/\/cdn-asset.optimonk.com; font-src 'self' https:\/\/*.googleapis.com https:\/\/fonts.gstatic.com https:\/\/cdn-content.optimonk.com https:\/\/cdn-custom.optimonk.com https:\/\/*.flos.com data:; worker-src 'self' blob: https:\/\/maps.googleapis.com; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=xQeY3TqvNjpwdRZQAAgmOT3tbILKuU7NknJPoKzGqI0-1778725474.1805868-1.0.1.1-W.OH2H78NtEdIlBr_Q1GdKoBt5kf7x..JDIOpwg6xBP1qKeGeue5Jud53i_QEaJIBT8umJoUVFrJtUg9MnROCMTr9O1yDsQcgwGn5zRpGDgZZaT1IZREwLL1RqULAcbH_G8Sf_W.mPVKVUNnCKTONbGVEQioYFB5JI9sbbQCXiY9ROQrVaQj3_rY1l2N0eTk; report-to cf-byjkwshqydwgdrcw","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-N32I5tXyTsZf1pASSXdZYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" script-src 'self' https:\/\/cloud.typography.com\/7315076\/7256812\/css\/fonts.css siteimproveanalytics.com ; object-src 'none'; img-src *.siteimproveanalytics.io","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-TB_h0RGF987uSbq15fabBw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.cloudflare.com *.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.twitter.com *.authorize.net *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.facebook.com *.twitter.com *.authorize.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.cloudflare.com *.cloudfront.net *.baen.com *.twitter.com *.twimg.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.cloudflare.com *.twitter.com *.twimg.com *.fontawesome.com *.facebook.net *.authorize.net *.simpli.fi js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cloudflare.com *.fontawesome.com *.bootstrapcdn.com *.gstatic.com *.twitter.com *.twimg.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.cloudflare.com *.authorize.net *.doubleclick.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src d.digsgogo.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.cloudflare.com *.typekit.net *.trustedshops.com *.similarinc.com *.zipmoney.com.au *.zendesk.com *.bootstrapcdn.com p-a.io *.particularaudience.com *.digidirect.com.au images.latitudepayapps.com imageapi.magebinary.co.nz *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * *.zipmoney.com.au *.digidirect.com.au *.images.latitudepayapps.com *.imageapi.magebinary.co.nz *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com https:\/\/plumrocket.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com https:\/\/www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app * *.zipmoney.com.au *.digidirect.com.au *.google.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com https:\/\/plumrocket.com *.wesupply.xyz https:\/\/wesupplylabs.com *.weltpixel.com zip.co static.zip.co sandbox.zip.co zipmoney.com.au sandbox.zipmoney.com.au checkout.gb.zip.co checkout.quadpay.com checkout-sandbox.quadpay.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.cloudflare.com cdn.klarna.com *.paypal.com s.ytimg.com *.google.com *.facebook.com *.adsrvr.org *.google.com.ph *.similarinc.com *.cloudfront.net digidirect.zendesk.com *.pinterest.com *.analytics.yahoo.com *.zendesk.com *.gstatic.com *.klarnacdn.net *.facebook.net *.doubleclick.net *.kayweb.com.au p-a.io *.particularaudience.com *.services.qantasloyalty.com *.adobedtm.com *.latitudepayapps.com zip.co bpi.zip.co *.latitudefinancial.com *.google.lk *.digidirect.com.au https:\/\/www.magezon.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com t.zip.co static.zipmoney.com.au static.zip.co data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app *.cloudflare.com maps.googleapis.com *.cloudfront.net *.testfreaks.com *.cfjump.com *.facebook.net *.benchplatform.com *.livechatinc.com *.g.doubleclick.net googletagmanager.com *.adsrvr.org *.studio19.com.au *.particularaudience.com *.srv.stackadapt.com cfjump.digidirect.com.au *.gstatic.com t.cfjump.com settings.luckyorange.net *.similarinc.com *.api.similarinc.com *.zipmoney.com.au *.zip.co *.zdassets.com assets.pinterest.com r3.dotdigital-pages.com api.smooch.io *.klarna.com *.klarnacdn.net *.google.com *.cardinalcommerce.com static.client.cardinaltrusted.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.visitors.live *.wibmo.com *.paypal.cn *.paypalobjects.com *.googleadservices.com *.soreto.com *.kayweb.com.au p-a.io api-recs.particularaudience.com d10lpsik1i8c69.cloudfront.net gtm.js *.connect.studentbeans.com *.studentbeans.com *.instagram.com *.jquery.com *.adobedtm.com *.adobed.com *.latitudefinancial.com *.static.afterpay.com *.latitudepayapps.com *.clarity.ms *.zendesk.com *.digidirect.com utt.impactcdn.com *.google.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com https:\/\/www.googletagmanager.com tagmanager.google.com unpkg.com static.zipmoney.com.au static.zip.co zip.co 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.cloudflare.com *.typekit.net *.trustedshops.com *.usercentrics.eu fonts.googleapis.com tags.srv.stackadapt.com *.similarinc.com *.zipmoney.com.au *.gstatic.com *.google.com *.kayweb.com.au *.bootstrapcdn.com p-a.io *.particularaudience.com *.cloudfront.net *.zip.co *.digidirect.com images.latitudepayapps.com\/ imageapi.magebinary.co.nz\/ *.fontawesome.com unsafe-inline assets.braintreegateway.com https:\/\/fonts.googleapis.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cloudfront.net *.zendesk.com *.kayweb.com.au p-a.io *.particularaudience.com *.services.qantasloyalty.com *.zip.co *.zipmoney.com.au *.digidirect.com.au 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.afterpay.com *.afterpay-beta.com *.afterpaycdn.com *.squarecdn.com *.cash.app api.lab.amplitude.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.zendesk.com *.cloudflare.com *.paypal.com t.cfjump.com settings.luckyorange.net *.particularaudience.com stats.g.doubleclick.net *.google-analytics.com tags.srv.stackadapt.com secure.studio19.com.au secure.polygongroup.com.au bam-cell.nr-data.net *.similarinc.com *.api.similarinc.com *.zipmoney.com.au *.visitors.live *.googleapis.com *.zdassets.com digidirect.zendesk.com *.zip.co api.smooch.io *.gstatic.com *.google.com *.klarnacdn.net *.cardinalcommerce.com *.cardinaltrusted.com *.demdex.net *.braintree-api.com *.braintreegateway.com *.wibmo.com *.paypal.cn *.paypalobjects.com *.kayweb.com.au p-a.io *.qantasloyalty.com *.services.qantasloyalty.com api-recs.particularaudience.com d10lpsik1i8c69.cloudfront.net *.static.afterpay.com *.doubleclick.net *.clarity.ms wss:\/\/in.visitors.live visitors.live insight.adsrvr.org api-preview.luckyorange.com *.digidirect.com digidirect.pxf.io d.impct.site https:\/\/www.eventbriteapi.com https:\/\/corsproxy.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com google.com *.facebook.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.images.latitudepayapps.com *.imageapi.magebinary.co.nz 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-Wbht7CZ-Ba5CyJr_mh7tzQ' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src 'self' epichttp: https:\/\/cdnapisec.kaltura.com\/;script-src 'nonce-472caf066705450bacd2f2705dbe3f06' https:\/\/www.maisa.fi 'self' https:\/\/apomato.maisa.fi\/matomo\/matomo.js;img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp: https:\/\/apomato.maisa.fi\/matomo\/matomo.js https:\/\/apomato.maisa.fi\/matomo\/matomo.php;style-src https:\/\/www.maisa.fi 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action 'self' https:\/\/testi.apro.tunnistus.fi https:\/\/tunnistautuminen.suomi.fi https:\/\/www.terveyskyla.fi;media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' ws: *.nexiuslearning.com *.google-analytics.com *.etitan.hu *.googletagmanager.com *.googleapis.com *.gstatic.com  *.google.com *.bootstrapcdn.com *.extremenet.hu stats.g.doubleclick.net www.youtube-nocookie.com; report-uri https:\/\/etitancsp.azurewebsites.net\/api\/eTitanCSP;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.themercury.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https:; img-src 'self' https: data:; font-src 'self' https: data:; connect-src 'self' https:;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-l4AKD2ByT6aZELLdPc3e5Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-0P38qGCPESmvsyYKM-SNfQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-TV5NFZy5MB0RCsTwLbpN2Q' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-Ey1zy0jkFaYeYPqVHkUavA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-52cVdfHFSt9Z76CLwIGTqg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src *.bootstrapcdn.com *.trackcmp.net *.hotjar.com *.google-analytics.com *.nr-data.net *.typeform.com fonts.gstatic.com *.yotpo.com *.googleapis.com *.gstatic.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.authorize.net https:\/\/plumrocket.com *.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.bolt.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.bolt.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.google.com *.authorize.net https:\/\/plumrocket.com *.hotjar.com *.addthis.com *.libsyn.com *.locally.com *.sheerid.com *.wayin.com *.newtonsoftware.com https:\/\/recruitingbypaycor.com\/ *.curalate.com *.formstack.com *.trackcmp.net *.google-analytics.com *.nr-data.net data: *.typeform.com *.pagescdn.com *.yextpages.net *.googleapis.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com magefan.com cm.magefan.com store.paradoxlabs.com *.disqus.com *.google.com *.mageside.com mageside.com *.bc0a.com *.curalate.com *.s3.amazonaws.com *.amazonaws.com *.leupold.com *.googleapis.com *.gstatic.com *.trackcmp.net *.hotjar.com *.google-analytics.com *.nr-data.net *.typeform.com *.b0e8.com https:\/\/img.youtube.com maps.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.bolt.com *.commerce-quick-checkout.com http:\/\/localhost:8082 https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ polyfill.io www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/developer.adobe.com https:\/\/assets.armanet.us *.kaptcha.com *.disqus.com *.google.com *.gstatic.com *.authorize.net *.hotjar.com *.curalate.com *.app-us1.com *.avmws.com *.acsbapp.com acsbapp.com *.googleapis.com *.googletagmanager.com *.paypalobjects.com *.sheerid.com *.jsdelivr.net *.addthis.com *.addthisedge.com *.moatads.com *.cloudfront.net *.locally.com *.wayin.com *.activehosted.com *.newtonsoftware.com recruitingbypaycor.com *.leupold.com *.trackcmp.net *.google-analytics.com trackcmp.net *.vimeo.com *.apptrian.com *.facebook.com *.typeform.com *.sitescdn.net *.yextpages.net *.pagescdn.com *.b0e8.com *.bc0a.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.sheerid.com *.bootstrapcdn.com *.trackcmp.net *.hotjar.com *.google-analytics.com *.nr-data.net *.typeform.com *.sitescdn.net *.tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src *.trackcmp.net *.hotjar.com *.google-analytics.com *.nr-data.net *.doubleclick.net *.typeform.com 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bolt.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/srv.armanet.us https:\/\/assets.armanet.us *.kaptcha.com *.authorize.net *.bc0a.com *.hotjar.com wss:\/\/*.hotjar.com *.addthis.com *.googleapis.com *.acsbapp.com *.curalate.com *.hotjar.io *.trackcmp.net *.google-analytics.com *.g.doubleclick.net *.typeform.com *.pagescdn.com *.yext.com *.yext-pixel.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com *.doubleclick.net *.run.app *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com https:\/\/www.correios.com.br 'self' 'unsafe-inline'; frame-ancestors 'self' 'unsafe-inline'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com assets.braintreegateway.com cdn.dnky.co webchat.dotdigital.com *.mercadolibre.com www.facebook.com www.google.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar *.mercadolivre.com maps.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com js.authorize.net jstest.authorize.net js.braintreegateway.com www.youtube.com r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net cdn.dnky.co api.comapi.com webchat.dotdigital.com *.mlstatic.com *.mercadopago.com *.pagseguro.com.br maps.googleapis.com cdn.ampproject.org www.gstatic.com connect.facebook.net www.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com cdn.dnky.co webchat.dotdigital.com *.fontawesome.com www.gstatic.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com payments.sandbox.braintree-api.com origin-analytics-sand.sandbox.braintree-api.com assets.braintreegateway.com r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net api.comapi.com webchat.dotdigital.com *.mercadopago.com *.mercadolibre.com https:\/\/ws.correios.com.br cdn.ampproject.org www.googleapis.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/frontend-assets.dev.simscale.com https:\/\/ws-long-dev.simscale.com https:\/\/frontend-assets.stg.simscale.com https:\/\/ws-long-staging.simscale.com https:\/\/frontend-assets.simscale.com https:\/\/ws-long.simscale.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.google.fi https:\/\/scout.us3.salesloft.com https:\/\/b.6sc.co https:\/\/www.google.com.eg https:\/\/j.6sc.co https:\/\/lh7-rt.googleusercontent.com https:\/\/www.google.be https:\/\/www.google.com.au https:\/\/www.google.es https:\/\/www.google.com.my https:\/\/www.google.co.za https:\/\/www.google.fr https:\/\/www.google.co.in https:\/\/*.hubspotfeedback.com https:\/\/www.google.com.ph https:\/\/www.google.com.sa https:\/\/www.google.co.uk https:\/\/t.co https:\/\/analytics.twitter.com https:\/\/px.ads.linkedin.com https:\/\/cdn-4.convertexperiments.com https:\/\/www.google.ae https:\/\/www.google.de https:\/\/www.google.it https:\/\/www.google-analytics.com https:\/\/ws.zoominfo.com https:\/\/cdn.jsdelivr.net https:\/\/www.googletagmanager.com https:\/\/*.google.co.uk https:\/\/cdn.trackjs.com https:\/\/js.hsforms.net https:\/\/cmp.osano.com https:\/\/tracking.g2crowd.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com https:\/\/scout-cdn.salesloft.com https:\/\/js.hs-analytics.net https:\/\/js.hubspot.com https:\/\/js.hs-banner.com https:\/\/js.hsadspixel.net https:\/\/js-na1.hs-scripts.com https:\/\/snap.licdn.com https:\/\/consent.api.osano.com https:\/\/tattle.api.osano.com https:\/\/disclosure.api.osano.com https:\/\/www.googletagmanager.com\/gtm.js https:\/\/static.addtoany.com https:\/\/boards.greenhouse.io\/embed\/job_board\/js https:\/\/frontend-assets.dev.simscale.com https:\/\/ws-long-dev.simscale.com https:\/\/frontend-assets.stg.simscale.com https:\/\/ws-long-staging.simscale.com https:\/\/frontend-assets.simscale.com https:\/\/ws-long.simscale.com blob: 'nonce-e58e15200a2b479e2cdf84cc8709da94'; style-src 'self' 'unsafe-inline' https:\/\/frontend-assets.dev.simscale.com https:\/\/ws-long-dev.simscale.com https:\/\/frontend-assets.stg.simscale.com https:\/\/ws-long-staging.simscale.com https:\/\/frontend-assets.simscale.com https:\/\/ws-long.simscale.com https:\/\/fonts.googleapis.com; img-src 'self' https:\/\/secure.gravatar.com https:\/\/scout.us3.salesloft.com https:\/\/b.6sc.co https:\/\/*.atl-paas.net https:\/\/lh3.googleusercontent.com https:\/\/lh4.googleusercontent.com https:\/\/lh7-rt.googleusercontent.com https:\/\/lh5.googleusercontent.com https:\/\/lh6.googleusercontent.com https:\/\/js.hs-banner.com https:\/\/www.google.co.za https:\/\/www.google.com.au https:\/\/*.hubspotfeedback.com https:\/\/www.google.es https:\/\/www.google.be https:\/\/www.google.com.my https:\/\/www.google.fr https:\/\/www.google.co.in https:\/\/www.google.com.ph https:\/\/www.google.com.sa https:\/\/www.google.co.uk https:\/\/www.google.fi https:\/\/encrypted-tbn0.gstatic.com https:\/\/www.google.ae https:\/\/www.google.de https:\/\/www.google.it https:\/\/fonts.gstatic.com https:\/\/usage.trackjs.com https:\/\/forms-na1.hsforms.com https:\/\/perf-na1.hsforms.com https:\/\/js.intercomcdn.com https:\/\/www.googletagmanager.com https:\/\/t.co https:\/\/analytics.twitter.com https:\/\/www.google.com https:\/\/track.hubspot.com https:\/\/px.ads.linkedin.com https:\/\/www.google.com.eg https:\/\/*.google.co.uk https:\/\/downloads.intercomcdn.com https:\/\/static.intercomassets.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/www.google-analytics.com https:\/\/frontend-assets.dev.simscale.com https:\/\/ws-long-dev.simscale.com https:\/\/frontend-assets.stg.simscale.com https:\/\/ws-long-staging.simscale.com https:\/\/frontend-assets.simscale.com https:\/\/ws-long.simscale.com data:; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/frontend-assets.dev.simscale.com https:\/\/ws-long-dev.simscale.com https:\/\/frontend-assets.stg.simscale.com https:\/\/ws-long-staging.simscale.com https:\/\/frontend-assets.simscale.com https:\/\/ws-long.simscale.com https:\/\/cdn.jsdelivr.net data:; connect-src 'self' https:\/\/ws.zoominfo.com https:\/\/cmp.osano.com https:\/\/api-iam.intercom.io wss:\/\/nexus-websocket-a.intercom.io https:\/\/forms.hsforms.com https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/www.simscale.com https:\/\/*.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/*.analytics.google.com https:\/\/www.google.com https:\/\/frontend-assets.dev.simscale.com https:\/\/ws-long-dev.simscale.com https:\/\/frontend-assets.stg.simscale.com https:\/\/ws-long-staging.simscale.com https:\/\/frontend-assets.simscale.com https:\/\/ws-long.simscale.com https:\/\/fonts.googleapis.com https:\/\/scout.salesloft.com https:\/\/tracking-api.g2.com https:\/\/*.g.doubleclick.net https:\/\/static.hsappstatic.net https:\/\/api.hubapi.com https:\/\/cta-service-cms2.hubspot.com https:\/\/px.ads.linkedin.com; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/app.hubspot.com https:\/\/demo.arcade.software; media-src 'self' https:\/\/frontend-assets.dev.simscale.com https:\/\/ws-long-dev.simscale.com https:\/\/frontend-assets.stg.simscale.com https:\/\/ws-long-staging.simscale.com https:\/\/frontend-assets.simscale.com https:\/\/ws-long.simscale.com; object-src 'none'; form-action 'self' https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.greenhouse.io; frame-ancestors 'self'; worker-src 'self' blob:; report-uri \/csp-reports","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.salesforceliveagent.com *.cloudflare.com *.force.com *.adsrvr.org *.bing.com *.clickcease.com *.connect.facebook.net *.cookielaw.org *.doubleclick.net *.facebook.com *.wistia.com *.hsforms.com *.forms-na1.hsforms.com *.gtm.prosci.com *.googletagmanager.com *.gstatic.com *.hs-scripts.com *.hs-sites.com *.hsforms.net *.hubspot.com *.hubspotusercontent-na1.net *.hsadspixel.net *.js.usemessages.com *.jsdelivr.net *.kit.fontawesome.com *.luckyorange.com *.prosci.com *.linkedin.com *.licdn.com *.hsappstatic.net *.hubapi.com *.cloudflare *.fontawesome.com *.hsleadflows.net *.hs-analytics.net js.usemessages.com js.hs-banner.com *.google.com *.google.pl *.bing.net js.hubspotfeedback.com *.facebook.net *.googleapis.com *.sentry-cdn.com *.hubspot.net;   style-src 'self' 'unsafe-inline' *.cloudflare.com *.adsrvr.org *.bing.com *.clickcease.com *.connect.facebook.net *.cookielaw.org *.doubleclick.net *.facebook.com *.wistia.com *.hsforms.com *.forms-na1.hsforms.com *.gtm.prosci.com *.googletagmanager.com *.gstatic.com *.hs-scripts.com *.hs-sites.com *.hsforms.net *.hubspot.com *.hubspotusercontent-na1.net *.hsadspixel.net *.js.usemessages.com *.jsdelivr.net *.kit.fontawesome.com *.luckyorange.com *.prosci.com *.linkedin.com *.licdn.com *.hsappstatic.net *.hubapi.com *.cloudflare *.fontawesome.com  *.hsleadflows.net  *.hs-analytics.net js.usemessages.com js.hs-banner.com *.google.pl *.bing.net *.google.com *.facebook.net *.googleapis.com *.sentry-cdn.com *.hubspot.net;   img-src 'self' data: blob: *.cloudflare.com *.adsrvr.org *.bing.com *.clickcease.com *.connect.facebook.net *.cookielaw.org *.doubleclick.net *.facebook.com *.wistia.com *.hsforms.com *.forms-na1.hsforms.com *.gtm.prosci.com *.googletagmanager.com *.gstatic.com *.hs-scripts.com *.hs-sites.com *.hsforms.net *.hubspot.com *.hubspotusercontent-na1.net *.hsadspixel.net *.js.usemessages.com *.jsdelivr.net *.kit.fontawesome.com *.luckyorange.com *.prosci.com *.linkedin.com *.licdn.com *.hsappstatic.net *.hubapi.com *.cloudflare *.fontawesome.com  *.hsleadflows.net  *.hs-analytics.net js.usemessages.com js.hs-banner.com *.google.pl *.bing.net *.google.com *.facebook.net *.googleapis.com *.sentry-cdn.com *.hubspot.net;   frame-src *.force.com *.adsrvr.org *.facebook.com *.wistia.com *.hsforms.com *.forms-na1.hsforms.com *.hs-sites.com *.hsforms.net *.hubspot.com *.googletagmanager.com *.doubleclick.net gtm.prosci.com;   connect-src 'self' *.cloudflare.com *.adsrvr.org *.bing.com *.clickcease.com *.connect.facebook.net *.cookielaw.org *.doubleclick.net *.facebook.com *.wistia.com *.hsforms.com *.forms-na1.hsforms.com *.gtm.prosci.com *.googletagmanager.com *.gstatic.com *.hs-scripts.com *.hs-sites.com *.hsforms.net *.hubspot.com *.hubspotusercontent-na1.net *.hsadspixel.net *.js.usemessages.com *.jsdelivr.net *.kit.fontawesome.com *.luckyorange.com *.prosci.com *.linkedin.com *.licdn.com *.hsappstatic.net *.hubapi.com *.cloudflare *.fontawesome.com  *.hsleadflows.net  *.hs-analytics.net js.usemessages.com js.hs-banner.com *.google.pl *.bing.net *.google.com *.facebook.net *.googleapis.com *.sentry-cdn.com *.hubspot.net;   font-src 'self' data: *.cloudflare.com *.adsrvr.org *.bing.com *.clickcease.com *.connect.facebook.net *.cookielaw.org *.doubleclick.net *.facebook.com *.wistia.com *.hsforms.com *.forms-na1.hsforms.com *.gtm.prosci.com *.googletagmanager.com *.gstatic.com *.hs-scripts.com *.hs-sites.com *.hsforms.net *.hubspot.com *.hubspotusercontent-na1.net *.hsadspixel.net *.js.usemessages.com *.jsdelivr.net *.kit.fontawesome.com *.luckyorange.com *.prosci.com *.linkedin.com *.licdn.com *.hsappstatic.net *.hubapi.com *.cloudflare *.fontawesome.com  *.hsleadflows.net  *.hs-analytics.net js.usemessages.com js.hs-banner.com *.google.pl *.bing.net *.google.com *.facebook.net *.googleapis.com *.sentry-cdn.com *.hubspot.net;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:; script-src-elem 'self' 'unsafe-inline' https: blob:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss: blob:; media-src 'self' blob: data: https:; frame-src 'self' https:; child-src 'self' blob: https:; worker-src 'self' blob:; manifest-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri \/internal\/api\/csp-report; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/site-bundle.chibbis.ru; script-src-elem 'self' 'unsafe-inline' blob: data: https:\/\/widget.me-talk.ru wss:\/\/widget.me-talk.ru https:\/\/mc.yandex.ru https:\/\/mc.yandex.com https:\/\/smartcaptcha.yandexcloud.net https:\/\/api-maps.yandex.ru https:\/\/yastatic.net https:\/\/api-maps.yandex.ru https:\/\/lcab.talk-me.ru https:\/\/checkout.cloudpayments.ru https:\/\/site-static.chibbis.ru https:\/\/site-bundle.chibbis.ru https:\/\/sentry.chibbis.ru; style-src 'self' data: 'unsafe-inline' https:\/\/site-bundle.chibbis.ru https:\/\/site-static.chibbis.ru; img-src 'self' data: https:\/\/static-featured-set-actual-production.chibbis.ru https:\/\/static-actual-production.chibbis.ru https:\/\/scdn.chibbis.ru https:\/\/static.chibbis.ru https:\/\/static.me-talk.ru https:\/\/core-renderer-tiles.maps.yandex.net https:\/\/mc.yandex.ru https:\/\/mc.yandex.com https:\/\/mc.yandex.kz https:\/\/mc.yandex.by https:\/\/qr.nspk.ru https:\/\/pic.me-talk.ru https:\/\/site-static.chibbis.ru; font-src 'self' https:\/\/site-static.chibbis.ru; manifest-src 'self' https:\/\/site-static.chibbis.ru; media-src 'self' https:\/\/widget.me-talk.ru; frame-src 'self' *; connect-src 'self' https:\/\/mc.yandex.ru https:\/\/mc.yandex.com wss:\/\/mc.yandex.ru wss:\/\/mc.yandex.com https:\/\/mc.yandex.kz https:\/\/mc.yandex.by https:\/\/mc.yandex.md https:\/\/yandex.ru https:\/\/yastatic.net https:\/\/log.api-maps.yandex.ru https:\/\/core-renderer-tiles.maps.yandex.net https:\/\/api-maps.yandex.ru https:\/\/geocode-maps.yandex.ru https:\/\/static.me-talk.ru https:\/\/lcab.talk-me.ru https:\/\/widget.me-talk.ru wss:\/\/widget.me-talk.ru https:\/\/checkout.cloudpayments.ru https:\/\/api.cloudpayments.ru https:\/\/sentry.chibbis.ru; worker-src 'self' 'unsafe-inline' blob: data: https:\/\/widget.me-talk.ru wss:\/\/widget.me-talk.ru https:\/\/mc.yandex.ru https:\/\/mc.yandex.com https:\/\/smartcaptcha.yandexcloud.net https:\/\/api-maps.yandex.ru https:\/\/yastatic.net https:\/\/api-maps.yandex.ru https:\/\/lcab.talk-me.ru https:\/\/checkout.cloudpayments.ru https:\/\/site-static.chibbis.ru https:\/\/site-bundle.chibbis.ru https:\/\/sentry.chibbis.ru; base-uri 'self'; report-uri \/health\/csp; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'nonce-53034494-e46f-4060-b416-8bcc3719f0c5' 'self' 'strict-dynamic'; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/*.aptrinsic.com https:\/\/*.bevylabs.com https:\/\/*.osano.com https:\/\/*.brainfi.sh; font-src 'self' data: https:\/\/*.bevylabs.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/res.cloudinary.com https:\/\/consent.trustarc.com https:\/\/*.brainfi.sh; img-src 'self' data: blob: https:\/\/unpkg.com https:\/\/*.aptrinsic.com https:\/\/*.bevylabs.com https:\/\/*.cloudinary.com https:\/\/*.facebook.com https:\/\/*.google-analytics.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/storage.googleapis.com https:\/\/*.googleusercontent.com https:\/\/*.googletagmanager.com https:\/\/px.ads.linkedin.com https:\/\/www.googletagmanager.com https:\/\/www.startupgrind.com https:\/\/image.mux.com https:\/\/img.youtube.com https:\/\/i.ytimg.com https:\/\/*.vidyard.com https:\/\/i.vimeocdn.com https:\/\/cdn.bizible.com https:\/\/*.lrkt-in.com https:\/\/*.litix.io https:\/\/consent.trustarc.com https:\/\/cdn.prod.website-files.com https:\/\/*.brainfi.sh https:\/\/*.adroll.com https:\/\/ml314.com https:\/\/x.bidswitch.net https:\/\/pixel.tapad.com https:\/\/pixel.rubiconproject.com https:\/\/ps.eyeota.net https:\/\/idsync.rlcdn.com https:\/\/dsum-sec.casalemedia.com https:\/\/us-u.openx.net https:\/\/sync.outbrain.com https:\/\/sync.taboola.com https:\/\/eb2.3lift.com https:\/\/image2.pubmatic.com https:\/\/ib.adnxs.com https:\/\/secure.adnxs.com https:\/\/match.adsrvr.org https:\/\/t.co https:\/\/*.twitter.com https:\/\/*.ads-twitter.com https:\/\/*.reddit.com https:\/\/*.redditstatic.com https:\/\/alb.reddit.com https:\/\/*.hubspot.com https:\/\/*.hubapi.com https:\/\/track.hubspot.com https:\/\/www.google.com.mx https:\/\/www.google.com.ph https:\/\/www.google.co.uk https:\/\/www.google.fr https:\/\/www.google.nl https:\/\/www.google.es https:\/\/www.google.it https:\/\/www.google.pt https:\/\/www.google.co.cr https:\/\/www.google.co.ke https:\/\/www.google.com.ar https:\/\/www.google.com.co https:\/\/www.google.com.eg https:\/\/www.google.com.pe https:\/\/www.google.sk https:\/\/www.google.kg; frame-src 'self' https:\/\/*.cloud.looker.com https:\/\/*.google.com https:\/\/*.osano.com https:\/\/*.youtube.com https:\/\/*.youtube-nocookie.com https:\/\/*.exceedlms.com https:\/\/embed-cdn.spotifycdn.com https:\/\/exceedlms.com https:\/\/js.stripe.com\/ https:\/\/player.vimeo.com https:\/\/static.elfsight.com\/platform\/platform.js https:\/\/td.doubleclick.net\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/ https:\/\/www.slideshare.net\/ https:\/\/bevywidgets.com https:\/\/play.vidyard.com https:\/\/*.googletagmanager.com https:\/\/*.brainfi.sh; connect-src 'self' blob: data: wss: https:\/\/*.algolia.io https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/*.aptrinsic.com https:\/\/*.bevylabs.com https:\/\/*.cloudinary.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.lr-ingest.io https:\/\/*.logrocket.io https:\/\/*.lrkt-in.com https:\/\/*.mux.com https:\/\/*.litix.io https:\/\/*.osano.com https:\/\/*.posthog.com https:\/\/*.rollbar.com https:\/\/*.stripe.com https:\/\/*.zdassets.com https:\/\/*.zendesk.com https:\/\/*.daily.co https:\/\/*.googleapis.com https:\/\/*.pluot.blue https:\/\/chat.stream-io-api.com https:\/\/px.ads.linkedin.com https:\/\/stats.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/*.mktoresp.com https:\/\/*.fides-cdn.ethyca.com https:\/\/*.ethyca.com https:\/\/*.brainfi.sh wss:\/\/*.brainfi.sh https:\/\/*.reddit.com https:\/\/*.redditstatic.com https:\/\/*.hubspot.com https:\/\/*.hubapi.com https:\/\/*.hs-scripts.com https:\/\/*.hsadspixel.net https:\/\/*.hs-banner.com https:\/\/*.hs-analytics.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/*.googlesyndication.com https:\/\/www.google.com.mx https:\/\/www.google.com.ph https:\/\/www.google.co.uk https:\/\/www.google.fr https:\/\/www.google.nl https:\/\/www.google.es https:\/\/www.google.it https:\/\/www.google.pt https:\/\/www.google.co.cr https:\/\/www.google.co.ke https:\/\/www.google.com.ar https:\/\/www.google.com.co https:\/\/www.google.com.eg https:\/\/www.google.com.pe https:\/\/www.google.sk https:\/\/www.google.kg; media-src 'self' blob: https:\/\/*.mux.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https:\/\/*.bevy.com; upgrade-insecure-requests; report-uri \/api\/csp-report\/","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/*.gstatic.com *.googleapis.com data: *.sodatech.com *.sodatech.net cdn.livechatinc.com mediacdn.espssl.com viewer.byondxr.com use.fontawesome.com 'self' data: https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com api.bazaarvoice.com stg.api.bazaarvoice.com pal-test.adyen.com www.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com *.pinterest.com https:\/\/ghirardelli.slgnt.us 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com bid.g.doubleclick.net www.googletagmanager.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.adyen.com *.sharethis.com *.certcapture.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.ehappify.com www.xtento.com *.vimeo.com *.jsctool.com *.pinterest.com *.mmcagentur.at *.doubleclick.net *.facebook.com *.facebook.net *.demdex.net *.authorize.net *.googletagmanager.com *.xtento.com *.app-wallee.com *.waltpixel.com *.equitystory.com offer.slgnt.us vars.hotjar.com *.pepperjamnetwork.com services.listrak.com *.serverdata.net *.livechatinc.com *.lindtusa.com *.russellstover.com *.ghirardelli.com https:\/\/*.ordergroove.com *.weltpixel.com https:\/\/app-wallee.com www.jsctool.com static.ogmystyle.com static2.ogmystyle.com www.mystyleplatform.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.trustpilot.com geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com https:\/\/ghirardelli.slgnt.us https:\/\/www.paypalobjects.com https:\/\/lindtusa.rlvs.co.uk https:\/\/optmize.google.com https:\/\/www.google.com\/ https:\/\/ct.pinterest.com\/ 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * https:\/\/*.gstatic.com *.adyen.com *.sharethis.com *.googleapis.com *.certcapture.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.cloudfront.net *.amazonaws.com *.regalify.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.xtento.com cdn.xtento.com blob: lindt.test *.lindt.test maps.googleapis.com *.pinterest.com *.postcodeanywhere.co.uk *.klarna.com *.invibes.com *.b26net.com https:\/\/www.google-analytics.com *.googletagmanager.com *.teads.tv *.videostep.com *.facebook.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.taboola.com *.doubleclick.net *.outbrain.com *.adobedtm.com *.omtrdc.net *.demdex.net *.everesttech.net *.magentocommerce.com *.sodatech.com *.sodatech.net api.official-deals.co.uk api.official-coupons.com *.adsymptotic.com cdn.livechat-files.com cp.official-coupons.com cookie-cdn.cookiepro.com cp.official-deals.co.uk site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us *.blob.core.windows.net s.pinimg.com snap.licdn.com mediacdn.espssl.com *.clarity.ms *.bing.com *.serverdata.net lindtna.test *.lindtna.test *.livechatinc.com mageside.com https:\/\/app-wallee.com d.ratepay.com viewer.byondxr.com s3.us-west-2.amazonaws.com showroom-media.byondxr.com media-optimization-service.byondxr.com *.byondxr.com *.listrakbi.com www.mystyleplatform.com static.mystyleplatform.com static2.mystyleplatform.com static2.ogmystyle.com mystyleplatform.s3.us-west-2.amazonaws.com https:\/\/www.unifaunonline.se https:\/\/*.tile.openstreetmap.org\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/redchamps.com *.hsforms.net *.hsforms.com 'self' data: geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com https:\/\/www.upsellit.com https:\/\/mediacdn.espssl.com\/2824\/Shared\/Modal\/chocolate.png https:\/\/www.linkedin.com https:\/\/*.linkedin.com\/ https:\/\/px.ads.linkedin.com *.googleadservices.com *.russellstover.com https:\/\/www.google-anaytics.com https:\/\/www.googletagmanager.com https:\/\/optimize.google.com https:\/\/bam.nr-data.net *.bazaarvoice.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/rum.hlx.page *.sharethis.com *.googleapis.com *.attn.tv events.attentivemobile.com *.certcapture.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.xtento.com cdn.xtento.com *.pcapredict.com lindt.slgnt.eu maps.googleapis.com *.pinterest.com *.postcodeanywhere.co.uk *.cloudflare.com *.teads.tv *.r66net.com *.facebook.net *.googleadservices.com *.doubleclick.net *.cookiepro.com *.cloudfront.net *.videostep.com *.mfgroup.ch *.taboola.com *.outbrain.com *.adobedtm.com *.authorize.net *.unpkg.com *.fontawesome.com *.sodatech.net *.sodatech.com www.clarity.ms bat.bing.com *.b2c.com bt.fraud0.com container.pepperjam.com www.googleoptimize.com *.hotjar.com *.pepperjamnetwork.com *.revlifter.io site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us *.blob.core.windows.net s.pinimg.com snap.licdn.com acsbapp.com cdn.noibu.com www.youtube.com *.upsellit.com *.livechatinc.com *.serverdata.net *.tiktok.com *.ordergroove.com https:\/\/app-wallee.com https:\/\/gmtech.mfgroup.ch https:\/\/assets.secure.checkout.visa.com https:\/\/www.googletagmanager.com tagmanager.google.com d.ratepay.com www.jsctool.com byondxr-viewer.byondxr.com web-apps.byondxr.com *.listrakbi.com *.listrak.com mystyleplatform.com www.mystyleplatform.com static.ogmystyle.com static2.ogmystyle.com d203yb14zlmxwn.cloudfront.net cdnjs.cloudflare.com cdn.jsdelivr.net use.fontawesome.com *.mczbf.com https:\/\/api.unifaun.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com *.trustpilot.com geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net widget.packeta.com https:\/\/www.youtube.com https:\/\/www.googleanalytics.com https:\/\/www.google-analytics.com https:\/\/www.googleoptimize.com 'unsafe-inline' https:\/\/optimize.google.com 'unsafe-inline' https:\/\/www.lindt-spruengli.com\/* https:\/\/www.lindt-spruengli.com\/media\/target\/VAPI.min.js https:\/\/www.lindt-spruengli.com\/media\/target\/at.js https:\/\/click2cart.com https:\/\/ghirardelli.mycontactcenter.net\/ https:\/\/pop1-apps.mycontactcenter.net\/ https:\/\/form.jotform.com https:\/\/ghirardelli-pages.vercel.app https:\/\/form.jotform.com\/jsform\/250416509718156 https:\/\/form.jotform.com\/250695600740152 https:\/\/api-js.datadome.co 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.cash.app https:\/\/fonts.googleapis.com\/ *.sharethis.com *.googleapis.com *.certcapture.com display.ugc.bazaarvoice.com *.amazonaws.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com *.fonts.net *.postcodeanywhere.co.uk *.cloudfront.net *.cloudflare.com *.sodatech.com *.sodatech.net *.getfirebug.com cloud.typography.com *.serverdata.net *.myfonts.net *.russellstover.com https:\/\/app-wallee.com tagmanager.google.com d.ratepay.com *.listrakbi.com *.listrak.com use.fontawesome.com www.mystyleplatform.com static.ogmystyle.com static2.ogmystyle.com assets.braintreegateway.com *.gstatic.com *.trustpilot.com geowidget.inpost.pl widget.packeta.com https:\/\/cloud.typography.com 'unsafe-inline' https:\/\/optimize.google.com https:\/\/fonts.googleapis.com 'unsafe-inline' 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cloudfront.net *.serverdata.net *.livechatinc.com *.listrakbi.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net vimeo.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net api.magento.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * *.adyen.com *.sharethis.com *.googleapis.com *.attn.tv events.attentivemobile.com *.certcapture.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.postcodeanywhere.co.uk *.ratepay.com *.luckyorange.net *.cookiepro.com *.mfgroup.ch *.doubleclick.net *.visitors.live wss:\/\/in.visitors.live wss:\/\/visitors.live wss:\/\/in.visitors.live\/ wss:\/\/visitors.live\/ visitors.live *.taboola.com *.demdex.net *.omtrdc.net *.magento.com *.adobe.net *.adobedtm.com *.adobedc.net *.typekit.net *.magedevteam.com *.sodatech.com *.sodatech.net *.teads.tv www.sjwoe.com input.noibu.com wss:\/\/input.noibu.com\/pv_part in.hotjar.com www.facebook.com *.b2c.com bt.fraud0.com *.revlifter.com *.pepperjamnetwork.com *.revlifter.io site-azp.slgnt.us ct.pinterest.com *.ads.linkedin.com cdn.polyfill.io offer.slgnt.us s.pinimg.com snap.licdn.com *.acsbapp.com cdn.noibu.com https:\/\/maps.googleapis.com *.clarity.ms *.facebook.com *.serverdata.net *.livechatinc.com api.addressy.com *.listrakbi.com *.mczbf.com *.tiktok.com *.ordergroove.com https:\/\/app-wallee.com https:\/\/assets.secure.checkout.visa.com https:\/\/www.google-analytics.com d.ratepay.com www.jsctool.com *.byondxr.com api.byondxr.com s3.us-west-2.amazonaws.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com https:\/\/cdn.linkedin.oribi.io https:\/\/vc.hotjar.io *.ghirardelli.com *.hotjar.io *.bing.com ws.hotjar.com wss:\/\/ws.hotjar.com sc-api.click2cart.com https:\/\/geolocation.onetrust.com https:\/\/bat.bing.com ghirardelli-pages.vercel.app https:\/\/ghirardelli-pages.vercel.app\/api\/synup https:\/\/ghirardelli-pages.vercel.app 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.byondxr.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.google.com\/ js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io axeptio.imgix.net https:\/\/www.magezon.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com https:\/\/www.gstatic.com https:\/\/translate.googleapis.com https:\/\/fonts.gstatic.com http:\/\/translate.google.com *.facebook.com https:\/\/meetanshi.com\/media\/logo.png https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.axept.io *.google.com\/ chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com https:\/\/translate.googleapis.com http:\/\/translate.google.com https:\/\/translate-pa.googleapis.com *.googletagmanager.com *.facebook.net js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com downloads.mailchimp.com www.gstatic.com *.fontawesome.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.axept.io client.axept.io form-assets.mailchimp.com *.intuit.com *.amazonaws.com https:\/\/translate.googleapis.com *.google-analytics.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; block-all-mixed-content; default-src 'self'; img-src 'self' data: https:\/\/biblionix.com\/ https:\/\/demonstration.biblionix.com https:\/\/secure.gravatar.com\/; style-src 'self' 'unsafe-inline' https:\/\/demonstration.biblionix.com https:\/\/www.gstatic.com\/ https:\/\/fonts.googleapis.com\/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/demonstration.biblionix.com https:\/\/www.gstatic.com\/ https:\/\/cdn.walkme.com\/; font-src 'self' https:\/\/fonts.gstatic.com\/ data:; report-uri https:\/\/www.biblionix.com\/report\/?block=0","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.dm.at https:\/\/mpsnare.iesnare.com https:\/\/omt.dm.at https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.dm.at https:\/\/www.google.com https:\/\/www.gstatic.com; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.dm.at https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.dm.at https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.dm.at https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.dm.at https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.dm.at; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.dm.at https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.dm.at https:\/\/app.datadoghq.eu https:\/\/checkout.dm.at https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.dm.at https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.dm.at https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.dm.at https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.dm.at https:\/\/player.podigee-cdn.net https:\/\/sandbox.om.dm.at https:\/\/signin.dm.at https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.dm.at; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'self' https:\/\/payments.salesforce.com\/ https:\/\/stats.g.doubleclick.net https:\/\/checkoutshopper-test.adyen.com\/ https:\/\/pal-test.adyen.com https:\/\/cdn.cookielaw.org https:\/\/acquia--c.vf.force.com\/resource\/1697461438000\/AcquiaDAMFavicon https:\/\/checkoutshopper-live.adyen.com\/ https:\/\/d.la1-c2-ia4.salesforceliveagent.com\/chat\/rest\/Visitor\/Availability.jsonp https:\/\/d.la3-core1.sfdc-yfeipo.salesforceliveagent.com\/chat\/rest\/Visitor\/Settings.jsonp https:\/\/cdn.content.aws-prod1-useast1.aws.sfdc.cl\/ https:\/\/d.la13-core1.sfdc-yfeipo.salesforceliveagent.com\/chat\/rest\/Visitor\/Availability.jsonp https:\/\/d.la1-core1.sfdc-yfeipo.salesforceliveagent.com\/chat\/rest\/Visitor\/Settings.jsonp https:\/\/d.la3-core1.sfdc-yfeipo.salesforceliveagent.com\/chat\/rest\/Visitor\/Availability.jsonp https:\/\/pay.google.com https:\/\/d.la1-c2-ia4.salesforceliveagent.com\/chat\/rest\/EmbeddedService\/EmbeddedServiceConfig.jsonp https:\/\/d.la3-core1.sfdc-yfeipo.salesforceliveagent.com\/chat\/rest\/EmbeddedService\/EmbeddedServiceConfig.jsonp https:\/\/tagmanager.google.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/uip.canary.lwc.dev https:\/\/d.la13-core1.sfdc-yfeipo.salesforceliveagent.com\/chat\/rest\/Visitor\/Settings.jsonp https:\/\/cdn.content.aws-dev2-uswest2.aws.sfdc.cl\/ https:\/\/solve-widget.forethought.ai\/embed.js blob: https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.google.com\/recaptcha\/ https:\/\/js.stripe.com\/ https:\/\/d.la13-core1.sfdc-yfeipo.salesforceliveagent.com\/chat\/rest\/EmbeddedService\/EmbeddedServiceConfig.jsonp https:\/\/www.googletagmanager.com import: https:\/\/acquia.my.site.com\/ESWMessagingServiceDepl1737557964121\/assets\/js\/bootstrap.min.js https:\/\/www.google-analytics.com *.salesforce.com https:\/\/www.paypal.com\/sdk\/js 'report-sample' https:\/\/service.force.com\/embeddedservice\/ 'unsafe-eval' https:\/\/d.la1-c2-ia4.salesforceliveagent.com\/chat\/rest\/Visitor\/Settings.jsonp; report-to sfdc-csp-ep; report-uri https:\/\/acquia.lightning.force.com\/_\/ContentDomainCSPNoAuth?tenantId=00D6g000003vCaM&networkId=0DM6g000000eGOT&type=communities","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.ntnews.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * api.bazaarvoice.com stg.api.bazaarvoice.com *.authorize.net 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.affirm.com *.affirm.ca *.certcapture.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.authorize.net *.wesupply.xyz https:\/\/wesupplylabs.com *.weltpixel.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.ftcdn.net *.behance.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.googleapis.com *.gstatic.com *.affirm.com *.affirm.ca *.certcapture.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com services.postcodeanywhere.co.uk https:\/\/firebasestorage.googleapis.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com *.affirm.com *.affirm.ca *.certcapture.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com api.addressy.com *.avada.io *.authorize.net *.cloudflare.com https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com *.certcapture.com display.ugc.bazaarvoice.com api.addressy.com *.fontawesome.com https:\/\/fonts.bunny.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.googleapis.com *.affirm.com *.affirm.ca *.certcapture.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com api.addressy.com https:\/\/get.geojs.io *.avada.io *.authorize.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-odtGI0TPdnEUxPWisYqD8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/connect.facebook.net https:\/\/d3e54v103j8qbb.cloudfront.net https:\/\/api.google.com https:\/\/*.clarity.ms https:\/\/do.featurebase.app https:\/\/*.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/googleads.g.doubleclick.net https:\/\/www.redditstatic.com https:\/\/cdn.tailwindcss.com https:\/\/*.sentry.io https:\/\/js.stripe.com; style-src 'self' 'unsafe-inline' https:\/\/unpkg.com https:\/\/fonts.googleapis.com https:\/\/do.featurebase.app; img-src 'self' blob: data: https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/cdn.prod.website-files.com https:\/\/*.featurebase.app https:\/\/*.featurebase-attachments.com https:\/\/fb-usercontent.fra1.cdn.digitaloceanspaces.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/google.com https:\/\/www.redditstatic.com https:\/\/alb.reddit.com https:\/\/ui-avatars.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/unpkg.com; connect-src 'self' https:\/\/*.clarity.ms https:\/\/*.featurebase.app wss:\/\/*.featurebase.app https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/google.com https:\/\/alb.reddit.com https:\/\/pixel-config.reddit.com https:\/\/*.ingest.sentry.io https:\/\/api.stripe.com; media-src 'self' https:\/\/*.featurebase.app https:\/\/*.featurebase-attachments.com; frame-src 'self' https:\/\/*.featurebase.app https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.net https:\/\/www.googletagmanager.com https:\/\/js.stripe.com; child-src 'self' https:\/\/*.featurebase.app https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.net; form-action 'self'; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-_POlDnX263iA3rerGfxnXw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-YgPoAgZev90Z0dZWH-wssg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-CMoI1PsMcNVbuCEUDAa0IQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com fonts.googleapis.com *.googleapis.com data: *.fontawesome.com https:\/\/fonts.bunny.net *.facebook.com *.facebook.net *.cloudflare.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/seo.mageplaza.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com *.facebook.net mercadopago.com.mx www.mercadopago.com.mx *.mercadopago.com.mx 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.hubspot.com *.hubapi.com *.googletagmanager.com *.doubleclick.net *.facebook.com *.facebook.net *.cloudflare.com mercadopago.com.mx www.mercadopago.com.mx *.mercadopago.com.mx *.stripe.com stripe.com *.link.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com js.mollie.com *.hubspot.com *.hubapi.com *.googletagmanager.com *.doubleclick.net *.facebook.com *.facebook.net *.cloudflare.com mercadopago.com.mx www.mercadopago.com.mx *.mercadopago.com.mx *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.sandbox.paypal.com *.paypalobjects.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io maps.googleapis.com maps.gstatic.com *.googleapis.com https:\/\/images.unsplash.com https:\/\/maps.googleapis.com https:\/\/firebasestorage.googleapis.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/www.mollie.com *.hubspot.com *.hubapi.com *.googletagmanager.com *.doubleclick.net *.hsforms.com *.google.com.mx *.facebook.com *.facebook.net *.cloudflare.com mercadopago.com.mx www.mercadopago.com.mx *.mercadopago.com.mx *.sandbox.paypal.com *.paypalobjects.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/cdn.jsdelivr.net\/npm\/@fancyapps\/ui@5.0\/dist\/fancybox\/fancybox.umd.js *.avada.io *.shopify.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com js.mollie.com *.hs-scripts.com *.hs-banner.com *.hscollectedforms.net js.usemessages.com *.hsadspixel.net *.hs-analytics.net *.hsforms.com *.hubspot.com *.hubapi.com *.googletagmanager.com *.doubleclick.net *.facebook.com *.facebook.net *.cloudflare.com *.jsdelivr.net cdn.jsdelivr.net us1-config.doofinder.com cdn.doofinder.com *.doofinder.com mercadopago.com.mx www.mercadopago.com.mx *.mercadopago.com.mx *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/cdn.jsdelivr.net\/npm\/@fancyapps\/ui@5.0\/dist\/fancybox\/fancybox.css https:\/\/cdnjs.cloudflare.com *.fontawesome.com https:\/\/fonts.bunny.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.hubapi.com *.facebook.com *.facebook.net *.cloudflare.com *.jsdelivr.net cdn.jsdelivr.net mercadopago.com.mx www.mercadopago.com.mx *.mercadopago.com.mx *.stripe.network *.stripecdn.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/get.geojs.io *.avada.io *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.hubspot.com forms.hscollectedforms.net *.hubapi.com *.googletagmanager.com *.doubleclick.net *.facebook.com *.facebook.net *.cloudflare.com mercadopago.com.mx www.mercadopago.com.mx *.mercadopago.com.mx *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com us1-config.doofinder.com cdn.doofinder.com *.doofinder.com *.sandbox.paypal.com *.paypalobjects.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-V94bRLnmSABs_7uKoBJylQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-q4EpwJZFSjeXo0pWFa2saQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; script-src 'self' 'unsafe-inline' https:\/\/pagead2.googlesyndication.com https:\/\/www.googletagmanager.com https:\/\/www.googletagservices.com https:\/\/partner.googleadservices.com https:\/\/adservice.google.com https:\/\/adservice.google.co.in; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; frame-src 'self' https:\/\/googleads.g.doubleclick.net https:\/\/tpc.googlesyndication.com https:\/\/www.googletagmanager.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/googleads.g.doubleclick.net","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none';  script-src   'self'   'unsafe-inline'   'unsafe-eval'   https:\/\/www.googletagmanager.com   https:\/\/www.google-analytics.com   https:\/\/www.googleadservices.com   https:\/\/connect.facebook.net;  style-src   'self'   'unsafe-inline'   https:\/\/fonts.googleapis.com;  font-src   'self'   https:\/\/fonts.gstatic.com   data:;  img-src   'self'   data:   blob:   https:\/\/www.google-analytics.com   https:\/\/www.googletagmanager.com   https:\/\/www.facebook.com;  connect-src   'self'   https:\/\/www.google-analytics.com   https:\/\/analytics.google.com   https:\/\/www.facebook.com;  frame-src   'self'   https:\/\/www.googletagmanager.com   https:\/\/www.facebook.com;  frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/static.slo-tech.com https:\/\/zy.si https:\/\/push.slo-tech.com; script-src 'self' 'unsafe-inline' https:\/\/static.slo-tech.com https:\/\/oglasi.slo-tech.com https:\/\/zy.si; style-src 'self' data: 'unsafe-inline' static.slo-tech.com; img-src 'self' data: https:\/\/* http:\/\/* https:\/\/static.slo-tech.com https:\/\/oglasi.slo-tech.com https:\/\/zy.si; connect-src 'self' https:\/\/oglasi.slo-tech.com https:\/\/push.slo-tech.com wss:\/\/push.slo-tech.com ws:\/\/push.slo-tech.com https:\/\/zy.si; frame-src 'self' https:\/\/oglasi.slo-tech.com https:\/\/www.youtube-nocookie.com; worker-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; sandbox; report-uri https:\/\/sentry.ilol.si\/api\/2\/security\/?sentry_key=1caf1e883a1146c09085276ddd50841d","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; worker-src 'self' blob:; base-uri 'self'; form-action *; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/fonts.gstatic.com *.fontawesome.com https:\/\/www.google.com https:\/\/www.gstatic.com *.cloudflare.com *.trustedshops.com *.bootstrapcdn.com https:\/\/display.ugc.bazaarvoice.com 'self' data: *.vortexoptics.com https:\/\/vortexoptics.com\/static https:\/\/*.userway.org\/ *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/www.facebook.com\/tr\/ https:\/\/mcstaging.vortexoptics.com\/ https:\/\/mcstaging.vortexgolf.com\/ https:\/\/vortexoptics.com\/ https:\/\/vortexgolf.com\/ https:\/\/*.userway.org\/ *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com self www.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com www.google.com www.gstatic.com apis.google.com https:\/\/w.soundcloud.com https:\/\/www.google.com https:\/\/vars.hotjar.com https:\/\/amc.demdex.net\/ https:\/\/www.facebook.com\/ https:\/\/*.doubleclick.net\/ https:\/\/*.userway.org\/ *.weltpixel.com www.xtento.com *.yotpo.com 'self' 'unsafe-inline'; img-src 'self' data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net http:\/\/amcglobal.sc.omtrdc.net\/ widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: *.googleapis.com *.meetanshi.com https:\/\/mcstaging.vortexoptics.com\/ *.cloudflare.com https:\/\/cdn.klarna.com *.ytimg.com *.usercentrics.eu https:\/\/www.google.com\/ https:\/\/facebook.com\/  https:\/\/cm.everesttech.net\/ https:\/\/dpm.demdex.net\/ https:\/\/www.facebook.com\/ https:\/\/connect.facebook.net\/ *.bazaarvoice.com\/ https:\/\/contentorigin.bazaarvoice.com\/ https:\/\/vortexoptics.widen.net\/ *.gettopple.com\/ https:\/\/bam.nr-data.net\/ *.kaltura.com\/ https:\/\/*.userway.org\/ https:\/\/yotpo-media-temporary.s3.amazonaws.com\/ www.xtento.com cdn.xtento.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com https:\/\/player.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/developer.adobe.com https:\/\/magento.com https:\/\/cdn.avmws.com\/ http:\/\/cdn.avmws.com\/ https:\/\/cdn.jsdelivr.net\/npm\/select2@4.1.0-rc.0\/dist\/js\/select2.min.js *.cloudflare.com *.trustedshops.com *.usercentrics.eu https:\/\/chimpstatic.com *.zdassets.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/geoip.nekudo.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net\/ https:\/\/widget-mediator.zopim.com https:\/\/googleads.g.doubleclick.net\/ *.gettopple.com\/ https:\/\/mpsnare.iesnare.com\/ *.vortexoptics.com https:\/\/vortexoptics.com\/static\/ https:\/\/klear.com\/ https:\/\/cdnapisec.kaltura.com\/ https:\/\/*.userway.org\/ wss:\/\/pod-13-sunco-ws.zendesk.com *.maxmind.com www.xtento.com cdn.xtento.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com *.cloudflare.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.bazaarvoice.com *.bootstrapcdn.com *.vortexoptics.com https:\/\/vortexoptics.com\/static https:\/\/*.userway.org\/ https:\/\/cdn.jsdelivr.net\/npm\/select2@4.1.0-rc.0\/dist\/css\/select2.min.css *.yotpo.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zdassets.com https:\/\/mpsnare.iesnare.com\/ https:\/\/*.userway.org\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.googleapis.com https:\/\/developer.adobe.com https:\/\/cdn.avmws.com\/ http:\/\/cdn.avmws.com\/ http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com *.meetanshi.com *.gstatic.com *.cloudflare.com https:\/\/rum.hlx.page *.zdassets.com *.zendesk.com wss:\/\/widget-mediator.zopim.com https:\/\/widget-mediator.zopim.com https:\/\/in.hotjar.com http:\/\/amcglobal.sc.omtrdc.net\/ https:\/\/stats.g.doubleclick.net\/ https:\/\/www.google-analytics.com\/ https:\/\/dpm.demdex.net\/ https:\/\/www.facebook.com\/ https:\/\/*.hotjar.com https:\/\/maps.googleapis.com *.bazaarvoice.com wss:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/mpsnare.iesnare.com\/star wss:\/\/pod-13-sunco-ws.zendesk.com https:\/\/*.googlesyndication.com *.vortexoptics.com https:\/\/vortexoptics.com\/static https:\/\/insights.algolia.io https:\/\/klear.com\/ https:\/\/*.userway.org\/ *.mmapiws.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' https:\/\/emotivecdn.io *.dev-emotive.com fonts.googleapis.com;frame-ancestors 'self' *.dev-emotive.com https:\/\/setup-shop.emotiveapp.co *.myshopify.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/emotivecdn.io *.dev-emotive.com https:\/\/www.googletagmanager.com;default-src 'self';connect-src ;frame-src ;font-src fonts.gstatic.com;img-src 'self' data:","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-tjzsXJlCmKnRBuf8-BLckQ' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-OPGjZsCDBkUcwhMupK0ieQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self' https:\/\/*.marketo.com https:\/\/*.marketo.net https:\/\/*.mktoresp.com; upgrade-insecure-requests; img-src 'self' data: blob: https:; font-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.marketo.net https:\/\/*.marketo.com https:\/\/*.mktoresp.com; connect-src 'self' https: https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/*.marketo.net https:\/\/*.marketo.com https:\/\/*.mktoresp.com","count":1},{"content-security-policy-report-only":" default-src 'self' *.air.org; child-src 'self' *.air.org; connect-src 'self' *.sharethis.com *.air.org https:\/\/analytics.google.com https:\/\/fd.cleantalk.org https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/stats.g.doubleclick.net https:\/\/data.stbuttons.click https:\/\/moderate.cleantalk.org https:\/\/region1.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/use.typekit.net https:\/\/views.unsplash.com https:\/\/gateway.shorthand.com https:\/\/www.google.co.in https:\/\/use.fontawesome.com; font-src 'self' *.typekit.net *.fontawesome.com *.gstatic.com *.air.org; frame-src 'self' *.air.org https:\/\/www.googletagmanager.com https:\/\/www.youtube.com https:\/\/job-boards.greenhouse.io https:\/\/player.vimeo.com https:\/\/public.tableau.com https:\/\/www.google.com https:\/\/support.google.com https:\/\/w.soundcloud.com https:\/\/experience.arcgis.com https:\/\/iframely.shorthand.com *.softr.app; img-src 'self' *.sharethis.com *.knightlab.com *.air.org https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/air-workspace.shorthandstories.com https:\/\/www.googleadservices.com https:\/\/public.tableau.com data:; manifest-src 'self'; media-src 'self' *.air.org https:\/\/air-workspace.shorthandstories.com; script-src 'self' *.sharethis.com *.air.org https:\/\/www.googletagmanager.com https:\/\/fd.cleantalk.org https:\/\/googleads.g.doubleclick.net https:\/\/www.youtube.com https:\/\/boards.greenhouse.io cdn.jsdelivr.net cdnjs.cloudflare.com chosen.js https:\/\/cdn.ckeditor.com https:\/\/cdn.jsdelivr.net https:\/\/code.jquery.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/moderate.cleantalk.org https:\/\/unpkg.com https:\/\/use.fontawesome.com mdbootstrap.com stackpath.bootstrapcdn.com; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.sharethis.com *.typekit.net *.knightlab.com *.air.org https:\/\/googleads.g.doubleclick.net https:\/\/fd.cleantalk.org https:\/\/www.youtube.com https:\/\/boards.greenhouse.io https:\/\/app.icontact.com https:\/\/air-workspace.shorthandstories.com https:\/\/public.tableau.com https:\/\/player.vimeo.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/analytics.shorthand.com https:\/\/platform-api.sharethis.com https:\/\/iframely.shorthand.com https:\/\/www.googletagmanager.com https:\/\/stackpath.bootstrapcdn.com https:\/\/connect.facebook.net https:\/\/moderate.cleantalk.org cdn.jsdelivr.net cdnjs.cloudflare.com chosen.js https:\/\/cdn.ckeditor.com https:\/\/cdn.jsdelivr.net https:\/\/code.jquery.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/unpkg.com https:\/\/use.fontawesome.com mdbootstrap.com stackpath.bootstrapcdn.com; style-src 'self' *.air.org cdn.jsdelivr.net cdnjs.cloudflare.com chosen.css fonts.googleapis.com https:\/\/cdn.jsdelivr.net mdbootstrap.com stackpath.bootstrapcdn.com use.fontawesome.com use.typekit.net; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' *.typekit.net *.knightlab.com *.air.org https:\/\/app.icontact.com cdn.jsdelivr.net cdnjs.cloudflare.com chosen.css fonts.googleapis.com https:\/\/cdn.jsdelivr.net mdbootstrap.com stackpath.bootstrapcdn.com use.fontawesome.com use.typekit.net; webrtc 'block'; base-uri 'self' *.air.org; form-action 'self' *.air.org https:\/\/app.icontact.com; frame-ancestors 'self' https:\/\/www.air.org https:\/\/air.org; report-uri https:\/\/air.org\/log-report-uri\/reportOnly; block-all-mixed-content; trusted-types 'none'","count":1},{"content-security-policy-report-only":" default-src 'none'; report-uri \/next-external\/log\/csp\/violations; report-to csp-violations; connect-src 'self' wss:\/\/www.nordnet.se https:\/\/www.googletagmanager.com https:\/\/analytics.nordnet.se https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.se https:\/\/api.prod.nntech.io https:\/\/api.test.nntech.io https:\/\/experimentation.public.prod.nntech.io https:\/\/www.google.com https:\/\/storage.googleapis.com https:\/\/www.recaptcha.net https:\/\/relay.prod.nntech.io https:\/\/api-poc.prod.nntech.io; font-src 'self' https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.se; frame-src 'self' https:\/\/analytics.nordnet.se https:\/\/10961666.fls.doubleclick.net https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com https:\/\/w.soundcloud.com https:\/\/embed.acast.com https:\/\/link.tink.com https:\/\/www.tv2.no https:\/\/checkout.trustly.com https:\/\/www.recaptcha.net https:\/\/www.google.com https:\/\/t.email.nordnet.se https:\/\/dashboard.fundrella.com; img-src 'self' https:\/\/www.googletagmanager.com https:\/\/analytics.nordnet.se https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.se https:\/\/api.prod.nntech.io data: blob: https:\/\/cdn.tink.se https:\/\/images.ctfassets.net https:\/\/i.vimeocdn.com https:\/\/img.youtube.com https:\/\/www.recaptcha.net https:\/\/blogg.nordnet.se; manifest-src 'self'; media-src https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.se https:\/\/videos.ctfassets.net; object-src 'self'; script-src 'self' 'nonce-2b3329b7-7c71-4bcd-bef8-f2acf187bd68' https:\/\/analytics.nordnet.se https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.se https:\/\/www.recaptcha.net https:\/\/www.google.com; script-src-attr 'none'; style-src 'unsafe-inline' 'self' https:\/\/cdn.prod.nntech.io https:\/\/files.nordnet.se; worker-src 'none'; base-uri 'none'; form-action 'self' https:\/\/pvu.nets.no https:\/\/pvu.avtalegiro.no https:\/\/online.alandsbanken.fi https:\/\/verkkopankki.danskebank.fi https:\/\/verkkomaksu.handelsbanken.fi https:\/\/epmt.nordea.fi https:\/\/identify.nordea.com https:\/\/verkkomaksu.poppankki.fi https:\/\/verkkomaksu.saastopankki.fi https:\/\/online.s-pankki.fi https:\/\/auth.aktia.fi https:\/\/kirjaudu.aktia.fi https:\/\/ebank.aktia.fi; frame-ancestors 'self' https:\/\/app.contentful.com https:\/\/app.sigmastocks.com;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-hveilzFw-nPcnP9Sve0_3w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-BBwUjgu1R9ecMwkruft70Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-yq40_oByBqCDulHcRjq5pA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-juYMJWWxZM_kP_CWU_BNKg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-PnnPmL4nAUbzOIj8xB9pQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' cdn.plaid.com js.stripe.com www.googletagmanager.com connect.facebook.net utt.impactcdn.com www.redditstatic.com googleads.g.doubleclick.net q.quora.com cdn-cookieyes.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; style-src 'self' 'unsafe-inline'; connect-src 'self' *.joinkudos.com events.launchdarkly.com app.launchdarkly.com o1336925.ingest.sentry.io clientstream.launchdarkly.com cognito-idp.us-east-2.amazonaws.com kudos-upload-prod.s3.us-east-2.amazonaws.com trykudos.github.io connect.facebook.net googleads.g.doubleclick.net stats.g.doubleclick.net www.google-analytics.com www.google.com analytics.google.com www.googleadservices.com mpc-prod-24-s6uit34pua-uw.a.run.app www.facebook.com api.mapbox.com app.adjust.com app.adjust.world pixel-config.reddit.com browser-intake-us5-datadoghq.com kudos.sjv.io *.conversionsapigateway.com www.googletagmanager.com cdn-cookieyes.com log.cookieyes.com; font-src 'self' data: use.typekit.net; frame-src cdn.plaid.com trykudos.github.io production.widget.scribeup.io www.googletagmanager.com js.stripe.com; img-src 'self' data: *.joinkudos.com logos.ntropy.com www.google.com googleads.g.doubleclick.net alb.reddit.com www.facebook.com connect.facebook.net googleads.g.doubleclick.net stats.g.doubleclick.net www.googletagmanager.com www.googleadservices.com www.ojrq.net q.quora.com cdn-cookieyes.com; media-src 'self' *.joinkudos.com; worker-src 'self' blob:; report-uri https:\/\/joinkudos.com\/csp-report;","count":1},{"content-security-policy-report-only":" default-src 'self'; frame-src https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; img-src 'self' data: https:\/\/i.ytimg.com; script-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; connect-src 'self' https:\/\/www.youtube.com; media-src 'self' https:\/\/www.youtube.com","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com maxcdn.bootstrapcdn.com *.klevu.com *.ksearchnet.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.meetanshi.com meetanshi.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.weltpixel.com *.meetanshi.com meetanshi.com js.mollie.com *.trustpilot.com *.googletagmanager.com *.doubleclick.net 'self' data: cmp.osano.com td.doubleclick.net *.criteo.com www.googletagmanager.com static.criteo.net 23345742.hs-sites.com 'unsafe-inline' data: securemyrx.com creatives.attn.tv api.quizell.com app.quizell.com *.yotpo.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com https:\/\/images.unsplash.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com magefan.com cm.magefan.com *.disqus.com https:\/\/www.magezon.com https:\/\/redchamps.com *.klevu.com *.ksearchnet.com https:\/\/img.youtube.com *.meetanshi.com meetanshi.com https:\/\/www.mollie.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com www.google.co.in *.hubspot.com perf-na1.hsforms.com forms.hsforms.com www.facebook.com sync.1rx.io rtb-csync.smartadserver.com x.bidswitch.net cm.g.doubleclick.net ib.adnxs.com tg.socdm.com r.casalemedia.com cs.adingo.jp ads.stickyadstv.com ad.360yield.com idsync.rlcdn.com public-prod-dspcookiematching.dmxleo.com contextual.media.net *.criteo.com sync.outbrain.com simage2.pubmatic.com pixel.rubiconproject.com sync-t1.taboola.com criteo-sync.teads.tv ade.clmbtech.com eb2.3lift.com dis.criteo.com aa.agkn.com cm.adgrx.com sync.targeting.unrulymedia.com sca1.listrakbi.com seal-utah.bbb.org s1.listrakbi.com *.pubmatic.com sync.ipredictive.com pixel-sync.sitescout.com sync.crwdcntrl.net pixel.tapad.com jelly.mdhv.io 1f2e7.v.fwmrm.net match.prod.bidr.io pr-bh.ybp.yahoo.com match.adsrvr.org pm.w55c.net et.resellerratings.com api.purechat.com *.purechat.com recs.listrakbi.com static.hsappstatic.net partner.mediawallahscript.com ap.lijit.com *.liadm.com exchange.mediavine.com jadserve.postrelease.com trends.revcontent.com tapestry.tapad.com criteo-partners.tremorhub.com ad.tpmn.io px.ads.linkedin.com d.turn.com secure.adnxs.com i.liadm.com idsync.reson8.com match.deepintent.com ad.tpmn.co.kr thrtle.com *.analytics.yahoo.com obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com sync.mathtag.com *.tribalfusion.com events.attentivemobile.com live.rezync.com pippio.com data.adsrvr.org ce.lijit.com c1.adform.com um.simpli.fi mid.rkdms.com b1sync.outbrain.com b1sync.zemanta.com sync.srv.stackadapt.com ws.rqtrk.eu https:\/\/lantern.roeye.com https:\/\/*.listrakbi.com https:\/\/*.listrak.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.disqus.com https:\/\/cdn.jsdelivr.net cdn.jsdelivr.net js.klevu.com *.ksearchnet.com *.meetanshi.com meetanshi.com js.mollie.com *.trustpilot.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net 'unsafe-inline' data: js-agent.newrelic.com z.moatads.com cdn.listrakbi.com z.moatads.co bat.bing.com www.dwin1.com acsbapp.co cmp.osano.com app.purechat.com js.hs-scripts.com js.usemessages.com js.hs-banner.com js.hscollectedforms.net js.hubspot.com js.hs-analytics.net ajax.googleapis.com *.listrakbi.com https:\/\/rat3.listrakbi.com services.listrak.com prod.purechatcdn.com acsbapp.com 23345742.hs-sites.com www.resellerratings.com *.lunio.ai *.criteo.com player.vimeo.com cdn.noibu.com catpq.vitalitymedical.com static.cloudflareinsights.com conversionteam.s3.amazonaws.com api.quizell.com https:\/\/lantern.roeyecdn.com https:\/\/js.klevu.com\/core\/v2\/klevu.js https:\/\/cdn.callrail.com\/companies\/694783136\/19fe0fad69757295966b\/12\/swap.js https:\/\/cdn.id5-sync.com\/api\/1.0\/id5-api.js https:\/\/*.listrakbi.com https:\/\/*.listrak.com https:\/\/js.klevu.com https:\/\/cdn.ksearchnet.com https:\/\/*.ksearchnet.com https:\/\/*.klevu.com https:\/\/prod.purechatcdn.com\/assets\/modern_initializer.13851.js https:\/\/cdn.attn.tv\/vitalitymedical\/dtag.js https:\/\/cdn.attn.tv\/growth-tag-assets\/client-configs\/T33.js https:\/\/cdn.attn.tv\/tag\/4-latest\/unified-tag.js https:\/\/acsbapp.com\/apps\/app\/dist\/js\/app.js https:\/\/prod.purechatcdn.com\/assets\/modern_app.13851.js https:\/\/api.purechat.com https:\/\/*.purechat.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com https:\/\/cdn.jsdelivr.net cdn.jsdelivr.net maxcdn.bootstrapcdn.com *.klevu.com *.ksearchnet.com *.trustpilot.com *.tagmanager.google.com *.googletagmanager.com cdn.listrakbi.com api.quizell.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.klevu.com *.ksearchnet.com *.meetanshi.com meetanshi.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app 'self' data: bam.nr-data.net cdn.acsbapp.com cmp.osano.com *.purechat.com api.hubspot.com cta-service-cms2.hubspot.com forms.hscollectedforms.net recs.listrakbi.com measurement-api.criteo.com tattle.api.osano.com stats.g.doubleclick.net consent.api.osano.com invitejs.trustpilot.com widget.trustpilot.com static.hsappstatic.net www.resellerratings.com conversions.lunio.ai *.noibu.com catpq.vitalitymedical.com cloudflareinsights.com wss:\/\/input.noibu.com\/ api.quizell.com bat.bing.com id5-sync.com t.lt02.net https:\/\/*.listrakbi.com https:\/\/*.listrak.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'report-sample' 'self' 'sha256-BiNyGbGZEG1ZcMWhdKvmZ1DwYSpvZ8xcAxRrIag59sQ=' 'sha256-p96cet82gMKBOah5xqTlTC1NImfgmfwp9xhnLYsv45Q=' 'sha256-K7F5t+0jCUOcvI0w5XCLORVrRe6Cl7fcvsyOhpNlvRA=' 'sha256-osJOIDsvZzKR6jjDkmJzOK\/lCl+6P59lwiMwf2WwwX0=' 'sha256-ech7dK56PGMmo3zLhyCe9XpUu\/4+pGU11bUeBEpq56o=' 'sha256-5aTBNtoMSFGD0AJ9+0YPRibd5APCDzFjjKtA16wQik8=' 'sha256-hV1mihBfiWqmXQxPNANChEuUWIOIlte4D1DUOfqSY2Y=' 'sha256-DHkQzQeawSI3bMDJPOulIinzX\/ih38goNk2cvBZsgPM=' 'sha256-LjOYZt74qQlHixQckZ1K+NyxwGO8jPc\/zUDhd43i7qY=' 'sha256-C6r1Uv+2BkE8Qjrq+iYLyfsjck3nrA\/PhDEE1u7CHtk=' 'sha256-hV1mihBfiWqmXQxPNANChEuUWIOIlte4D1DUOfqSY2Y=' 'sha256-BxUWVs1+UwaUImPFWmLpOCjBDGTFuFcwcXgQwKyVSYU=' https:\/\/www.googletagmanager.com\/gtm.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googleadservices.com\/pagead\/conversion_async.js https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.gstatic.com\/recaptcha\/releases\/ https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/976618339\/ https:\/\/a.clickcertain.com\/px\/smart\/a\/ https:\/\/a.remarketstats.com\/px\/smart\/; style-src 'report-sample' 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com; font-src 'self'; frame-src 'self' https:\/\/www.google.com https:\/\/a.clickcertain.com\/; img-src 'self' https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.google.pl; manifest-src 'self'; media-src 'self'; worker-src 'none';","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' data: 'unsafe-eval'; report-uri \/errors\/csp-violation\/","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-XDP0m_xogFDRnYSOCK6RUw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" style-src-elem 'unsafe-inline' sportofino.com *.sportofino.com *.snrcdn.net geowidget.easypack24.net fonts.googleapis.com cdn.luigisbox.tech; script-src-elem *.snrcdn.net *.etrusted.com https:\/\/widgets.trustedshops.com *.livechatinc.com geowidget.inpost.pl widget.packeta.com static.paynow.pl maps.googleapis.com www.googletagmanager.com js.braintreegateway.com ssl.ceneo.pl www.glami.cz www.ladenzeile.de x.klarnacdn.net c.paypal.com pay.google.com static.cloudflareinsights.com 'self' 'unsafe-inline' sportofino.com *.sportofino.com scripts.luigisbox.tech cdn.luigisbox.tech consent.cookiebot.com s.pinimg.com ct.pinterest.com consentcdn.cookiebot.com bat.bing.com a.mgid.com connect.facebook.net cdn.tmtarget.com glamipixel.com tags.creativecdn.com library.startquestion.com pixel.wp.pl googleads.g.doubleclick.net dss.hybrid.ai web.snrbox.com st.hybrid.ai emd.hybrid.ai im9.cz googleadservices.com expandeco.daktela.com www.googleadservices.com analytics.tiktok.com www.clarity.ms scripts.clarity.ms; font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klarnacdn.net *.fontawesome.com https:\/\/cdnjs.cloudflare.com geowidget.easypack24.net https:\/\/widgets.trustedshops.com cdn.thulium.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * sandbox.przelewy24.pl secure.przelewy24.pl 'self' 'self' 'unsafe-inline'; frame-ancestors pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.klarna.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * apm.przelewy24.pl secure.payu.com merch-prod.snd.payu.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com data: widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com *.klarna.com *.klarnaevt.com *.klarnacdn.net magefan.com cm.magefan.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com static.przelewy24.pl www.gstatic.com gstatic.com static.payu.com sportofino.com *.sportofino.com *.googleapis.com *.ggpht.com *.paynow.pl www.glami.cz static.paynow.pl https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com bat.bing.com pixel.wp.pl www.glami.pl www.facebook.com a.mgid.com dot.wp.pl stileo.it www.glami.ro sync.teads.tv www.google.pl sync.taboola.com ih.adscale.de eb2.3lift.com sync.outbrain.com ssp-csync.smartadserver.com ads.stickyadstv.com ads.yieldmo.com us-u.openx.net ad.doubleclick.net imgsct.cookiebot.com dss.hybrid.ai bat.bing.net ams.creativecdn.com cm.mgid.com www.fashiola.de www.fashiola.fr rt.udmserve.net www.heureka.cz ib.adnxs.com dsum-sec.casalemedia.com c1.adform.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/cdnjs.cloudflare.com sandbox.przelewy24.pl secure.przelewy24.pl apm.przelewy24.pl secure.payu.com secure.snd.payu.com 'self' 'unsafe-inline' sportofino.com *.sportofino.com library.startquestion.com bat.bing.com px.leadexpert.pl scripts.luigisbox.tech tags.creativecdn.com cdn.luigisbox.tech js-agent.newrelic.com bam.eu01.nr-data.net widgets.trustedshops.com www.snrcdn.net gstatic.com tck.snrbox.com proxy.snrbox.com connect.facebook.net creativecdn.com cdn.livechatinc.com *.inpost.pl https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com reco.sportofino.com dss.hybrid.ai a.mgid.com consentcdn.cookiebot.com widget.packeta.com googleadservices.com expandeco.daktela.com glamipixel.com pixel.wp.pl consent.cookiebot.com cdn.tmtarget.com cdn.thulium.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.klarnacdn.net *.fontawesome.com assets.braintreegateway.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com reco.sportofino.com geowidget.easypack24.net cdn.luigisbox.tech 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com player.vimeo.com akamaized.net download-video.akamaized.net cdnstrapi.sportofino.com cdn.thulium.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com sandbox.przelewy24.pl secure.przelewy24.pl wss:\/\/ws.przelewy24.pl wss:\/\/sandbox-ws.przelewy24.pl wss:\/\/secure-ws.przelewy24.pl apple-pay-gateway.apple.com apm.przelewy24.pl www.google.com pay.google.com secure.payu.com merch-prod.snd.payu.com *.snrbox.com maps.googleapis.com widget.packeta.com reco.sportofino.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site api.luigisbox.tech pagead2.googlesyndication.com live.luigisbox.tech region1.google-analytics.com ct.pinterest.com consentcdn.cookiebot.com app.startquestion.com googleads.g.doubleclick.net pixel.wp.pl ams.creativecdn.com bat.bing.com bat.bing.net www.facebook.com www.google.pl stats.g.doubleclick.net expandeco.daktela.com cdn.thulium.com fcmregistrations.googleapis.com i.clarity.ms 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/sportofino.com\/csp_reports; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.doubleclick.net *.googlesyndication.com *.google.com *.microsoft.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' fonts.gstatic.com data: cdn.jsdelivr.net; img-src * data: blob:; connect-src *; frame-src *; media-src *; report-uri \/api\/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self' varonis.okta.com login.varonis.com *.oktacdn.com; connect-src 'self' varonis.okta.com varonis-admin.okta.com login.varonis.com *.oktacdn.com *.mixpanel.com *.mapbox.com varonis.kerberos.okta.com varonis.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' varonis.okta.com login.varonis.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' varonis.okta.com login.varonis.com *.oktacdn.com; frame-src 'self' varonis.okta.com varonis-admin.okta.com login.varonis.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' varonis.okta.com login.varonis.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' varonis.okta.com login.varonis.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' d1re4mvb3lawey.cloudfront.net *.bibliu.co *.bibliu.com; style-src 'self'; img-src 'self' d1re4mvb3lawey.cloudfront.net *.bibliu.co *.bibliu.com; font-src 'self' d1re4mvb3lawey.cloudfront.net *.bibliu.co *.bibliu.com; frame-src 'self' *.bibliu.co *.bibliu.com;","count":1},{"content-security-policy-report-only":" base-uri 'self'; style-src https: 'self' 'unsafe-inline' *.googletagmanager.com *.tagmanager.google.com *.fonts.googleapis.com; script-src https: 'nonce-lgWV1NHKI8YTSDVGGueoxf42w9k=' 'strict-dynamic'; form-action 'self' ; frame-ancestors 'self' https:\/\/www.slipcase.com https:\/\/marketplace.marsh.com; frame-src 'self' view.ceros.com *.company-target.com *.google.com *.googletagmanager.com *.doubleclick.net *.g.doubleclick.net; report-to csp-endpoint; report-uri https:\/\/axaxl.com\/api\/CSP; font-src 'self' fonts.gstatic.com data:; img-src 'self' * data:; connect-src 'self' browser-intake-datadoghq.com *.googleadservices.com *.googletagmanager.com www.googletagmanager.com *.google-analytics.com *.analytics.google.com *.g.doubleclick.net www.google.com www.google.co.uk www.google.com.sg *.google.com *.googlesyndication.com *.company-target.com *.linkedin.com *.licdn.com *.brightcove.com *.brightcove.net *.brightcovecdn.com *.demandbase.com *.boltdns.net *.akamaihd.net *.nr-data.net *.en25.com; manifest-src 'self'; media-src blob: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.akamaihd.net *.cf.brightcove.com; default-src 'self' mailto: tel: www.google.com www.google.co.uk *.google.com *.googletagmanager.com www.googletagmanager.com *.company-target.com *.linkedin.com *.licdn.com *.eloqua.com *.brightcove.com *.brightcove.net *.rlcdn.com *.boltdns.net *.demandbase.com *.akamaihd.net *.axaxl.com *.doubleclick.net *.en25.com www.google.com.sg;","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-jT0CIx8HLJe-xtQC0mqF5A' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src 'self';font-src 'self' data: https:\/\/fonts.gstatic.com;connect-src 'self' https:\/\/brandportal.uponor.com https:\/\/*.usercentrics.eu https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.linkedin.com https:\/\/*.stackadapt.com https:\/\/*.doubleclick.net https:\/\/*.teads.tv https:\/\/*.clarity.ms https:\/\/*.google-analytics.com https:\/\/*.adobe.io https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/*.bing.com https:\/\/uponorna.my.site.com https:\/\/*.lumoa.me https:\/\/*.sharethis.com https:\/\/pixel-config.reddit.com https:\/\/www.redditstatic.com https:\/\/*.google.ee https:\/\/*.google.de https:\/\/*.google.cz https:\/\/*.google.se https:\/\/salesviewer.org https:\/\/*.google.fi https:\/\/bat.bing.net https:\/\/*.facebook.com https:\/\/*.google.is https:\/\/*.google.pl https:\/\/*.google.sk; frame-src https:\/\/*.youtube.com https:\/\/*.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/*.force.com https:\/\/*.google.com https:\/\/*.usercentrics.eu https:\/\/*.teads.tv https:\/\/*.adobe.com https:\/\/*.tfaforms.net https:\/\/*.facebook.com https:\/\/*.bimsmith.com https:\/\/go.eu.uponor.com https:\/\/*.transistor.fm https:\/\/go.uponor.info https:\/\/youtube.com https:\/\/locator.maplet.com\/ https:\/\/uponorna.my.site.com\/; script-src 'self' 'nonce-5OBxHUFlHaDX+NFPvxvQyTZaFwd4gnD2iRk+kPzGrTc=' 'strict-dynamic'; img-src 'self' data: https:\/\/brandportal.uponor.com https:\/\/*.usercentrics.eu https:\/\/*.facebook.com https:\/\/*.linkedin.com https:\/\/*.teads.tv https:\/\/bat.bing.com https:\/\/maps.gstatic.com https:\/\/*.google.com https:\/\/*.doubleclick.net https:\/\/d2csxpduxe849s.cloudfront.net https:\/\/*.googletagmanager.com https:\/\/*.clarity.ms https:\/\/img.youtube.com https:\/\/*.sharethis.com https:\/\/*.uponor.com https:\/\/googleapis.com https:\/\/*.krxd.net https:\/\/*.google.lt https:\/\/*.google.hu https:\/\/*.google.dk https:\/\/alb.reddit.com https:\/\/*.google.ca https:\/\/*.google.ee https:\/\/*.google.de https:\/\/*.google.cz https:\/\/*.google.se https:\/\/*.google.co.uk https:\/\/*.google.pt https:\/\/*.globenewswire.com https:\/\/*.google.pl https:\/\/*.google.nl https:\/\/*.google.es https:\/\/*.google.ba https:\/\/cdn.midas-network.com https:\/\/*.google.fr https:\/\/*.google.si https:\/\/*.google.com.uy https:\/\/*.google.fi https:\/\/*.google.sk https:\/\/*.google.co.in https:\/\/*.google.no https:\/\/*.google.ro; style-src 'self' 'unsafe-inline' https:\/\/*.force.com https:\/\/*.usercentrics.eu https:\/\/*.stackadapt.com https:\/\/*.googleapis.com; object-src 'self' https:\/\/*.usercentrics.eu;form-action 'self' https:\/\/*.uponor.com https:\/\/*.tfaforms.net https:\/\/*.facebook.com; base-uri 'self';","count":1},{"content-security-policy-report-only":" default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: data: blob:; style-src 'unsafe-inline' https:; report-uri https:\/\/www.check24.net\/csp-violation-ezmd9dpdxv7nb0ecejb9\/","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'report-sample' 'self' https:\/\/bat.bing.com https:\/\/cdn.segment.com https:\/\/connect.facebook.net https:\/\/container.pepperjam.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/googleads.g.doubleclick.net https:\/\/js.stripe.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/static.zdassets.com https:\/\/websdk.appsflyer.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.upsellit.com https:\/\/app.upsellit.com https:\/\/cdn.gbqofs.com\/bluebottle\/u\/detector-dom.min.js https:\/\/cdn.optimizely.com; style-src 'report-sample' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/1wjcus8nhr-1.algolianet.com https:\/\/1wjcus8nhr-2.algolianet.com https:\/\/1wjcus8nhr-3.algolianet.com https:\/\/1wjcus8nhr-dsn.algolia.net https:\/\/www.googletagmanager.com https:\/\/adservice.google.com https:\/\/analytics.google.com https:\/\/api.honeybadger.io https:\/\/api.segment.io https:\/\/app.brightback.com https:\/\/banner.appsflyer.com https:\/\/bat.bing.com https:\/\/blue-bottle-coffee.assembly-api.com https:\/\/bluebottlecoffeesupport.zendesk.com https:\/\/cdn.segment.com https:\/\/cognito-identity.us-east-1.amazonaws.com https:\/\/cognito-idp.us-east-1.amazonaws.com https:\/\/creatives-cdn.appsflyer.com https:\/\/dev.visualwebsiteoptimizer.com https:\/\/ekr.zdassets.com https:\/\/maps.googleapis.com https:\/\/pixel.quantcount.com https:\/\/region1.analytics.google.com https:\/\/region1.google-analytics.com https:\/\/report.nestle.gbqofs.io https:\/\/res.cloudinary.com https:\/\/stats.g.doubleclick.net https:\/\/umry56azoa.execute-api.us-east-1.amazonaws.com https:\/\/vimeo.com https:\/\/www.facebook.com https:\/\/adservice.google.com https:\/\/www.google-analytics.com https:\/\/www.google.ca https:\/\/www.google.com https:\/\/logx.optimizely.com; font-src 'self' data: https:\/\/cdn.appsflyer.com https:\/\/res.cloudinary.com https:\/\/static.rakuten.com https:\/\/storage.googleapis.com; frame-src 'self' https:\/\/8721801.fls.doubleclick.net https:\/\/cdn.pbbl.co https:\/\/js.stripe.com https:\/\/player.vimeo.com https:\/\/t.pepperjamnetwork.com https:\/\/td.doubleclick.net https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/a12600010354.cdn.optimizely.com\/; img-src 'self' data: http:\/\/res.cloudinary.com https:\/\/ad.doubleclick.net https:\/\/bat.bing.com https:\/\/blue-bottle-cms.global.ssl.fastly.net https:\/\/chord-oms-production-public-web-assets.s3.amazonaws.com\/bluebottlecoffee\/ https:\/\/dev.visualwebsiteoptimizer.com https:\/\/googleads.g.doubleclick.net https:\/\/res.cloudinary.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/adservice.google.com https:\/\/www.googleadservices.com https:\/\/www.google.ae https:\/\/www.google.ca https:\/\/www.google.com.co https:\/\/www.google.com.mx https:\/\/www.google.com.in https:\/\/www.google.com.ng https:\/\/www.google.sr https:\/\/www.google.com.ph https:\/\/www.google.com.sa https:\/\/www.google.de https:\/\/www.google.cn https:\/\/www.google.com https:\/\/www.google.com.au https:\/\/www.google.com.br https:\/\/www.google.com.hk https:\/\/www.google.com.vn https:\/\/www.google.fr https:\/\/www.google.it https:\/\/www.google.nl https:\/\/www.google.no https:\/\/www.google.co.kr https:\/\/www.google.com.tw https:\/\/www.google.co.uk https:\/\/www.google.co.jp https:\/\/www.google.com.pa https:\/\/www.google.bg https:\/\/translate.google.com https:\/\/www.google.com.gt https:\/\/www.googletagmanager.com https:\/\/www.upsellit.com; manifest-src 'self'; media-src 'self' https:\/\/res.cloudinary.com; worker-src blob:; frame-ancestors https:\/\/studio.bluebottlecoffee.dev; report-uri https:\/\/6998a7fb68a97a37f8789b5c.endpoint.csper.io?v=0;","count":1},{"content-security-policy-report-only":" default-src 'self';script-src 'self' 'unsafe-inline' 'nonce-OdcCDCZvSuWaLRWQSY5r9PZz' 'unsafe-eval' https:\/\/pixel.byspotify.com *.travcorpservices.com https:\/\/www.google.com https:\/\/www.google-analytics.com https:\/\/www.googleoptimize.com https:\/\/www.googletagmanager.com https:\/\/ajax.googleapis.com https:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net https:\/\/api.feefo.com https:\/\/register.feefo.com https:\/\/bat.bing.com https:\/\/cdn.evgnet.com https:\/\/connect.facebook.net https:\/\/i.clarity.ms https:\/\/static-ssl.responsetap.com *.hotjar.com https:\/\/tag.simpli.fi https:\/\/unpkg.com https:\/\/www.bugherd.com https:\/\/decagon.ai https:\/\/www.datadoghq-browser-agent.com https:\/\/assetscdn.stackla.com\/media\/js https:\/\/vjs.zencdn.net https:\/\/cdn.amplitude.com\/libs https:\/\/sdk.joinsherpa.io https:\/\/apps.mypurecloud.com https:\/\/consentcdn.cookiebot.com https:\/\/cdnjs.cloudflare.com https:\/\/ttc-contiki.entry.promo https:\/\/cdn.optimizely.com https:\/\/www.riddle.com;style-src 'self' 'unsafe-inline' https:\/\/assetscdn.stackla.com\/media\/components\/stackla-uikit\/dist https:\/\/fonts.googleapis.com https:\/\/p.typekit.net https:\/\/use.typekit.net https:\/\/vjs.zencdn.net https:\/\/apps.mypurecloud.com;img-src 'self' https:\/\/bat.bing.com https:\/\/c.clarity.ms https:\/\/i.ytimg.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.uplift-platform.com data:;frame-src 'self' https:\/\/10006172.fls.doubleclick.net https:\/\/uplift-cdn-stg.uplift.com https:\/\/vars.hotjar.com https:\/\/widget.stackla.com https:\/\/www.google.com https:\/\/apps.joinsherpa.io https:\/\/www.googletagmanager.com https:\/\/a25408250069.cdn.optimizely.com;font-src 'self' https:\/\/assetscdn.stackla.com https:\/\/fonts.gstatic.com https:\/\/use.typekit.net https:\/\/vjs.zencdn.net https:\/\/apps.mypurecloud.com;connect-src 'self' *.travcorpservices.com *.travcorp.com *.corp.ttc:7443 https:\/\/api.feefo.com https:\/\/bat.bing.com https:\/\/in.hotjar.com https:\/\/ws11.hotjar.com\/api https:\/\/l.clarity.ms https:\/\/metrics.responsetap.com\/infinity https:\/\/noembed.com https:\/\/pm-mrkt.prodgw.uplift-platform.com https:\/\/rum.browser-intake-datadoghq.com https:\/\/session-replay.browser-intake-datadoghq.com https:\/\/ttctravel.germany-2.evergage.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/logx.optimizely.com https:\/\/region1.analytics.google.com https:\/\/ttc.contiki.com","count":1},{"content-security-policy-report-only":" script-src 'nonce-0RQimtafRJn8tG8VM96taw==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=d269aac7-f6db-4439-92f7-450528b92c3d; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" report-uri https:\/\/o7202.ingest.us.sentry.io\/api\/278133\/security\/?sentry_key=3fa89efb7ac645f5820f641a4e80c50f&sentry_environment=production; report-to csp-endpoint; default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; script-src * 'unsafe-inline' 'unsafe-eval' data: blob:; connect-src * data: blob:; img-src * data: blob:; style-src * 'unsafe-inline' data: blob:; media-src * data: blob:; font-src * data: blob:; object-src * data: blob:; frame-src * data: blob:; worker-src * data: blob:; manifest-src * data: blob:; frame-ancestors *;","count":1},{"content-security-policy-report-only":" base-uri; default-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/ssl.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/ajax.googleapis.com https:\/\/docs.teket.jp data:; connect-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/ssl.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/ajax.googleapis.com https:\/\/teket.zendesk.com https:\/\/zendesk-eu.my.sentry.io https:\/\/static.zdassets.com https:\/\/ekr.zdassets.com https:\/\/api.smooch.io wss:\/\/api.smooch.io https:\/\/s.clarity.ms https:\/\/docs.teket.jp; form-action; frame-src https:\/\/www.google.com\/ https:\/\/p01.mul-pay.jp; img-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/ssl.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/ajax.googleapis.com https:\/\/teket.zendesk.com https:\/\/zendesk-eu.my.sentry.io https:\/\/static.zdassets.com https:\/\/ekr.zdassets.com https:\/\/api.smooch.io wss:\/\/api.smooch.io https:\/\/docs.teket.jp data:; object-src; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/ssl.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/ajax.googleapis.com https:\/\/teket.zendesk.com https:\/\/zendesk-eu.my.sentry.io https:\/\/static.zdassets.com https:\/\/ekr.zdassets.com https:\/\/api.smooch.io wss:\/\/api.smooch.io https:\/\/p01.mul-pay.jp 'unsafe-inline' 'unsafe-eval' blob:; script-src-elem 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/ssl.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/ajax.googleapis.com https:\/\/teket.zendesk.com https:\/\/zendesk-eu.my.sentry.io https:\/\/static.zdassets.com https:\/\/ekr.zdassets.com https:\/\/api.smooch.io wss:\/\/api.smooch.io https:\/\/www.clarity.ms https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/connect.facebook.net 'unsafe-inline' blob:; style-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/ssl.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/ajax.googleapis.com https:\/\/teket.zendesk.com https:\/\/zendesk-eu.my.sentry.io https:\/\/static.zdassets.com https:\/\/ekr.zdassets.com https:\/\/api.smooch.io wss:\/\/api.smooch.io 'unsafe-inline'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: https:\/\/www.shoppingsheet.com https:\/\/connect.facebook.net https:\/\/bbox.blackbaudhosting.com https:\/\/www.youvisit.com https:\/\/*.google.com https:\/\/*.uwplatt.edu https:\/\/googleads.g.doubleclick.net https:\/\/8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com https:\/\/cdn.jsdelivr.net https:\/\/ep1.adtrafficquality.google https:\/\/ep2.adtrafficquality.google https:\/\/fw.cdn.technolutions.net https:\/\/googleads.g.doubleclick.net https:\/\/libraryh3lp.com https:\/\/mx.technolutions.net https:\/\/partner.googleadservices.com https:\/\/s.yimg.com https:\/\/script.hotjar.com https:\/\/siteimproveanalytics.com https:\/\/slate-technolutions-net.cdn.technolutions.net https:\/\/slate-uwplatt-edu.cdn.technolutions.net https:\/\/slate.uwplatt.edu https:\/\/static.hotjar.com https:\/\/*.olark.com https:\/\/unpkg.com https:\/\/www.googletagmanager.com https:\/\/www.googletagmanager.com\/ https:\/\/www.youtube.com https:\/\/youtube.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' data: https:\/\/www.shoppingsheet.com https:\/\/connect.facebook.net https:\/\/bbox.blackbaudhosting.com https:\/\/www.youvisit.com https:\/\/*.google.com https:\/\/*.uwplatt.edu https:\/\/googleads.g.doubleclick.net https:\/\/8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com https:\/\/cdn.jsdelivr.net https:\/\/ep1.adtrafficquality.google https:\/\/ep2.adtrafficquality.google https:\/\/fw.cdn.technolutions.net https:\/\/googleads.g.doubleclick.net https:\/\/libraryh3lp.com https:\/\/mx.technolutions.net https:\/\/partner.googleadservices.com https:\/\/s.yimg.com https:\/\/script.hotjar.com https:\/\/siteimproveanalytics.com https:\/\/slate-technolutions-net.cdn.technolutions.net https:\/\/slate-uwplatt-edu.cdn.technolutions.net https:\/\/slate.uwplatt.edu https:\/\/static.hotjar.com https:\/\/*.olark.com https:\/\/unpkg.com https:\/\/www.googletagmanager.com https:\/\/www.googletagmanager.com\/ https:\/\/www.youtube.com https:\/\/youtube.com; style-src 'self' 'unsafe-inline' https:\/\/www.shoppingsheet.com https:\/\/www.google.com https:\/\/cdn.jsdelivr.net https:\/\/fonts.googleapis.com https:\/\/static.olark.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com; style-src-elem 'self' 'unsafe-inline' https:\/\/www.shoppingsheet.com https:\/\/slate-technolutions-net.cdn.technolutions.net https:\/\/static.olark.com https:\/\/cdn.jsdelivr.net https:\/\/fonts.googleapis.com https:\/\/*.google.com https:\/\/*.uwplatt.edu https:\/\/ep2.adtrafficquality.google https:\/\/slate-uwplatt-edu.cdn.technolutions.net https:\/\/fw.cdn.technolutions.net; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/syndicatedsearch.goog https:\/\/www.google-analytics.com https:\/\/cdn-graphql.youvisit.com https:\/\/region1.analytics.google.com https:\/\/knrpc.olark.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/libraryh3lp.com https:\/\/6349506.global.r2.siteimproveanalytics.io https:\/\/analytics.google.com https:\/\/content.hotjar.io https:\/\/mx.technolutions.net https:\/\/s.yimg.com https:\/\/*.uwplatt.edu https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/slate-uwplatt-edu.cdn.technolutions.net https:\/\/ep1.adtrafficquality.google https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/ws.hotjar.com wss:\/\/*.hotjar.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/static.olark.com https:\/\/script.hotjar.com; frame-src 'self' https:\/\/app.powerbi.com https:\/\/signup.e2ma.net https:\/\/ww2.matchinggifts.com https:\/\/www.youvisit.com https:\/\/www.shoppingsheet.com https:\/\/app.e2ma.net https:\/\/cdn.yoshki.com https:\/\/cdn.youvisit.com https:\/\/www.youtube-nocookie.com https:\/\/static.olark.com https:\/\/libraryh3lp.com https:\/\/e.issuu.com https:\/\/www.googletagmanager.com https:\/\/ep2.adtrafficquality.google https:\/\/syndicatedsearch.goog https:\/\/www.youtube.com https:\/\/*.uwplatt.edu; img-src 'self' data: https:\/\/*.gstatic.com https:\/\/se-images.campuslabs.com https:\/\/www.googleadservices.com https:\/\/trck.youvisit.com https:\/\/googleads.g.doubleclick.net\/ https:\/\/se-images.campuslabs.com https:\/\/id.ocelotbot.com https:\/\/image.isu.pub https:\/\/6349506.global.r2.siteimproveanalytics.io https:\/\/*.uwplatt.edu https:\/\/sp.analytics.yahoo.com https:\/\/trkn.us https:\/\/*.google.com https:\/\/log.olark.com https:\/\/www.googletagmanager.com https:\/\/syndicatedsearch.goog https:\/\/ep1.adtrafficquality.google https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/survey-images.hotjar.com; manifest-src 'self'; media-src 'self' https:\/\/static.olark.com; worker-src 'none'; frame-ancestors 'self' https:\/\/*.uwplatt.edu https:\/\/uwplatt.sharepoint.com https:\/\/uwplatt.quickbase.com; report-uri https:\/\/sentry.uwplatt.edu\/api\/5\/security\/?sentry_key=92e79271e0a535df88c88de202623cf3&sentry_environment=csp_reporting; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" script-src 'strict-dynamic' 'nonce-qjnyQpuYEY9X8njdJdTjVg=='","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com *.affilitizer.com *.googleusercontent.com *.jsdelivr.net https:\/\/widgets.trustedshops.com fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com bid.g.doubleclick.net js.mollie.com *.cookiebot.com *.doubleclick.net *.google.com *.googletagmanager.com *.jobrad.org www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com data: widgets.magentocommerce.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com https:\/\/www.mollie.com *.authorized.by *.cookiebot.com *.doubleclick.net *.google.com *.googleapis.com *.googleusercontent.com *.gstatic.com *.trustedshops.com www.google.ae www.google.al www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.by www.google.ca www.google.ch www.google.cl www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ma www.google.co.nz www.google.co.th www.google.co.uk www.google.co.uz www.google.com.ar www.google.com.bd www.google.com.br www.google.com.co www.google.com.eg www.google.com.hk www.google.com.jm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.ng www.google.com.pa www.google.com.ph www.google.com.pk www.google.com.sg www.google.com.tr www.google.com.ua www.google.com.vn www.google.cz www.google.de www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ge www.google.gr www.google.hr www.google.hu www.google.ie www.google.im www.google.is www.google.it www.google.jo www.google.kz www.google.li www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.mv www.google.nl www.google.no www.google.pl www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.se www.google.si www.google.sk www.google.tg www.google.tn https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com www.xtento.com cdn.xtento.com *.googletagmanager.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com app.authorized.by player.vimeo.com js.mollie.com *.authorized.by *.cloudflare.com *.cookiebot.com *.google.com *.googleapis.com *.googletagmanager.com *.jsdelivr.net *.trustedshops.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com www.xtento.com cdn.xtento.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.authorized.by *.googleapis.com *.gstatic.com *.jsdelivr.net https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src *.cookiebot.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com app.authorized.by api.friendlycaptcha.com eu-api.friendlycaptcha.eu *.adm-services.goog *.affilitizer.com *.cookiebot.com *.doubleclick.net *.googleapis.com www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.by www.google.ca www.google.ch www.google.co.in www.google.co.jp www.google.co.ma www.google.co.nz www.google.co.th www.google.co.uk www.google.com.ar www.google.com.bd www.google.com.br www.google.com.co www.google.com.eg www.google.com.mx www.google.com.ng www.google.com.pk www.google.com.tr www.google.com.ua www.google.com.vn www.google.cz www.google.de www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.gr www.google.hr www.google.hu www.google.ie www.google.it www.google.li www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mk www.google.nl www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.se www.google.si www.google.sk www.google.tn *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.googletagmanager.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/9d149a5d-cd44-43a1-b850-cd1f930c5061.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' https:\/\/qvdt3feo.com\/events.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/fotorama\/4.6.4\/ https:\/\/unpkg.com\/isotope-layout@3\/dist\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com https:\/\/*.formstack.com https:\/\/pi.pardot.com https:\/\/static.ads-twitter.com https:\/\/js.adsrvr.org https:\/\/connect.facebook.net https:\/\/*.googletagmanager.com https:\/\/cdn.cookielaw.org https:\/\/go.firstsolar.com https:\/\/player.vimeo.com https:\/\/siteimproveanalytics.com https:\/\/snap.licdn.com https:\/\/tags.srv.stackadapt.com https:\/\/use.typekit.net https:\/\/*.google-analytics.com; style-src 'self' 'report-sample' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/static.formstack.com https:\/\/fonts.googleapis.com https:\/\/www.firstsolar.com https:\/\/tags.srv.stackadapt.com\/sa.css https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/fotorama\/4.6.4\/ https:\/\/static.formstack.com https:\/\/fonts.googleapis.com https:\/\/tags.srv.stackadapt.com; object-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/*.facebook.com https:\/\/*.formstack.com\/ https:\/\/acrobat.adobe.com https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/stats.g.doubleclick.net https:\/\/cdn.cookielaw.org https:\/\/analytics.google.com https:\/\/insight.adsrvr.org https:\/\/px.ads.linkedin.com https:\/\/tags.srv.stackadapt.com https:\/\/*.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/translate.googleapis.com https:\/\/cta-service-cms2.hubspot.com https:\/\/overbridgenet.com https:\/\/www.facebook.com https:\/\/firstsolar.formstack.com; font-src 'self' https:\/\/*.formstack.com https:\/\/*.gstatic.com https:\/\/use.typekit.net https:\/\/www.googletagmanager.com https:\/\/www.youtube.com https:\/\/vimeo.com https:\/\/www.facebook.com https:\/\/match.adsrvr.org https:\/\/r2cdn.perplexity.ai https:\/\/svcs.tql.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/*.facebook.com https:\/\/match.adsrvr.org https:\/\/go.firstsolar.com https:\/\/insight.adsrvr.org https:\/\/player.vimeo.com; img-src 'self' https:\/\/www.linkedin.com https:\/\/*.facebook.net https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/t.co https:\/\/analytics.twitter.com https:\/\/cdn.cookielaw.org https:\/\/px4.ads.linkedin.com https:\/\/i.vimeocdn.com https:\/\/*.typekit.net https:\/\/px.ads.linkedin.com https:\/\/*.facebook.com https:\/\/www.google.co.uk https:\/\/www.google.co.in https:\/\/www.google.co.ug https:\/\/www.google.co.id https:\/\/www.google.ge https:\/\/www.google.es https:\/\/www.google.fi https:\/\/www.google.co.il https:\/\/www.google.com.om https:\/\/www.google.com.my https:\/\/www.google.de https:\/\/www.google.co.kr https:\/\/www.google.co.uz https:\/\/www.google.com.vn https:\/\/dc.ads.linkedin.com https:\/\/www.google.com.ua https:\/\/www.google.com.au https:\/\/www.google.com.pk https:\/\/www.google.com.sg https:\/\/www.google.co.za https:\/\/www.google.co.jp https:\/\/www.google.nl https:\/\/www.google.ae https:\/\/www.google.com.hk https:\/\/www.google.lk https:\/\/www.google.com.sv  https:\/\/www.google.com.mx https:\/\/www.google.com.pe https:\/\/www.google.dk https:\/\/www.google.pl https:\/\/www.google.co.nz https:\/\/www.google.rs https:\/\/www.google.be https:\/\/stats.g.doubleclick.net https:\/\/www.google.co.ma https:\/\/www.google.bf https:\/\/www.google.dz https:\/\/www.google.com.co https:\/\/www.google.cz https:\/\/www.google.com.gh https:\/\/www.google.com.ar https:\/\/www.google.so https:\/\/www.google.ci https:\/\/www.google.it https:\/\/www.google.ro https:\/\/www.google.ie https:\/\/www.google.com.pr https:\/\/www.google.co.ke https:\/\/www.google.se https:\/\/t.co https:\/\/analytics.twitter.com https:\/\/connect.facebook.net https:\/\/www.googletagmanager.com https:\/\/www.google.com.et https:\/\/www.google.ee https:\/\/www.google.com.np https:\/\/www.google.no https:\/\/www.google.com.cy https:\/\/www.google.com.ec https:\/\/fonts.gstatic.com https:\/\/px.ads.linkedin.com https:\/\/track.hubspot.com https:\/\/perf-na1.hsforms.com https:\/\/www.linkedin.com blob: data:; manifest-src 'self'; media-src 'self'; worker-src 'none';  report-uri https:\/\/o4510664129118208.ingest.us.sentry.io\/api\/4510664137441280\/security\/?sentry_key=1800fa7749fb2178678388266695ce8a;","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/stackpath.bootstrapcdn.com https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/optimize.google.com https:\/\/fonts.googleapis.com; script-src 'self' https:\/\/*.smallcase.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/app.link https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/www.youtube.com https:\/\/s.ytimg.com https:\/\/apis.google.com https:\/\/connect.facebook.net https:\/\/*.razorpay.com https:\/\/*.gateway-tt.in https:\/\/cdn.segment.com https:\/\/cdn.amplitude.com https:\/\/cdn.moengage.com https:\/\/stackpath.bootstrapcdn.com https:\/\/a.quora.com https:\/\/q.quora.com 'unsafe-eval' 'unsafe-inline' https:\/\/appleid.cdn-apple.com https:\/\/optimize.google.com https:\/\/www.googleoptimize.com https:\/\/*.googlesyndication.com https:\/\/partner.googleadservices.com https:\/\/www.googletagservices.com https:\/\/adservice.google.com https:\/\/adservice.google.co.in https:\/\/*.tickertape.in https:\/\/*.vmax.com https:\/\/*.smartyads.com https:\/\/*.itdsmr.com https:\/\/*.google.com https:\/\/www.gstatic.com https:\/\/*.nexum.smallcase.com https:\/\/securepubads.g.doubleclick.net https:\/\/cms.stag.smallcase.com https:\/\/tally.so\/widgets\/embed.js https:\/\/www.clarity.ms https:\/\/bfin.creditcase.in https:\/\/websdk.hvcdn.co; img-src 'self' data: https:\/\/*.tickertape.in http:\/\/*.tickertape.in https:\/\/*.smallcase.com https:\/\/*.cloudfront.net https:\/\/s3.ap-south-1.amazonaws.com https:\/\/s3.amazonaws.com https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.google.co.in https:\/\/pocket-image-cache.com https:\/\/*.ytimg.com https:\/\/script.hotjar.com https:\/\/premium.thehindubusinessline.com https:\/\/thehindubusinessline.com https:\/\/thehindu.com https:\/\/www.thehindu.com https:\/\/www.thehindubusinessline.com https:\/\/*.reutersmedia.net https:\/\/img.youtube.com https:\/\/www.facebook.com https:\/\/cdn.razorpay.com https:\/\/d36bckgfrodyym.cloudfront.net https:\/\/moe-email-campaigns.s3.amazonaws.com https:\/\/image.moengage.com https:\/\/via.placeholder.com https:\/\/q.quora.com https:\/\/optimize.google.com https:\/\/*.tenor.com https:\/\/d3jkipq6ucdzmu.cloudfront.net https:\/\/pagead2.googlesyndication.com https:\/\/www.dspim.com https:\/\/*.vmax.com https:\/\/*.smartyads.com https:\/\/*.itdsmr.com https:\/\/dummyimage.com https:\/\/*.dummyimage.com https:\/\/*.coolbootsmedia.com https:\/\/*.pubmatic.com https:\/\/*.ergadx.com https:\/\/*.criteo.com https:\/\/*.themediagrid.com https:\/\/*.Pubmatic.com https:\/\/*.openx.com https:\/\/*.rubiconproject.com https:\/\/*.colombiaonline.com https:\/\/*.teads.tv https:\/\/*.rubiconproject.com https:\/\/*.triplelift.com https:\/\/*.edge.hyperverge.co https:\/\/websdk.hvcdn.co; connect-src https:\/\/*.tickertape.in http:\/\/*.tickertape.in wss:\/\/*.tickertape.in https:\/\/*.smallcase.com https:\/\/stag.use.smallcase.com https:\/\/beta.use.smallcase.com https:\/\/production.use.smallcase.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.hotjar.com:* https:\/\/vc.hotjar.io:* wss:\/\/*.hotjar.com https:\/\/surveystats.hotjar.io https:\/\/stats.g.doubleclick.net https:\/\/graph.facebook.com https:\/\/*.razorpay.com https:\/\/cdn.segment.com https:\/\/api.segment.io https:\/\/api.amplitude.com\/ https:\/\/s3.ap-south-1.amazonaws.com https:\/\/sdk-01.moengage.com https:\/\/sdk-02.moengage.com https:\/\/sdk-03.moengage.com https:\/\/d36bckgfrodyym.cloudfront.net https:\/\/*.s3.ap-south-1.amazonaws.com https:\/\/analytics.google.com https:\/\/optimize.google.com https:\/\/*.tenor.com https:\/\/d3jkipq6ucdzmu.cloudfront.net https:\/\/pagead2.googlesyndication.com https:\/\/*.vmax.com https:\/\/*.amplitude.com:* https:\/\/*.smartyads.com https:\/\/*.itdsmr.com https:\/\/*.google.com https:\/\/firebaseremoteconfig.googleapis.com https:\/\/firebaseinstallations.googleapis.com https:\/\/firebase.googleapis.com https:\/\/*.facebook.com https:\/\/*.nexum.smallcase.com https:\/\/securepubads.g.doubleclick.net https:\/\/cms.stag.smallcase.com https:\/\/bfin.creditcase.in https:\/\/*.edge.hyperverge.co https:\/\/websdk.hvcdn.co; frame-src https:\/\/sdk.stag.use.smallcase.com https:\/\/sdk-beta.use.smallcase.com https:\/\/sdk.use.smallcase.com https:\/\/stag.use.smallcase.com https:\/\/beta.use.smallcase.com https:\/\/production.use.smallcase.com https:\/\/connect.smallcase.com https:\/\/stag-use.smallcase.com\/ https:\/\/connect.smallca.se https:\/\/gateway.smallca.se\/ https:\/\/vars.hotjar.com https:\/\/www.googletagmanager.com https:\/\/accounts.google.com https:\/\/www.youtube.com https:\/\/api.razorpay.com https:\/\/*.gateway-tt.in https:\/\/cdn.moengage.com https:\/\/optimize.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.googlesyndication.com\/ https:\/\/*.tenor.com https:\/\/googleads.g.doubleclick.net https:\/\/smallcase.zerodha.com https:\/\/*.vmax.com https:\/\/*.smartyads.com https:\/\/*.itdsmr.com https:\/\/*.google.com https:\/\/securepubads.g.doubleclick.net https:\/\/bfin.creditcase.in; font-src 'self' data: https:\/\/script.hotjar.com https:\/\/fonts.gstatic.com https:\/\/fonts.gstatic.com; frame-ancestors 'self' https:\/\/*.smallcase.com; object-src 'none'","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.brandhub.codered.net https:\/\/*.powertrain.codered.net;         media-src 'self' blob:;         script-src 'self' https:\/\/mb.etrackingserver.de https:\/\/*.scene7.com https:\/\/app.usercentrics.eu https:\/\/chatbot.codered.net\/static\/ 'unsafe-inline' 'unsafe-eval' blob:;         style-src 'self' 'unsafe-inline' https:\/\/*.scene7.com https:\/\/chatbot.codered.net\/static\/;         img-src 'self' https:\/\/js.api.here.com https:\/\/*.scene7.com https:\/\/*.usercentrics.eu https:\/\/dev.day.com blob: data:;         connect-src 'self' https:\/\/*.usercentrics.eu https:\/\/mb.etrackingserver.de https:\/\/*.scene7.com https:\/\/*.mercedes-benz-trucks.net https:\/\/*.hereapi.com https:\/\/*.api.here.com https:\/\/chatbot.codered.net blob:;         font-src 'self' https:\/\/js.api.here.com data:;","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/sre_google","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/dig-aboprod.noncd.db.de https:\/\/*.consentmanager.net https:\/\/web-assets-stage.dc.vvs.de https:\/\/web-assets-prod.dc.vvs.de https:\/\/www-assets.vvs.de 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/bildermangel.de https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/stats.g.doubleclick.net https:\/\/*.consentmanager.net https:\/\/web-assets-stage.dc.vvs.de https:\/\/web-assets-prod.dc.vvs.de https:\/\/www-assets.vvs.de; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/*.vvs.de https:\/\/vvsjobs.softgarden.io https:\/\/www.paperturn-view.com http:\/\/paperturn-view.com https:\/\/*.paperturn-view.com https:\/\/www.unserebroschuere.de https:\/\/dig-aboprod.noncd.db.de https:\/\/www.googletagmanager.com https:\/\/*.consentmanager.net; font-src 'self' https:\/\/dig-aboprod.noncd.db.de https:\/\/*.consentmanager.net https:\/\/web-assets-stage.dc.vvs.de https:\/\/web-assets-prod.dc.vvs.de https:\/\/www-assets.vvs.de; worker-src 'self' https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/dig-aboprod.noncd.db.de https:\/\/*.consentmanager.net https:\/\/web-assets-stage.dc.vvs.de https:\/\/web-assets-prod.dc.vvs.de https:\/\/www-assets.vvs.de https:\/\/*.vvs.de; connect-src 'self' https:\/\/apistaging.vvs.de https:\/\/*.vvs.de https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/analytics.google.com https:\/\/www.googletagmanager.com https:\/\/region1.google-analytics.com https:\/\/abo.bahn.de https:\/\/dig-aboprod.noncd.db.de https:\/\/*.consentmanager.net https:\/\/web-assets-stage.dc.vvs.de https:\/\/web-assets-prod.dc.vvs.de https:\/\/www-assets.vvs.de; object-src 'none'; style-src 'self' https:\/\/dig-aboprod.noncd.db.de https:\/\/*.consentmanager.net https:\/\/web-assets-stage.dc.vvs.de https:\/\/web-assets-prod.dc.vvs.de https:\/\/www-assets.vvs.de 'unsafe-inline' 'report-sample'; form-action 'self' https:\/\/dig-aboprod.noncd.db.de https:\/\/abo.bahn.de; script-src-attr 'none' 'report-sample'; report-uri https:\/\/www.vvs.de\/@http-reporting?csp=report&requestTime=1758610862619452&requestHash=37a59644ef9051c8efc5aa5fa70c9054b934deef","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-7P_So6_qmg_htpvu01kfkw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; report-uri https:\/\/dcc-cspreport.enovation.ie\/csp-report-dccdrupal.php","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com data: 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.sagepay.com *.opayo.eu.elavon.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com *.stripe.com *.stripe.network *.google.com *.sagepay.com *.opayo.eu.elavon.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.stripe.network *.link.com *.amazon.com *.google.com pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com www.xtento.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.sagepay.com *.opayo.eu.elavon.com *.googleapis.com *.trustpilot.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com www.xtento.com cdn.xtento.com *.trackedlink.net *.ddlnk.net *.stripe.com *.stripe.network ebizmarts-website.s3.amazonaws.com *.sagepay.com *.opayo.eu.elavon.com flagpedia.net maps.googleapis.com maps.gstatic.com *.feefo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com www.xtento.com cdn.xtento.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.sagepay.com *.opayo.eu.elavon.com maps.googleapis.com assets.shipperhq.com *.trustpilot.com *.feefo.com https:\/\/www.builderdepot.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com webchat.dotdigital.com webchat.staging.dotdigital.com *.stripe.network *.stripecdn.com *.amazon.com *.google.com *.sagepay.com *.opayo.eu.elavon.com maxcdn.bootstrapcdn.com assets.shipperhq.com *.trustpilot.com *.feefo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.googleapis.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.sagepay.com *.opayo.eu.elavon.com www.gstatic.com maps.googleapis.com rms.shipperhq.com https:\/\/rms.shipperhq.com wss:\/\/rms.shipperhq.com ovs.shipperhq.com *.feefo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src https: wss:\/\/ws.tsarvar.com wss:\/\/wst.tsarvar.com wss:\/\/wst2.tsarvar.com; script-src https: http: 'unsafe-eval' 'unsafe-inline'; style-src https: http: 'unsafe-inline'; img-src https: http: data:; font-src https: http: data:;","count":1},{"content-security-policy-report-only":" default-src 'none'; form-action 'none'; frame-ancestors 'none';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-zJJtHSP1B3agQpVjqX_66Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/maps-tactile","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-bMavSQ2JHzj_uJD_v63afg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' disqo.okta.com *.oktacdn.com; connect-src 'self' disqo.okta.com disqo-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com disqo.kerberos.okta.com disqo.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-nRJBbSYsclpBXa5pUpzLag' 'self' 'report-sample' disqo.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'nonce-nRJBbSYsclpBXa5pUpzLag' 'self' 'report-sample' disqo.okta.com *.oktacdn.com; frame-src 'self' disqo.okta.com disqo-admin.okta.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' disqo.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' disqo.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https:\/\/www.disqotech.com","count":1},{"content-security-policy-report-only":" connect-src 'self' https:\/\/*.analytics.google.com https:\/\/*.aptrinsic.com https:\/\/*.g.doubleclick.net https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.sentry.io https:\/\/api.ipgeolocation.io https:\/\/api.triptease.io https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/content.hotjar.io https:\/\/data.flip.to https:\/\/dc.services.visualstudio.com https:\/\/fonts.googleapis.com https:\/\/google.com https:\/\/googleads.g.doubleclick.net https:\/\/maps.googleapis.com https:\/\/mc.yandex.com https:\/\/mc.yandex.ru https:\/\/messages.guest-experience.triptease.io https:\/\/metrics.corinthia.com https:\/\/metrics.hotjar.io https:\/\/onboard.triptease.io https:\/\/p.relay-t.io https:\/\/region1.analytics.google.com https:\/\/sa.flip.to https:\/\/scripts.affilired.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/static-meta.triptease.io https:\/\/stats.g.doubleclick.net https:\/\/sync.srv.stackadapt.com https:\/\/tags.srv.stackadapt.com https:\/\/vc.hotjar.io https:\/\/wl-suppliers.app.cvent.com https:\/\/www.dripuploads.com https:\/\/www.facebook.com https:\/\/www.google.ae https:\/\/www.google.co.uk https:\/\/www.google.com https:\/\/www.menumodo.com https:\/\/www.thehotelsnetwork.com wss:\/\/ws.hotjar.com; default-src 'self' https:\/\/*.adform.net https:\/\/*.adnxs.com https:\/\/*.sentry.io https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@4.6.2\/; font-src 'self' data: https:\/\/*.cloudfront.net\/graphik\/ https:\/\/*.cloudfront.net\/lato\/ https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/fonts.gstatic.com\/s\/barlow\/ https:\/\/fonts.gstatic.com\/s\/lato\/ https:\/\/fonts.gstatic.com\/s\/roboto\/ https:\/\/static.tacdn.com https:\/\/use.typekit.net https:\/\/www.menumodo.com; frame-src 'self' https:\/\/*.adsrvr.org https:\/\/*.fls.doubleclick.net https:\/\/*.speedrfp.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/customs.affilired.com https:\/\/mc.yandex.com https:\/\/mc.yandex.ru https:\/\/onboard.triptease.io https:\/\/targeted-messages.triptease.io https:\/\/td.doubleclick.net https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.opentable.co.uk https:\/\/www.thehotelsnetwork.com https:\/\/www.youtube-nocookie.com; img-src 'self' blob: data: *.ggpht.com *.googleapis.com *.linkedin.com https:\/\/*.adform.net https:\/\/*.adnxs.com https:\/\/*.adsrvr.org https:\/\/*.analytics.google.com https:\/\/*.g.doubleclick.net https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.sojern.com https:\/\/*.speedrfp.com https:\/\/*.youtube.com https:\/\/ad.doubleclick.net https:\/\/bat.bing.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/intl-tel-input\/17.0.19\/ https:\/\/cm.g.doubleclick.net\/pixel https:\/\/cms.analytics.yahoo.com https:\/\/d1cmxvrarpztze.cloudfront.net https:\/\/dpm.demdex.net https:\/\/googletagmanager.com https:\/\/i.ytimg.com https:\/\/imgsct.cookiebot.com https:\/\/mc.yandex.com https:\/\/mc.yandex.ru https:\/\/metrics.corinthia.com https:\/\/pubads.g.doubleclick.net https:\/\/region1.analytics.google.com https:\/\/ssl.gstatic.com https:\/\/stackadapt.com https:\/\/static.tacdn.com https:\/\/stats.g.doubleclick.net https:\/\/storage.ghadiscovery.com https:\/\/sync.srv.stackadapt.com https:\/\/tags.srv.stackadapt.com https:\/\/tags.w55c.net https:\/\/www.facebook.com https:\/\/www.google.ae https:\/\/www.google.co.uk https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.menumodo.com https:\/\/www.pages04.net https:\/\/www.tripadvisor.co.uk maps.gstatic.com; manifest-src 'self'; media-src 'self'; script-src-elem 'self' 'unsafe-inline' *.licdn.com https:\/\/*.adsrvr.org https:\/\/*.aptrinsic.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.sojern.com https:\/\/*.speedrfp.com https:\/\/*.youtube.com https:\/\/ajax.googleapis.com https:\/\/api.getdrip.com https:\/\/bat.bing.com https:\/\/browser.sentry-cdn.com https:\/\/cdn.denomatic.com https:\/\/cdn.flip.to https:\/\/cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@4.6.2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.0.0-beta2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.0.2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.2.3\/ https:\/\/cdn.jsdelivr.net\/npm\/feather-icons\/ https:\/\/cdn.jsdelivr.net\/npm\/ip-geolocation-api-jquery-sdk@1.0.6\/ https:\/\/cdn.jsdelivr.net\/npm\/jquery@3.5.1\/ https:\/\/cdn.jsdelivr.net\/npm\/jquery@3.6.4\/ https:\/\/cdn.jsdelivr.net\/npm\/popper.js@1.16.1\/ https:\/\/cdn.otstatic.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/intl-tel-input\/17.0.19\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/popper.js\/1.12.9\/ https:\/\/code.jquery.com\/jquery-3.2.1.slim.min.js https:\/\/components.flip.to https:\/\/connect.facebook.net https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/contentz.mkt941.com https:\/\/customs.affilired.com https:\/\/d16fk4ms6rqz1v.cloudfront.net https:\/\/googleads.g.doubleclick.net https:\/\/integration.flip.to https:\/\/js.monitor.azure.com https:\/\/js.sentry-cdn.com https:\/\/maps.googleapis.com https:\/\/maps.googleapis.com\/maps\/api\/* https:\/\/maxcdn.bootstrapcdn.com\/bootstrap\/4.0.0\/ https:\/\/mc.yandex.com https:\/\/mc.yandex.ru https:\/\/navigator.ink-global.com https:\/\/onboard.triptease.io https:\/\/p.relay-t.io https:\/\/script.crazyegg.com https:\/\/script.hotjar.com https:\/\/sleeknotecustomerscripts.sleeknote.com https:\/\/sleeknotestaticcontent.s3.eu-west-1.amazonaws.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/static-meta.triptease.io https:\/\/static.hotjar.com https:\/\/static.tacdn.com https:\/\/static.x-channel.triptease.io https:\/\/tag.getdrip.com https:\/\/tag.yieldoptimizer.com https:\/\/tagmanager.google.com https:\/\/tags.srv.stackadapt.com\/events.js https:\/\/targeted-messages.triptease.io https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.jscache.com https:\/\/www.menumodo.com https:\/\/www.opentable.co.uk https:\/\/www.thehotelsnetwork.com https:\/\/www.tripadvisor.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.adsrvr.org https:\/\/*.aptrinsic.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.gstatic.com https:\/\/*.sojern.com https:\/\/*.speedrfp.com https:\/\/*.youtube.com https:\/\/ajax.googleapis.com https:\/\/api.getdrip.com https:\/\/bat.bing.com https:\/\/browser.sentry-cdn.com https:\/\/cdn.denomatic.com https:\/\/cdn.flip.to https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@4.6.2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.0.0-beta2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.0.2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.2.3\/ https:\/\/cdn.jsdelivr.net\/npm\/feather-icons@4.29.0\/ https:\/\/cdn.jsdelivr.net\/npm\/feather-icons\/ https:\/\/cdn.jsdelivr.net\/npm\/ip-geolocation-api-jquery-sdk@1.0.6\/ https:\/\/cdn.jsdelivr.net\/npm\/jquery@3.5.1\/ https:\/\/cdn.jsdelivr.net\/npm\/jquery@3.6.4\/ https:\/\/cdn.jsdelivr.net\/npm\/popper.js@1.16.1\/ https:\/\/cdn.otstatic.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/intl-tel-input\/17.0.19\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/popper.js\/1.12.9\/ https:\/\/code.jquery.com\/jquery-3.2.1.slim.min.js https:\/\/components.flip.to https:\/\/connect.facebook.net https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/contentz.mkt941.com https:\/\/customs.affilired.com https:\/\/d16fk4ms6rqz1v.cloudfront.net https:\/\/googleads.g.doubleclick.net https:\/\/googletagmanager.com https:\/\/integration.flip.to https:\/\/js.monitor.azure.com https:\/\/js.sentry-cdn.com https:\/\/maps.googleapis.com https:\/\/maxcdn.bootstrapcdn.com\/bootstrap\/4.0.0\/ https:\/\/mc.yandex.com https:\/\/mc.yandex.ru https:\/\/navigator.ink-global.com https:\/\/onboard.triptease.io https:\/\/p.relay-t.io https:\/\/script.crazyegg.com https:\/\/script.hotjar.com https:\/\/sleeknotecustomerscripts.sleeknote.com https:\/\/sleeknotestaticcontent.s3.eu-west-1.amazonaws.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/static-meta.triptease.io https:\/\/static.hotjar.com https:\/\/static.tacdn.com https:\/\/tag.getdrip.com https:\/\/tag.yieldoptimizer.com https:\/\/tagmanager.google.com https:\/\/tags.srv.stackadapt.com https:\/\/targeted-messages.triptease.io https:\/\/wl-suppliers.app.cvent.com https:\/\/www.google.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.jscache.com https:\/\/www.opentable.co.uk https:\/\/www.thehotelsnetwork.com https:\/\/www.tripadvisor.co.uk https:\/\/www.tripadvisor.com; style-src-elem 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.2.3\/dist\/css\/bootstrap.min.css https:\/\/p.typekit.net https:\/\/tags.srv.stackadapt.com\/sa.css https:\/\/use.typekit.net https:\/\/www.menumodo.com; style-src 'self' 'unsafe-inline' data: https:\/\/*.aptrinsic.com https:\/\/*.googletagmanager.com https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@4.6.2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.0.0-beta2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.0.2\/ https:\/\/cdn.jsdelivr.net\/npm\/bootstrap@5.2.3\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/intl-tel-input\/17.0.19\/ https:\/\/fonts.googleapis.com https:\/\/googletagmanager.com https:\/\/maxcdn.bootstrapcdn.com\/bootstrap\/4.0.0\/ https:\/\/p.typekit.net https:\/\/static.tacdn.com https:\/\/tagmanager.google.com https:\/\/use.typekit.net https:\/\/www.menumodo.com; script-src-attr https:\/\/www.menumodo.com;","count":1},{"content-security-policy-report-only":" base-uri 'self'; child-src 'self'; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/cdn.cookielaw.org https:\/\/dc.services.visualstudio.com https:\/\/geolocation.onetrust.com https:\/\/googleads.g.doubleclick.net https:\/\/pipedream.wistia.com https:\/\/privacyportal.onetrust.com https:\/\/stats.g.doubleclick.net https:\/\/www.google.com; default-src 'self'; font-src 'self' https:\/\/*.cloudfront.net\/graphik\/ https:\/\/*.cloudfront.net\/lato\/; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https:\/\/fast.wistia.com https:\/\/fast.wistia.net; img-src 'self' data: https:\/\/cdn.cookielaw.org https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/cdn.cookielaw.org https:\/\/fast.wistia.net https:\/\/googleads.g.doubleclick.net https:\/\/js.monitor.azure.com https:\/\/www.googletagmanager.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/cdn.cookielaw.org https:\/\/fast.wistia.net; style-src-elem 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'; upgrade-insecure-requests; report-to stott-security-external-endpoint;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/js-agent.newrelic.com cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/unpkg.com https:\/\/ws.sharethis.com https:\/\/www.google.com mdbootstrap.com stackpath.bootstrapcdn.com; script-src-attr 'self' 'unsafe-inline'; style-src 'self' cdnjs.cloudflare.com fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com mdbootstrap.com stackpath.bootstrapcdn.com use.fontawesome.com; style-src-attr 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' cfahome.okta.com *.oktacdn.com; connect-src 'self' cfahome.okta.com cfahome-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com cfahome.kerberos.okta.com cfahome.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-_m90EDTV8CkbedS8y8fbaA' 'self' 'report-sample' cfahome.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' cfahome.okta.com *.oktacdn.com; frame-src 'self' cfahome.okta.com cfahome-admin.okta.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' cfahome.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' cfahome.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https:\/\/ascendvirtual.intrepidagile.com https:\/\/dev.portal.analyticshub.cfahome.com https:\/\/foodsafety-test.cfadevelop.com https:\/\/foodsafety-dev.cfadevelop.com https:\/\/foodsafety.cfahome.com https:\/\/cfa.intrepidagile.com https:\/\/tscloud.dttsaasanalyticprod.cfahome.com https:\/\/chick-fil-a.thoughtspot.cloud","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com ajax.googleapis.com js.pusher.com use.fontawesome.com sdk.amazonaws.com app-rsrc.getbee.io loader.getbee.io localhost:3000 localhost:8080 127.0.0.1:3000 127.0.0.1:8080; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com fonts.googleapis.com; img-src 'self' secure.gravatar.com cartstack.s3.amazonaws.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src 'self' api.cartstack.com ws-us3.pusher.com wss:\/\/ws-us3.pusher.com bee-auth.getbee.io bee-utils.getbee.io bee-stats.getbee.io bee-sentry.beefree.io bee-bumper.getbee.io localhost:3000 localhost:8080 ws:\/\/localhost:3000 ws:\/\/localhost:8080; frame-src 'self' app.getbee.io; default-src 'none'; object-src 'none'; media-src 'self'; worker-src 'self'; manifest-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; report-uri \/csp-report.php","count":1},{"content-security-policy-report-only":" default-src 'self' *.across.to across.to wss:\/\/api.blocknative.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' platform.twitter.com vercel.live www.googletagmanager.com widget.intercom.io js.intercomcdn.com; connect-src wss:\/\/*.walletconnect.com *.walletconnect.com wss:\/\/api.blocknative.com mainnet.infura.io *.across.to across.to *.wallet.coinbase.com *.alchemy.com *.infura.io *.sentry.io api-iam.intercom.io nexus-websocket-a.intercom.io api.intercom.io *.intercom.io; img-src 'self' *.walletconnect.com assets.vercel.com images.ctfassets.net data: js.intercomcdn.com static.intercomassets.com downloads.intercomcdn.com uploads.intercomusercontent.com gifs.intercomcdn.com; font-src 'self' fonts.gstatic.com assets.vercel.com use.typekit.net data: js.intercomcdn.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net fonts.googleapis.com; frame-src 'self' vercel.live platform.twitter.com *.walletconnect.com intercom-sheets.com; frame-ancestors 'self'; report-uri https:\/\/umaproject.uriports.com\/reports\/report; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com  *.google-analytics.com www.2checkout.com connect.facebook.net *.google.com www.googletagmanager.com www.gstatic.com *.amazon-adsystem.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; img-src 'self' data: librarika.com covers.librarika.com:8443 storage101.lon3.clouddrive.com *.ssl.cf3.rackcdn.com *.media-amazon.com *.ssl-images-amazon.com *.amazon-adsystem.com *.amazon.com  *.gstatic.com *.google-analytics.com *.google.com; font-src 'self' data: fonts.gstatic.com; frame-src *.librarika.com www.2checkout.com *.facebook.com *.google.com *.amazon-adsystem.com *.youtube.com; connect-src 'self' *.google.com www.google-analytics.com; object-src 'none'; report-uri https:\/\/5e5aa7c5f482dc373380fd2db250ce83.report-uri.com\/r\/d\/csp\/enforce","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B%3F710a%3Ac%3F05(rbpv%3F3.fn2%3Au-19e24897041-0x1805#pd","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.3lift.com *.a47b.com *.acuityplatform.com *.ad-score.com *.adform.net *.adnxs.com *.ads.smartadserver.com *.adsafeprotected.com *.adsappier.com *.adsrvr.org *.adtrafficquality.google *.amazon-adsystem.com *.amazonaws.com *.ampproject.org *.azureedge.net *.b2c.com *.basis.net *.betrad.com *.bidr.io *.c3tag.com *.cdn.fastclick.net *.celtra.com *.cloudfront.net *.cog-tr3.com *.cog-tr4.com *.demdex.net *.dotomi.com *.doubleclick.net *.doubleverify.com *.evidon.com *.exelator.com *.eyeota.net *.flashtalking.com *.flx10.com *.fouanalytics.com *.ftstatic.com *.g.doubleclick.net *.getrockerbox.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.gumgum.com *.id5-sync.com *.innovid.com *.jivox.com *.js7k.com *.jwplayer.com *.l-dsp.inmobicdn.net *.microsoft.com *.mxptint.net *.ns1p.net *.onedsp.inmobi.com *.p.jwpcdn.com *.peer-39.com *.polarcdn.com *.poupdate.pulsepoint.com *.puzzmo.com *.quantcount.com *.quantserve.com *.rendering.sharethrough.com *.rfihub.com *.rqtrk.eu *.rubiconproject.com *.rudderlabs.com *.scorecardresearch.com *.script.ac *.smadex.com *.srv.stackadapt.com *.trustarc.com *.truste.com *.turn.com *.update.adsrvr.org *.update.indexww.com *.update.rubiconproject.com *.update.wo.gumgum.com *.yabidos.com *.ybp.yahoo.com *.yimg.com adrta.com cdn-cookieyes.com htlbid.com openfpcdn.io *.insiad.com *.browsiprod.com *.enzymic.co *.intentiq.com *.ntv.io *.padsquad.com lottingem.com; connect-src 'self' *.3lift.com *.ad-score.com *.adform.net *.adnxs.com *.ads.smartadserver.com *.adsrvr.org *.adtrafficquality.google *.amazon-adsystem.com *.amazonaws.com *.appiersig.com *.b2c.com *.c.appier.net *.c3tag.com *.casalemedia.com *.cheilmedia.com *.cloudfront.net *.cog-tr101.com *.contextweb.com *.cookieyes.com *.dotomi.com *.doubleclick.net *.doubleverify.com *.eu-1-id5-sync.com *.eu-3-id5-sync.com *.eu-4-id5-sync.com *.flashtalking.com *.fouanalytics.com *.ftstatic.com *.g.doubleclick.net *.google-analytics.com *.googlesyndication.com *.gumgum.com *.id5-sync.com *.ingest.sentry.io *.innovid.com *.jwplayer.com *.liadm.com *.lynx.cognitivlabs.com *.ns1p.net *.openx.net *.peer-39.com *.poupdate.pulsepoint.com *.prod.na.adsqtungsten.a9.amazon.dev *.pubmatic.com *.puzzmo.com *.quantserve.com *.rubiconproject.com *.rudderstack.com *.srv.stackadapt.com *.tahoe-analytics.publishers.advertising.a2z.com *.update.adsrvr.org *.update.indexww.com *.update.rubiconproject.com *.update.wo.gumgum.com *.us-east-1.cxm-bcn.publisher-services.amazon.dev *.ybp.yahoo.com wss:\/\/*.puzzmo.com cdn-cookieyes.com id5-sync.com o1223952.ingest.sentry.io *.gstatic.com *.insiad.com *.googletagmanager.com data: sevendata.fun; form-action 'none'; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; script-src 'self' 'nonce-PRIHyc_WpMJl4u3nezh_aQph' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' data: https:\/\/cdnjs.cloudflare.com; connect-src 'self'; frame-src 'self' https:\/\/www.youtube.com https:\/\/player.vimeo.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' https:\/\/*.funnel.io https:\/\/funnel.io https:\/\/*.hsadspixel.net https:\/\/*.hs-analytics.net https:\/\/js.hscta.net https:\/\/js-eu1.hscta.net https:\/\/*.hubspot.com https:\/\/static.hsappstatic.net https:\/\/*.usemessages.com https:\/\/*.hs-banner.com https:\/\/*.hubspotusercontent00.net https:\/\/*.hubspotusercontent10.net https:\/\/*.hubspotusercontent20.net https:\/\/*.hubspotusercontent30.net https:\/\/*.hubspotusercontent40.net https:\/\/*.hubspot.net https:\/\/*.hscollectedforms.net https:\/\/*.hsleadflows.net https:\/\/*.hsforms.net https:\/\/*.hsforms.com https:\/\/*.hs-scripts.com https:\/\/*.hubspotfeedback.com https:\/\/feedback.hubapi.com https:\/\/feedback-eu1.hubapi.com https:\/\/googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/googleads.g.doubleclick.net https:\/\/tags.fullcontact.com https:\/\/bat.bing.com https:\/\/*.tiktok.com https:\/\/tr.snapchat.com https:\/\/tr.capterra.com https:\/\/s.pinimg.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/*.claydar.com https:\/\/*.fullstory.com https:\/\/funnel-io.github.io https:\/\/analytics.sayprimer.com 'nonce-pPOjybMpx2lCNuABWO16Fw=='; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/*.hubspotusercontent-na1.net https:\/\/cdn2.hubspot.net https:\/\/*.hsappstatic.net https:\/\/www.gstatic.com https:\/\/cdnjs.cloudflare.com https:\/\/funnel.io https:\/\/lf16-tiktok-web.tiktokcdn-us.com https:\/\/sf16-website-login.neutral.ttwstatic.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com; style-src-attr 'unsafe-inline'; connect-src 'self' https:\/\/*.funnel.io https:\/\/funnel.io https:\/\/*.sentry.io https:\/\/*.convertexperiments.com\/ https:\/\/*.hsforms.com https:\/\/*.hubapi.com https:\/\/*.hubspot.com https:\/\/*.fullstory.com https:\/\/api.claydar.com https:\/\/collector.funnel.io https:\/\/idm-api.access.us.funnel.io https:\/\/resolver.confidence.dev https:\/\/googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/wdhengbze2.execute-api.eu-west-1.amazonaws.com https:\/\/vnhkzlu3i8.execute-api.eu-west-1.amazonaws.com https:\/\/js.hsforms.net\/ https:\/\/tr.snapchat.com https:\/\/tr6.snapchat.com https:\/\/bat.bing.com https:\/\/ct.pinterest.com https:\/\/pixel-config.reddit.com https:\/\/px.ads.linkedin.com https:\/\/www.facebook.com https:\/\/connect.facebook.net https:\/\/*.tiktok.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/*.byteoversea.com https:\/\/js.hs-banner.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/google.com https:\/\/web-script.api.sayprimer.com https:\/\/api.fullcontact.com https:\/\/*.liadm.com https:\/\/tr.capterra.com https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/vimeo.com; img-src 'self' data: https:; frame-src 'self' https:\/\/collector.funnel.io https:\/\/*.hubspot.com https:\/\/*.hubspot.net https:\/\/*.hubspotvideo.com https:\/\/*.hsforms.com https:\/\/*.googletagmanager.com https:\/\/safeframe.googlesyndication.com https:\/\/www.youtube.com https:\/\/www.instagram.com https:\/\/ct.pinterest.com https:\/\/tr.snapchat.com https:\/\/www.facebook.com https:\/\/www.tiktok.com https:\/\/vimeo.com https:\/\/player.vimeo.com https:\/\/platform.twitter.com https:\/\/www.linkedin.com https:\/\/funnel.storylane.io https:\/\/www.google.com https:\/\/open.spotify.com https:\/\/app.convert.com https:\/\/*.clients6.google.com https:\/\/*.liadm.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/*.funnel.io https:\/\/funnel.io https:\/\/*.hubspotusercontent-na1.net https:\/\/static.hsappstatic.net; media-src 'self' data: https:\/\/funnel.io; base-uri 'self'; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.yelp.com\/csp_report_only?id=a402a53dc4a85ce2&page=csp_report_frame_directives%2Cfull_site_ssl_csp_report_directives&policy_hash=41d0c45536d2a082f11d1cd0e00fde7f&site=www&timestamp=1778721652; frame-ancestors 'self' https:\/\/*.yelp.com; default-src https:; img-src https: data: blob:; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; font-src data: https:; child-src https: yelp-webview:\/\/* yelp:\/\/* data:; object-src 'none'; worker-src blob: https:; base-uri 'self'; form-action https:","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; script-src 'self' 'unsafe-eval' https: http: 'nonce-ef031f9d-5d73-412f-80ab-eca06aaf4094' 'strict-dynamic'; style-src 'self' 'unsafe-inline' https:\/\/dash.serviceform.com https:\/\/fonts.googleapis.com https:\/\/www.googletagmanager.com https:\/\/*.new-immo-group.app https:\/\/*.new-immo-group.dev https:\/\/*.safeti-immobilien.de https:\/\/*.safti.es https:\/\/*.safti.fr https:\/\/*.safti.fr; connect-src 'self' http:\/\/demo.safti.local:12081 https:\/\/googleads.g.doubleclick.net https:\/\/*.clarity.ms https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.new-immo-group.app https:\/\/*.new-immo-group.dev https:\/\/*.safeti-immobilien.de https:\/\/*.safti.es https:\/\/*.safti.fr https:\/\/*.safti.fr wss:\/\/*.firebasedatabase.app https:\/\/api.privacy-center.org https:\/\/bo.safeti-immobilien.de\/api https:\/\/bo.safti.es https:\/\/bo.safti.es\/api\/highlightblock https:\/\/bo.safti.es\/api\/saftiblock https:\/\/bo.safti.fr https:\/\/bo.safti.fr\/api\/highlightblock https:\/\/bo.safti.fr\/api\/saftiblock https:\/\/clarity.ms https:\/\/google-analytics.com https:\/\/google.com https:\/\/googletagmanager.com https:\/\/maps.googleapis.com https:\/\/new-immo-group.app https:\/\/new-immo-group.dev https:\/\/safeti-immobilien.de https:\/\/safti.es https:\/\/safti.fr https:\/\/dash.serviceform.com https:\/\/statistics.serviceform.com https:\/\/stats.g.doubleclick.net; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/*.new-immo-group.app https:\/\/*.new-immo-group.dev https:\/\/*.safeti-immobilien.de https:\/\/*.safti.es https:\/\/*.safti.fr https:\/\/*.safti.fr; img-src 'self' data: *.new-immo-group.app *.new-immo-group.dev http:\/\/demo.safti.local:9873 https:\/\/*.clarity.ms https:\/\/*.leadsmonitor.io https:\/\/*.safeti-immobilien.de https:\/\/*.safti.es https:\/\/*.safti.fr https:\/\/*.safti.fr https:\/\/cdn.serviceform.com https:\/\/images2.serviceform.com https:\/\/c.bing.com https:\/\/clarity.ms https:\/\/leadsmonitor.io https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/nig-aws-preprod-bien-photo.s3.eu-west-3.amazonaws.com https:\/\/nig-aws-prod-bien-photo.s3.eu-west-3.amazonaws.com https:\/\/photo.safeti-immobilien.de https:\/\/purecatamphetamine.github.io https:\/\/safeti-immobilien.de https:\/\/safti.es https:\/\/safti.fr https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.google.de https:\/\/www.google.es https:\/\/www.google.fr https:\/\/www.googletagmanager.com https:\/\/sdk.privacy-center.org https:\/\/*.new-immo-group.dev; worker-src 'self' blob:; frame-src 'self' https:\/\/*.alainbossard.fr https:\/\/*.bien-estimer-safti.fr https:\/\/*.cloudpano.com https:\/\/*.dailymotion.com https:\/\/*.facebook.com https:\/\/*.floorfy.com https:\/\/*.google.com https:\/\/*.istaging.com https:\/\/*.klapty.com https:\/\/*.matterport.com https:\/\/*.nodalview.com https:\/\/*.previsite.com https:\/\/*.previsite.net https:\/\/*.provirtualvisit.com https:\/\/*.rhinov.pro https:\/\/*.ricohtours.com https:\/\/*.youtu.be https:\/\/*.youtube.com https:\/\/alainbossard.fr https:\/\/bien-estimer-preprod.new-immo-group.app\/ https:\/\/bien-estimer-safti.fr https:\/\/cloudpano.com https:\/\/dailymotion.com https:\/\/facebook.com https:\/\/floorfy.com https:\/\/google.com https:\/\/istaging.com https:\/\/klapty.com https:\/\/login.microsoftonline.com\/ https:\/\/matterport.com https:\/\/nodalview.com https:\/\/oauth2-proxy.new-immo-group.app\/ https:\/\/*.new-immo-group.dev https:\/\/*.new-immo-group.app https:\/\/omega-de.new-immo-group.dev https:\/\/omega-es.new-immo-group.dev https:\/\/omega-fr.new-immo-group.dev https:\/\/omega-preprod-safti-de.new-immo-group.app https:\/\/omega-pt.new-immo-group.dev https:\/\/omega.safti.de https:\/\/omega.safti.es https:\/\/omega.safti.fr https:\/\/omega.safti.pt https:\/\/player.vimeo.com https:\/\/previsite.com https:\/\/previsite.net https:\/\/provirtualvisit.com https:\/\/rhinov.pro https:\/\/ricohtours.com https:\/\/td.doubleclick.net https:\/\/tour.giraffe360.com https:\/\/youtu.be https:\/\/youtube.com https:\/\/play.danim.com\/ http:\/\/localhost:*; frame-ancestors 'self' http:\/\/*.safti-fr.localhost http:\/\/safti-fr.localhost https:\/\/*.safeti-immobilien.de https:\/\/*.safti.es https:\/\/*.safti.fr https:\/\/*.safti.fr https:\/\/omega-de.new-immo-group.dev https:\/\/omega-es.new-immo-group.dev https:\/\/omega-fr.new-immo-group.dev https:\/\/omega-pt.new-immo-group.dev https:\/\/omega.safti.de https:\/\/omega.safti.es https:\/\/omega.safti.fr https:\/\/omega.safti.pt https:\/\/safeti-immobilien.de https:\/\/safti.es https:\/\/safti.fr; media-src 'self' https:\/\/*.safti.es https:\/\/*.safti.fr https:\/\/*.safti.fr https:\/\/*.safeti-immobilien.de https:\/\/safti.es https:\/\/safti.fr https:\/\/safeti-immobilien.de; object-src 'self' https:\/\/*.safti.es https:\/\/*.safti.fr https:\/\/*.safti.fr https:\/\/*.safeti-immobilien.de https:\/\/safti.es https:\/\/safti.fr https:\/\/safeti-immobilien.de; manifest-src 'self' *.new-immo-group.dev *.new-immo-group.app https:\/\/*.safeti-immobilien.de\/ https:\/\/*.safti.es https:\/\/*.safti.fr https:\/\/*.safti.fr https:\/\/safeti-immobilien.de https:\/\/safti.es https:\/\/safti.fr","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.gstatic.com https:\/\/fonts.bunny.net 'self' data: testmedia.southco.com devmedia.southco.com preprodmedia.southco.com media.southco.com maxcdn.bootstrapcdn.com dev.southco.com preprod.southco.com test.southco.com southco.com preprodstatic.southco.com staticassets.southco.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * southco.my.salesforce.com d.la1-core2.sfdc-lywfpd.salesforceliveagent.com cloud.e.southco.com southco.com.br preprod.southco.com.br dev.southco.com.br https:\/\/cl.s12.exct.net\/DEManager.aspx cl.s12.exct.net https:\/\/secure.ccavenue.com https:\/\/test.ccavenue.com 'self' form-action: *.icicibank.com *.wibmo.com *.americanexpress.com *.starlingbank.com www.rsa3dsauth.com acs.revolut.com *.live.ext.prod.enfuce.com authentication-acs.marqeta.com acs.capitalone.com *.acssecure.com *.danskebank.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.meetanshi.com meetanshi.com  * *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.certcapture.com *.dotdigital-pages.com *.dotdigital.com *.weltpixel.com *.addthis.com *.google.com\/ *.meetanshi.com meetanshi.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.wesupply.xyz https:\/\/wesupplylabs.com guarantee-cdn.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.certcapture.com *.klevu.com *.ksearchnet.com https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com *.meetanshi.com meetanshi.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.hsforms.net *.hsforms.com 'self' data: testmedia.southco.com devmedia.southco.com preprodmedia.southco.com media.southco.com preprodstatic.southco.com staticassets.southco.com dev.visualwebsiteoptimizer.com px.ads.linkedin.com www.google.co.in imgsct.cookiebot.com www.linkedin.com shop.southco.com testshop.southco.com devshop.southco.com preprodshop.southco.com dev.southco.com preprod.southco.com test.southco.com southco.com www.mageworx.com image.e.southco.com southco.box.com blob: guarantee-cdn.com *.gstatic.com *.facebook.com *.reddit.com *.googletagmanager.com *.doubleclick.net *.google.com maps.googleapis.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.certcapture.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com js.klevu.com *.ksearchnet.com *.addthis.com *.moatads.com *.addthisedge.com *.pinterest.com *.avada.io *.shopify.com *.google.com *.meetanshi.com meetanshi.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com testmedia.southco.com devmedia.southco.com preprodmedia.southco.com media.southco.com preprodstatic.southco.com staticassets.southco.com dev.visualwebsiteoptimizer.com static.hotjar.com consent.cookiebot.com service.force.com s.saleswingsapp.com snap.licdn.com secure.intelligent-data-247.com script.hotjar.com d.la4-c1-phx.salesforceliveagent.com southco.my.salesforce.com d.la1-core2.sfdc-lywfpd.salesforceliveagent.com test.southco.com dev.southco.com preprod.southco.com southco.com consentcdn.cookiebot.com www.gstatic.com www.google.com js-agent.newrelic.com cdnjs.cloudflare.com cloudpages.mc-content.com southco.secure.force.com static.lightning.force.com southco.my.salesforce-sites.com cdn.jsdelivr.net *.salesforceliveagent.com player.vimeo.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.cloudflare.com guarantee-cdn.com ajax.googleapis.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net https:\/\/www.googletagmanager.com tagmanager.google.com maps.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.certcapture.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.googleapis.com https:\/\/fonts.bunny.net assets.braintreegateway.com *.gstatic.com service.force.com\/ testmedia.southco.com devmedia.southco.com preprodmedia.southco.com media.southco.com preprodstatic.southco.com staticassets.southco.com maxcdn.bootstrapcdn.com test.southco.com dev.southco.com preprod.southco.com southco.com southco.secure.force.com southco.my.salesforce-sites.com cdn.jsdelivr.net *.stripe.network *.stripecdn.com *.amazon.com fonts.googleapis.com *.tagmanager.google.com *.googletagmanager.com tagmanager.google.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.klevu.com *.ksearchnet.com api.addressy.com *.addthis.com https:\/\/get.geojs.io *.avada.io *.meetanshi.com meetanshi.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com t.elasticsuite.io *.hsforms.net *.hsforms.com test.southco.com dev.southco.com preprod.southco.com southco.com to.go.saleswingsapp.com px.ads.linkedin.com stats.g.doubleclick.net wss:\/\/ws.hotjar.com content.hotjar.io testmedia.southco.com devmedia.southco.com preprodmedia.southco.com media.southco.com metrics.hotjar.io consentcdn.cookiebot.com preprodstatic.southco.com staticassets.southco.com vc.hotjar.io cl.s12.exct.net southco.secure.force.com pagead2.googlesyndication.com southcosearch.netsmartz.us *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com southco.my.salesforce.com d.la1-core2.sfdc-lywfpd.salesforceliveagent.com cl.s12.exct.net *.cardinalcommerce.com *.paypal.com pilot-payflowlink.paypal.com cloud.e.southco.com static.lightning.force.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-d8QDqccHsSWgqri8DPOj7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self';script-src 'self' 'unsafe-inline' 'nonce-wKnNE5o1ywWo9juPlUvKvuKe' 'unsafe-eval' https:\/\/pixel.byspotify.com *.travcorpservices.com https:\/\/www.google.com https:\/\/www.google-analytics.com https:\/\/www.googleoptimize.com https:\/\/www.googletagmanager.com https:\/\/ajax.googleapis.com https:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net https:\/\/api.feefo.com https:\/\/register.feefo.com https:\/\/bat.bing.com https:\/\/cdn.evgnet.com https:\/\/connect.facebook.net https:\/\/i.clarity.ms https:\/\/static-ssl.responsetap.com *.hotjar.com https:\/\/tag.simpli.fi https:\/\/unpkg.com https:\/\/www.bugherd.com https:\/\/decagon.ai https:\/\/www.datadoghq-browser-agent.com https:\/\/assetscdn.stackla.com\/media\/js https:\/\/vjs.zencdn.net https:\/\/cdn.amplitude.com\/libs https:\/\/sdk.joinsherpa.io https:\/\/apps.mypurecloud.com https:\/\/consentcdn.cookiebot.com https:\/\/cdnjs.cloudflare.com https:\/\/ttc-contiki.entry.promo https:\/\/cdn.optimizely.com https:\/\/www.riddle.com;style-src 'self' 'unsafe-inline' https:\/\/assetscdn.stackla.com\/media\/components\/stackla-uikit\/dist https:\/\/fonts.googleapis.com https:\/\/p.typekit.net https:\/\/use.typekit.net https:\/\/vjs.zencdn.net https:\/\/apps.mypurecloud.com;img-src 'self' https:\/\/bat.bing.com https:\/\/c.clarity.ms https:\/\/i.ytimg.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.uplift-platform.com data:;frame-src 'self' https:\/\/10006172.fls.doubleclick.net https:\/\/uplift-cdn-stg.uplift.com https:\/\/vars.hotjar.com https:\/\/widget.stackla.com https:\/\/www.google.com https:\/\/apps.joinsherpa.io https:\/\/www.googletagmanager.com https:\/\/a25408250069.cdn.optimizely.com;font-src 'self' https:\/\/assetscdn.stackla.com https:\/\/fonts.gstatic.com https:\/\/use.typekit.net https:\/\/vjs.zencdn.net https:\/\/apps.mypurecloud.com;connect-src 'self' *.travcorpservices.com *.travcorp.com *.corp.ttc:7443 https:\/\/api.feefo.com https:\/\/bat.bing.com https:\/\/in.hotjar.com https:\/\/ws11.hotjar.com\/api https:\/\/l.clarity.ms https:\/\/metrics.responsetap.com\/infinity https:\/\/noembed.com https:\/\/pm-mrkt.prodgw.uplift-platform.com https:\/\/rum.browser-intake-datadoghq.com https:\/\/session-replay.browser-intake-datadoghq.com https:\/\/ttctravel.germany-2.evergage.com https:\/\/www.facebook.com https:\/\/www.google-analytics.com https:\/\/logx.optimizely.com https:\/\/region1.analytics.google.com https:\/\/ttc.contiki.com","count":1},{"content-security-policy-report-only":" default-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=sRZh.d8B7vcNhxJgrInmZM9MMMCQK8I63uddXQZ.IBg-1778725061.9177873-1.0.1.1-AbJLdsM5SCG80p9iNF64R7U1PWnUES.UTsVV47QZJMJY1kxfoZHHlIgqFnHZGW8jcXYGJZV6AfRp4x81IUoNYvLH_Y571cevIBODp17iMvEcgePnWUvA_SbWyGDmwZph3WNIpygQTc7ifos08YwZPDfxg4UQoMl6lVkQGVH2QRq6tSWepEeHs9iHsioXVaa3PWRPqyi8BG5fEe7QUqOL2g; report-to cf-awnocxxkmcbcjypo","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/*.ethicalads.io https:\/\/static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; img-src 'self' data: https:\/\/*.ethicalads.io https:\/\/github.com https:\/\/avatars.githubusercontent.com; connect-src 'self' https:\/\/kkv75ipbyx-dsn.algolia.net https:\/\/cloudflareinsights.com https:\/\/*.ethicalads.io https:\/\/*.ingest.de.sentry.io; frame-src https:\/\/w.soundcloud.com https:\/\/www.youtube.com; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri https:\/\/o4511275537334272.ingest.de.sentry.io\/api\/4511275564531792\/security\/?sentry_key=f975a1494e48eecbacb4781af5696dc5","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' localhost  *.nexpart.com nexpart.com *.pacecomputer.com *.lordco.com prostockautoparts.com *.shopcontroller.com *.lankar.com lankar-customer-sandbox.azurewebsites.net *.nexpartqa.com nexpartqa.com *.nexpartuat.com nexpartuat.com www.davesmith.com s1.ariba.com acdelco-catalog.dstcloud.com nexcat.com www.nexcat.com usglobalautomotive.com deets.feedreader.com *.networktoolcat.com; report-uri https:\/\/www.nexpart.com\/csp_violation.php ","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/ipapi.co https:\/\/acsbapp.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/googleads.g.doubleclick.net https:\/\/www.youtube.com 'sha256-\/y9YHU4QX6KPWNImA60WzyF1vBXR2lkrt+U8PSbh+iY=' 'sha256-3Q7Fer8VTVLBYfrpLbYBTwQkF9lmBnkJeuVShwQexS4=' 'sha256-3wmk851JXpAaVHn85WyN3sT4pqzaGzzqt63HBPpDnjI=' 'sha256-KJTCWNsYjcRFgjDDVHDQgi7gBOXTEIEVpnJf94aSFIc=' 'sha256-Mx223vyVUzeAaIhK5NnamXB2POJ6cOAPo6+ehEylBOk=' 'sha256-QZuAvM8f4QRsjGrp\/efLhNzbBIm+4a7EsXhTlW23yl8=' 'sha256-Qgfzr4cwYpt8WTLbTv6GcpN5RkDEzTlJVDw7kN\/PnuQ=' 'sha256-QqgFWGLwtSI1TjkBE\/B183+7o+\/eRWxa3L9Nw5lZ7+s=' 'sha256-RLuIMf8AmC4Pal3Mid9TAErc0Wr17jciD5eIemIwg+w=' 'sha256-XpXJSNfpJ5D9CtUQFEXP1Gu9fvL9jNAOqOOXL9KFUwY=' 'sha256-fDDCx0eyz3VB37txfc0o3APsxskXE6lveIb4+b9e3jQ=' 'sha256-fW\/riMSQpeWepWTfyhNmASFZgAQb04K1vFZxUc\/hz9A=' 'sha256-i+f8BvLmbGpIVoBv1WtMlfgJHKVNqwdntv8RuHgLYMw=' 'sha256-psP\/7FTvXyygM7H834Th\/qyTQ3o9jUQ5Zn6SdsoqmDY=' 'sha256-sjwHEvEEd6LOECfafoaXLp4pSwGYpxKixkV7uzUd1mI=' 'sha256-t+jFJmOJrsBRqXw9ufFfliFTeKnjiqJeBbV1PQwusv8=' 'sha256-wv9t8ovqnH4ayVaS46LraLM76HAxxF+W6+UxmHbZ6oI=' 'sha256-6wRdeNJzEHNIsDAMAdKbdVLWIqu8b6+Bs+xVNZqplQw=' 'sha256-qP8g7qDnOKq45yFpvYMx2+8CACwYqBdQQa2fG\/6LmUc=' 'sha256-VhCkaev1NwnIuENAORAHdzqQN7wrYfmH7kWh+XhZp+M=' 'sha256-h1npP5O1EPT39gcD1bIG7Gj8Rejpu4ViqubzR1P1\/Go=' 'sha256-HByqKMAwu05WlMgLICm53REDvT0bm3i78G+vDCe3B9Y=' 'sha256-JHsIwVcCT2v1J7YhU1nP9BxPazd5Eul+pf0Jjc89+pQ=' 'sha256-3XDh4eZxg\/LLAEOhcSMd+yIqRwCnTS2JJOz6633ja+U=' 'sha256-HByqKMAwu05WlMgLICm53REDvT0bm3i78G+vDCe3B9Y=' 'sha256-mIqXgN3X0VkAUKg5uvkktfjgIe2ApCDGc\/XjqBsji2c=' 'sha256-eQnahDh\/rWPvbFbNaAkANZHl53xKgO7lCJWIOKJreoM=' 'sha256-kZDoWjBsarNzp4ggI6bMLgsT61PlTtM7bjgYuXLyyNk=' 'sha256-3MAXvxEwAwcWOUPhhJwhIc1ynPx6h0R5hUJv4ZvuIbw=' 'sha256-5r8rtVNkmzK+ZXGjz1Lj07sJcZgJPMRcmhOERGVWFzU=' 'sha256-l5Pf7wr21eXswaG+x2fM9Ee34A6SqwSfjgaLBKx\/Ifw=' 'sha256-bDffur2bv1fuHXPDrlVdk3c60kNy1bguL8B5j+VOnok=' 'sha256-bVXswsl55sTkwlIvdvlDwzcTor9MRcUY4Nei9eAMyz4=' 'sha256-Wqs6QDdtwN\/+FbKIK1DSmObId2g6TyXd\/Pd\/vRbUe1Y=' 'sha256-P1jgznm+dp4FXZVA1c9OpiiG+JBRPmQKYcd7MxYRpho=' 'sha256-t9yHFe6C4Ta0dtZmozBAraGEjgSolbjEoFmz+Z9CzEQ='; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: https: https:\/\/secure.gravatar.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/*.wpenginepowered.com https:\/\/*.bwxt.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/cdn.acsbapp.com https:\/\/www.google.com https:\/\/px.ads.linkedin.com https:\/\/geo.wpforms.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/www.facebook.com https:\/\/www.google.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" connect-src 'self' https:\/\/status.netservicesgroup.com https:\/\/www.google-analytics.com; default-src 'self' http:\/\/www.techadvisory.org https:\/\/maps.googleapis.com https:\/\/csi.gstatic.com https:\/\/maps.gstatic.com https:\/\/helpdesk.netservicesgroup.com:80; img-src 'self' http:\/\/www.internettrafficreport.com https:\/\/csi.gstatic.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com http:\/\/www.techadvisory.org https:\/\/www.netservicesgroup.com http:\/\/graphs.ntppool.net http:\/\/www.pool.ntp.org https:\/\/www.google-analytics.com https:\/\/secure.trust-provider.com http:\/\/www.trustlogo.com\/; frame-src https:\/\/www.google.com https:\/\/status.netservicesgroup.com; child-src https:\/\/status.netservicesgroup.com https:\/\/www.google.com https:\/\/helpdesk.netservicesgroup.com http:\/\/openspeedtest.com https:\/\/urldefense.proofpoint.com https:\/\/quickclick.com; style-src 'self' https:\/\/www.netservicesgroup.com https:\/\/status.netservicesgroup.com 'sha256-zL+zKXgt2515GaHwEfkV8QPRfZZcGr\/ibUw4EJ3V13s=' 'sha256-ES2uzHuEQM4whrqb1S+eihZ+mxiQTgCzn2AsyOHbX88=' 'sha256-ES2uzHuEQM4whrqb1S+eihZ+mxiQTgCzn2AsyOHbX88=' 'sha256-ES2uzHuEQM4whrqb1S+eihZ+mxiQTgCzn2AsyOHbX88=' 'sha256-Pkt8j98M46glrPDzrqR9I9gac\/h2nvberIdQkhIGySk=' https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/secure.trust-provider.com 'sha256-ES2uzHuEQM4whrqb1S+eihZ+mxiQTgCzn2AsyOHbX88=' 'sha256-rvExcqXg6slhViMilpJKfslIcSuTwNcaJTyiU0PTfEc=' https:\/\/secure.comodo.com; script-src 'self' https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/secure.trust-provider.com http:\/\/www.trustlogo.com https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/www.netservicesgroup.com https:\/\/ajax.googleapis.com https:\/\/oss.maxcdn.com https:\/\/ssl.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/status.netservicesgroup.com https:\/\/secure.comodo.com 'sha256-3ocR7726kV2Y3awnQx4u408K1Dxd7l3X9nvrC91J15k=' 'sha256-YG4fTNWYCHAm4AVC2mnK8Tj09alaJWJTk+LJy+5kHho=' 'sha256-ES2uzHuEQM4whrqb1S+eihZ+mxiQTgCzn2AsyOHbX88=' 'sha256-rvExcqXg6slhViMilpJKfslIcSuTwNcaJTyiU0PTfEc=' 'sha256-\/LNrhX3k9yooaUcjJ9wGqDoSJEFQEozZc8jtdbq+lMg=' 'sha256-ahfvWH65y6WEYvXXrsReZDD9l5f9wMFjeLjl+8hkRIg=' 'sha256-rvExcqXg6slhViMilpJKfslIcSuTwNcaJTyiU0PTfEc='; font-src 'self' https:\/\/www.netservicesgroup.com https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com; report-uri https:\/\/www.netservicesgroup.com\/csp.php","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/code.jquery.com\/ui\/ https:\/\/src.mastercard.com\/srci\/integration\/components\/ https:\/\/cdn.jsdelivr.net\/npm\/intl-tel-input@25.3.1\/build\/css\/intlTelInput.css; script-src 'self' 'unsafe-eval' 'nonce-c4baab64c89536587f140f8efdcf8f25' https:\/\/js.stripe.com\/ https:\/\/g.stripe.com\/ https:\/\/hosted.paysafe.com\/request\/ https:\/\/ajax.cloudflare.com https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/moment.js\/ https:\/\/static.cloudflareinsights.com https:\/\/cdn.webrtc-experiment.com\/DetectRTC.min.js https:\/\/code.jquery.com\/ui\/ https:\/\/maps.googleapis.com\/maps\/api\/ https:\/\/challenges.cloudflare.com\/turnstile\/v0\/api.js https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.datadoghq-browser-agent.com\/datadog-logs-us.js https:\/\/www.datadoghq-browser-agent.com\/datadog-rum-us.js https:\/\/www.datadoghq-browser-agent.com\/datadog-rum-v4.js http:\/\/stats.pusher.com\/timeline\/v2\/jsonp\/ https:\/\/cdn.onesignal.com\/ https:\/\/onesignal.com\/api\/v1\/sync\/ https:\/\/hpoint-cr-binaries-prod.s3.amazonaws.com\/cloud\/sdk\/wrappers\/js\/ https:\/\/cdn.jsdelivr.net\/npm\/intl-tel-input@25.3.1\/build\/js\/intlTelInputWithUtils.min.js https:\/\/src.mastercard.com\/ https:\/\/secure.checkout.visa.com\/checkout-widget\/resources\/js\/ https:\/\/qwww.aexp-static.com\/akamai\/remotecommerce\/scripts\/ https:\/\/webapp.src.discover.com\/websdk\/ https:\/\/content.discovercard.com\/ https:\/\/js.verygoodvault.com\/vgs-collect\/ https:\/\/js3.verygoodvault.com\/vgs-collect\/ https:\/\/www.datadoghq-browser-agent.com\/datadog-logs-v4.js; font-src 'self' data: https:\/\/fonts.gstatic.com; img-src 'self' data: https:\/\/img.gotab.io\/ https:\/\/static.gotab.io\/ https:\/\/s3.amazonaws.com\/gotabpublic\/ https:\/\/s3.amazonaws.com\/gotabpublic\/ https:\/\/maps.gstatic.com\/ https:\/\/maps.googleapis.com\/maps\/ https:\/\/i.vimeocdn.com\/video\/ https:\/\/src.mastercard.com\/srci\/integration\/ https:\/\/content.discovercard.com\/ https:\/\/cdn.jsdelivr.net\/npm\/intl-tel-input@25.3.1\/build\/img\/ https:\/\/*.untappd.com\/ https:\/\/checkoutshopper-live.adyen.com\/checkoutshopper\/images\/ https:\/\/checkoutshopper-live-us.adyen.com\/ https:\/\/*.googleapis.com https:\/\/gotabpublic.s3.amazonaws.com\/; media-src 'self' data: https:\/\/s3.amazonaws.com\/gotabpublic\/ https:\/\/gotabpublic.s3.amazonaws.com\/; frame-src 'self' https:\/\/js.stripe.com\/ https:\/\/metabase.gotab.io\/ https:\/\/report.gotab.io\/ https:\/\/www.google.com\/ https:\/\/js.verygoodvault.com\/vgs-collect\/ https:\/\/content.discovercard.com\/ https:\/\/src.mastercard.com\/ https:\/\/srcdcf.americanexpress.com\/ https:\/\/secure.checkout.visa.com\/checkout-widget\/ https:\/\/checkoutshopper-live.adyen.com\/ https:\/\/checkoutshopper-live-us.adyen.com\/ https:\/\/challenges.cloudflare.com\/ https:\/\/chat.gotab.io\/ https:\/\/loveychat.gotab.io\/ https:\/\/app.opsi.io\/; connect-src 'self' https:\/\/*.gotab.io\/ wss:\/\/stats.gotab.io\/ https:\/\/s3.amazonaws.com\/gotabpublic\/ https:\/\/s3.amazonaws.com\/gotabpublic\/ https:\/\/hosted.paysafe.com\/request\/api\/ https:\/\/api.paysafe.com\/request\/api\/ https:\/\/api.paysafe.com\/request\/api\/v1\/ https:\/\/checkoutshopper-live.adyen.com\/checkoutshopper\/ https:\/\/checkoutshopper-live-us.adyen.com\/ https:\/\/*.logs.datadoghq.com\/ https:\/\/*.browser-intake-datadoghq.com\/ https:\/\/openreplay.gotab.org\/ *.verygoodvault.com *.verygoodproxy.com https:\/\/maps.googleapis.com\/maps\/api\/ https:\/\/cloud.handpoint.io\/ https:\/\/cloud.handpoint.com\/ ws:\/\/ws-mt1.pusher.com\/app\/ https:\/\/vimeo.com\/api\/ https:\/\/vgs-collect-keeper.apps.verygood.systems\/vgs https:\/\/*.mastercard.com\/ https:\/\/*.aexp-static.com\/ https:\/\/*.americanexpress.com\/ https:\/\/*.visa.com\/ https:\/\/*.staticv.me\/ https:\/\/*.discover.com\/ https:\/\/*.discovercard.com\/ https:\/\/content.discovercard.com\/ https:\/\/src.apis.discover.com\/sdk\/ https:\/\/www.google.com\/maps\/conversion\/collect https:\/\/*.googleapis.com https:\/\/www.google.com\/recaptcha\/; worker-src 'self' blob:; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub4721f170b2076f8c4dce4d125ff9509d&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=version%3Ag_224%2Cservice%3Agotabnode%2Cenv%3Aproduction; report-to csp-report","count":1},{"content-security-policy-report-only":" default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data: https:\/\/*.stripe.com; object-src 'none'; script-src 'self' https: https:\/\/connect-js.stripe.com https:\/\/js.stripe.com https:\/\/*.js.stripe.com https:\/\/maps.googleapis.com 'nonce-1yRWWXqS4vJdbKi5Asq7VA=='; style-src 'self' https: 'nonce-1yRWWXqS4vJdbKi5Asq7VA=='; style-src-attr 'unsafe-inline'; frame-src 'self' https:\/\/connect-js.stripe.com https:\/\/js.stripe.com https:\/\/*.js.stripe.com https:\/\/hooks.stripe.com; connect-src 'self' https:\/\/api.stripe.com https:\/\/maps.googleapis.com; report-uri \/systems\/csp_report","count":1},{"content-security-policy-report-only":" script-src-elem *.bing.com *.clarity.ms *.googleadservices.com *.youtube.com *.global-e.com *.bglobale.com *.redditstatic.com *.bing-int.com *.trustpilot.com *.tiktok.com *.newrelic.com www.googletagmanager.com static-tracking.klaviyo.com static.klaviyo.com *.herroom.com unpkg.com *.googleapis.com www.paypal.com js.braintreegateway.com pay.google.com c.paypal.com cdn.kustomerapp.com connect.facebook.net gepi.global-e.com web.global-e.com webservices.global-e.com www.google.com www.gstatic.com *.pinimg.com cdn.noibu.com *.cloudfront.net utt.impactcdn.com googleads.g.doubleclick.net *.pinterest.com se.monetate.net www.paypalobjects.com *.sitejabber.com *.slick.min.js *.msn.com *.r.msn.com *.listrakbi.com cdn.jsdelivr.net *.listrak.com *.aftership.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src-elem *.googleapis.com *.bglobale.com *.trustpilot.com *.herroom.com p.typekit.net use.typekit.net gepi.global-e.com static.klaviyo.com static-tracking.klaviyo.com *.sitejabber.com *.listrakbi.com 'self' 'unsafe-inline'; font-src fonts.gstatic.com use.typekit.net maxcdn.bootstrapcdn.com *.global-e.com *.bglobale.com *.gstatic.com s3-eu-west-1.amazonaws.com cdn.kustomerapp.com globale-prod.s3-eu-west-1.amazonaws.com *.sitejabber.com *.espssl.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.google.com *.cloudfront.net *.pinterest.com *.global-e.com *.youtube.com *.listrakbi.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com www.google.com www.googletagmanager.com *.weltpixel.com *.bglobale.com *.global-e.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.braintreegateway.com *.google.com *.cloudfront.net *.pinterest.com *.listrakbi.com *.trustpilot.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.global-e.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.gstatic.com *.facebook.com *.reddit.com *.bglobale.com assets.herroom.net media.herroom.com *.bing.com *.clarity.ms maps.googleapis.com *.herroom.com *.google.ch bat.bing.net widgets.automizely.com widgets.automizely.io magefan.com *.trustpilot.com *.magefan.com *.tiktok.com herroom.scene7.com www.googletagmanager.com s3-eu-west-1.amazonaws.com cdn.kustomerhostedcontent.com *.google.com *.brandlock.io media.hisroom.com www.ojrq.net logs-01.loggly.com *.cloudfront.net connect.facebook.net *.sitejabber.com *.doubleclick.net *.g.doubleclick.net *.listrakbi.com *.espssl.com *.kustomerapp.com data: 'self' 'unsafe-inline'; script-src *.adobe.com www.googleadservices.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com s.ytimg.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ *.magento-ds.com *.global-e.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com maps.googleapis.com *.facebook.net *.redditstatic.com *.reddit.com *.maxmind.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com assets.adobedtm.com amcglobal.sc.omtrdc.net t.paypal.com www.googleapis.com vimeo.com www.vimeo.com www.google.com www.googletagmanager.com www.google-analytics.com *.bglobale.com unpkg.com *.clarity.ms *.tiktok.com *.cloudfront.net *.listrakbi.com ajax.googleapis.com fonts.googleapis.com widgets.automizely.com widgets.automizely.io *.trustpilot.com *.newrelic.com *.nr-data.net *.pinimg.com *.listrak.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.global-e.com assets.braintreegateway.com *.bglobale.com *.typekit.net widgets.automizely.com widgets.automizely.io *.trustpilot.com use.typekit.net *.sitejabber.com *.listrakbi.com 'self' 'unsafe-inline'; object-src *.listrakbi.com 'self' 'unsafe-inline'; media-src *.adobe.com assets.herroom.net *.espssl.com *.listrakbi.com 'self' 'unsafe-inline'; manifest-src *.listrakbi.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.sentry.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.google-analytics.com *.facebook.net *.redditstatic.com *.reddit.com *.doubleclick.net *.mmapiws.com *.googleapis.com *.bing.com *.clarity.ms *.brandlock.io *.tiktok.com *.cloudfront.net *.clartity.ms *.google.ch bat.bing.net *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io api.automizely.com api.automizely.io *.global-e.com *.bing-int.com *.trustpilot.com *.newrelic.com *.nr-data.net a.klaviyo.com andragroup.api.kustomerapp.com www.facebook.com input.noibu.com cdn.noibu.com wss:\/\/input.noibu.com herroom.pxf.io hisroom.sjv.io *.pinterest.com herroom.scene7.com *.pndsn.com resource-proxy.noibu.com *.sitejabber.com *.listrakbi.com *.listrak.com *.bglobale.com *.impact.site *.googleadservices.com *.tiktokw.us *.impct.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src self *.herroom.com *.hisroom.com mcprod.herroom.com *.hisrroom.com *.listrakbi.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri self *.herroom.com *.hisroom.com *.listrakbi.com 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.typekit.net https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/*.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.loginwithamazon.com https:\/\/*.doubleclick.net https:\/\/cdn-cookieyes.com https:\/\/js.hs-scripts.com https:\/\/js.hs-banner.com https:\/\/js.usemessages.com https:\/\/js.hsadspixel.net https:\/\/js.hs-analytics.net https:\/\/snap.licdn.com https:\/\/*.zdassets.com https:\/\/*.facebook.net https:\/\/*.c-ctrip.com https:\/\/*.quantummetric.com https:\/\/*.scriptcdn.net https:\/\/*.alipayobjects.com https:\/\/*.navahididi.com https:\/\/cdn.brightwrite.com https:\/\/cdn.brightwrite-staging.com https:\/\/*.fullstory.com https:\/\/fullstory.com https:\/\/*.xcover.com; connect-src 'self' https:\/\/*.sentry.io https:\/\/sentry.io https:\/\/*.amazonaws.com https:\/\/*.amazon.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.google.com.au https:\/\/*.google.com.br https:\/\/*.google.com.co https:\/\/*.google.com.mt https:\/\/*.google.com.mx https:\/\/*.google.com.sg https:\/\/*.google.com.sv https:\/\/*.google.com.ph https:\/\/*.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.google.ae https:\/\/*.google.at https:\/\/*.google.be https:\/\/*.google.ch https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.es https:\/\/*.google.fr https:\/\/*.google.hu https:\/\/*.google.ie https:\/\/*.google.it https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.pl https:\/\/*.google.pt https:\/\/*.google.co.id https:\/\/*.google.co.jp https:\/\/*.google.co.kr https:\/\/*.google.com.my https:\/\/*.google.com.tr https:\/\/*.google.com.tw https:\/\/*.google.co.uk https:\/\/*.google.co.za https:\/\/*.doubleclick.net https:\/\/*.linkedin.com https:\/\/*.hubapi.com https:\/\/*.cookieyes.com https:\/\/cdn-cookieyes.com https:\/\/*.brightwrite.com https:\/\/brightwrite-data.com https:\/\/*.fullstory.com https:\/\/*.hubspot.com https:\/\/*.adyen.com https:\/\/*.zdassets.com https:\/\/*.xcover.com https:\/\/*.covergenius.biz https:\/\/*.zendesk.com https:\/\/*.hsforms.com https:\/\/api.transferwise.com blob: data: https:\/\/browser-intake-datadoghq.eu https:\/\/*.datadoghq.eu https:\/\/*.googlesyndication.com; img-src 'self' https: data: blob:; font-src 'self' https: data:; frame-src 'self' https:\/\/*.google.com https:\/\/*.googletagmanager.com https:\/\/*.amazon.com https:\/\/*.doubleclick.net https:\/\/*.adyen.com https:\/\/*.web.app https:\/\/*.xcover.com; worker-src 'self' blob:; upgrade-insecure-requests; report-uri https:\/\/csp-report.browser-intake-datadoghq.eu\/api\/v2\/logs?dd-api-key=pube2daa5996f2fad21d085fd09ecccdd5d&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Axcover-website%2Ccluster-group%3Axcover%2Cenv%3Aproduction","count":1},{"content-security-policy-report-only":" default-src 'self'           *.ponycanyon.co.jp;         font-src 'self'           *.ponycanyon.co.jp           fonts.gstatic.com           data:;         form-action 'self'           *.ponycanyon.co.jp;         worker-src 'self'           blob:           *.ponycanyon.co.jp           cdnjs.cloudflare.com;         connect-src 'self'           *.ponycanyon.co.jp           *.google-analytics.com           *.analytics.google.com           *.googletagmanager.com           *.g.doubleclick.net           *.google.com           www.google.co.jp \t  *.clarity.ms;         frame-src 'self'           *.ponycanyon.co.jp           www.youtube.com           td.doubleclick.net \t  www.googletagmanager.com           open.spotify.com \t  embed-cdn.spotifycdn.com;         img-src *;         media-src 'self'           blob:           *.ponycanyon.co.jp;         script-src 'self'           'unsafe-inline'           *.ponycanyon.co.jp           ajax.aspnetcdn.com           cdn.jsdelivr.net           cdnjs.cloudflare.com           *.googletagmanager.com           *.google.com           www.google-analytics.com           ad.jp.ap.valuecommerce.com \t  *.clarity.ms \t  embed-cdn.spotifycdn.com;         style-src 'self'           'unsafe-inline'           *.ponycanyon.co.jp           cdn.jsdelivr.net           cdnjs.cloudflare.com           fonts.googleapis.com           tagmanager.google.com;         report-uri https:\/\/csp-log.ponycanyon.co.jp\/;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.stripe.com https:\/\/checkout.stripe.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/cdn.mxpnl.com https:\/\/cdn.retently.com\/public\/ https:\/\/www.google.com\/recaptcha\/; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/pro.fontawesome.com https:\/\/www.paypalobjects.com https:\/\/*.stripe.com; font-src 'self' https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/pro.fontawesome.com; img-src 'self' data: https:\/\/*.stripe.com https:\/\/www.paypalobjects.com https:\/\/www.paypal.com https:\/\/www.gravatar.com https:\/\/www.googletagmanager.com; frame-src 'self' https:\/\/www.google.com https:\/\/js.stripe.com https:\/\/checkout.stripe.com https:\/\/hooks.stripe.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com; frame-ancestors 'self'; form-action 'self' https:\/\/www.paypal.com; connect-src 'self' https:\/\/api.stripe.com https:\/\/checkout.stripe.com https:\/\/*.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/app.retently.com\/api\/ https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/*.venmo.com; base-uri 'self'; object-src 'none'; upgrade-insecure-requests; report-uri https:\/\/csp-reports.quick.net.au\/csp-reports.php; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" frame-src 'none'","count":1},{"content-security-policy-report-only":" \n      default-src 'self';\n      script-src 'self' 'unsafe-inline' 'unsafe-eval'\n      \t\t*.beaconforms.com\n      \t\t*.beaconproducts.co.uk\n      \t\t*.bootstrapcdn.com\n      \t\t*.calendly.com\n      \t\tcalendly.com\n      \t\t*.cloudflare.com\n      \t\t*.doubleclick.net\n      \t\t*.facebook.net\n      \t\t*.fontawesome.com\n      \t\t*.google-analytics.com\n      \t\t*.google.com\n      \t\t*.googleadservices.com\n      \t\t*.googleapis.com\n      \t\t*.googletagmanager.com\n      \t\t*.gravatar.com\n      \t\t*.gstatic.com\n      \t\t*.myfonts.net\n      \t\t*.victimsupport.org.uk\n      \t\t*.w.org\n      \t\t*.wpdownloadmanager.com\n      \t\t*.yoast.com\n      \t\tjs.stripe.com\n      \t\tyoast.com\n      \t\t*.youtube.com\n      \t\tcdn-cookieyes.com\n      \t\ts.ytimg.com;\n      style-src 'self' 'unsafe-inline'\n      \t\t*.fontawesome.com\n      \t\t*.googleapis.com\n      \t\t*.gstatic.com\n      \t\thello.myfonts.net\n      \t\tstackpath.bootstrapcdn.com\n      \t\tstatic.userback.io;\n      img-src 'self' data:\n      \t\t*.beaconforms.com\n      \t\t*.beaconproducts.co.uk\n      \t\t*.bootstrapcdn.com\n      \t\t*.calendly.com\n      \t\t*.cloudflare.com\n      \t\t*.doubleclick.net\n      \t\t*.facebook.net\n      \t\t*.fontawesome.com\n      \t\t*.google-analytics.com\n      \t\t*.google.com\n      \t\t*.google.ro\n      \t\t*.google.co.uk\n      \t\t*.googleadservices.com\n      \t\t*.googleapis.com\n      \t\t*.googletagmanager.com\n      \t\t*.gravatar.com\n      \t\t*.gstatic.com\n      \t\t*.myfonts.net\n      \t\t*.victimsupport.org.uk\n      \t\t*.w.org\n      \t\t*.wpdownloadmanager.com\n      \t\t*.yoast.com\n      \t\t*.youtube.com\n      \t\tcdn-cookieyes.com\n      \t\ts.ytimg.com\n      \t\twww.facebook.com;\n      font-src 'self' data:\n      \t\t*.fontawesome.com\n      \t\t*.googleapis.com\n      \t\t*.gstatic.com\n      \t\tstatic.userback.io;\n      connect-src 'self'\n      \t\t*.beaconforms.com\n      \t\t*.beaconproducts.co.uk\n      \t\t*.bootstrapcdn.com\n      \t\t*.calendly.com\n      \t\t*.cloudflare.com\n      \t\t*.doubleclick.net\n      \t\t*.facebook.net\n      \t\t*.fontawesome.com\n      \t\t*.google-analytics.com\n      \t\t*.google.com\n      \t\t*.google.co.uk\n      \t\t*.googleadservices.com\n      \t\t*.googleapis.com\n      \t\t*.googletagmanager.com\n      \t\t*.gravatar.com\n      \t\t*.gstatic.com\n      \t\t*.myfonts.net\n      \t\t*.pagead2.googlesyndication.com\n      \t\t*.victimsupport.org.uk\n      \t\t*.w.org\n      \t\t*.wpdownloadmanager.com\n      \t\t*.yoast.com\n      \t\t*.youtube.com\n      \t\t*.browser-intake-datadoghq.com\n      \t\t*.browser-intake-datadoghq.eu\n      \t\tapi.stripe.com \n      \t\tapi.userback.io\n      \t\tcdn-cookieyes.com\n      \t\tdirectory.cookieyes.com\n      \t\tgraph.facebook.com\n      \t\tlog.cookieyes.com\n      \t\tstatic.userback.io\n      \t\twww.facebook.com;\n      frame-src 'self'\n      \t\t*.beaconforms.com\n      \t\t*.beaconproducts.co.uk\n      \t\t*.bootstrapcdn.com\n      \t\t*.calendly.com\n      \t\t*.cloudflare.com\n      \t\t*.doubleclick.net\n      \t\t*.facebook.net\n      \t\t*.fontawesome.com\n      \t\t*.google-analytics.com\n      \t\t*.google.com\n      \t\t*.googleadservices.com\n      \t\t*.googleapis.com\n      \t\t*.googletagmanager.com\n      \t\t*.gravatar.com\n      \t\t*.gstatic.com\n      \t\t*.myfonts.net\n      \t\t*.victimsupport.org.uk\n      \t\t*.w.org\n      \t\t*.wpdownloadmanager.com\n      \t\t*.yoast.com\n      \t\t*.youtube.com\n      \t\tcalendly.com\n      \t\tcdn-cookieyes.com\n      \t\tjs.stripe.com\n      \t\ts.ytimg.com\n      \t\tstatic.userback.io\n      \t\tyoast.com;\n\treport-uri \/csp-report;\n\treport-to csp-endpoint;\n      ","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/cdn.monetnik.ru; style-src 'self' https:\/\/cdn.monetnik.ru 'unsafe-inline' https:\/\/yastatic.net  https:\/\/*.mindbox.ru;  object-src 'none';  script-src 'self' 'unsafe-inline' 'unsafe-eval'  https:\/\/cdn.monetnik.ru  https:\/\/www.googletagmanager.com\/  https:\/\/www.google-analytics.com\/   https:\/\/*.mail.ru  https:\/\/vk.com https:\/\/*.mindbox.ru https:\/\/yastatic.net   https:\/\/mc.yandex.ru;  connect-src 'self' https:\/\/cdn.monetnik.ru https:\/\/mc.yandex.com  https:\/\/www.google.com\/ https:\/\/analytics.google.com\/ https:\/\/stats.g.doubleclick.net\/  https:\/\/*.mail.ru\/ https:\/\/*.mindbox.ru https:\/\/vk.com https:\/\/mc.yandex.ru  wss:\/\/mc.yandex.ru;  img-src https: data:;  frame-src https:\/\/mc.yandex.com https:\/\/mc.yandex.ru  https:\/\/content.adriver.ru   https:\/\/yandex.ru;  worker-src blob:;  font-src 'self' https:\/\/cdn.monetnik.ru fonts.gstatic.com; report-uri \/external-event\/log\/csp\/","count":1},{"content-security-policy-report-only":" block-all-mixed-content; report-uri https:\/\/awp.abd.jp\/apiViewer\/getCspInfo","count":1},{"content-security-policy-report-only":" default-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-6f730d35-090a-450f-8fd7-b669f474ab1e' https: data: https:\/\/js.sentry-cdn.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/siteintercept.qualtrics.com https:\/\/browser.sentry-cdn.com https:\/\/*.siteintercept.qualtrics.com https:\/\/www.googletagmanager.com https:\/\/js.monitor.azure.com; style-src 'self' 'unsafe-inline' https:\/\/fast.wistia.com https:\/\/cdn.jsdelivr.net https:\/\/more.suse.com; img-src 'self' https: data: https:\/\/fast.wistia.com https:\/\/embed-ssl.wistia.com https:\/\/cdn.cookielaw.org https:\/\/embed-ssl.wistia.com https:\/\/fast.wistia.net https:\/\/fast.wistia.com https:\/\/cdn.cookielaw.org https:\/\/embed-ssl.wistia.com https:\/\/embed-ssl.wistia.com https:\/\/cdn.cookielaw.org https:\/\/embed-ssl.wistia.com; connect-src 'self' https: wss: https:\/\/cdn.cookielaw.org https:\/\/distillery.wistia.com https:\/\/siteintercept.qualtrics.com https:\/\/dc.services.visualstudio.com https:\/\/fast.wistia.com https:\/\/fast.wistia.net https:\/\/pipedream.wistia.com wss:\/\/ws.qualified.com https:\/\/embed-ssl.wistia.com https:\/\/apple.dxcloud.episerver.net https:\/\/cdn.jsdelivr.net https:\/\/js.monitor.azure.com wss:\/\/ws.qualified.com; font-src 'self' https: data: https:\/\/fonts.gstatic.com https:\/\/fast.wistia.net; object-src 'none' ; media-src 'self' https: blob: ; frame-src 'self' https: ; form-action 'self' https:\/\/suselinux.fra1.qualtrics.com; frame-ancestors 'self' ; base-uri 'none' ;  report-uri https:\/\/www.suse.com\/api\/reporting\/;  report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/securepubads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/cdn.taboola.com https:\/\/*.taboola.com https:\/\/*.taboolasyndication.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: https: blob:; font-src 'self' https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/*.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/www.youtube.com https:\/\/*.youtube.com https:\/\/*.taboola.com https:\/\/ep2.adtrafficquality.google https:\/\/www.google.com https:\/\/ssbsync.smartadserver.com https:\/\/onetag-sys.com; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/*.doubleclick.net https:\/\/*.taboola.com https:\/\/*.googlesyndication.com; media-src 'self' blob: https:\/\/*.youtube.com; object-src 'none'; base-uri 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io https:\/\/accounts.google.com https:\/\/apis.google.com https:\/\/appleid.cdn-apple.com https:\/\/bat.bing.com https:\/\/cdn.amplitude.com https:\/\/cdnjs.cloudflare.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/js.intercomcdn.com https:\/\/maps.googleapis.com https:\/\/static.intercomcdn.com https:\/\/vercel.live https:\/\/tagmanager.google.com https:\/\/widget.intercom.io https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com; script-src-elem 'self' 'unsafe-inline' blob: https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io https:\/\/accounts.google.com https:\/\/apis.google.com https:\/\/appleid.cdn-apple.com https:\/\/bat.bing.com https:\/\/cdn.amplitude.com https:\/\/cdnjs.cloudflare.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/js.intercomcdn.com https:\/\/maps.googleapis.com https:\/\/static.intercomcdn.com https:\/\/vercel.live https:\/\/tagmanager.google.com https:\/\/widget.intercom.io https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com; style-src 'self' 'unsafe-inline' https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io https:\/\/fonts.googleapis.com https:\/\/www.google.com; style-src-elem 'self' 'unsafe-inline' https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io https:\/\/fonts.googleapis.com https:\/\/www.google.com; img-src 'self' data: blob: https: http: https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io; font-src 'self' data: blob: https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io https:\/\/appdown.pstatic.net https:\/\/assets.cdn.bounc3.com https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/fonts.intercomcdn.com https:\/\/js.intercomcdn.com; connect-src 'self' data: blob: https: wss:; worker-src 'self' blob: https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io; frame-src 'self' https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io https:\/\/accounts.google.com https:\/\/appleid.apple.com https:\/\/intercom-sheets.com https:\/\/td.doubleclick.net https:\/\/vercel.live https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com https:\/\/www.facebook.com; media-src 'self' blob: https:\/\/bounce.com https:\/\/*.bounce.com https:\/\/usebounce.com https:\/\/*.usebounce.com https:\/\/*.usebounce.io https:\/\/js.intercomcdn.com; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/www.facebook.com; frame-ancestors 'none'; upgrade-insecure-requests; report-to https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub8e50b3cc2c1956779a374061145a7883&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Amarketing-web; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub8e50b3cc2c1956779a374061145a7883&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Amarketing-web","count":1},{"content-security-policy-report-only":" base-uri 'self'; block-all-mixed-content; default-src 'self'; form-action 'self'; frame-ancestors 'self'; plugin-types 'none'; script-src 'self' 'report-sample' 'unsafe-inline'; style-src 'self' 'report-sample' 'unsafe-inline'; object-src 'none'; worker-src 'none'; report-uri https:\/\/prod.ap.batic.cudasvc.com\/xenios\/api\/v1\/error\/report??paid=151&spid=437&v=v1.0&payload=rJeyhteK1R4ehvX19W96lNbaCGhFOwYEfK03vVIAbGSAqTMkAdvym88TbB6ZcVIk3BKtzXIrOm_KBfeoBaCjF9DT9PovfTxrnDI4726kip2VYnT2rhNREHZY9VONCOD17nSiVrhGQB2u8AFu5Npgw1mO1AUy5vspZNteu57VvHG7lcpeHkzBILlnLo-0_fdn0t2U3DytFvV2Lwn6ZW5WhQ==;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com https:\/\/fonts.gstatic.com *.fontawesome.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.authorize.net *.ccavenue.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ bid.g.doubleclick.net *.youtube-nocookie.com services.sheerid.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.authorize.net *.ccavenue.com www.googletagmanager.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com https:\/\/images.unsplash.com *.visualwebsiteoptimizer.com *.hsforms.com *.gstatic.com shareasale.com *.google.com.ua bat.bing.com *.facebook.com *.fs1.hubspotusercontent-na1.net track.hubspot.com t.co analytics.twitter.com\/ bat.bing.net *.google.de services.sheerid.com *.cloudfront.net edge.marker.io store.paradoxlabs.com *.ccavenue.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.google.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com https:\/\/maps.googleapis.com maps.googleapis.com *.visualwebsiteoptimizer.com *.hsforms.net *.dwin1.com *.amplitude.com js.hs-scripts.com bat.bing.com static.ads-twitter.com *.hotjar.com cdn.jsdelivr.net cdn.jst.ai tags.srv.stackadapt.com js.hubspot.com js.hsadspixel.net js.hscollectedforms.net js.hs-banner.com js.hubspotfeedback.com js.hsleadflows.net js.hs-analytics.net my.jst.ai *.clarity.ms aly.jst.ai smct.co edge.marker.io services.sheerid.com *.forethought.ai static-tracking.klaviyo.com api.marker.io *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.authorize.net *.ccavenue.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.kaptcha.com *.avada.io connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com tags.srv.stackadapt.com services.sheerid.com *.klaviyo.com *.stripe.network *.stripecdn.com *.amazon.com https:\/\/static.klaviyo.com https:\/\/fonts.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com v.ftcdn.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.newrelic.com *.nr-data.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com forms.hsforms.com *.googleapis.com *.amplitude.com *.visualwebsiteoptimizer.com bat.bing.net bat.bing.com cta-service-cms2.hubspot.com api.hubapi.com *.hotjar.com *.hotjar.io forms.hscollectedforms.net *.clarity.ms tags.srv.stackadapt.com forms.hubspot.com smct.co aly.jst.ai wss:\/\/ws.hotjar.com\/api\/v2\/client\/ws api.marker.io ipapi.co static-tracking.klaviyo.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.authorize.net *.ccavenue.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.kaptcha.com https:\/\/get.geojs.io *.avada.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com stats.g.doubleclick.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" base-uri 'self'; form-action 'self'; frame-ancestors 'none'; child-src 'none'; connect-src 'self' https:\/\/forms-eu1.hsforms.com https:\/\/hubspot-forms-static-embed-eu1.s3.amazonaws.com https:\/\/region1.google-analytics.com https:\/\/forms-eu1.hscollectedforms.net https:\/\/px.ads.linkedin.com https:\/\/px.ads.linkedin.com https:\/\/pagead2.googlesyndication.com; default-src 'self'; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/use.typekit.net; frame-src 'self' https:\/\/www.google.com\/; img-src 'self' data: https:\/\/www.googletagmanager.com https:\/\/forms-eu1.hsforms.com https:\/\/track-eu1.hubspot.com https:\/\/px.ads.linkedin.com https:\/\/fonts.gstatic.com https:\/\/www.google-analytics.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/p.typekit.net https:\/\/cdn.jsdelivr.net https:\/\/code.jquery.com https:\/\/js-eu1.hs-scripts.com https:\/\/www.google.com https:\/\/js-eu1.hsforms.net https:\/\/www.googletagmanager.com https:\/\/js-eu1.hscollectedforms.net https:\/\/js-eu1.hs-analytics.net https:\/\/js-eu1.hs-banner.com\/ https:\/\/www.gstatic.com https:\/\/snap.licdn.com https:\/\/www.google-analytics.com https:\/\/pagead2.googlesyndication.com ; style-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/fonts.googleapis.com https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/www.googletagmanager.com; worker-src 'self';","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.delicious.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-pC8V80B24OILGVlcGT6i1Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" script-src 'nonce-l+eU5EhDQR6PhnDe7HJYvw==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=4bb66353-f7d2-4c9e-8774-022285387300; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' *; object-src *; style-src 'self' 'unsafe-inline' *; img-src 'self' data: *; media-src *; frame-src *; frame-ancestors *; child-src 'self' blob: *; font-src *; connect-src *; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval'   https:\/\/www.googletagmanager.com   https:\/\/www.google-analytics.com   https:\/\/static.cloudflareinsights.com   https:\/\/cdn.onesignal.com   https:\/\/api.onesignal.com   https:\/\/accounts.google.com   https:\/\/cdn.apple-mapkit.com; connect-src 'self'   https:\/\/www.google-analytics.com   https:\/\/region1.google-analytics.com   https:\/\/feature-flag.fazwaz.tech   https:\/\/accounts.google.com   https:\/\/api.onesignal.com   https:\/\/cdn.apple-mapkit.com   https:\/\/gsp10.apple-mapkit.com; img-src 'self' data: https: https:\/\/img.fazwaz.com; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:\/\/cdn.fazwaz.com; worker-src 'self' blob:; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'self';               script-src 'self'                'unsafe-inline' 'unsafe-eval'                 https:\/\/www.googletagmanager.com                 https:\/\/*.google-analytics.com                 https:\/\/www.gstatic.com                 https:\/\/maps.googleapis.com                 https:\/\/static.hotjar.com                 https:\/\/script.hotjar.com                 https:\/\/s.ytimg.com                 https:\/\/*.googlesyndication.com                 https:\/\/*.jsdelivr.net                 https:\/\/*.linkedin.net                 https:\/\/*.linkedin.com                 https:\/\/*.securesitetray.com                 https:\/\/*.livechatinc.com                 https:\/\/*.xg4ken.com                 https:\/\/*.cudasvc.com                 https:\/\/*.facebook.net                 https:\/\/*.facebook.com                 https:\/\/*.youtube.com                 https:\/\/securesitetray.com                 https:\/\/api.ipstack.com                 https:\/\/*.cloudflare.com                 https:\/\/*.scene7.com                 https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com                 https:\/\/*.salesforce.com                 https:\/\/www.beian.suzhou.gov.cn                 https:\/\/*.bdimg.com                 https:\/\/*.baidu.com                 https:\/\/*.bing.com                 https:\/\/*.bing.net                 https:\/\/*.clarity.ms                 https:\/\/*.marchex.io                 https:\/\/*.licdn.com                 https:\/\/*.plavxml.com                 https:\/\/*.cookielaw.org                 https:\/\/*.onetrust.com                 https:\/\/*.adsrvr.org                 https:\/\/*.adform.net                 https:\/\/*.gammaplatform.com;               style-src 'self' https:\/\/fonts.googleapis.com https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/*.scene7.com https:\/\/*.cookielaw.org https:\/\/*.onetrust.com https:\/\/*.googletagmanager.com 'unsafe-inline';               font-src 'self' https:\/\/fonts.gstatic.com https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/*.cookielaw.org https:\/\/*.onetrust.com;               img-src 'self' data:                 https:\/\/*.google-analytics.com                 https:\/\/maps.googleapis.com                 https:\/\/maps.gstatic.com                 https:\/\/*.hotjar.com                 https:\/\/i.ytimg.com                 https:\/\/*.linkedin.net                 https:\/\/*.linkedin.com                 https:\/\/*.facebook.com                 https:\/\/*.googletagmanager.com                 https:\/\/*.scene7.com                 https:\/\/*.facebook.net                 https:\/\/*.crown.com                 https:\/\/*.salesforce.com                 https:\/\/*.bdimg.com                 https:\/\/*.baidu.com                 https:\/\/*.gammaplatform.com                 https:\/\/*.doubleclick.net                 https:\/\/*.googlesyndication.com                 https:\/\/*.bing.net                 https:\/\/*.bing.com                 https:\/\/*.seadform.net                 https:\/\/*.clarity.ms                 https:\/\/*.cookielaw.org                 https:\/\/*.onetrust.com                 https:\/\/www.beian.suzhou.gov.cn;               connect-src 'self'                 https:\/\/*.google-analytics.com                 https:\/\/region1.analytics.google.com                 https:\/\/*.hotjar.com                 https:\/\/*.hotjar.io                 wss:\/\/ws.hotjar.com                 https:\/\/*.salesforce.com                 https:\/\/maps.googleapis.com                 https:\/\/*.google.com                 https:\/\/*.googlesyndication.com                 https:\/\/*.googletagmanager.com                 https:\/\/*.jsdelivr.net                 https:\/\/*.youtube.com                 https:\/\/*.linkedin.net                 https:\/\/*.linkedin.com                 https:\/\/*.crown.com                 https:\/\/*.facebook.com                 https:\/\/api.caeiox1tx-crownequi1-s1-public.model-t.cc.commerce.ondemand.com                 https:\/\/api.caeiox1tx-crownequi1-d1-public.model-t.cc.commerce.ondemand.com                 https:\/\/*.googleapis.com                 https:\/\/linkprotect.cudasvc.com                 https:\/\/*.scene7.com                 https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com                 https:\/\/*.baidu.com                 https:\/\/*.livechatinc.com                 https:\/\/api.ipstack.com                 https:\/\/*.googleadservices.com                 https:\/\/*.doubleclick.net                 https:\/\/*.cookielaw.org                 https:\/\/*.onetrust.com                 https:\/\/*.bing.com                 https:\/\/*.bing.net                 https:\/\/*.clarity.ms                 https:\/\/*.adsrvr.org                 https:\/\/*.adform.net                 https:\/\/*.google.com.gt;               frame-src 'self'                 https:\/\/www.googletagmanager.com                 https:\/\/*.google-analytics.com                 https:\/\/www.google.com                 https:\/\/maps.googleapis.com                 https:\/\/*.hotjar.com                 https:\/\/*.salesforce.com                 https:\/\/*.crown.com                 https:\/\/*.facebook.com                 https:\/\/www.youtube.com                 https:\/\/*.livechatinc.com                 https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com                 https:\/\/*.baidu.com                 https:\/\/www.youtube-nocookie.com                 https:\/\/*.cookielaw.org                 https:\/\/*.onetrust.com                 https:\/\/*.adsrvr.org                 https:\/\/*.adform.net                 https:\/\/*.doubleclick.net;               object-src 'none';               base-uri 'self';               form-action 'self' https:\/\/*.facebook.com https:\/\/*.salesforce.com;               frame-ancestors 'self';               upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" default-src 'self'; img-src 'self' files.booktrust.org.uk; script-src 'self' 'nonce-ZHFnZ3N3b2dlZ2VtdXNyZm5sZXFrYmhka3F2c3B1ZWp4d3Bs' cdn.jsdelivr.net\/npm\/; style-src 'self' 'unsafe-inline'; connect-src 'self' *.algolia.io *.algolia.net; frame-src 'self' 'nonce-ZHFnZ3N3b2dlZ2VtdXNyZm5sZXFrYmhka3F2c3B1ZWp4d3Bs';","count":1},{"content-security-policy-report-only":" default-src 'self'; frame-ancestors 'self'; object-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/download.digiaccess.org https:\/\/download.digiaccess.org\/digiaccess\/tool https:\/\/*.digiaccess.org https:\/\/translate-pa.googleapis.com https:\/\/translate.google.com https:\/\/translate.googleapis.com; worker-src 'self' blob:; img-src 'self' https:\/\/download.digiaccess.org https:\/\/translate.google.com https:\/\/www.gstatic.com https:\/\/www.google.com https:\/\/fonts.gstatic.com https:\/\/translate.googleapis.com https:\/\/translate.googleapis.com\/images https:\/\/*.digiaccess.org *.translate.googleapis.com data:; connect-src 'self' https:\/\/translate-pa.googleapis.com https:\/\/digiaccess.org https:\/\/download.digiaccess.org https:\/\/api.digiaccess.org https:\/\/api.digiaccess.org\/subscriptions\/active https:\/\/translate.googleapis.com; font-src 'self' https:\/\/api.digiaccess.org https:\/\/download.digiaccess.org; media-src 'self' *.4982.cdn.video.taxi; frame-src 'self' https:\/\/www.youtube-nocookie.com https:\/\/stadtatlas.darmstadt.de *.stadtatlas.darmstadt.de https:\/\/media.video.taxi *.media.video.taxi; style-src 'self' 'unsafe-inline'; style-src-elem 'self' https:\/\/www.gstatic.com https:\/\/download.digiaccess.org https:\/\/translate.google.com 'unsafe-inline' 'report-sample'; base-uri 'self';","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src 'nonce-58cea41a-4a83-4113-aafc-72221af453a1' https:\/\/accounts.google.com 'unsafe-hashes' 'sha256-47DEQpj8HBSa+\/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' https:\/\/*.dealoo.ch; script-src 'nonce-58cea41a-4a83-4113-aafc-72221af453a1' https:\/\/challenges.cloudflare.com https:\/\/storage.googleapis.com https:\/\/portal.zakeke.com https:\/\/*.dealoo.ch; img-src 'self' https:\/\/www.apfelkiste.ch https:\/\/cms-data.apfelkiste.ch data: blob: https:\/\/i.ytimg.com https:\/\/i.vimeocdn.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/www.google.de https:\/\/www.google.ch https:\/\/www.google.fr https:\/\/*.dealoo.ch; worker-src 'self' blob:; connect-src 'self' https:\/\/devnull.apfelkiste.ch https:\/\/www.google.com https:\/\/accounts.google.com https:\/\/apis.google.com https:\/\/api.dealoo.ch https:\/\/rumdash.io https:\/\/api.zakeke.com https:\/\/*.dealoo.ch; frame-src 'self' https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/challenges.cloudflare.com https:\/\/accounts.google.com https:\/\/www.google.com https:\/\/portal.zakeke.com\/; object-src 'self'; font-src 'self'; media-src 'self' https:\/\/cms-data.apfelkiste.ch; child-src 'self' blob:; frame-ancestors 'self' https:\/\/cms.apfelkiste.ch; report-uri https:\/\/devnull.apfelkiste.ch\/api\/8\/security\/?sentry_key=291d0d843488451caadd66b48b4a6ae4","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-QaBNZ+b5kBTcl9ypujZliw==' https:\/\/cdn-cookieyes.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/static.hotjar.com https:\/\/stats.xovis.com https:\/\/www.youtube.com; style-src 'self' 'nonce-QaBNZ+b5kBTcl9ypujZliw=='; style-src-attr 'unsafe-inline'; img-src 'self' data: blob: https:\/\/www.googletagmanager.com https:\/\/cdn-cookieyes.com https:\/\/api.xovis.com; media-src 'self' data: https:\/\/api.xovis.com; font-src 'self' data:; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/stats.xovis.com https:\/\/*.hotjar.io https:\/\/cdn-cookieyes.com https:\/\/*.cookieyes.com https:\/\/api.xovis.com; frame-src 'self' http:\/\/iframely.net https:\/\/go.xovis.com https:\/\/www.youtube-nocookie.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; report-uri \/csp-report","count":1},{"content-security-policy-report-only":" report-uri https:\/\/logs-01.loggly.com\/inputs\/4e92d8a9-baa6-4559-82e2-05428d10fa7b\/tag\/csp; report-to default","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/securepubads.g.doubleclick.net https:\/\/*.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/static.hotjar.com https:\/\/*.hotjar.com https:\/\/connect.facebook.net https:\/\/us-assets.i.posthog.com https:\/\/btloader.com\/ https:\/\/assets.rapidedge.io\/; style-src 'self' 'unsafe-inline' https:\/\/use.typekit.net https:\/\/p.typekit.net https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https:\/\/firebasestorage.googleapis.com https:\/\/storage.googleapis.com https:\/\/*.join1440.com https:\/\/fourteen40stg.wpengine.com https:\/\/fourteen40dev1.wpenginepowered.com https:\/\/jqvdgh9urmxngnuf.public.blob.vercel-storage.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/www.google.com https:\/\/*.doubleclick.net https:\/\/*.hotjar.com https:\/\/www.facebook.com; connect-src 'self' https:\/\/us.i.posthog.com https:\/\/us-assets.i.posthog.com https:\/\/www.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/securepubads.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/www.facebook.com; font-src 'self' https:\/\/use.typekit.net https:\/\/fonts.gstatic.com data:; frame-src 'self' https:\/\/www.google.com https:\/\/recaptcha.google.com https:\/\/www.youtube.com https:\/\/*.doubleclick.net https:\/\/td.doubleclick.net https:\/\/vars.hotjar.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'","count":1},{"content-security-policy-report-only":" font-src bonialconnect.com *.oney.io assets.app.smart-tribune.com cdnjs.cloudflare.com api-gateway.app.smart-tribune.com polyfill-fastly.io data: 'self' 'unsafe-inline'; form-action secure.ogone.com v1-sim.preprod.psp-solutions.com v2-sim.preprod.psp-solutions.com www.facebook.com\/tr\/ bpcepaymentservices-3ds-vdm.wlp-acs.com bnpp-3ds-vdm.wlp-acs.com assets.app.smart-tribune.com cdnjs.cloudflare.com api-gateway.app.smart-tribune.com polyfill-fastly.io pay.google.com 'self' 'unsafe-inline'; frame-src secure.ogone.com ogone.test.v-psp.com widget.trustpilot.com gum.criteo.com s.salecycle.com https:\/\/10766555.fls.doubleclick.net\/ static.criteo.net\/ www.facebook.com\/ magasins.bureau-vallee.fr magasins.bureau-vallee.be magasins.bureau-vallee.nc magasins.bureau-vallee.re magasins.bureau-vallee.gf magasins.bureau-vallee.yt magasins.bureau-vallee.gp magasins.bureau-vallee.sx t.clic2buy.com bpcepaymentservices-3ds-vdm.wlp-acs.com assets.app.smart-tribune.com cdnjs.cloudflare.com api-gateway.app.smart-tribune.com polyfill-fastly.io pay.google.com td.doubleclick.net accounts.google.com 'self' 'unsafe-inline'; img-src bva-preprod-fbi-fr-media-s3.s3.amazonaws.com bva-recette-fbi-fr-media-s3.s3.amazonaws.com bv-prd-fbi-fr-media.s3.eu-west-3.amazonaws.com bv-prd-fbi-fr-media.s3.amazonaws.com d2hlj6xfalexml.cloudfront.net d3n1o8ch79p937.cloudfront.net dxbyzx5id4chj.cloudfront.net bonialconnect.com content-media.bonial.biz rum-metrics.quanta.io bat.bing.com ib.adnxs.com www.facebook.com cm.g.doubleclick.net gum.criteo.com dis.criteo.com sync-t1.taboola.com x.bidswitch.net r.casalemedia.com ad.360yield.com contextual.media.net sync.outbrain.com pixel.rubiconproject.com match.sharethrough.com rtb-csync.smartadserver.com criteo-sync.teads.tv eb2.3lift.com ups.analytics.yahoo.com e1.emxdgt.com cm.adform.net visitor.omnitagjs.com id5-sync.com matching.ivitrack.com exchange.mediavine.com simage2.pubmatic.com criteo-partners.tremorhub.com ad.yieldlab.net sync-criteo.ads.yieldmo.com beacon.krxd.net s.thebrighttag.com www.bureau-vallee.fr www.google.fr bvci-e2.colop.com *.oney.io assets.app.smart-tribune.com cdnjs.cloudflare.com api-gateway.app.smart-tribune.com polyfill-fastly.io www.gstatic.com jadserve.postrelease.com ad.doubleclick.net jadserve.postrelease.com public-prod-dspcookiematching.dmxleo.com data: 'self' 'unsafe-inline'; script-src magasins.bureau-vallee.fr widget.trustpilot.com bonialconnect.com s3.amazonaws.com maps.googleapis.com\/ d16fk4ms6rqz1v.cloudfront.net bat.bing.com appstatic.quanta.io try.abtasty.com acdn.adnxs.com static.criteo.net sslwidget.criteo.com connect.facebook.net cdn.jsdelivr.net static.target2sell.com js-agent.newrelic.com\/ bam.eu01.nr-data.net magasins.bureau-vallee.be magasins.bureau-vallee.nc magasins.bureau-vallee.re magasins.bureau-vallee.gf magasins.bureau-vallee.yt magasins.bureau-vallee.gp magasins.bureau-vallee.sx rs.clic2buy.com assets.app.smart-tribune.com cdnjs.cloudflare.com api-gateway.app.smart-tribune.com polyfill-fastly.io pagead2.googlesyndication.com tpc.googlesyndication.com *.algolia.io 'self' 'unsafe-inline' 'unsafe-eval'; style-src assets.app.smart-tribune.com cdnjs.cloudflare.com api-gateway.app.smart-tribune.com polyfill-fastly.io 'self' 'unsafe-inline'; manifest-src pay.google.com 'self' 'unsafe-inline'; connect-src s3.eu-west-1.amazonaws.com www.bonialserviceswidget.de maps.googleapis.com trackingapi.bonial.fr bonialconnect.com dcinfos-cache.abtasty.com ariane.abtasty.com c.salecycle.com api.ipify.org google.com i.salecycle.com wss:\/\/ws.salecycle.com\/ region1.analytics.google.com www.facebook.com serv-api.target2sell.com bat.bing.com\/actionp\/ rum-metrics.quanta.io reco.target2sell.com bam.eu01.nr-data.net www.google.fr autocomplete.geocoder.api.here.com assets.app.smart-tribune.com cdnjs.cloudflare.com api-gateway.app.smart-tribune.com polyfill-fastly.io try.abtasty.com pagead2.googlesyndication.com measurement-api.criteo.com 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; default-src https:\/\/epaync.nc\/vads-payment\/ https:\/\/epaync.nc\/api-payment\/ https:\/\/epaync.nc\/static\/ *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.googleapis.com fonts.gstatic.com *.gstatic.com https:\/\/d22j4fzzszoii2.cloudfront.net *.typekit.net https:\/\/cdnjs.cloudflare.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com payments.amazon.de * 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.palaisdesthes.com *.palaisdesthes.co.uk 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.adyen.com pay.google.com *.paypal.com *.sharethis.com *.certcapture.com * https:\/\/www.googletagmanager.com\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com *.sharethis.com *.certcapture.com a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org *.openstreetmap.org maps.googleapis.com maps.gstatic.com *.agkn.com *.360yield.com *.3lift.com *.abtasty.com *.adform.net *.adnxs.com *.avis-verifies.com *.bidswitch.net *.bing.com *.bing.net *.casalemedia.com *.clarity.ms *.criteo.com *.criteo.net *.doubleclick.net *.emxdgt.com *.exelator.com *.facebook.com *.google.fr *.google.ch *.googleapis.com *.gstatic.com *.rlcdn.com *.ivitrack.com *.klarna.com *.media.net *.mediavine.com *.mmtro.com https:\/\/mmtro.com *.omnitagjs.com *.outbrain.com *.palaisdesthes.com *.palaisdesthes.co.uk *.pubmatic.com *.rubiconproject.com *.sharethrough.com *.smaato.net *.smartadserver.com *.stickyadstv.com *.taboola.com *.teads.tv *.weborama.fr *.yahoo.com *.yieldlab.net *.yieldmo.com *.zebestof.com *.zdassets.com *.zendesk.com *.adscale.de *.id5-sync.com https:\/\/id5-sync.com *.liadm.com *.smartclip.net *.tremorhub.com *.krxd.net *.thebrighttag.com *.amazon-adsystem.com *.contentsquare.net *.privacy-center.org *.postrelease.com *.sc-trc.com *.surveyjs.io *.1rx.io *.join-stories.com *.parcellab.com *.opecloud.com *.zopim.io https:\/\/shareasale.com *.google.com *.unrulymedia.com *.hsforms.com *.hubspot.com *.hscollectedforms.net *.adsrvr.org www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com *.paypal.com s0.2mdn.net http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/redchamps.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ *.google.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com https:\/\/rum.hlx.page *.sharethis.com *.googleapis.com *.certcapture.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ *.abtasty.com *.acdn.adnxs.com *.avtm.fr *.amazon-adsystem.com *.bing.com *.bing.net *.capadresse.com ws2.capadresse.com:7455 ws2.capadresse.com:7456 *.clarity.ms *.criteo.com *.criteo.net *.doubleclick.net *.effiliation.com *.facebook.net *.mmtro.com https:\/\/mmtro.com *.privacy-center.org *.static-sb.com *.tradedoubler.com *.zdassets.com *.zendesk.com *.mouseflow.com *.servedby.flashtalking.com https:\/\/servedby.flashtalking.com *.secure.adnxs.com\/ https:\/\/secure.adnxs.com\/ *.tag.zebestof.com https:\/\/tag.zebestof.com *.contentsquare.com *.contentsquare.net *.thank-you.io *.tiktok.com *.palaisdesthes.com *.palaisdesthes.co.uk *.optimalpeople.fr https:\/\/d16fk4ms6rqz1v.cloudfront.net *.dwin1.com *.skeepers.io *.surveyjs.io *.amcharts.com *.parcellab.com *.zopim.io *.adnxs.com *.hsforms.net *.hs-scripts.com *.hs-banner.com *.hscollectedforms.net *.hs-analytics.net *.billetweb.fr *.brevo.com https:\/\/sibautomation.com *.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com p.teads.tv google.com recaptcha.net s0.2mdn.net http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ palais-des-thes.my.join-stories.com *.get-potions.com https:\/\/cdnjs.cloudflare.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.sharethis.com *.certcapture.com fonts.googleapis.com unpkg.com fonts.gstatic.com *.parcellab.com assets.braintreegateway.com *.typekit.net https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zdassets.com *.zendesk.com *.join-stories.com *.zopim.io blob: http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.youtube.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adyen.com *.google.com google.com payments-eu.amazon.com *.paypal.com *.sharethis.com *.googleapis.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io *.certcapture.com maps.googleapis.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ *.abtasty.com *.clarity.ms *.analytics.google.com *.googlesyndication.com *.palaisdesthes.com *.palaisdesthes.co.uk *.privacy-center.org *.social-sb.com *.zendesk.com *.zopim.io wss:\/\/widget-mediator.zopim.com *.mouseflow.com *.zdassets.com *.contentsquare.net *.thank-you.io *.tiktok.com *.zebestof.com *.doubleclick.net *.optimalpeople.fr *.criteo.com *.salecycle.com wss:\/\/ws.salecycle.com *.surveyjs.io http:\/\/127.0.0.1:63342 *.bing.com *.bing.net *.stories.studio *.parcellab.com *.algolia.io *.adnxs.com *.hsforms.com *.s3.amazonaws.com *.hscollectedforms.net *.hubspot.com *.skeepers.io *.brevo.com *.braintreegateway.com *.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.join-stories.com *.teads.tv *.google-analytics.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ www.googleapis.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com *.zohocdn.com www.shopperapproved.com *.klevu.com *.ksearchnet.com *.fontawesome.com maxcdn.bootstrapcdn.com *.fonts.googleapis.com data: *.cloudflare.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com js.stripe.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com sandbox.secure.checkout.visa.com secure.checkout.visa.com thm.visa.com sandbox.src.mastercard.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com www.googletagmanager.com td.doubleclick.net sst.surveillance-video.com googleads.g.doubleclick.net ep2.adtrafficquality.google cerulean-cannoli-8f496c.netlify.app elaborate-capybara-a25bf1.netlify.app salesiq.zohopublic.com *.google.com *.addthis.com *.pinterest.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com www.gstatic.com sandbox.secure.checkout.visa.com secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com assets.secure.checkout.visa.com thm.visa.com cdn.gtranslate.net css.zohocdn.com www.shopperapproved.com ep1.adtrafficquality.google pagead2.googlesyndication.com d3k81ch9hvuctc.cloudfront.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.cloudflare.com *.cdn.klarna.com *.s.ytimg.com *.widgets.magentocommerce.com *.fpdbs.paypal.com *.t.paypal.com *.paypal.com *.fpdbs.sandbox.paypal.com *.addthis.com *.pinterest.com *.cdninstagram.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ tagmanager.google.com https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ js.stripe.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com sandbox.secure.checkout.visa.com secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com assets.secure.checkout.visa.com thm.visa.com sandbox.src.mastercard.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/api.goaffpro.com https:\/\/static.goaffpro.com pagead2.googlesyndication.com *.hotjar.com prod.benchmarkemail.com monitor.fraudblocker.com salesiq.zoho.com *.zohocdn.com cdn.gtranslate.net www.shopperapproved.com load.sst.surveillance-video.com sst.surveillance-video.com ep2.adtrafficquality.google https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com *.avada.io *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.pinterest.com *.instagram.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com fonts.googleapis.com *.zohocdn.com *.zohostatic.com *.zohopublic.com www.googletagmanager.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com maxcdn.bootstrapcdn.com *.stripe.network *.stripecdn.com *.amazon.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.zohocdn.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com *.googleapis.com thm.visa.com https:\/\/api.goaffpro.com https:\/\/static.goaffpro.com *.google.com googleads.g.doubleclick.net google.com *.zohopublic.com wss:\/\/vts.zohopublic.com *.hotjar.io wss:\/\/ws.hotjar.com stats.g.doubleclick.net sst.surveillance-video.com ep1.adtrafficquality.google https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/get.geojs.io *.avada.io *.cloudflare.com *.paypal.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net maxcdn.bootstrapcdn.com 'self' data: cdnjs.cloudflare.com fonts.bunny.net cdn.jsdelivr.net data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/www.google.com\/recaptcha\/ servicepoints.sendcloud.sc c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * www.googletagmanager.com widget.trustpilot.com www.google.com consentcdn.cookiebot.com www.youtube-nocookie.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com p.typekit.net validator.swagger.io https:\/\/images.unsplash.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com log.pinterest.com ssl.google-analytics.com maps.googleapis.com maps.gstatic.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com tacstack.com *.krale-wholesale.com *.krale.shop static.pay.nl 'self' data: www.snapengage.com lh3.ggpht.com imgsct.cookiebot.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net https:\/\/maps.googleapis.com chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com www.google.com www.gstatic.com t.trackedlink.net assets.pinterest.com maps.googleapis.com ssl.google-analytics.com embed.sendcloud.sc js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net servicepoints.sendcloud.sc widget.trustpilot.com storage.googleapis.com www.snapengage.com static.widget.trengo.eu consent.cookiebot.com consentcdn.cookiebot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com downloads.mailchimp.com maxcdn.bootstrapcdn.com assets.braintreegateway.com fonts.bunny.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.snapengage.com static.widget.trengo.eu 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io https:\/\/maps.googleapis.com https:\/\/player.vimeo.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com log.pinterest.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com bam.nr-data.net bam-cell.nr-data.net www.snapengage.com api.widget.trengo.eu ws-eu.pusher.com consentcdn.cookiebot.com *.krale.shop 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.krale-wholesale.com *.krale.shop tacstack.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com 'unsafe-inline' data: *.channelsight.com *.bazaarvoice.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.twitter.com *.facebook.com *.snapchat.com *.tiktok.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.twitter.com s.amazon-adsystem.com *.facebook.com *.doubleclick.net insight.adsrvr.org *.filestackapi.com *.addthis.com flexfaceoffsweeps.azurewebsites.net match.adsrvr.org viewinyourspace.com *.viewinyourspace.com *.myepigraph.com playcanv.as *.snapchat.com *.clinch.co *.pinterest.com https:\/\/recaptcha.google.com\/recaptcha\/ *.dotdigital-pages.com *.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src 'self' data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: *.cloudflare.com *.klarna.com *.googleadservices.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.bazaarvoice.com *.google.com *.taboola.com *.facebook.com *.facebook.net *.hubspot.com *.hsforms.com r.turn.com *.adnxs.com pixel.mediaiqdigital.com *.gravatar.com *.channelsight.com cscoreproweustor.blob.core.windows.net *.skil.com *.googleapis.com *.doubleclick.net *.seeitinyourspace.com *.pinterest.com *.nextdoor.com *.reddit.com insight.adsrvr.org *.ispot.tv egopowerplus.com *.egopowerplus.com egopowerplus.com.au *.flexpowertools.com pixel.roymorgan.com *.myepigraph.com *.intentiq.com edge.curalate.com *.linkedin.com ad.ipredictive.com api.copilot.livex.ai *.trackedlink.net *.ddlnk.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com datadash.egopowerplus.com datadash.skil.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.bazaarvoice.com *.filestackapi.com *.facebook.net *.crazyegg.com js.hs-scripts.com *.taboola.com js.adsrvr.org js.hs-analytics.net js.hs-banner.com js.hscollectedforms.net *.googleapis.com geoip-js.com secure-ds.serving-sys.com *.adnxs.com bs.serving-sys.com *.addthis.com *.addthisedge.com z.moatads.com cscoreproweustor.blob.core.windows.net flexsweepstakes2022.azurewebsites.net js.monitor.azure.com edge.curalate.com ipinfo.io *.tiktok.com sc-static.net *.channelsight.com unpkg.com *.jsdelivr.net viewinyourspace.com *.viewinyourspace.com *.cookielaw.org *.addevent.com *.pinimg.com *.nextdoor.com *.crwdcntrl.com *.crwdcntrl.net mjca-yijws.global.ssl.fastly.net cdn.480app.com cdn.nmgassets.com *.clinch.co *.vimeo.com *.redditstatic.com *.snapchat.com adriano-au.avanser.com *.amazon-adsystem.com *.licdn.com *.pinterest.com *.egopowerplus.com cdn.cookie-script.com stapecdn.com chatbox.copilot.livex.ai *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/egopowerplus.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.bazaarvoice.com cscoreproweustor.blob.core.windows.net *.channelsight.com cdn.jsdelivr.net assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com api.bazaarvoice.com *.vimeo.com vod-progressive.akamaized.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com insight.adsrvr.org *.cloudflare.com *.twitter.com *.twimg.com *.bazaarvoice.com *.crazyegg.com forms.hubspot.com *.channelsight.com *.doubleclick.net *.taboola.com secure-ds.serving-sys.com viewinyourspace.com *.viewinyourspace.com chervon-website-api.herokuapp.com chervon-website-api-dev.herokuapp.com *.jotform.com dc.services.visualstudio.com *.addthis.com edge.curalate.com geoip-js.com *.hsforms.com *.facebook.com *.tiktok.com *.snapchat.com *.cookielaw.org *.rain-staging.com *.seeitinyourspace.com *.gstatic.com blob: *.googleapis.com *.pinterest.com cdn.nmgassets.com jdl.nmgplatform.com colrep.sitelabweb.com lm.serving-sys.com us-central1-epigraph-product-configurator.cloudfunctions.net *.intentiq.com *.flexpowertools.com *.skil.com *.egopowerplus.com *.linkedin.com *.amazon-adsystem.com ara.paa-reporting-advertising.amazon js.monitor.azure.com *.reddit.com *.redditstatic.com *.nextdoor.com api.copilot.livex.ai *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' assets.adobedtm.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com js.authorize.net jstest.authorize.net t.paypal.com s.ytimg.com video.google.com vimeo.com *.vimeocdn.com cdn-scripts.signifyd.com *.googleapis.com r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net cdn.dnky.co api.comapi.com webchat.dotdigital.com connect.facebook.net graph.facebook.com business.facebook.com cdn.xtento.com *.klevu.com *.ksearchnet.com *.avada.io *.trustpilot.com *.yotpo.com preferredliving.com *.preferredliving.com sportys.com *.sportys.com sportystoolshop.com *.sportystoolshop.com wright-bros.com *.wright-bros.com na-library.klarnaservices.com www.googleadservices.com bat.bing.com www.googletagmanager.com *.bc0a.com hello.zonos.com cdn.mouseflow.com secure.quantserve.com cdn.attn.tv *.datasteam.io googleads.g.doubleclick.net rules.quantcount.com aa.agkn.com *.cloudmaestro.com cdn.b0e8.com cdn.iglobalstores.com *.listrakbi.com www.google-analytics.com *.listrak.com widgets.turnto.com www.google.com www.gstatic.com widget.heymarket.com *.clarity.ms *.aviationgifts.com; report-uri \/.webscale\/csp-report","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' https:\/\/cdn.matomo.cloud https:\/\/heritagefund.matomo.cloud https:\/\/cdn.ckeditor.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/naver.github.io https:\/\/player.vimeo.com https:\/\/unpkg.com https:\/\/www.gstatic.com https:\/\/heritagefund.matomo.cloud\/; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:\/\/cdn.matomo.cloud https:\/\/heritagefund.matomo.cloud https:\/\/cdn.ckeditor.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/naver.github.io https:\/\/player.vimeo.com https:\/\/unpkg.com https:\/\/www.gstatic.com; style-src 'self' 'unsafe-inline' https:\/\/p.typekit.net https:\/\/cdn.jsdelivr.net https:\/\/naver.github.io; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https:\/\/p.typekit.net\/ https:\/\/cdn.jsdelivr.net https:\/\/naver.github.io; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/agrilife.org; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:\/\/agrilife.org;","count":1},{"content-security-policy-report-only":" script-src 'nonce-g44RmEyl3\/\/U+p4bIPAong==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=5c051977-2bd9-4856-bd47-bd3acc1cd2f3; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net; script-src 'self' https:\/\/ajax.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/translate.google.com https:\/\/translate.googleapis.com https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net 'nonce-w+twPTRTwR7zO7HFWCGvAQ=='; script-src-elem 'self' https:\/\/ajax.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/translate.google.com https:\/\/translate.googleapis.com https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net 'nonce-w+twPTRTwR7zO7HFWCGvAQ=='; script-src-attr 'none'; style-src 'self' https:\/\/fonts.googleapis.com https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net 'nonce-w+twPTRTwR7zO7HFWCGvAQ=='; style-src-elem 'self' https:\/\/fonts.googleapis.com https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net 'nonce-w+twPTRTwR7zO7HFWCGvAQ=='; style-src-attr 'unsafe-inline'; img-src 'self' data: blob: https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net https:\/\/translate.google.com https:\/\/fonts.gstatic.com; font-src 'self' https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net https:\/\/fonts.gstatic.com; connect-src 'self' blob: https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net https:\/\/translate.googleapis.com wss:\/\/knizhen-pazar.net wss:\/\/*.knizhen-pazar.net wss:\/\/knigosviat.net; form-action 'self' https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net; frame-src 'none'; media-src 'self' https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net; manifest-src 'self' https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net; worker-src 'self' https:\/\/knizhen-pazar.net https:\/\/*.knizhen-pazar.net https:\/\/knigosviat.net; report-uri \/csp-reports","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-tHDTCy53I_xt5fohchy4ww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'none'; base-uri 'self'; default-src 'self' https:\/\/*.yahoo.com https:\/\/*.yimg.com; script-src 'self' 'nonce-MzUxMzBjMTUtMjM1Yi00MTc1LWI4MTEtZjYwMDg1YTBmNGMw' 'unsafe-eval' https:\/\/*.yahoo.net https:\/\/*.yahoo.com https:\/\/*.yimg.com *.oath.com https:\/\/*.hereapi.com https:\/\/*.yahooapis.com blob: *.googletagmanager.com https:\/\/cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https:\/\/assets.video.yahoo.net https:\/\/*.yimg.com; frame-src 'self' https:\/\/*.yahoo.net https:\/\/s.yimg.com https:\/\/*.yahoo.com; img-src 'self' data: blob: https:\/\/*.yimg.com https:\/\/s.ytimg.com yahoo.com https:\/\/*.yahoo.com *.here.com https:\/\/sb.scorecardresearch.com https:\/\/*.yahoo.net https:\/\/*.bing.net https:\/\/media.zenfs.com https:\/\/*.googletagmanager.com; media-src 'self' https:\/\/*.yimg.com https:\/\/*.yahoo.com https:\/\/*.yahoo.net https:\/\/media.zenfs.com blob:; object-src 'self' https:\/\/*.yimg.com; connect-src 'self' https:\/\/*.yahoo.com https:\/\/*.yahooapis.com https:\/\/*.yimg.com https:\/\/*.yahoo.net https:\/\/*.hereapi.com https:\/\/*.api.here.com https:\/\/*.oath.com https:\/\/sb.scorecardresearch.com https:\/\/quiz.yahoo.2mundos.net https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/www.google.com wss:\/\/*.finance.yahoo.com blob:; font-src 'self' https:\/\/*.yimg.com data:; child-src blob:; report-uri https:\/\/csp.yahoo.com\/beacon\/csp?src=scout","count":1},{"content-security-policy-report-only":" font-src *.cloudflare.com fonts.gstatic.com *.bootstrapcdn.com *.maxcdn.com *.googleapis.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action accounts.google.com www.facebook.com api.twitter.com www.linkedin.com *.amazon.com www.paypal.com *.twitch.tv login.microsoftonline.com https:\/\/pinterest.com https:\/\/www.pinterest.com appleid.apple.com 'self' 'unsafe-inline'; frame-ancestors www.google.com www.gstatic.com 'self'; frame-src bid.g.doubleclick.net player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ td.doubleclick.net *.facebook.com www.googletagmanager.com www.google.com *.standout.com.br 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com *.analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com *.cloudflare.com www.google.com.br device.clearsale.com.br *.ebit.com.br *.ebitempresa.com.br newimgebit-a.akamaihd.net *.googleapis.com *.gstatic.com *.google.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.openpix.com.br api.woovi.com s3.amazonaws.com flagpedia.net data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.cloudflare.com *.githubusercontent.com *.addthis.com device.clearsale.com.br *.ebit.com.br *.googleapis.com *.gstatic.com apis.google.com connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ maps.googleapis.com s3-sa-east-1.amazonaws.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.maxcdn.com *.bootstrapcdn.com *.cloudflare.com *.githubusercontent.com fonts.googleapis.com *.ebit.com.br *.gstatic.com 'self' 'unsafe-inline'; object-src data: 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com www.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.bootstrapcdn.com www.google.com www.google.com.br googleads.g.doubleclick.net device.clearsale.com.br *.ebit.com.br newimgebit-a.akamaihd.net *.googleapis.com apis.google.com *.google-analytics.com *.googletagmanager.com stats.g.doubleclick.net *.openpix.com.br *.gstatic.com s3.amazonaws.com www.gstatic.com maps.googleapis.com s3-sa-east-1.amazonaws.com *.standout.com.br 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'none'; connect-src 'self' https: policy.app.cookieinformation.com; font-src https:; frame-src https:; img-src 'self' data: https:; manifest-src 'self' https:; media-src 'self' https:; script-src 'unsafe-inline' https: maps.google.com; style-src 'unsafe-inline' https:; worker-src https:; base-uri https:; form-action https:; frame-ancestors 'self' https:; report-uri https:\/\/ing.dk\/log-report-uri\/reportOnly","count":1},{"content-security-policy-report-only":" default-src 'self';    script-src 'self' 'unsafe-inline' https: http: https:\/\/vercel.live https:\/\/vercel.com https:\/\/*.posthog.com *.clerk.accounts.dev https:\/\/cdn.mux.com https:\/\/mux.com https:\/\/*.mux.com https:\/\/stream.mux.com https:\/\/*.gleap.io\/ https:\/\/translate.google.com\/ https:\/\/translate.googleapis.com\/ https:\/\/www.gstatic.com\/ https:\/\/*.google.com\/;    style-src 'self' 'unsafe-inline' https:\/\/vercel.live\/ https:\/\/*.mux.com;    img-src 'self' blob: data: https: *.thenational.academy\/ thenational.academy\/;    font-src 'self' gstatic-fonts.thenational.academy\/ fonts.gstatic.com\/ data: https:\/\/vercel.live\/ https:\/\/assets.vercel.com;    object-src 'self' *.google.com;    base-uri 'self';    form-action 'self';    frame-ancestors 'self' *.google.com\/;    connect-src *.thenational.academy thenational.academy https:\/\/vercel.live\/ https:\/\/vercel.com *.pusher.com *.pusherapp.com *.hubspot.com *.hsforms.com *.cloudinary.com\/ https:\/\/eu.i.posthog.com *.posthog.com https:\/\/api.avo.app\/ *.clerk.accounts.dev clerk-telemetry.com https:\/\/mux.com https:\/\/*.mux.com https:\/\/stream.mux.com https:\/\/inferred.litix.io *.gleap.io wss:\/\/*.gleap.io *.google.com *.bugsnag.smartbear.com *.bugsnag.com;    media-src 'self' blob: *.thenational.academy\/ https:\/\/res.cloudinary.com\/ https:\/\/oaknationalacademy-res.cloudinary.com\/ https:\/\/*.cloudinary.com\/ https:\/\/*.mux.com\/ https:\/\/stream.mux.com\/ https:\/\/*.gleap.io\/ https:\/\/ssl.gstatic.com;    frame-src 'self' *.thenational.academy\/ https:\/\/vercel.live\/ https:\/\/vercel.com https:\/\/challenges.cloudflare.com https:\/\/www.avo.app\/ https:\/\/stream.mux.com https:\/\/*.mux.com https:\/\/*.gleap.io\/ *.google.com\/;    worker-src 'self' blob: *.thenational.academy\/;    child-src blob:;    report-uri https:\/\/ph-eu-api.thenational.academy\/report\/?token=phc_LCrtgEAumOz4qgXuJNqMK2xisQ4mGaApixHEPXeRRoN&sample_rate=0.05&v=1;    report-to posthog","count":1},{"content-security-policy-report-only":" default-src * data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval';worker-src 'self' blob:; style-src * data: blob: 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com cash-f.squarecdn.com *.hotjar.com *.cloudfront.net static.klaviyo.com *.reviews.io *.reviews.co.uk *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com *.reviews.io *.reviews.co.uk *.twitter.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com https:\/\/www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.doubleclick.net *.google.com\/ *.hotjar.com *.livechatinc.com *.reviews.co.uk widget.reviews.co.uk *.reviews.io *.pingdom.com *.heritagepartscentre.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.twitter.com *.weltpixel.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com *.ftcdn.net *.behance.net data: * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.doubleclick.net *.google.com *.google.co.uk *.cloudfront.net *.facebook.com *.yotpo.com *.heritagepartscenter.com www.google.co.in *.google-analytics.com bat.bing.com imgsct.cookiebot.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/www.magezon.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.reviews.io *.reviews.co.uk *.cloudflare.com *.klarna.com *.googleadservices.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https:\/\/rum.hlx.page www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com widget.freshworks.com m2epro.freshdesk.com *.pcapredict.com\/js\/sensor.js *.google.com\/ *.gstatic.com *.hotjar.com *.doubleclick.net *.newrelic.net *.livechatinc.com *.facebook.net *.webgains.io *.chimpstatic.com *.yotpo.com *.reviews.co.uk *.trackedlink.net *.googleapis.com gtm.heritagepartscentre.com consent.cookiebot.com bat.bing.com www.clarity.ms consentcdn.cookiebot.com scripts.clarity.ms static.zdassets.com static.zdassets.com\/web_widget static.onsitesupport.io https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.reviews.io *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com https:\/\/www.googletagmanager.com tagmanager.google.com unpkg.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.cash.app widget.freshworks.com m2epro.freshdesk.com *.googleapis.com *.yotpo.com *.cloudfront.net *.reviews.co.uk static.onsitesupport.io https:\/\/static.klaviyo.com assets.braintreegateway.com *.reviews.io *.cloudflare.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.livechatinc.com *.heritagepartscenter.com *.onsitesupport.io static.onsitesupport.io 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com widget.freshworks.com m2epro.freshdesk.com *.hotjar.com *.adobedc.net *.reviews.co.uk bat.bing.com l.clarity.ms consentcdn.cookiebot.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.cloudfront.net *.reviews.io *.cloudflare.com *.twitter.com *.twimg.com *.google-analytics.com *.facebook.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' chrome-extension: https:\/\/mc.yandex.ru 'unsafe-eval' https:\/\/smartcaptcha.yandexcloud.net https:\/\/mc.yandex.com 127.0.0.1:8182 127.0.0.1:8888 127.0.0.1:5005; frame-src 'self' https:\/\/mc.yandex.ru chrome-extension: https:\/\/mc.yandex.md https:\/\/mc.yandex.com https:\/\/smartcaptcha.yandexcloud.net; object-src 'self'; report-uri \/cspreportonly;","count":1},{"content-security-policy-report-only":" child-src 'self' https:\/\/*.qualified.com; default-src 'self'; frame-src 'self' https:\/\/9628652.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/ct.pinterest.com https:\/\/tealium-f.squarecdn.com; worker-src 'self' blob:; connect-src 'self' https:\/\/assets.ctfassets.net https:\/\/api.broadway.squareup.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/api.squareup.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com https:\/\/api.squareup.com https:\/\/api.squareupstaging.com *.contentsquare.net https:\/\/capi.squareup.com https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/stats.g.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/google.com https:\/\/www.google.com https:\/\/us-central1-sq-sgtm-prod.cloudfunctions.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net http:\/\/424-iab-218.mktoresp.com https:\/\/424-iab-218.mktoresp.com https:\/\/xms2-marketo.beta.stage.sqprod.co https:\/\/424-iab-218.mktoutil.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/logx.optimizely.com https:\/\/ct.pinterest.com https:\/\/conversions-config.reddit.com https:\/\/pixel-config.reddit.com https:\/\/www.redditstatic.com *.ingest.us.sentry.io *.6sc.co https:\/\/api.sprig.com https:\/\/squareupstaging.com https:\/\/visitor-scoring-new.marketlinc.com https:\/\/api.chilipiper.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com wss:\/\/*.qualified.com https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com localhost:*; font-src 'self' https:\/\/cash-f.squarecdn.com https:\/\/square-fonts-production-f.squarecdn.com; img-src 'self' data: blob: https:\/\/ib.adnxs.com https:\/\/assets.ctfassets.net https:\/\/cdn.blisspointmedia.com https:\/\/campaign-hub-production-f.squarecdn.com *.contentsquare.net https:\/\/ad.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/google.com https:\/\/www.google.com https:\/\/adservice.google.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/*.g.doubleclick.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net https:\/\/px.ads.linkedin.com https:\/\/cdn.cookielaw.org https:\/\/pixel.pointmediatracker.com https:\/\/alb.reddit.com *.6sc.co https:\/\/api.squareup.com https:\/\/api.squareupstaging.com https:\/\/insight.adsrvr.org https:\/\/match.adsrvr.org https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; manifest-src 'self' https:\/\/pw-renderer-production-c.squarecdn.com; media-src 'self' mediastream: https:\/\/assets.ctfassets.net https:\/\/js.driftt.com http:\/\/videos.ctfassets.net https:\/\/videos.ctfassets.net https:\/\/*.qualified.com; script-src 'self' *.contentsquare.net https:\/\/www.datadoghq-browser-agent.com https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/connect.facebook.net https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/lift-ai-js.marketlinc.com https:\/\/martech-development-c.squarecdn.com https:\/\/martech-production-c.squarecdn.com https:\/\/martech-staging-c.squarecdn.com http:\/\/munchkin.marketo.net https:\/\/munchkin.marketo.net https:\/\/cdn.cookielaw.org https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/pw-renderer-production-c.squarecdn.com https:\/\/pw-renderer-staging-c.squarecdn.com https:\/\/pwt-production-c.squarecdn.com https:\/\/pwt-staging-c.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com https:\/\/www.redditstatic.com *.6sc.co https:\/\/cdn.sprig.com https:\/\/xms-production-f.squarecdn.com https:\/\/www.youtube.com https:\/\/pw-renderer-production-c.squarecdn.com 'nonce-UrlGHq5ghBzCja3+JBXKCA=='; style-src 'self' https:\/\/square-fonts-production-f.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com 'unsafe-inline' https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; frame-ancestors 'self' https:\/\/app.contentful.com; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin=content-security-policy&ddsource=csp-report; report-to browser-intake-datadoghq","count":1},{"content-security-policy-report-only":" font-src cash-f.squarecdn.com *.gstatic.com data: *.googleapis.com cdnjs.cloudflare.com js-agent.newrelic.com api.map.baidu.com *.baidu.com *.bdimg.com *.mtcaptcha.com *.bglobale.com *.global-e.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com https:\/\/secure-test.worldpay.com\/shopper\/3ds\/ddc.html 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com * www.google.com *.bglobale.com *.global-e.com maisongoyard--staging.sandbox.my.salesforce-sites.com maisongoyard.my.salesforce-sites.com *.mtcaptcha.com *.smartpixels.fr *.ls-group.fr c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com https:\/\/pay.google.com https:\/\/secure-test.worldpay.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io * *.gstatic.com *.googleapis.com maps.googleapis.com maps.gstatic.com *.baidu.com *.bdimg.com sdk.privacy-center.org *.mtcaptcha.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.bglobale.com *.global-e.com *.goyard.com *.smartpixels.fr goyard-marquage-test-we-appservice-webconf.azurewebsites.net *.ls-group.fr sprint-7onpvba-jccxky3s5ebcw.us-a1.magentosite.cloud www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.cloudflare.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com *.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.gstatic.com cdnjs.cloudflare.com bam.nr-data.net mcstaging.goyard.com mcprod.goyard.com goyard.com js-agent.newrelic.com api.map.baidu.com *.baidu.com *.bdimg.com sdk.privacy-center.org *.mtcaptcha.com chimpstatic.com downloads.mailchimp.com *.list-manage.com *.bglobale.com *.global-e.com *.goyard.com payments.worldpay.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com https:\/\/www.google.com\/recaptcha\/api.js *.cloudflare.com https:\/\/pay.google.com\/gp\/p\/js\/pay.js https:\/\/applepay.cdn-apple.com\/jsapi\/v1\/apple-pay-sdk.js *.payments.worldpay.com\/resources\/cse\/js\/worldpay-cse-1.0.2.min.js https:\/\/d35p4vvdul393k.cloudfront.net\/sdk_library\/us\/stg\/ops\/pc_gsmpi_web_sdk.js https:\/\/d16i99j5zwwv51.cloudfront.net\/sdk_library\/us\/prd\/ops\/pc_gsmpi_web_sdk.js https:\/\/payments.worldpay.com\/resources\/hpp\/integrations\/embedded\/js\/hpp-embedded-integration-library.js https:\/\/cdn-scripts.signifyd.com https:\/\/cdn-scripts.signifyd.com\/api\/script-tag.js https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cash.app fonts.googleapis.com cdnjs.cloudflare.com *.googleapis.com *.baidu.com *.bdimg.com *.mtcaptcha.com downloads.mailchimp.com *.bglobale.com *.global-e.com unsafe-inline assets.braintreegateway.com *.cloudflare.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.goyard.com *.goyard.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com * *.googleapis.com api.map.baidu.com *.baidu.com *.bdimg.com api.privacy-center.org *.mtcaptcha.com *.goyard.com *.bglobale.com *.global-e.com *.nr-data.net *.smartpixels.fr *.ls-group.fr api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src maisongoyard--staging.sandbox.my.salesforce-sites.com maisongoyard.my.salesforce-sites.com *.mtcaptcha.com *.goyard.com *.bglobale.com *.global-e.com *.nr-data.net *.smartpixels.fr *.ls-group.fr payments.worldpay.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.fontawesome.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.monetico-services.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.wonderpush.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.monetico-services.com *.freshchat.com https:\/\/www.googletagmanager.com\/ *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com *.chomette.com *.criteo.com *.canva.com *.wonderpush.com *.worldline-solutions.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net magefan.com cm.magefan.com *.iadvize.com *.hsforms.net *.hsforms.com *.freshchat.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/images.join-stories.com *.openstreetmap.org https:\/\/maps.googleapis.com *.disqus.com 'self' data: *.cookielaw.org\/ *.matomo.cloud *.hotjar.com *.clarity.ms *.google.com *.google.fr *.google.de *.googletagmanager.com *.doubleclick.net *.facebook.com *.facebook.net *.criteo.com *.affilae.com *.bing.com *.dialoginsight.com *.mydialoginsight.com *.stripe.com *.worldline-solutions.com *.wonderpush.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.iadvize.com *.hsforms.net *.hsforms.com *.freshchat.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/chomette.my.join-stories.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ *.disqus.com *.gstatic.com payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com *.cookielaw.org\/ *.matomo.cloud *.hotjar.com *.clarity.ms *.google.fr *.google.de *.googletagmanager.com *.facebook.com *.facebook.net *.criteo.com *.affilae.com *.bing.com *.dialoginsight.com *.mydialoginsight.com *.worldline-solutions.com *.paypal.com *.wonderpush.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.freshchat.com *.fontawesome.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.monetico-services.com *.iadvize.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.freshchat.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/meas.join-stories.com https:\/\/videos.join-stories.com *.openstreetmap.org https:\/\/maps.googleapis.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ payment.direct.worldline-solutions.com payment.preprod.direct.worldline-solutions.com payment.anzworldline-solutions.com.au payment.preprod.anzworldline-solutions.com.au payment.payone.com payment.preprod.payone.com *.cookielaw.org\/ *.onetrust.com\/ *.matomo.cloud *.hotjar.com *.clarity.ms *.google.fr *.google.de *.googletagmanager.com *.doubleclick.net *.facebook.com *.facebook.net *.criteo.com *.affilae.com *.bing.com *.bing.net *.dialoginsight.com *.mydialoginsight.com *.worldline-solutions.com *.wonderpush.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' catalog.grcc.edu www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com accounts.google.com cse.google.com careerinsight.burning-glass.com googleads.g.doubleclick.net analytics.tiktok.com connect.facebook.net cdn.jsdelivr.net grcc.shell.451.io siteimproveanalytics.com snap.licdn.com *.googleadservices.com *.google.com *.clearcompany.com connect.facebook.net ep2.adtrafficquality.google maps.googleapis.com js.stripe.com embed-forms.451.io unpkg.com; object-src 'none'; style-src 'self' 'unsafe-inline' catalog.grcc.edu www.google.com  *.clearcompany.com cdn.jsdelivr.net unpkg.com; img-src 'self' data: www.google.com www.googletagmanager.com www.google-analytics.com ssl.gstatic.com www.gstatic.com www.facebook.com *.siteimproveanalytics.io px.ads.linkedin.com *.doubleclick.net *.linkedin.com *.clearcompany.com *.google.com www.google.ca *.siteimproveanalytics.io ep1.adtrafficquality.google analytics.api.451.io www.googleadservices.com *.opentable.com www.google.com.ph; media-src 'self'; frame-src 'self' www.youtube.com player.vimeo.com www.google.com grcc.messenger.451.io www.googletagmanager.com grcc.discoveredu.ai syndicatedsearch.goog ep2.adtrafficquality.google www.facebook.com forms.office.com; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com; connect-src 'self' content.getrave.com www.google-analytics.com analytics.google.com www.google.com analytics.tiktok.com analytics-ipv6.tiktokw.us analytics.api.451.io t.451.io px.ads.linkedin.com sites-management-api.451.io stats.g.doubleclick.net www.googleadservices.com www.facebook.com *.clearcompany.com catalog.grcc.edu www.google.ca www.googletagmanager.com *.linkedin.com syndicatedsearch.goog ep1.adtrafficquality.google grcc.api.451.io; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" default-src 'self';   connect-src 'self' https:\/\/gvb-apim-service-prod2.azure-api.net https:\/\/gvb-app.matomo.cloud consentcdn.cookiebot.com https:\/\/dc.services.visualstudio.com\/v2\/track https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/*.algolia.io https:\/\/*.dynamics.com https:\/\/*.azureedge.net ;   script-src 'strict-dynamic' 'nonce-uOo0ONgX4xZu8ezVa3EZzCBF97KnwG8S1\/YMU1c01fM=' 'sha256-X9GtzORyUShRgrb5vBVwF3p8WtKom3jBuMyocEhfL3Q='  'self' https:\/\/cdn.matomo.cloud https:\/\/gvb-app.matomo.cloud consent.cookiebot.com consentcdn.cookiebot.com https:\/\/*.dynamics.com https:\/\/*.azureedge.net;   frame-src 'self' consentcdn.cookiebot.com https:\/\/*.tiqets.com;   base-uri 'self';   block-all-mixed-content;   font-src 'self' https: data:;   img-src * 'self' data: https;   object-src 'none';   script-src-attr 'none';   style-src 'self' https:\/\/gvb-apim-service-prod2.azure-api.net 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src https:\/\/*.s4c.cymru https:\/\/s4c.cymru; img-src 'self' data: https:\/\/*.s4c.cymru https:\/\/s4c.cymru https:\/\/cdn-cookieyes.com https:\/\/i.ytimg.com https:\/\/*.google.com\/cse https:\/\/clients1.google.com https:\/\/*.gstatic.com; font-src 'self' data: https:\/\/*.s4c.cymru https:\/\/s4c.cymru https:\/\/fonts.gstatic.com https:\/\/cloud.typography.com; form-action 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn-cookieyes.com https:\/\/*.googletagmanager.com https:\/\/*.google.com\/cse https:\/\/*.hotjar.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cloud.typography.com https:\/\/*.s4c.cymru https:\/\/s4c.cymru https:\/\/*.google.com\/cse; connect-src https:\/\/*.s4c.cymru https:\/\/s4c.cymru https:\/\/cdn-cookieyes.com https:\/\/log.cookieyes.com https:\/\/*.google-analytics.com; object-src 'none'; frame-ancestors 'none'; frame-src 'self' https:; report-uri https:\/\/csp.s4c.cymru\/report; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" img-src https:\/\/higherlogicdownload.s3.amazonaws.com\/NACE\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/NACE\/ https:\/\/img.youtube.com\/vi\/ https:\/\/static.filestackapi.com\/picker\/ https:\/\/d2x5ku95bkycr3.cloudfront.net https:\/\/higherlogiclongterm.s3.amazonaws.com\/NACE\/ blob: https:\/\/d132x6oi8ychic.cloudfront.net 'self'; style-src https:\/\/d132x6oi8ychic.cloudfront.net 'unsafe-inline' https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/ajax.googleapis.com\/ajax\/libs\/jqueryui\/ https:\/\/use.fortawesome.com\/ https:\/\/cdn.higherlogic.com\/ai-assistant https:\/\/static.filestackapi.com\/picker\/ https:\/\/fonts.googleapis.com\/ https:\/\/d3uf7shreuzboy.cloudfront.net\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/NACE\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/NACE\/ https:\/\/higherlogiclongterm.s3.amazonaws.com\/NACE\/ 'self'; font-src https:\/\/fonts.googleapis.com\/ https:\/\/fonts.gstatic.com\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/higherlogicdownload.s3.amazonaws.com\/NACE\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/NACE\/ 'self' https:\/\/higherlogiclongterm.s3.amazonaws.com\/NACE\/ https:\/\/maxcdn.bootstrapcdn.com\/font-awesome\/ https:\/\/d2x5ku95bkycr3.cloudfront.net https:\/\/d132x6oi8ychic.cloudfront.net data:; script-src-elem https:\/\/www.google.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-ui-1.13.3.min.js https:\/\/d3uf7shreuzboy.cloudfront.net\/ https:\/\/static.filestackapi.com\/picker\/ https:\/\/cdn.higherlogic.com\/ai-assistant https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-3.7.1.min.js https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/static.filestackapi.com\/filestack-js\/ 'self' https:\/\/ajax.aspnetcdn.com\/ajax\/ 'unsafe-eval' 'unsafe-inline'; media-src https:\/\/higherlogiclongterm.s3.amazonaws.com\/NACE\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/NACE\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/NACE\/ https:\/\/higherlogicstream.s3.amazonaws.com\/NACE\/ 'self' https:\/\/d132x6oi8ychic.cloudfront.net; script-src https:\/\/higherlogiclongterm.s3.amazonaws.com\/NACE\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/NACE\/ https:\/\/ajax.aspnetcdn.com\/ajax\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-ui-1.13.3.min.js https:\/\/d132x6oi8ychic.cloudfront.net https:\/\/cdn.informz.net 'unsafe-eval' https:\/\/use.fortawesome.com\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/NACE\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ 'unsafe-inline' https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/static.filestackapi.com https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-3.7.1.min.js https:\/\/d3uf7shreuzboy.cloudfront.net\/ 'self'; frame-src https:\/\/www.google.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/api.connectedcommunity.org\/ 'self' https:\/\/www.youtube.com\/embed\/; connect-src https:\/\/upload.filestackapi.com https:\/\/static.filestackapi.com https:\/\/cloud.filestackapi.com\/folder\/list\/ 'self' https:\/\/hl-managedservices.informz.net https:\/\/d3uf7shreuzboy.cloudfront.net\/ blob:; worker-src 'self'; default-src 'self'; base-uri 'self'; frame-ancestors https:\/\/*.connectedcommunity.org\/ 'self'; object-src 'none'; manifest-src 'self';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-2n2fJLgwkIisHQaT-1r60A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'report-sample' 'self' 'unsafe-inline' data: blob: *.skeb.jp *.imgix.net challenges.cloudflare.com *.pay.jp *.s3.ap-northeast-1.amazonaws.com misskey.io *.misskeyusercontent.jp www.gravatar.com *.twimg.com t.co static.ads-twitter.com analytics.twitter.com analytics.google.com *.gstatic.com *.gstatic.cn fonts.googleapis.com www.googletagmanager.com www.google-analytics.com *.doubleclick.net www.recaptcha.net *.sentry.io *.algolia.net *.algolianet.com cdn.plyr.io cdn.bsky.app *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;report-to csp-violation-report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-7p8h73oYjIGnHXh3X-6kCQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-8fs3FVazcp7zx9CB_LDkpw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src  'none'; connect-src 'self' *.clubsextury21.com cognito-identity.us-east-1.amazonaws.com backend.getbeamer.com *.comm100.io *.algolia.net insights.algolia.io *.algolianet.com *.gammaapis.com *.gammacdn.com analytics.google.com *.google-analytics.com adservice.google.com *.analytics.google.com *.doubleclick.net *.pubnub.com *.lovense.com *.handyfeeling.com www.gammaentertainment.com *.tiypa.com *.recombee.us dasasoveekepl.cloudfront.net capture.trackjs.com ws: jlduihq7lrcdxgw4vrndhdfcsq.appsync-api.us-east-1.amazonaws.com tcs4u525zrg5hnnoe5kzndxuaq.appsync-api.us-east-1.amazonaws.com xtnzefcqrb.execute-api.us-east-1.amazonaws.com 2aed6ghjsb4436qtebuqk3gfzq0xeauy.lambda-url.us-east-1.on.aws lzzos7clo5.execute-api.us-east-1.amazonaws.com *.izooto.com www.idealgasm.com 3tt0xhv5u7.execute-api.us-east-1.amazonaws.com; form-action 'self' *.clubsextury21.com join.gammasecure.com; script-src 'self' *.clubsextury21.com app.getbeamer.com static.getbeamer.com blob: vue.comm100.com standby.comm100vue.com *.gammacdn.com www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com code.jquery.com d3a3ewgd1iewwz.cloudfront.net cdn.izooto.com 'unsafe-eval' 'unsafe-inline'; frame-src 'self' *.clubsextury21.com push.getbeamer.com app.getbeamer.com www.google.com *.doubleclick.net cdn.izooto.com *.banhq.com; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub787d5a6164b329b26f2e4f7956bbed10&dd-evp-origin=content-security-policy&ddsource=csp-prod&ddtags=CSP-Prod;","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src 'self' *.gstatic.com *.googleapis.com *.googletagmanager.com *.fontawesome.com *.pipedrive.com data:; img-src 'self' *.ch-aviation.com *.servedbyadbutler.com servedbyadbutler.com *.pipedrive.com *.secureprivacy.ai images.prismic.io *.googletagmanager.com googletagmanager.com *.googleapis.com *.google.com *.gstatic.com data:; script-src 'self' *.servedbyadbutler.com servedbyadbutler.com *.googleapis.com *.googletagmanager.com *.google.com *.pipedrive.com *.highcharts.com *.secureprivacy.ai wasm-unsafe-eval data:; script-src-elem 'self' *.secureprivacy.ai *.servedbyadbutler.com servedbyadbutler.com *.gstatic.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.google.com *.pipedrive.com *.pipedriveassets.com *.doubleclick.net *.highcharts.com *.secureprivacy.ai data: 'unsafe-inline'; script-src-attr 'self' 'unsafe-inline'; connect-src 'self' *.google.com *.gstatic.com *.servedbyadbutler.com servedbyadbutler.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.pipedrive.com *.doubleclick.net *.secureprivacy.ai *.sentry.io *.talentlyft.com data: 'unsafe-inline'; frame-src 'self' *.pipedrive.com *.doubleclick.net *.google.com; style-src 'self' *.fontawesome.com *.secureprivacy.ai *.googleapis.com 'unsafe-inline'; media-src 'self' data:; report-uri https:\/\/www.ch-aviation.com\/csp-report-to","count":1},{"content-security-policy-report-only":" default-src 'self' http: https:\/\/*-chcf-wp.pantheonsite.io\/ https:\/\/chcf-wp.ddev.site https:\/\/*.addthis.com https:\/\/*.youtube.com; script-src 'unsafe-inline' 'unsafe-eval' http: https:\/\/*.google.com https:\/\/fonts.googleapis.com https:\/\/ajax.googleapis.com https:\/\/jnn-pa.googleapis.com https:\/\/*.googletagmanager.com https:\/\/*.youtube.com https:\/\/*.addthis.com https:\/\/*.google-analytics.com https:\/\/*.ytimg.com https:\/\/*.moatads.com https:\/\/*.doubleclick.net https:\/\/*.addthisedge.com https:\/\/cdnjs.cloudflare.com; style-src 'unsafe-inline' http: https:\/\/*.google.com https:\/\/fonts.googleapis.com https:\/\/ajax.googleapis.com https:\/\/jnn-pa.googleapis.com https:\/\/*.youtube.com; img-src 'self' http: data: https:\/\/*.ytimg.com https:\/\/*.ggpht.com https:\/\/*.gstatic.com https:\/\/*.google-analytics.com; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/*.bookingbug.com https:\/\/geolocation.onetrust.com https:\/\/*.cookielaw.org https:\/\/fonts.googleapis.com https:\/\/ajax.googleapis.com https:\/\/jnn-pa.googleapis.com *.addtoany.com; font-src 'self' data: fonts.gstatic.com use.typekit.net use.fontawesome.com bespoke.bookingbug.com; media-src 'self' *.youtube.com *.vimeo.com *.akamaized.net; report-uri 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'self'; frame-src 'self' blob: *.youtube.com *.youtube-nocookie.com *.doubleclick.net *.soundcloud.com *.facebook.com *.vimeo.com *.addtoany.com *.infogram.com *.simplecast.com; worker-src 'self'; manifest-src 'self'; navigate-to 'self'; prefetch-src 'self'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'self' *.h24.ua h24.ua *.iit.com.ua *.cloudflare.com; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.gstatic.com *.googleapis.com *.h24.ua; img-src 'self' data: blob: h24.ua *.h24.ua *.google.com *.google.com.ua *.google-analytics.com *.googletagmanager.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.gstatic.com googleads.g.doubleclick.net www.googleadservices.com https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/www.facebook.com https:\/\/*.facebook.com; font-src 'self' data: fonts.gstatic.com *.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com static.cloudflareinsights.com www.googletagmanager.com *.google-analytics.com *.facebook.net maps.googleapis.com googleads.g.doubleclick.net www.clarity.ms scripts.clarity.ms script.crazyegg.com meet.jit.si *.jit.si telegram.org *.telegram.org; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com static.cloudflareinsights.com www.googletagmanager.com *.google-analytics.com *.facebook.net maps.googleapis.com googleads.g.doubleclick.net www.clarity.ms scripts.clarity.ms script.crazyegg.com meet.jit.si *.jit.si telegram.org *.telegram.org; connect-src 'self' https:\/\/*.google.com https:\/\/*.h24.ua https:\/\/h24.ua https:\/\/*.google-analytics.com https:\/\/*.google.com.ua https:\/\/*.facebook.net https:\/\/*.facebook.com https:\/\/www.facebook.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/www.googletagmanager.com https:\/\/challenges.cloudflare.com https:\/\/maps.googleapis.com https:\/\/static.cloudflareinsights.com https:\/\/cloudflareinsights.com https:\/\/*.cloudflareinsights.com https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/meet.jit.si https:\/\/*.jit.si https:\/\/telegram.org https:\/\/*.telegram.org https:\/\/mpc2-prod-29-is5qnl632q-uc.a.run.app https:\/\/demo-1.conversionsapigateway.com https:\/\/*.clarity.ms wss:\/\/*.h24.ua wss:\/\/meet.jit.si wss:\/\/*.jit.si; frame-src 'self' www.googletagmanager.com eu.iit.com.ua *.iit.com.ua *.google.com *.google.com.ua *.h24.ua meet.jit.si *.jit.si id.gov.ua *.id.gov.ua; media-src 'self' blob: meet.jit.si *.jit.si; worker-src 'self' blob:; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" default-src 'none';base-uri 'none';font-src 'self' https:\/\/cdn.openagenda.com https:\/\/client.crisp.chat;form-action 'self';frame-ancestors 'self';img-src 'self' https: data: blob: https:\/\/matomo.openagenda.com https:\/\/client.crisp.chat https:\/\/image.crisp.chat https:\/\/storage.crisp.chat;object-src 'none';script-src https: 'unsafe-inline' 'strict-dynamic' 'nonce-UD8q2sAxuLHuyL4tBGsEIA==' https:\/\/client.crisp.chat https:\/\/settings.crisp.chat;script-src-attr 'none';style-src 'self' 'unsafe-inline' https:\/\/cdn.openagenda.com https:\/\/client.crisp.chat;media-src 'self' https: data: https:\/\/client.crisp.chat;frame-src 'self' https:\/\/service.mtcaptcha.com https:\/\/service2.mtcaptcha.com https:\/\/game.crisp.chat;connect-src 'self' https:\/\/cdn.openagenda.com https:\/\/matomo.openagenda.com https:\/\/client.crisp.chat https:\/\/storage.crisp.chat wss:\/\/client.relay.crisp.chat wss:\/\/stream.relay.crisp.chat;upgrade-insecure-requests;report-to default;report-uri https:\/\/openagenda.com\/reports","count":1},{"content-security-policy-report-only":" default-src https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cc.cdn.civiccomputing.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/reports.hrmdirect.com https:\/\/*.etcconnect.com;style-src 'self' 'unsafe-inline' https:\/\/hello.myfonts.net https:\/\/reports.hrmdirect.com https:\/\/www.highend.com https:\/\/fonts.googleapis.com https:\/\/*.etcconnect.com;object-src 'none';img-src 'self' data: https:\/\/www.google-analytics.com https:\/\/www.facebook.com https:\/\/*.etcconnect.com;report-uri \/Handlers\/CspReports.ashx?type=REPORTONLY;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-j6SeCVSN-wgeAirs8ffE9Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-eval' 'unsafe-inline' wss:; script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' *.%2A.civiccomputing.com *.civiccomputing.com *.clarity.ms *.cloudflare.com *.googletagmanager.com *.jsdelivr.net *.library.wales; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/*.youtube.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google.com https:\/\/*.googleusercontent.com https:\/\/*.ggpht.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net *.googletagmanager.com *.library.wales *.llgc.org.uk *.staticflickr.com *.ticketsource.co.uk fonts.gstatic.com play.google.com syndication.twitter.com translate.google.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https:\/\/*.google.com https:\/\/*.doubleclick.net https:\/\/*.googletagmanager.com *.google.com *.libanswers.com *.library.wales *.llyfrgell.cymru *.lyfrgell.cymru *.twitter.com div.show hwb.gov.wales sketchfab.com www.canva.com; style-src-elem 'report-sample' 'self' 'unsafe-inline' *.clarity.ms *.fontawesome.com *.libanswers.com *.library.wales connect.facebook.net fonts.googleapis.com; connect-src 'self' https:\/\/*.googleapis.com https:\/\/*.google.com https:\/\/*.gstatic.com data: blob: https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.g.doubleclick.net; font-src 'self' https:\/\/fonts.gstatic.com; worker-src 'self' 'nonce-xO-f_TeibTwj9spl2P1KFbZKuukvZ2ORG9amkfBXQQlCgscPSSD67w' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com blob:; style-src 'self' 'unsafe-eval' 'unsafe-inline' wss: 'inline' 'report-sample'; script-src-elem 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' *.%2A.civiccomputing.com *.civiccomputing.com *.clarity.ms *.cloudflare.com *.googletagmanager.com *.jsdelivr.net *.library.wales *.%2A.v2.scr.kaspersky-labs.com *.flickr.com *.libanswers.com adblockers.opera-mini.net connect.facebook.net s3.amazonaws.com wusote.hirizasune.com; report-uri https:\/\/www.library.wales\/@http-reporting?csp=report&requestTime=1778726896824776&requestHash=70ba5f940dec0ca4b7cfd7babee3e674c7649e14","count":1},{"content-security-policy-report-only":" base-uri 'none'; font-src 'self' https: data:; form-action https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/www.facebook.com; frame-ancestors 'self'; img-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/ads-twitter.com https:\/\/ads-api.twitter.com https:\/\/analytics.twitter.com https:\/\/mautic.netcup.news https:\/\/px.ads.linkedin.com 'self' blob: data: https: https:\/\/www.captcha.eu; object-src 'none'; script-src-attr 'none'; style-src 'self' 'unsafe-inline' https:\/\/www.captcha.eu; script-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com https:\/\/*.onetrust.com https:\/\/measure.netcup.com https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com https:\/\/cdn.brevo.com\/js\/sdk-loader.js https:\/\/www.captcha.eu 'self' 'wasm-unsafe-eval' 'nonce-y+zTbnkMnL09fVnYKEudaTWT'; child-src blob: https:\/\/td.doubleclick.net; connect-src https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/ads-twitter.com https:\/\/ads-api.twitter.com https:\/\/analytics.twitter.com https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com https:\/\/*.onetrust.com https:\/\/www.google.com https:\/\/in-automate.brevo.com https:\/\/measure.netcup.com https:\/\/google.com https:\/\/px.ads.linkedin.com https:\/\/*.clarity.ms\/ 'self' https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/www.captcha.eu https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/cdn.cookielaw.org https:\/\/adservice.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.redditstatic.com https:\/\/pixel-config.reddit.com https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/bat.bing.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com; frame-src https:\/\/td.doubleclick.net https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/measure.netcup.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com\/ https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com; script-src-elem https:\/\/green.netcup.com https:\/\/red.netcup.com https:\/\/blue.netcup.com https:\/\/www.netcup.com https:\/\/cdn.brevo.com\/js\/sdk-loader.js https:\/\/sibautomation.com\/sa.js https:\/\/sibforms.com\/ https:\/\/www.googleadservices.com https:\/\/www.redditstatic.com 'self' 'unsafe-inline' https:\/\/*.googletagmanager.com https:\/\/static.ads-twitter.com https:\/\/snap.licdn.com https:\/\/bat.bing.com https:\/\/connect.facebook.net https:\/\/*.clarity.ms https:\/\/googleads.g.doubleclick.net https:\/\/cdn.cookielaw.org https:\/\/analytics.tiktok.com https:\/\/ads.tiktok.com https:\/\/measure.netcup.com https:\/\/www.youtube.com https:\/\/pagead2.googlesyndication.com https:\/\/widget.trustpilot.com https:\/\/chat.netcup.com; worker-src blob:; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri \/csp-report;","count":1},{"content-security-policy-report-only":" default-src 'none'; img-src 'self' https: ; script-src 'self' https: ; style-src 'self'; object-src 'none'","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com fonts.googleapis.com *.slant.co *.userway.org eadn-wc05-14712294.nxedge.io *.fontawesome.com *.klevu.com *.ksearchnet.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com https:\/\/plumrocket.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/static.addtoany.com\/ *.instagram.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/td.doubleclick.net widget.usersnap.com *.googletagmanager.com *.doubleclick.net https:\/\/plumrocket.com landofcoder.com *.google.com\/ *.wesupply.xyz https:\/\/wesupplylabs.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.cdninstagram.com maps.googleapis.com maps.gstatic.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.agkn.com *.doubleclick.net *.facebook.com *.google.com *.nexcesscdn.net *.pricespider.com *.sitescout.com *.userway.org *.pixel.ad eadn-wc05-14712294.nxedge.io *.reddit.com *.google-analytics.com *.googletagmanager.com *.klevu.com *.ksearchnet.com https:\/\/firebasestorage.googleapis.com https:\/\/www.magezon.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/static.addtoany.com\/ *.instagram.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com chimpstatic.com downloads.mailchimp.com *.list-manage.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.nakanohito.jp\/b3\/bi.js *.addthis.com *.crazyegg.com *.doubleclick.net *.elfsight.com *.facebook.net *.google-analytics.com *.googletagmanager.com *.klevu.com *.mapbox.com *.noibu.com *.pricespider.com *.userway.org d31qbv1cthcecs.cloudfront.net *.krxd.net *.pixel.ad *.sitescout.com *.owneriq.net eadn-wc05-14712294.nxedge.io widget.usersnap.com resources.usersnap.com *.googleadservices.com *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com https:\/\/browser.sentry-cdn.com js.klevu.com *.ksearchnet.com https:\/\/ajax.cloudflare.com *.kaptcha.com landofcoder.com *.avada.io *.google.com\/ *.cloudflare.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com downloads.mailchimp.com assets.braintreegateway.com *.mapbox.com *.pricespider.com *.userway.org eadn-wc05-14712294.nxedge.io *.tagmanager.google.com *.googletagmanager.com *.fontawesome.com *.klevu.com *.ksearchnet.com https:\/\/fonts.bunny.net https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/stats.addtoany.com\/menu api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.addthis.com *.crazyegg.com *.doubleclick.net *.facebook.com *.google-analytics.com *.googleapis.com *.mapbox.com *.noibu.com wss:\/\/input.noibu.com *.pricespider.com *.userway.org *.pixel.ad *.agkn.com *.sitescout.com *.owneriq.net *.elfsight.com eadn-wc05-14712294.nxedge.io widget.usersnap.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.run.app https:\/\/*.ingest.sentry.io *.klevu.com *.ksearchnet.com *.kaptcha.com landofcoder.com https:\/\/get.geojs.io *.avada.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/86c8b4f9-cefc-4184-9926-360586b833fe.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' ; base-uri 'self' ; object-src 'none' ; style-src 'self' 'unsafe-inline' cdn.plyr.io https:\/\/fonts.googleapis.com https:\/\/devcomapbotpilot-test.azurewebsites.net\/ https:\/\/chatbotapp-stage.azurewebsites.net\/ https:\/\/intelibot-prod.azurewebsites.net\/ ; script-src 'strict-dynamic' 'nonce-e57ojXGGnWdj7dMCCIbuCIlXUSwPff0n' 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.monitor.azure.com https:\/\/admin.dev.comap-control.bluehosting.cz https:\/\/chatbotapp-stage.azurewebsites.net\/ https:\/\/devcomapbotpilot-test.azurewebsites.net\/ https:\/\/intelibot-prod.azurewebsites.net\/ ; font-src 'self' https:\/\/fonts.gstatic.com\/ ; connect-src 'self' https:\/\/*.google.com https:\/\/*.logic.azure.com\/ https:\/\/chatbotapp-stage.azurewebsites.net\/ https:\/\/intelibot-prod.azurewebsites.net\/   https:\/\/intelisearch.azurewebsites.net https:\/\/directline.botframework.com https:\/\/websearchproxy.azure-api.net wss:\/\/directline.botframework.com https:\/\/*.in.applicationinsights.azure.com\/ wss:\/\/localhost:44377 ws:\/\/localhost:50602 noembed.com cdn.plyr.io ; img-src * 'self' data: ; media-src 'self' *.comap-control.com\/ https:\/\/comapkenticouat6527.blob.core.windows.net ; frame-src https:\/\/www.thinglink.com youtube-nocookie.com www.youtube-nocookie.com youtube.com www.youtube.com vimeo.com www.vimeo.com https:\/\/www.google.com\/ ; frame-ancestors https:\/\/admin.dev.comap-control.bluehosting.cz\/","count":1},{"content-security-policy-report-only":" default-src 'self' *.wargaming.net *.wgprod.net https:\/\/*.wgcdn.co https:\/\/*.gcdn.co https:\/\/www.youtube.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvsquared.com *.wargaming.net *.wgprod.net *.cookielaw.org *.onetrust.com *.outbrain.com *.snapchat.com *.redditstatic.com https:\/\/sc-static.net https:\/\/ob.cheqzone.com https:\/\/analytics.google.com https:\/\/www.google.com https:\/\/www.google.com.cy https:\/\/*.teads.tv https:\/\/*.taboola.com https:\/\/*.adform.net https:\/\/partner.worldoftanks.com https:\/\/*.wgcdn.co https:\/\/*.gcdn.co https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.googleadservices.com https:\/\/www.googleoptimize.com https:\/\/u360.d-bi.fr https:\/\/bat.bing.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/*.adroll.com https:\/\/*.addthis.com https:\/\/*.addthisedge.com https:\/\/tag.marinsm.com https:\/\/pixel-geo.prfct.co https:\/\/static.criteo.net https:\/\/*.creative-serving.com https:\/\/*.criteo.com https:\/\/*.cloudfront.net https:\/\/js.gleam.io https:\/\/a1.adform.net https:\/\/ajax.googleapis.com https:\/\/www.youtube.com https:\/\/animate.adobe.com https:\/\/*.stackadapt.com https:\/\/pagead2.googlesyndication.com https:\/\/secure.quantserve.com https:\/\/rules.quantcount.com https:\/\/*.clarity.ms cdn.taboola.com ; style-src 'self' 'unsafe-inline' *.wargaming.net *.wgprod.net https:\/\/fonts.googleapis.com https:\/\/*.wgcdn.co https:\/\/*.gcdn.co ; img-src 'self' data: android-webview-video-poster: * ; connect-src 'self' *.wargaming.net *.wgprod.net *.tvsquared.com *.taboola.com *.cookielaw.org *.onetrust.com *.outbrain.com *.snapchat.com *.yimg.com https:\/\/*.worldoftanks.com https:\/\/*.worldoftanks.eu https:\/\/*.worldoftanks.asia https:\/\/*.wgcdn.co https:\/\/sc-static.net https:\/\/ob.cheqzone.com https:\/\/analytics.google.com https:\/\/www.google.com wss:\/\/worldoftanks.eu wss:\/\/worldoftanks.asia wss:\/\/worldoftanks.com https:\/\/*.facebook.com https:\/\/www.googleoptimize.com https:\/\/*.addthis.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/ymetrica1.com https:\/\/*.cloudfront.net https:\/\/google.com https:\/\/google.ru https:\/\/google.com.ua https:\/\/google.by https:\/\/google.pl https:\/\/www.google.com.cy https:\/\/*.googleapis.com https:\/\/stackadapt.com https:\/\/*.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/*.clarity.ms https:\/\/collect.worldoftanks.eu https:\/\/content-wg.gcdn.co https:\/\/bat.bing.com ; font-src 'self' *.wargaming.net *.wgprod.net https:\/\/fonts.gstatic.com https:\/\/*.wgcdn.co https:\/\/*.gcdn.co ; media-src 'self' *.wargaming.net *.wgprod.net https:\/\/*.wgcdn.co https:\/\/*.gcdn.co ; frame-src 'self' *.wargaming.net *.wgprod.net https:\/\/tr.snapchat.com https:\/\/creativecdn.com https:\/\/*.adform.net https:\/\/*.facebook.com https:\/\/ad3.adfarm1.adition.com https:\/\/connect.facebook.net https:\/\/www.youtube.com https:\/\/bid.g.doubleclick.net https:\/\/*.criteo.com https:\/\/*.addthis.com https:\/\/gleam.io https:\/\/*.gcdn.co https:\/\/*.wgcdn.co https:\/\/aax-eu.amazon-adsystem.com https:\/\/api.worldoftanks.eu ; object-src 'self' *.wargaming.net *.wgprod.net https:\/\/*.gcdn.co https:\/\/www.youtube.com ; report-uri https:\/\/cspreport.wargaming.net\/cspreport","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klevu.com *.ksearchnet.com https:\/\/fonts.gstatic.com\/ *.nosto.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.nosto.com *.nos.to *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.awin1.com *.zenaps.com *.fls.doubleclick.net account.fetchify.com https:\/\/www.googletagmanager.com\/ *.nosto.com *.nos.to c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * widget.trustpilot.com simplicity.trustpilot.com *.googlesyndication.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.trustpilot.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.awin1.com *.zenaps.com *.wepowerconnections.com test-pay.dnapayments.com pay.dnapayments.com *.klevu.com *.ksearchnet.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.nosto.com *.nos.to www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/s3-eu-west-1.amazonaws.com *.cdninstagram.com *.poundshop.com *.poundland.com *.poundland.co.uk *.dealz.ie *.onetrust.com s.kelkoogroup.net c.bing.com c.clarity.ms bat.bing.com *.ometria.com *.google.ac *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.ua *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.com.kh *.google.cc *.google.cd *.google.cf *.google.cat *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gf *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gp *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.iq *.google.ie *.google.co.il *.google.im *.google.co.in *.google.io *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.com.lc *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.ne *.google.com.nf *.google.com.ng *.google.com.ni *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pk *.google.com.pa *.google.com.pe *.google.com.ph *.google.pl *.google.com.pg *.google.pn *.google.co.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.rs *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.sm *.google.so *.google.st *.google.sr *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tk *.google.tl *.google.tm *.google.to *.google.tn *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.co.ug *.google.co.uk *.google.com *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.co.za *.google.co.zm *.google.co.zw data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com pay.dnapayments.com test-pay.dnapayments.com cdn.dnapayments.com test-cdn.dnapayments.com sentry.dnapayments.com test-sentry.dnapayments.com cc-cdn.com js.klevu.com *.ksearchnet.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.nosto.com *.nos.to js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.poundshop.com *.poundland.com *.poundland.co.uk *.dealz.ie s.kelkoogroup.net widget.trustpilot.com invitejs.trustpilot.com sdk.loyaltylion.net foursixty.com sdk-static.loyaltylion.net bat.bing.com *.zendesk.com static.zdassets.com *.ometria.com analytics.tiktok.com www.clarity.ms s.kk-resources.com *.googlesyndication.com *.onetrust.com *.soreto.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.trustpilot.com https:\/\/www.poundland.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com cc-cdn.com *.klevu.com *.ksearchnet.com *.nosto.com *.nos.to assets.braintreegateway.com sdk.loyaltylion.net foursixty.com *.onetrust.com *.typekit.net *.stripe.network *.stripecdn.com *.amazon.com *.trustpilot.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com https:\/\/test-api.dnapayments.com https:\/\/api.dnapayments.com sentry.dnapayments.com test-sentry.dnapayments.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk cc-cdn.com *.klevu.com *.ksearchnet.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.nosto.com *.nos.to api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com sdk.loyaltylion.net foursixty.com platform.loyaltylion.com *.zendesk.com widget-mediator.zopim.com wss:\/\/widget-mediator.zopim.com analytics.tiktok.com *.clarity.ms s.kelkoogroup.net invitejs.trustpilot.com zendesk-eu.my.sentry.io *.ometria.com *.onetrust.com *.googlesyndication.com *.soreto.com googleads.g.doubleclick.net *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/04bdc3b5-2455-47f6-9c1d-24c9c5f93a61.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" script-src 'nonce-KsL4iyoy12R9mOkU0Evghg==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=c5c62589-b70c-40d5-b7b1-de78bedac91d; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.mediavine.com https:\/\/*.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/*.google.com https:\/\/*.amazon-adsystem.com https:\/\/*.undertone.com https:\/\/*.quantcount.com https:\/\/*.quantserve.com https:\/\/*.addthis.com https:\/\/*.moatads.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/www.googletagmanager.com https:\/\/*.vdo.ai; connect-src 'self' https:\/\/*.mediavine.com https:\/\/*.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/*.google.com https:\/\/*.consentmanager.net https:\/\/*.vdo.ai; img-src 'self' https: data: http:\/\/img.besteveralbums.com http:\/\/albumart.besteveralbums.com https:\/\/resources.tidal.com https:\/\/dt.adsafeprotected.com https:\/\/*.moatads.com https:\/\/*.amazon-adsystem.com https:\/\/*.ssl-images-amazon.com https:\/\/i.ytimg.com https:\/\/s1.ticketm.net https:\/\/seal.geotrust.com https:\/\/*.quantserve.com https:\/\/*.vdo.ai; style-src 'self' 'unsafe-inline' https:\/\/maxcdn.bootstrapcdn.com; frame-src 'self' https: data: https:\/\/*.mediavine.com https:\/\/*.doubleclick.net https:\/\/*.undertone.com https:\/\/*.grow.me https:\/\/*.pubnation.com https:\/\/*.journeymv.com https:\/\/*.pubmatic.com https:\/\/*.rubiconproject.com https:\/\/*.connatix.com https:\/\/*.adnxs.com https:\/\/*.3lift.com https:\/\/*.yieldmo.com https:\/\/*.openx.net https:\/\/*.the-ozone-project.com https:\/\/*.connectad.io https:\/\/*.smilewanted.com https:\/\/*.pghub.io https:\/\/*.onetag-sys.com https:\/\/*.vdo.ai; object-src 'none'; base-uri 'self';","count":1},{"content-security-policy-report-only":" connect-src *; frame-src *; img-src https: data: blob: about: safari-extension: safari-resource: chrome-extension:; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; report-uri https:\/\/portfolio.ccpsx.com\/api\/v1\/errors\/csp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-h1Z74HxPC4eaxYrFVwUbAA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net st.softgamings.com cdn.livechatinc.com www.google.com api.livechatinc.com www.gstatic.com snap.licdn.com bat.bing.com connect.facebook.net mc.yandex.ru www.clarity.ms scripts.clarity.ms consent.cookiebot.com *.softgamings.com clickiocmp.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com st.softgamings.com *.softgamings.com; font-src 'self' fonts.gstatic.com st.softgamings.com data: *.softgamings.com; img-src 'self' data: https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/www.googletagmanager.com https:\/\/stats.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net st.softgamings.com www.facebook.com www.google.ru px.ads.linkedin.com cdn.files-text.com secure.gravatar.com agstatic.com bat.bing.com www.googletagmanager.com *.softgamings.com images.dmca.com https:\/\/up.clickiocdn.com https:\/\/mc.yandex.com https:\/\/www.google.by; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/www.google.com https:\/\/px.ads.linkedin.com wss:\/\/mc.yandex.ru https:\/\/z.clarity.ms https:\/\/v.clarity.ms https:\/\/mc.yandex.ru *.softgamings.com https:\/\/hooks.slack.com https:\/\/bat.bing.com https:\/\/stats.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/mc.yandex.com wss:\/\/mc.yandex.com; frame-src 'self' https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/cdn.livechatinc.com https:\/\/secure.livechatinc.com https:\/\/mc.yandex.ru https:\/\/www.clarity.ms *.softgamings.com https:\/\/www.youtube.com\/ https:\/\/consentcdn.cookiebot.com https:\/\/bid.g.doubleclick.net; media-src 'self' https:\/\/video.softgamings.com *.softgamings.com","count":1},{"content-security-policy-report-only":" default-src https: wss: blob:; connect-src https: wss: blob:; script-src https: 'unsafe-inline' 'unsafe-eval'; worker-src 'self' blob:; style-src https: 'unsafe-inline' blob:; img-src https: data: blob:; font-src https: data: blob:; object-src https: data:; media-src https: data: blob:; frame-ancestors 'none'; report-uri \/security\/csp_violations","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.posthog.com https:\/\/fonts.googleapis.com; script-src 'self' 'nonce-vVgQ3G4YpWAmMcDvpus7bN' https:\/\/*.posthog.com https:\/\/*.i.posthog.com; font-src 'self' https:\/\/*.posthog.com https:\/\/app-static.eu.posthog.com https:\/\/app-static-prod.posthog.com https:\/\/d1sdjtjk6xzm7.cloudfront.net https:\/\/fonts.gstatic.com https:\/\/cdn.jsdelivr.net https:\/\/assets.faircado.com https:\/\/use.typekit.net; worker-src 'self'; child-src 'none'; object-src 'none'; media-src https:\/\/res.cloudinary.com; img-src 'self' data: https:\/\/*.posthog.com https:\/\/posthog.com https:\/\/www.gravatar.com https:\/\/res.cloudinary.com https:\/\/platform.slack-edge.com https:\/\/raw.githubusercontent.com; frame-ancestors https:\/\/posthog.com https:\/\/preview.posthog.com https:\/\/vercel.com; connect-src 'self' https:\/\/www.posthogstatus.com https:\/\/*.posthog.com  https:\/\/raw.githubusercontent.com https:\/\/api.github.com; frame-src https:; manifest-src 'self'; base-uri 'self'; report-uri https:\/\/us.i.posthog.com\/report\/?token=sTMFPsFhdP1Ssg&sample_rate=0.1&v=2; report-to posthog","count":1},{"content-security-policy-report-only":" script-src 'nonce-ZRO4d5wlFP1gZrzQ6wKUVA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/static-on-bigtable; base-uri 'none'","count":1},{"content-security-policy-report-only":" font-src *.cloudflare.com *.youtube.com *.twitter.com *.gstatic.com *.typekit.net *.mail.ru *.twimg.com *.trustedshops.com *.googleapis.com data: *.flocktory.com *.chatra.io *.adhigh.net *.weborama.fr *.acstat.com *.advcake.com *.cnt.my gdeslon.ru *.gdeslon.ru *.indoleads.com *.vk.com *.yotpo.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.twitter.com *.youtube.com *.chatra.io *.acstat.com *.advcake.com *.cnt.my gdeslon.ru *.gdeslon.ru *.indoleads.com *.vk.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.twitter.com *.youtube.com *.yandex.md *.flocktory.com *.mail.ru *.chatra.io *.adhigh.net *.weborama.fr *.acstat.com *.advcake.com *.cnt.my *.google.com gdeslon.ru *.gdeslon.ru *.indoleads.com *.vk.com 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.twitter.com *.yandex.md *.flocktory.com *.mail.ru *.chatra.io *.adhigh.net *.weborama.fr *.acstat.com *.advcake.com *.cnt.my *.google.com gdeslon.ru *.gdeslon.ru *.indoleads.com *.vk.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com *.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.cloudflare.com *.youtube.com *.klarna.com *.googleadservices.com *.google-analytics.com *.paypal.com *.twitter.com *.nr-data.net *.mail.ru *.googletagmanager.com *.bi.owox.com *.google.com *.google.ru *.flocktory.com *.chatra.io *.adhigh.net *.weborama.fr *.acstat.com *.advcake.com *.cnt.my gdeslon.ru *.gdeslon.ru *.indoleads.com *.vk.com vk.com *.maps.yandex.net *.yandex.ru *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.cloudflare.com *.youtube.com *.twitter.com *.google-analytics.com *.google.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.newrelic.com *.nr-data.net *.omtrdc.net *.googletagmanager.com *.jsdelivr.net *.flocktory.com *.mail.ru *.chatra.io *.adhigh.net *.weborama.fr *.acstat.com *.advcake.com *.cnt.my gdeslon.ru *.gdeslon.ru *.indoleads.com *.vk.com vk.com *.api-maps.yandex.ru *.suggest-maps.yandex.ru *.maps.yandex.net *.yandex.ru https:\/\/yastatic.net *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com maps.googleapis.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cloudflare.com *.youtube.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.jsdelivr.net *.flocktory.com *.mail.ru *.chatra.io *.adhigh.net *.weborama.fr *.acstat.com *.advcake.com *.cnt.my gdeslon.ru *.gdeslon.ru *.indoleads.com *.vk.com cdn.dnky.co webchat.dotdigital.com *.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net *.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.cloudflare.com *.youtube.com *.twitter.com *.paypal.com *.twimg.com *.google-analytics.com *.nr-data.net *.mail.ru *.dadata.ru *.demdex.net *.ipify.org *.yandex.ru ymetrica1.com *.bi.owox.com *.google.com *.yandex.md *.flocktory.com *.chatra.io *.adhigh.net *.weborama.fr *.acstat.com *.advcake.com *.cnt.my gdeslon.ru *.gdeslon.ru *.indoleads.com *.vk.com stats.g.doubleclick.net *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-k1Vg3fAPZRp_V3ESSgdhMg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' https:\/\/t.segger.com\/; font-src 'self' 'unsafe-inline' data: ; style-src 'self' 'unsafe-inline' data: ; img-src 'self' data: blob: https:\/\/t.segger.com\/ https:\/\/kb.segger.com\/ https:\/\/i.ytimg.com; script-src 'self' 'unsafe-inline' https:\/\/t.segger.com\/; script-src-elem 'self' 'unsafe-inline' https:\/\/t.segger.com\/ https:\/\/www.youtube.com\/iframe_api; frame-src https:\/\/www.youtube-nocookie.com 'self'; object-src 'self' data: blob:; media-src 'self'; report-uri https:\/\/sentry.marketing-factory.de\/api\/23\/security\/?sentry_key=c95fa11bd7c34b6757a4f34eca12437f","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ ; script-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ 'unsafe-inline' 'unsafe-eval' https:\/\/unpkg.com\/tailwindcss@%5E1.0\/ https:\/\/unpkg.com\/tailwindcss@^1.0\/ https:\/\/unpkg.com\/trix@1.2.3\/ https:\/\/cdn.jsdelivr.net\/jquery\/ https:\/\/cdn.jsdelivr.net\/momentjs\/ https:\/\/cdn.jsdelivr.net\/npm\/daterangepicker\/ https:\/\/cdn.jsdelivr.net\/npm\/ace-builds@1.43.1\/ https:\/\/cdn.jsdelivr.net\/npm\/ace-builds@1.43.3\/ https:\/\/a.slack-edge.com https:\/\/s3.amazonaws.com\/media.mycurricula.com\/ https:\/\/media.mycurricula.com.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.mycurricula.com\/ https:\/\/s3.amazonaws.com\/media.aws-cdn\/ https:\/\/media.aws-cdn.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.aws-cdn\/ https:\/\/s3.amazonaws.com\/aware-production\/ https:\/\/aware-production.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/aware-production\/ https:\/\/s3.amazonaws.com\/curricula-phishing\/ https:\/\/curricula-phishing.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/curricula-phishing\/ https:\/\/cmp.osano.com https:\/\/snippet.maze.co https:\/\/challenges.cloudflare.com https:\/\/ajax.cloudflare.com\/cdn-cgi\/scripts\/ https:\/\/ajax.aspnetcdn.com https:\/\/appsforoffice.microsoft.com https:\/\/cdn.amplitude.com https:\/\/js.stripe.com ; style-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ 'unsafe-inline' https:\/\/unpkg.com\/tailwindcss@%5E1.0\/ https:\/\/unpkg.com\/tailwindcss@^1.0\/ https:\/\/unpkg.com\/trix@1.2.3\/ https:\/\/cdn.jsdelivr.net\/npm\/daterangepicker\/ https:\/\/fonts.googleapis.com https:\/\/maxcdn.bootstrapcdn.com\/bootstrap\/ https:\/\/maxcdn.bootstrapcdn.com\/font-awesome\/ https:\/\/use.fontawesome.com https:\/\/static.licdn.com https:\/\/a.slack-edge.com https:\/\/s3.amazonaws.com\/media.mycurricula.com\/ https:\/\/media.mycurricula.com.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.mycurricula.com\/ https:\/\/s3.amazonaws.com\/media.aws-cdn\/ https:\/\/media.aws-cdn.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.aws-cdn\/ https:\/\/s3.amazonaws.com\/aware-production\/ https:\/\/aware-production.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/aware-production\/ https:\/\/s3.amazonaws.com\/curricula-phishing\/ https:\/\/curricula-phishing.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/curricula-phishing\/ https:\/\/assets-cdn.maze.co ; img-src * data: blob: ; font-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ data: https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com\/font-awesome\/ https:\/\/use.fontawesome.com https:\/\/a.slack-edge.com https:\/\/s3.amazonaws.com\/media.mycurricula.com\/ https:\/\/media.mycurricula.com.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.mycurricula.com\/ https:\/\/s3.amazonaws.com\/media.aws-cdn\/ https:\/\/media.aws-cdn.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.aws-cdn\/ https:\/\/s3.amazonaws.com\/aware-production\/ https:\/\/aware-production.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/aware-production\/ https:\/\/s3.amazonaws.com\/curricula-phishing\/ https:\/\/curricula-phishing.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/curricula-phishing\/ https:\/\/assets-cdn.maze.co https:\/\/i.s-microsoft.com\/fonts\/ ; media-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ data: https:\/\/s3.amazonaws.com\/media.mycurricula.com\/ https:\/\/media.mycurricula.com.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.mycurricula.com\/ https:\/\/s3.amazonaws.com\/media.aws-cdn\/ https:\/\/media.aws-cdn.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.aws-cdn\/ https:\/\/s3.amazonaws.com\/aware-production\/ https:\/\/aware-production.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/aware-production\/ https:\/\/s3.amazonaws.com\/curricula-phishing\/ https:\/\/curricula-phishing.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/curricula-phishing\/ https:\/\/cdn.mycurricula.com ; connect-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ data: blob: https:\/\/cdn.plyr.io https:\/\/s3.amazonaws.com\/media.mycurricula.com\/ https:\/\/media.mycurricula.com.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.mycurricula.com\/ https:\/\/s3.amazonaws.com\/media.aws-cdn\/ https:\/\/media.aws-cdn.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.aws-cdn\/ https:\/\/s3.amazonaws.com\/aware-production\/ https:\/\/aware-production.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/aware-production\/ https:\/\/s3.amazonaws.com\/curricula-phishing\/ https:\/\/curricula-phishing.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/curricula-phishing\/ https:\/\/tattle.api.osano.com https:\/\/prompts.maze.co https:\/\/graph.microsoft.com https:\/\/browser-intake-datadoghq.com https:\/\/cdn.jsdelivr.net\/codemirror.spell-checker\/ wss:\/\/sat-ws.mycurricula.com https:\/\/sr-client-cfg.amplitude.com https:\/\/api-sr.amplitude.com https:\/\/gs.amplitude.com https:\/\/api2.amplitude.com\/2\/httpapi https:\/\/api.eu.amplitude.com\/2\/httpapi https:\/\/api.lab.amplitude.com https:\/\/flag.lab.amplitude.com ; worker-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ blob: ; frame-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ https:\/\/breach-notice.com https:\/\/businessnotice.org https:\/\/databoxonline.com https:\/\/electronic-hr.com https:\/\/emailtransaction.com https:\/\/employee-services.org https:\/\/feedback-collect.com https:\/\/filesharingnow.com https:\/\/fraud-assistance.com https:\/\/governmentnotice.org https:\/\/invite-meeting.com https:\/\/mailbox-quota.com https:\/\/news-article.com https:\/\/notificationservices.org https:\/\/passwordsnotification.com https:\/\/payment-process.com https:\/\/securelinkedin.com https:\/\/security-updater.com https:\/\/securitynotifications.org https:\/\/mycurricula.com https:\/\/alerts.mycurricula.com https:\/\/phish.mycurricula.com https:\/\/t.maze.co https:\/\/challenges.cloudflare.com https:\/\/js.stripe.com https:\/\/www.youtube.com https:\/\/player.vimeo.com ; manifest-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ https:\/\/s3.amazonaws.com\/media.mycurricula.com\/ https:\/\/media.mycurricula.com.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.mycurricula.com\/ https:\/\/s3.amazonaws.com\/media.aws-cdn\/ https:\/\/media.aws-cdn.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/media.aws-cdn\/ https:\/\/s3.amazonaws.com\/aware-production\/ https:\/\/aware-production.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/aware-production\/ https:\/\/s3.amazonaws.com\/curricula-phishing\/ https:\/\/curricula-phishing.s3.amazonaws.com https:\/\/s3.us-east-1.amazonaws.com\/curricula-phishing\/ ; child-src 'self' https:\/\/d2v8pn2kg220hg.cloudfront.net\/c2b0a423-b56b-479d-938b-810c3334e4cd\/ blob: ; report-uri https:\/\/mycurricula.com\/_\/csp\/report","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-fmocfzG0DSE2MeOXIbQkWw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' blob: *; img-src 'self' data: *; script-src 'self' blob: * 'unsafe-inline' 'unsafe-eval'; style-src 'self' * 'unsafe-inline'; font-src 'self' data: *; connect-src *; frame-ancestors 'self'; base-uri 'self'; form-action 'self'","count":1},{"content-security-policy-report-only":" report-uri \/api\/v1\/csp\/violation; script-src https:\/\/*.intercom.io https:\/\/js.intercomcdn.com https:\/\/www.google-analytics.com 'unsafe-inline' https:\/\/optimize.google.com 'self' https:\/\/widget.trustpilot.com https:\/\/cdn.segment.com https:\/\/*.typekit.net https:\/\/www.googletagmanager.com https:\/\/cdn.mxpnl.com https:\/\/*.fullstory.com https:\/\/fullstory.com https:\/\/connect.facebook.net https:\/\/ajax.googleapis.com https:\/\/js.stripe.com https:\/\/bat.bing.com https:\/\/www.googleadservices.com 'unsafe-eval'; plugin-types application\/pdf; frame-ancestors 'none'; child-src https:\/\/share.intercom.io https:\/\/intercom-sheets.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.net https:\/\/*.doubleclick.net https:\/\/js.stripe.com; font-src https:\/\/js.intercomcdn.com https:\/\/fonts.gstatic.com 'self' https:\/\/*.typekit.net; media-src https:\/\/js.intercomcdn.com 'self'; base-uri 'none'; connect-src https:\/\/*.intercom.io wss:\/\/*.intercom.io https:\/\/uploads.intercomcdn.com https:\/\/uploads.intercomusercontent.com https:\/\/app.getsentry.com 'self' https:\/\/www.google-analytics.com https:\/\/*.doubleclick.net https:\/\/api.mixpanel.com https:\/\/*.fullstory.com https:\/\/*.typekit.net https:\/\/api.segment.io https:\/\/adservice.google.com https:\/\/*.launchdarkly.com; form-action 'self'; style-src 'unsafe-inline' https:\/\/optimize.google.com https:\/\/fonts.googleapis.com 'self' https:\/\/*.cloudfront.net https:\/\/*.typekit.net; object-src 'self'; default-src 'none'; frame-src https:\/\/optimize.google.com https:\/\/js.stripe.com https:\/\/*.doubleclick.net; img-src https:\/\/*.intercomcdn.com https:\/\/static.intercomassets.com https:\/\/uploads.intercomusercontent.com https:\/\/www.google-analytics.com https:\/\/optimize.google.com https: data:","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' audience.artcena.fr cdnjs.cloudflare.com maps.googleapis.com unpkg.com cdn.jsdelivr.net static.addtoany.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; img-src 'self'  data: maps.gstatic.com maps.googleapis.com; frame-src static.addtoany.com; font-src 'self' fonts.gstatic.com; connect-src 'self' audience.artcena.fr maps.googleapis.com; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net fonts.googleapis.com *.googleapis.com *.gstatic.com data: *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.klarnacdn.net *.fontawesome.com maxcdn.bootstrapcdn.com *.oct8ne.com https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.semprefarmacia.it https:\/\/*.cloudflare.com https:\/\/*.shippypro.com https:\/\/*.google.com https:\/\/*.klarna.com https:\/\/*.channelize.io https:\/\/*.reskyt.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.semprefarmacia.it https:\/\/*.shippypro.com https:\/\/*.google.com https:\/\/*.klarna.com https:\/\/*.channelize.io https:\/\/*.reskyt.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.sella.it *.gestpay.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.google.com *.sella.it *.gestpay.net https:\/\/*.tiktokcdn-eu.com https:\/\/*.tiktok.com https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/*.klarna.com *.oct8ne.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.semprefarmacia.it https:\/\/*.shippypro.com https:\/\/*.google.com https:\/\/*.channelize.io https:\/\/*.reskyt.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https:\/\/images.unsplash.com *.feedaty.com https:\/\/*.tiktokcdn-eu.com https:\/\/*.tiktok.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com cdn.doofinder.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/*.klarna.com *.klarnaevt.com *.klarnacdn.net *.oct8ne.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.gstatic.com pay.google.com google.com\/pay ecomms2s.sella.it sandbox.gestpay.net img.riskified.com https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.semprefarmacia.it https:\/\/semprefarmacia.it https:\/\/*.cookiebot.com https:\/\/*.feedaty.com https:\/\/*.shippypro.com https:\/\/*.google.it https:\/\/*.doubleclick.net https:\/\/*.bidswitch.net https:\/\/*.adnxs.com https:\/\/*.smartadserver.com https:\/\/*.taboola.com https:\/\/*.1rx.io https:\/\/*.omnitagjs.com https:\/\/*.casalemedia.com https:\/\/*.criteo.com https:\/\/id5-sync.com https:\/\/*.360yield.com https:\/\/*.ivitrack.com https:\/\/*.media.net https:\/\/*.mediavine.com https:\/\/*.postrelease.com https:\/\/*.outbrain.com https:\/\/*.pubmatic.com https:\/\/*.rubiconproject.com https:\/\/*.sharethrough.com https:\/\/*.teads.tv https:\/\/*.tremorhub.com https:\/\/*.3lift.com https:\/\/*.yieldlab.net https:\/\/*.yieldmo.com https:\/\/*.emxdgt.com https:\/\/*.adform.net https:\/\/*.unrulymedia.com https:\/\/*.google.com https:\/\/*.amazonaws.com https:\/\/*.getsitecontrol.com https:\/\/*.icons8.com https:\/\/*.agkn.com https:\/\/*.lgw.com https:\/\/*.awin1.com https:\/\/*.idealo-partner.com https:\/\/*.zenaps.com https:\/\/*.wepowerconnections.com https:\/\/*.dmxleo.com https:\/\/*.kelkoogroup.net https:\/\/*.channelize.io https:\/\/*.doofinder.com https:\/\/*.reskyt.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.channelize.io *.sella.it *.gestpay.net *.feedaty.com https:\/\/*.tiktokcdn-eu.com https:\/\/*.tiktok.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com cdn.doofinder.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/*.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com widget.freshworks.com m2epro.freshdesk.com *.avada.io *.oct8ne.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.google.com www.gstatic.com beacon.riskified.com https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.semprefarmacia.it https:\/\/*.facebook.net https:\/\/*.cookiebot.com https:\/\/*.feedaty.com https:\/\/*.cloudflare.com https:\/\/*.shippypro.com https:\/\/*.google.com https:\/\/*.videoask.com https:\/\/*.videoask.it https:\/\/*.criteo.net https:\/\/*.criteo.com https:\/\/*.dwin1.com https:\/\/*.hotjar.com https:\/\/*.zdassets.com https:\/\/*.getsitecontrol.com https:\/\/*.connectif.cloud https:\/\/*.cloudflareinsights.com https:\/\/*.calendly.com https:\/\/*.kk-resources.com https:\/\/*.shopalike.it https:\/\/*.awin1.com https:\/\/*.sciencebehindecommerce.com https:\/\/*.channelize.io https:\/\/*.reskyt.com https:\/\/*.doofinder.com tracking.trovaprezzi.it www.trovaprezzi.it tps.trovaprezzi.it 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.feedaty.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com *.doofinder.com *.klarnacdn.net widget.freshworks.com m2epro.freshdesk.com *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.semprefarmacia.it https:\/\/*.cloudflare.com https:\/\/*.shippypro.com https:\/\/*.google.com https:\/\/*.feedaty.com https:\/\/*.klarna.com https:\/\/*.channelize.io https:\/\/*.reskyt.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/*.tiktokcdn-eu.com https:\/\/*.tiktok.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.semprefarmacia.it https:\/\/*.shippypro.com https:\/\/*.google.com https:\/\/*.youtube.com https:\/\/*.klarna.com https:\/\/*.channelize.io https:\/\/*.reskyt.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.channelize.io *.feedaty.com https:\/\/*.tiktokcdn-eu.com https:\/\/*.tiktok.com *.doofinder.com wss:\/\/*.doofinder.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/*.klarna.com widget.freshworks.com m2epro.freshdesk.com https:\/\/get.geojs.io *.avada.io *.oct8ne.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com www.google.com www.gstatic.com pay.google.com google.com\/pay ecomms2s.sella.it sandbox.gestpay.net c.riskified.com https:\/\/*.dnafactory.it https:\/\/*.dnalab.online https:\/\/*.semprefarmacia.it https:\/\/*.google.com https:\/\/google.com https:\/\/*.google-analytics.com https:\/\/*.cookiebot.com https:\/\/*.feedaty.com https:\/\/*.shippypro.com https:\/\/*.googlesyndication.com https:\/\/*.criteo.com https:\/\/*.zdassets.com https:\/\/*.getsitecontrol.com https:\/\/*.zendesk.com https:\/\/*.doubleclick.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/*.connectif.cloud https:\/\/*.getsitectrl.com https:\/\/*.kelkoogroup.net https:\/\/*.sciencebehindecommerce.com https:\/\/*.channelize.io https:\/\/*.reskyt.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" worker-src blob:; font-src cdn.parcellab.com fonts.gstatic.com http:\/\/use.typekit.net *.typekit.net *.gstatic.com *.applepay.cdn-apple.com applepay.cdn-apple.com *.byredo.com *.cloudflare.com *.googleapis.com js.klevu.com *.trustedshops.com *.twimg.com *.twitter.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.booxi.eu data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com http:\/\/pilot-payflowlink.paypal.com http:\/\/www.paypal.com http:\/\/www.sandbox.paypal.com *.paypal.com *.adyen.com *.facebook.com *.twitter.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self' https:\/\/app.eu.contentful.com; frame-src cdn.parcellab.com fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com http:\/\/bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com http:\/\/www.paypal.com http:\/\/www.sandbox.paypal.com http:\/\/pilot-payflowlink.paypal.com http:\/\/player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com http:\/\/google.com *.google.com www.googletagmanager.com *.adyen.com csxd.byredo.com *.facebook.com *.hotjar.com *.pinterest.com *.twitter.com *.criteo.com *.kameleoon.com *.vimeo.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * http:\/\/www.xtento.com *.weltpixel.com 'self' 'unsafe-inline'; img-src cdn.parcellab.com images.eu.ctfassets.net videos.ctfassets.net videos.eu.ctfassets.net https:\/\/*.processout.com assets.adobedtm.com amcglobal.sc.omtrdc.net http:\/\/dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com http:\/\/www.google-analytics.com http:\/\/googleads.g.doubleclick.net *.google.com.ua *.google.fr *.google.de *.google.hu *.google.be *.google.lu *.google.co.jp *.google.co.uk *.google.ch *.google.it *.google.se http:\/\/www.google.com http:\/\/bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com http:\/\/www.paypal.com www.paypalobjects.com http:\/\/fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com http:\/\/p.typekit.net *.paypal.com *.typekit.net *.gstatic.com http:\/\/validator.swagger.io *.ftcdn.net *.behance.net data: *.adyen.com *.bing.com *.byredo.com *.clarity.ms *.cloudflare.com *.contentsquare.net *.contentsquare.com *.cookielaw.org *.cookiepro.com blob: *.facebook.com *.google.com *.google-analytics. *.googleadservices.com *.klarna.com *.cloudfront.net js.klevu.com *.lightemporium.com *.linksynergy.com *.mediaforge.com *.nr-data.net *.nxtck.com *.pinterest.com *.teads.tv *.twimg.com *.twitter.com *.usercentrics.eu *.ytimg.com *.criteo.com *.doubleclick.net tr.line.me adservice.google.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.googlesyndication.com analytics.tiktok.com *.klevu.com *.ksearchnet.com http:\/\/www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.cloudimg.io http:\/\/www.xtento.com http:\/\/cdn.xtento.com *.jrs5.com *.storefrontcloud.io *.vaimo.net data: 'self' 'unsafe-inline'; script-src cdn.parcellab.com developers.kakao.com *.kakaocdn.net assets.adobedtm.com https:\/\/*.processout.com ariane.abtasty.com cdn.abtasty.com try.abtasty.com *.try.abtasty.com https:\/\/try.abtasty.com *.g10894638425.co *.google.com *.adobe.com *.booxi.eu https:\/\/js.processout.com\/processout.js *.rakuten.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com http:\/\/www.google-analytics.com http:\/\/googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com http:\/\/www.paypal.com http:\/\/www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com http:\/\/www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com http:\/\/use.typekit.net *.typekit.net http:\/\/google.com *.google.com *.cdn-apple.com *.adyen.com *.bing.com *.byredo.com *.clarity.ms *.cloudflare.com *.cloudfront.net *.contentsquare.net *.contentsquare.com cdn.cookielaw.org *.cookiepro.com *.doubleclick.net *.emarsys.net *.facebook.com *.forter.com wss:\/\/cdn0.forter.com http:\/\/geolocation.onetrust.com *.google-analytics.com *.googleapis.com *.hotjar.com:* *.hotjar.io *.ksearchnet.com http:\/\/privacyportal-eu.onetrust.com *.pinterest.com *.scarabresearch.com *.teads.tv *.twimg.com *.twitter.com *.zdassets.com wss:\/\/widget-mediator.zopim.com\/ *.zendesk.com *.criteo.com *.analytics.google.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.googlesyndication.com analytics.tiktok.com madefor.github.io *.klevu.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.contentful.com cdn.contentful.com videos.eu.ctfassets.net *.ctfassets.net *.cloudflareinsights.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src cdn.parcellab.com *.adobe.com fonts.googleapis.com *.byredo.com *.cloudflare.com *.fontawesome.com *.googleapis.com *.gstatic.com js.klevu.com *.trustedshops.com *.twimg.com *.twitter.com *.typekit.net *.usercentrics.eu *.kameleoon.com *.klevu.com *.ksearchnet.com assets.braintreegateway.com *.cloudimg.io *.scaleflex.it https:\/\/js.klevu.com *.booxi.eu 'self' 'unsafe-inline'; object-src *.cookiepro.com; media-src cdn.parcellab.com *.adobe.com *.zdassets.com *.videos.eu.ctfassets.net videos.ctfassets.net videos.eu.ctfassets.net *.assets.eu.ctfassets.net assets.ctfassets.net assets.eu.ctfassets.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src https:\/\/www.byredo.com \/api cdn.parcellab.com *.kakao.com *.kakaocdn.net https:\/\/open.spotify.com https:\/\/*.processout.com https:\/\/*.ravelin.click https:\/\/*.onetrust.com http:\/\/dpm.demdex.net dcinfos-cache.abtasty.com *.abtasty.com ariane.abtasty.com cdn.abtasty.com amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com http:\/\/www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net http:\/\/vimeo.com http:\/\/www.sandbox.paypal.com www.paypalobjects.com http:\/\/www.paypal.com http:\/\/pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com http:\/\/google.com *.google.com *.adyen.com *.bing.com *.byredo.com *.clarity.ms *.cloudflare.com *.cloudfront.net *.contentsquare.net *.contentsquare.com cdn.cookielaw.org *.cookiepro.com *.doubleclick.net *.emarsys.net *.facebook.com *.forter.com wss:\/\/cdn0.forter.com http:\/\/geolocation.onetrust.com *.google-analytics.com *.googleapis.com *.hotjar.com:* *.hotjar.io *.ksearchnet.com http:\/\/privacyportal-eu.onetrust.com *.pinterest.com *.scarabresearch.com *.teads.tv *.twimg.com *.twitter.com *.zdassets.com wss:\/\/widget-mediator.zopim.com\/ *.zendesk.com *.criteo.com *.analytics.google.com *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.googlesyndication.com analytics.tiktok.com madefor.github.io *.klevu.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.contentful.com *.cdn.contentful.com videos.eu.ctfassets.net *.ctfassets.net 'self' 'unsafe-inline'; child-src blob: assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' data: *.marianatek.com *.cookielaw.org *.chilipiper.com *.googletagmanager.com *.google.com *.gstatic.com *.cloudflare.com *.youtube.com *.youtube-nocookie.com *.vimeo.com *.licdn.com *.facebook.net *.clarity.ms *.google-analytics.com *.hs-scripts.com *.doubleclick.net unpkg.com *.wistia.net;upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'nonce-qCxnj8_J2UvRAzGUBlbfLYB5' 'strict-dynamic' http: https:; base-uri 'none';","count":1},{"content-security-policy-report-only":" script-src-elem 'self' *.googletagmanager.com https:\/\/*.mopinion.com https:\/\/integration.occ7.mtel.eu https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/www.clarity.ms https:\/\/c.clarity.ms\/ https:\/\/www.youtube.com https:\/\/static.doubleclick.net https:\/\/api.evolveip.eu\/ChatWebAzure\/EipChat.js 'nonce-q4UFutdq4sas\/x6bHVoux7f1RiwLNirxNTsP6M2YBQk='; script-src 'self' 'unsafe-eval' *.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/connect.facebook.net 'sha256-TqjM\/ocl9Ih4hsJxBuYJi9DiPkAJnBID1b5nkiBEnYI=' 'sha256-vemytl4W5Qmww8+4p7ijbNPmvDbs6GPIf7CXCwtOWgc=' 'nonce-q4UFutdq4sas\/x6bHVoux7f1RiwLNirxNTsP6M2YBQk='; report-uri \/umbraco\/api\/csp\/report; default-src 'none'; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/cdn.faceworks.nl https:\/\/*.mopinion.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/fonts.mopinion.com https:\/\/edge.cookieconsent.io; img-src 'self' mijn.s-bb.nl *.googletagmanager.com px.ads.linkedin.com https:\/\/www.facebook.com https:\/\/edge.cookieconsent.io https:\/\/www.toegankelijkheidsverklaring.nl; form-action 'self'; base-uri 'self'; frame-ancestors 'self'; frame-src 'self' youtube.com www.youtube.com; manifest-src 'self'; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/*.mopinion.com https:\/\/*.clarity.ms https:\/\/api.cookieconsent.io https:\/\/px.ads.linkedin.com https:\/\/connect.facebook.net https:\/\/api.evolveip.eu https:\/\/ukaz-web01f.ccaas.enghouse.cloud\/scripts\/ChatExtension.dll","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-CRgbHf4TtOyS2YMxnH0hKQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self';    script-src 'self' 'unsafe-inline'  https:\/\/cdn.jsdelivr.net\/npm\/@gumlet\/ webapp.gumlet.com snap.licdn.com googleads.g.doubleclick.net js-na2.hs-scripts.com challenges.cloudflare.com script.hotjar.com embed.savvycal.com tracking.g2crowd.com analytics.ahrefs.com cdn.firstpromoter.com www.googletagmanager.com js-na2.hsadspixel.net js-na2.hs-banner.com js-na2.hs-analytics.net static.hotjar.com browser-update.org www.redditstatic.com static.cloudflareinsights.com static.ads-twitter.com widget.intercom.io js.intercomcdn.com app.factors.ai;    style-src 'self' 'unsafe-inline';    img-src * blob: data:;    font-src *;    media-src video.gumlet.io;    object-src 'none';    base-uri 'self';    form-action 'self' *.gumlet.com webapp.gumlet.com;    connect-src *;    frame-ancestors 'none';    frame-src play.gumlet.io www.googletagmanager.com savvycal.com challenges.cloudflare.com;    upgrade-insecure-requests;    report-to gumlet-nel;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.clarity.ms https:\/\/cdn.cookielaw.org https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/players.brightcove.net\/ https:\/\/www.recaptcha.net https:\/\/www.gstatic.com https:\/\/js-agent.newrelic.com https:\/\/pi.pardot.com https:\/\/www.youtube.com https:\/\/in2.taskanalytics.com https:\/\/bam.nr-data.net https:\/\/snap.licdn.com https:\/\/googleads.g.doubleclick.net https:\/\/info.weareplanet.com https:\/\/www.googleadservices.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/tag.demandbase.com https:\/\/j.6sc.co https:\/\/tracking.g2crowd.com https:\/\/connect.facebook.net https:\/\/tpc.googlesyndication.com https:\/\/cdn.weglot.com\/weglot.min.js https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/www.google.com; style-src 'self' 'report-sample' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; webrtc 'block'; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/d335luupugsy2.cloudfront.net https:\/\/cdn.leadster.com.br; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https: http:; font-src 'self' https:\/\/fonts.gstatic.com; connect-src 'self' https: wss:; frame-src 'self' https:\/\/*.facebook.com; object-src 'none'; base-uri 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/www.allesedv.at\/mixedContentReporting.php","count":1},{"content-security-policy-report-only":" connect-src 'self' https:\/\/analytics.tiktok.com https:\/\/api.hubspot.com https:\/\/app.clearbit.com https:\/\/cdn.cookielaw.org https:\/\/cdn.dreamdata.cloud https:\/\/content.hotjar.io https:\/\/cta-service-cms2.hubspot.com https:\/\/forms.hsforms.com https:\/\/px.ads.linkedin.com https:\/\/script.crazyegg.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/edge.api.brightcove.com https:\/\/bat.bing.com\/ https:\/\/manifest.prod.boltdns.net https:\/\/sdl.brightcovecdn.com https:\/\/logx.optimizely.com https:\/\/*.optimizely.com; default-src 'self'; font-src 'self' data: https:\/\/use.typekit.net https:\/\/*.optimizely.com; frame-ancestors 'none'; frame-src https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/cm.g.doubleclick.net https:\/\/www.facebook.com https:\/\/calendly.com https:\/\/forms.hsforms.com https:\/\/a5098497884553216.cdn.optimizely.com https:\/\/a5098497884553216.cdn-pci.optimizely.com; img-src 'self' data: https:\/\/bat.bing.com https:\/\/forms-na1.hsforms.com https:\/\/ib.adnxs.com https:\/\/perf-na1.hsforms.com https:\/\/px.ads.linkedin.com https:\/\/secure.adnxs.com https:\/\/track.accountinsight.cloud https:\/\/track.hubspot.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.com.ua https:\/\/metrics.brightcove.com https:\/\/www.googletagmanager.com https:\/\/cf-images.us-east-1.prod.boltdns.net https:\/\/cdn.optimizely.com https:\/\/app.optimizely.com; media-src 'self' blob:; script-src 'self' 'nonce-rzmQmwHQdhZnXlY0MPxTvQ==' https:\/\/a.dpmsrv.com https:\/\/analytics.tiktok.com https:\/\/bat.bing.com https:\/\/cdn.cookielaw.org https:\/\/cdn.dreamdata.cloud https:\/\/cm.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/ib.adnxs.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.hs-scripts.com https:\/\/js.hsforms.net https:\/\/js.hubspot.com https:\/\/js.usemessages.com https:\/\/s.dpmsrv.com https:\/\/script.crazyegg.com https:\/\/script.hotjar.com https:\/\/serve.nrich.ai https:\/\/snap.licdn.com https:\/\/st.getsitecontrol.com https:\/\/static.hotjar.com https:\/\/tag.clearbitscripts.com https:\/\/widgets.getsitecontrol.com https:\/\/www.googletagmanager.com https:\/\/x.clearbitjs.com https:\/\/assets.calendly.com https:\/\/static.hsappstatic.net https:\/\/48752163.fs1.hubspotusercontent-na1.net https:\/\/cdnjs.cloudflare.com https:\/\/players.brightcove.net wss:\/\/ws.hotjar.com\/ https:\/\/*.optimizely.com https:\/\/optimizely.s3.amazonaws.com https:\/\/cdn-assets-prod.s3.amazonaws.com 'unsafe-eval'; style-src 'self' 'unsafe-inline' https:\/\/*.typekit.net https:\/\/assets.calendly.com https:\/\/*.optimizely.com https:\/\/app.optimizely.com; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" frame-src *.force.com https:\/\/player.vimeo.com https:\/\/omt.honda.com https:\/\/owners.honda.com https:\/\/honda.demdex.net 'self' https:\/\/www.acura.com https:\/\/stats.g.doubleclick.net *.youtube.co.uk https:\/\/sfdc-link-preview.hk.salesforce.com https:\/\/media-ahfc.cdn-us.techsee.me https:\/\/checkoutshopper-test.adyen.com\/ https:\/\/pal-test.adyen.com https:\/\/cdn.cookielaw.org *.cybersource.com *.youtube.es http:\/\/code.jquery.com https:\/\/ahfc-api.techsee.me https:\/\/somt.honda.com *.adis.ws https:\/\/ahfc--webproj1.my.salesforce.com https:\/\/www.gstatic.com https:\/\/usa690.sfdc-lywfpd.salesforce.com *.youtube.ie https:\/\/www.youtube.com https:\/\/assets.adobedtm.com *.cloudinary.com https:\/\/www.google.com https:\/\/pay.google.com https:\/\/analytics.google.com *.vimeo.com *.youtube.jp https:\/\/rec1.techsee.me bcove.video https:\/\/dpm.demdex.net https:\/\/techsee.me https:\/\/survey2.sendyouropinions.com *.youtube.fr *.gstatic.com https:\/\/eshopping.americanhondafinance.com https:\/\/*.a.forceusercontent.com *.facebook.com https:\/\/player.cloudinary.com https:\/\/sfdc-link-preview-staging.sfdc.sh https:\/\/s1.adis.ws *.forceusercontent.com *.youtube.com *.brightcove.net *.youtube.nl https:\/\/service.force.com\/embeddedservice\/ https:\/\/fast.wistia.net *.quip.com *.arkoselabs.com *.youtube-nocookie.com https:\/\/www.paypal.com https:\/\/imagebaseurl.techsee.me https:\/\/appiniummastertrial.secure.force.com https:\/\/play.vidyard.com https:\/\/ahfc.file.force.com https:\/\/cm.everesttech.net *.youtube.com.br https:\/\/uat2.sendyouropinions.com https:\/\/prod-us.techsee.me https:\/\/prod-eu.techsee.me *.salesforce-experience.com *.salesforceliveagent.com https:\/\/scormanywhere.secure.force.com https:\/\/sdk-us.techsee.me https:\/\/checkoutshopper-live.adyen.com\/ *.sfdcfc.net https:\/\/maps.a.forceusercontent.com https:\/\/consent-api.onetrust.com *.youtube.ca https:\/\/location.force.com https:\/\/ahfc.sf-na.techsee.me https:\/\/fonts.googleapis.com *.vidyard.com https:\/\/rec.techsee.me https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/geolocation.onetrust.com https:\/\/players.brightcove.net https:\/\/td.doubleclick.net https:\/\/automobiles.honda.com https:\/\/powersports.honda.com https:\/\/cdn.embedly.com https:\/\/www.google.com\/recaptcha\/ https:\/\/js.stripe.com\/ https:\/\/www.sandbox.paypal.com https:\/\/*.a.forceusercontent.com\/lightningmaps\/ https:\/\/www.googletagmanager.com *.wistia.net https:\/\/www.google-analytics.com *.salesforce.com https:\/\/ahfc.sf-na.desktop.show *.youtube.pl; report-to sfdc-csp-ep; report-uri https:\/\/ahfc.lightning.force.com\/_\/ContentDomainCSPNoAuth?tenantId=00Dj0000001oPqD&networkId=0DM5b000000wk5s&type=communities","count":1},{"content-security-policy-report-only":" script-src 'nonce-q1jZ8yxIHF20xZI5lzsDRw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/static-on-bigtable; base-uri 'none'","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com www.redwolfairsoft.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com airwallex.com *.airwallex.com google.com *.google.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com www.redwolfairsoft.com 'self' 'unsafe-inline'; frame-ancestors *.bolt.com www.gstatic.com www.redwolfairsoft.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.bolt.com www.google.com www.googletagmanager.com checkout.airwallex.com checkout-demo.airwallex.com h.online-metrix.net\/ static-demo.airwallex.com pci-api-demo.airwallex.com demo-pacybsmock.airwallex.com imgs.signifyd.com airwallex.com *.airwallex.com google.com *.google.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com sandbox.secure.checkout.visa.com secure.checkout.visa.com thm.visa.com sandbox.src.mastercard.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com https:\/\/www.google.com www.redwolfairsoft.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.online-metrix.net\/ checkout.airwallex.com imgs.signifyd.com checkout-demo.airwallex.com airwallex.com *.airwallex.com google.com *.google.com www.gstatic.com sandbox.secure.checkout.visa.com secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com assets.secure.checkout.visa.com thm.visa.com validate.fishpig.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.redwolfairsoft.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.bolt.com *.commerce-quick-checkout.com http:\/\/localhost:8082 https:\/\/www.gstatic.com\/recaptcha\/ www.google.com checkout.airwallex.com checkout-demo.airwallex.com h.online-metrix.net\/ static-demo.airwallex.com static.airwallex.com cdn-scripts.signifyd.com bws-demo.airwallex.com bws.airwallex.com imgs.signifyd.com h64.online-metrix.net airwallex.com *.airwallex.com google.com *.google.com *.cdn-apple.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net sandbox.secure.checkout.visa.com secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com assets.secure.checkout.visa.com thm.visa.com sandbox.src.mastercard.com songbirdstag.cardinalcommerce.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io https:\/\/www.google.com https:\/\/www.gstatic.com www.redwolfairsoft.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/static.klaviyo.com *.fontawesome.com www.redwolfairsoft.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.redwolfairsoft.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bolt.com checkout.airwallex.com checkout-demo.airwallex.com h.online-metrix.net\/ bws-demo.airwallex.com bws.airwallex.com api-demo.airwallex.com api.airwallex.com o11y-demo.airwallex.com o11y.airwallex.com imgs.signifyd.com airwallex.com *.airwallex.com google.com *.google.com thm.visa.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io www.redwolfairsoft.com 'self' 'unsafe-inline'; child-src airwallex.com *.airwallex.com www.redwolfairsoft.com http: https: blob: 'self' 'unsafe-inline'; default-src airwallex.com *.airwallex.com www.redwolfairsoft.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.appreciatehub.com *.google-analytics.com *.cloudflare.com https:\/\/*.googleapis.com https:\/\/*.pendo.io https:\/\/*.alamoapp.octanner.io https:\/\/*.api.octanner.net https:\/\/*.salesforce.com *.cloudinary.com https:\/\/s3.amazonaws.com\/oc-images-api\/* *.doubleclick.net *.octanner.net *.gstatic.com *.jwpcdn.com *.recaptcha.net https:\/\/www.gstatic.com\/recaptcha\/releases\/*  wss:\/\/*.fathomvoice.com *.fathomvoice.com *.fonticons.com *.fortawesome.com 'unsafe-inline' 'unsafe-eval' data:; frame-src 'self' www.google.com www.recaptcha.net https:\/\/res.cloudinary.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' challenges.cloudflare.com js.stripe.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: cdn.onlylinks.com *.r2.dev *.cdninstagram.com *.twimg.com *.pexels.com images.pexels.com randomuser.me; connect-src 'self' analytics.onlylinks.com *.sentry.io *.stripe.com challenges.cloudflare.com; frame-src 'self' challenges.cloudflare.com js.stripe.com *.youtube.com; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com *.fontawesome.com *.oct8ne.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ int-ecommerce.nexi.it ecommerce.nexi.it stg-ta.nexigroup.com xpay.nexigroup.com https:\/\/www.googletagmanager.com\/ *.oct8ne.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com *.gstatic.com *.feedaty.com *.erickson.it http:\/\/risorseonline.erickson.it *.salesmanago.com cdn.doofinder.com int-ecommerce.nexi.it ecommerce.nexi.it stg-ta.nexigroup.com xpay.nexigroup.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.oct8ne.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com *.googleapis.com *.gstatic.com *.feedaty.com *.iubenda.com *.acsbapp.com *.salesmanago.com *.erickson.it *.zdassets.com cdn.doofinder.com https:\/\/code.gelproximity.com int-ecommerce.nexi.it ecommerce.nexi.it stg-ta.nexigroup.com xpay.nexigroup.com www.google.com www.gstatic.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.oct8ne.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.feedaty.com *.doofinder.com *.fontawesome.com unsafe-inline assets.braintreegateway.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io *.googleapis.com *.feedaty.com *.doubleclick.net *.scalapay.com *.erickson.it *.acsbapp.com *.zdassets.com *.iubenda.com *.doofinder.com wss:\/\/*.doofinder.com int-ecommerce.nexi.it ecommerce.nexi.it stg-ta.nexigroup.com xpay.nexigroup.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.oct8ne.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" frame-src 'self' https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/www.googletagmanager.com;","count":1},{"content-security-policy-report-only":" default-src https:\/\/*.hint.com 'self' https:\/\/static.hsappstatic.net; img-src 'self' https:\/\/*.hint.com https:\/\/www.facebook.com https:\/\/app.hubspot.com https:\/\/*.hsforms.com https:\/\/avatars.hubspot.net https:\/\/static.hsappstatic.net https:\/\/www.google.com https:\/\/www.google.com https:\/\/t.co https:\/\/www.google-analytics.com https:\/\/analytics.twitter.com https:\/\/facebook.com https:\/\/heapanalytics.com https:\/\/p.typekit.net https:\/\/px.ads.linkedin.com https:\/\/www.google.com\/ads https:\/\/www.facebook.com\/tr https:\/\/track.hubspot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdnjs.cloudflare.com https:\/\/www.gstatic.com https:\/\/www.google.com\/recaptcha\/enterprise.js https:\/\/313589.fs1.hubspotusercontent-na1.net https:\/\/platform.twitter.com https:\/\/platform.linkedin.com\/in.js  https:\/\/js.hsleadflows.net https:\/\/script.hotjar.com https:\/\/www.googletagmanager.com https:\/\/snap.licdn.com https:\/\/static.hotjar.com https:\/\/static.hsappstatic.net https:\/\/js.hs-scripts.com https:\/\/app.hubspot.com https:\/\/www.google-analytics.com https:\/\/static.ads-twitter.com https:\/\/cdn.heapanalytics.com https:\/\/connect.facebook.net https:\/\/my.hellobar.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.hscollectedforms.net https:\/\/js.hsadspixel.net https:\/\/hsleadflows.net https:\/\/googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' https:\/\/static.hsappstatic.net https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/use.typekit.net https:\/\/cdn2.hubspot.net https:\/\/p.typekit.net https:\/\/fast.fonts.net https:\/\/px.ads.linkedin.com; object-src 'self'; font-src 'self' https:\/\/2562809.fs1.hubspotusercontent-na1.net https:\/\/cdnjs.cloudflare.com https:\/\/fonts.gstatic.com https:\/\/cdn2.hubspot.net https:\/\/use.typekit.net; connect-src 'self' https:\/\/forms.hscollectforms.net https:\/\/forms.hscollectforms.net https:\/\/js.hs-banner.com https:\/\/api.hubapi.com https:\/\/www.google-analytics.com https:\/\/*.hubspot.com https:\/\/stats.g.doubleclick.net https:\/\/forms.hscollectedforms.net; frame-src https:\/\/platform.twitter.com https:\/\/www.google.com","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com static.klaviyo.com *.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.reviews.io *.reviews.co.uk *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com test.authorize.net sandbox.authorize.net *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.certcapture.com *.reviews.io *.reviews.co.uk https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.weltpixel.com *.googletagmanager.com *.doubleclick.net www.xtento.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.certcapture.com *.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com *.authorize.net assets.secure.checkout.visa.com sandbox.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.facebook.com *.reddit.com *.googletagmanager.com *.doubleclick.net *.google.com www.xtento.com cdn.xtento.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.certcapture.com cdn.cookie-script.com *.reviews.io *.reviews.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com https:\/\/includes.ccdc02.com\/cardinalcruise\/v1\/songbird.js https:\/\/includestest.ccdc02.com\/cardinalcruise\/v1\/songbird.js https:\/\/includestest.ccdc02.com\/cardinalcruise\/v1\/0a125400b09de2105a63\/5.0a125400b09de2105a63.songbird.js https:\/\/includes.ccdc02.com\/cardinalcruise\/v1\/b109e0c6fd2a5b6b93b2\/1.b109e0c6fd2a5b6b93b2.songbird.js https:\/\/jstest.authorize.net\/v1\/Accept.js https:\/\/jstest.authorize.net\/v1\/AcceptCore.js https:\/\/js.authorize.net\/v1\/Accept.js https:\/\/js.authorize.net\/v1\/AcceptCore.js *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net www.xtento.com cdn.xtento.com https:\/\/cdn-scripts.signifyd.com https:\/\/cdn-scripts.signifyd.com\/api\/script-tag.js https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com *.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/static.klaviyo.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com https:\/\/www.laballey.com https:\/\/fonts.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com *.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/apitest.authorize.net\/xml\/v1\/request.api https:\/\/api.authorize.net\/xml\/v1\/request.api https:\/\/includes.ccdc02.com\/cardinalcruise\/v1\/songbird.js https:\/\/includestest.ccdc02.com\/cardinalcruise\/v1\/songbird.js https:\/\/includestest.ccdc02.com\/cardinalcruise\/v1\/0a125400b09de2105a63\/5.0a125400b09de2105a63.songbird.js https:\/\/includes.ccdc02.com\/cardinalcruise\/v1\/b109e0c6fd2a5b6b93b2\/1.b109e0c6fd2a5b6b93b2.songbird.js https:\/\/jstest.authorize.net\/v1\/Accept.js https:\/\/jstest.authorize.net\/v1\/AcceptCore.js https:\/\/js.authorize.net\/v1\/Accept.js https:\/\/js.authorize.net\/v1\/AcceptCore.js *.authorize.net assets.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" style-src-elem m2.staging.henrykrank.com.cfstack.com m2.dev.henrykrank.com.cfstack.com henrykrank.com www.henrykrank.com m2.dev.trade.henrykrank.com.cfstack.com m2.staging.trade.henrykrank.com.cfstack.com trade.henrykrank.com fonts.googleapis.com *.fontawesome.com fonts.bunny.net use.typekit.net p.typekit.net cdnjs.cloudflare.com cdn.jsdelivr.net cdn.doofinder.com cc-cdn.com static.klaviyo.com; font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.sagepay.com *.opayo.eu.elavon.com *.fontawesome.com https:\/\/fonts.bunny.net m2.staging.henrykrank.com.cfstack.com m2.dev.henrykrank.com.cfstack.com henrykrank.com www.henrykrank.com m2.dev.trade.henrykrank.com.cfstack.com m2.staging.trade.henrykrank.com.cfstack.com trade.henrykrank.com p.typekit.net fonts.bunny.net static.klaviyo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.stripe.com *.stripe.network *.google.com *.sagepay.com *.opayo.eu.elavon.com www.henrykrank.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.stripe.network *.link.com *.amazon.com *.google.com pay.google.com www.henrykrank.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.sagepay.com *.opayo.eu.elavon.com account.fetchify.com www.henrykrank.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io cdn.doofinder.com *.stripe.com *.stripe.network *.google.com ebizmarts-website.s3.amazonaws.com *.sagepay.com *.opayo.eu.elavon.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/firebasestorage.googleapis.com m2.staging.henrykrank.com.cfstack.com m2.dev.henrykrank.com.cfstack.com henrykrank.com www.henrykrank.com m2.dev.trade.henrykrank.com.cfstack.com m2.staging.trade.henrykrank.com.cfstack.com trade.henrykrank.com d3k81ch9hvuctc.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com cdn.doofinder.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.sagepay.com *.opayo.eu.elavon.com cc-cdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.shopify.com m2.staging.henrykrank.com.cfstack.com m2.dev.henrykrank.com.cfstack.com henrykrank.com www.henrykrank.com m2.dev.trade.henrykrank.com.cfstack.com m2.staging.trade.henrykrank.com.cfstack.com trade.henrykrank.com cdnjs.cloudflare.com cdn.jsdelivr.net eu1-config.doofinder.com trackcmp.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.doofinder.com *.stripe.network *.stripecdn.com *.amazon.com *.google.com *.sagepay.com *.opayo.eu.elavon.com cc-cdn.com https:\/\/static.klaviyo.com *.fontawesome.com https:\/\/fonts.bunny.net m2.staging.henrykrank.com.cfstack.com m2.dev.henrykrank.com.cfstack.com henrykrank.com www.henrykrank.com m2.dev.trade.henrykrank.com.cfstack.com m2.staging.trade.henrykrank.com.cfstack.com trade.henrykrank.com cdnjs.cloudflare.com cdn.jsdelivr.net use.typekit.net p.typekit.net cdn.doofinder.com static.klaviyo.com static-tracking.klaviyo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.henrykrank.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.doofinder.com wss:\/\/*.doofinder.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.sagepay.com *.opayo.eu.elavon.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk cc-cdn.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io m2.staging.henrykrank.com.cfstack.com m2.dev.henrykrank.com.cfstack.com henrykrank.com www.henrykrank.com m2.dev.trade.henrykrank.com.cfstack.com m2.staging.trade.henrykrank.com.cfstack.com trade.henrykrank.com api-js.datadome.co cdnjs.cloudflare.com 'self' 'unsafe-inline'; child-src www.henrykrank.com http: https: blob: 'self' 'unsafe-inline'; default-src www.henrykrank.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' *.thuis.nl *.camcammer.com *.sensemakers.com *.test.paysafe.com *.cloudflare.com *.exoclick.com cdn.pushcrew.com *.ingest.sentry.io *.paysafe.com *.google.com *.google.nl *.google.sr *.google.be *.google.gr *.google.fr *.google-analytics.com stats.g.doubleclick.net *.doubleclick.net *.slack-edge.com *.googletagmanager.com analytics.sensemakers.nl *.hotjar.com *.hotjar.io; connect-src 'self' 'unsafe-inline' 'unsafe-eval' wss:\/\/*.thuis.nl\/ wss:\/\/*.sensemakers.com wss:\/\/ws.hotjar.com\/ *.sensemakers.com stats.g.doubleclick.net *.ingest.sentry.io analytics.sensemakers.nl *.google.com *.google.nl *.google.sr *.google.be *.google.gr *.google.fr *.analytics.google.com stats.g.doubleclick.net *.hotjar.io *.hotjar.com *.test.paysafe.com *.paysafe.com *.thuis.nl *.google-analytics.com; img-src * 'self' data: https: blob: https; font-src * 'self' data:; report-uri https:\/\/analytics.sensemakers.nl\/csp\/","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.google.com www.google-analytics.com www.googleadservices.com *.googleapis.com map.googleapis.com maps.googleapis.com *.googletagmanager.com *.google.com.ua *.google.ca *.google.co.in *.adobe.com *.adobedtm.com *.crazyegg.com *.licdn.com *.facebook.net *.facebook.com *.zoominfo.com *.adsrvr.org *.cloudfront.net js.authorize.net *.authorize.net 'self' * 'self' data: data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com www.google-analytics.com www.googleadservices.com *.googleapis.com map.googleapis.com maps.googleapis.com *.googletagmanager.com *.google.com.ua *.google.ca *.google.co.in *.adobedtm.com *.crazyegg.com *.licdn.com *.facebook.net *.facebook.com *.zoominfo.com *.adsrvr.org *.doubleclick.net *.hubspot.com *.cloudfront.net js.authorize.net *.authorize.net *.4over.com 'self' 'self' 'unsafe-inline'; img-src *.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.google.com *.googleapis.com map.googleapis.com maps.googleapis.com *.googletagmanager.com *.google.com.ua *.google.ca *.google.co.in *.crazyegg.com *.licdn.com *.facebook.net *.facebook.com *.zoominfo.com *.adsrvr.org *.cloudfront.net js.authorize.net *.authorize.net 'self' * *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com map.googleapis.com maps.googleapis.com *.googletagmanager.com *.google.com.ua *.google.ca *.google.co.in *.crazyegg.com *.licdn.com *.facebook.net *.facebook.com *.zoominfo.com *.clickagy.com *.adsrvr.org *.hs-scripts.com *.hsleadflows.net *.hs-banner.com *.hsadspixel.net *.hs-analytics.net *.usemessages.com *.hubspotfeedback.com *.cloudfront.net js.authorize.net *.authorize.net *.4over.com 'self' *.hsforms.net *.hsforms.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.google.com www.google-analytics.com www.googleadservices.com *.googleapis.com map.googleapis.com maps.googleapis.com *.googletagmanager.com *.google.com.ua *.google.ca *.google.co.in *.adobedtm.com *.crazyegg.com *.licdn.com *.facebook.net *.facebook.com *.zoominfo.com *.adsrvr.org *.cloudfront.net js.authorize.net *.authorize.net 'self' * *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.google.com www.google-analytics.com www.googleadservices.com *.googleapis.com map.googleapis.com maps.googleapis.com *.googletagmanager.com *.google.com.ua *.google.ca *.google.co.in *.adobedtm.com *.crazyegg.com *.licdn.com *.facebook.net *.facebook.com *.zoominfo.com *.adsrvr.org *.cloudfront.net js.authorize.net *.authorize.net 'self' * 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.google-analytics.com *.googleapis.com map.googleapis.com maps.googleapis.com *.googletagmanager.com *.google.com.ua *.google.ca *.google.co.in *.adobe.com *.adobedtm.com *.crazyegg.com *.licdn.com *.facebook.net *.facebook.com *.zoominfo.com *.clickagy.com *.adsrvr.org *.linkedin.com *.hubspot.com *.hubapi.com *.trustpilot.com *.cloudfront.net js.authorize.net *.authorize.net *.4over.com 'self' t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ql-2uHKUGzFSBGS5kpZfQQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';img-src 'self' *.amplience.net *.bazaarvoice.com seescandies.a.bigcontent.io bat.bing.com api.bounceexchange.com assets.bounceexchange.com events.bouncex.net idr.cdnwidget.com pix.cdnwidget.com e.cdnwidget.com edge.curalate.com data: action.dstillery.com connect.facebook.net www.facebook.com gateway.foresee.com www.google.com analytics.google.com www.googleadservices.com storage.googleapis.com www.googletagmanager.com www.gstatic.com na.klarnaevt.com idpix.media6degrees.com *.online-metrix.net api.parcellab.com cdn.parcellab.com www.paypalobjects.com *.paypal.com sees.com *.sees.com *.signifyd.com idsync.rlcdn.com sees-candies-pwa-production.mobify-storefront.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bazaarvoice.com bat.bing.com blob: *.bounceexchange.com js.braintreegateway.com payments.braintree-api.com flex.cybersource.com applepay.cdn-apple.com *.cloudflareinsights.com runtime.commercecloud.com edge.curalate.com cdn.domdog.io action.dstillery.com connect.facebook.net gateway.foresee.com *.fullstory.com rs.fullstory.com storage.googleapis.com www.googletagmanager.com www.gstatic.com js.klarna.com *.klarnacdn.net credit.klarnacdn.net action.media6degrees.com *.online-metrix.net *.ordergroove.com cdn.parcellab.com *.paypal.com www.paypalobjects.com s.pinimg.com ct.pinterest.com sees.com *.sees.com sgtm.sees.com *.signifyd.com tr2.smarterhq.io ndn.statistinamics.com tag.wknd.ai js.zi-scripts.com cas.zma.gs https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/crypto-js\/ https:\/\/www.google.com\/recaptcha\/enterprise.js sees-candies-pwa-production.mobify-storefront.com;style-src 'self' 'unsafe-inline' *.amplience.net *.bazaarvoice.com display.ugc.bazaarvoice.com assets.bounceexchange.com *.klarnacdn.net cdn.parcellab.com sees.com *.sees.com;font-src 'self' data: *.klarnacdn.net www.paypalobjects.com www.gstatic.com;media-src 'self' data:;connect-src 'self' *.amplience.net *.bazaarvoice.com bat.bing.com assets.bounceexchange.com events.bouncex.net *.braintreegateway.com payments.braintree-api.com data.cdnbasket.net view.cdnbasket.net page.cdnbasket.net *.cdnbasket.com *.cdnwidget.com applepay.cdn-apple.com *.cloudflareinsights.com runtime.commercecloud.com edge.curalate.com cdn.domdog.io jsa-sees.domdog.io ad.doubleclick.net action.dstillery.com www.facebook.com connect.facebook.net gateway.foresee.com *.fullstory.com analytics.google.com www.google.com www.googleadservices.com www.googletagmanager.com js.klarna.com *.klarnacdn.net na.klarnaevt.com action.media6degrees.com offers.ordergroove.com *.parcellab.com *.paypal.com s.pinimg.com ct.pinterest.com sees.com *.sees.com sgtm.sees.com *.signifyd.com tr2.smarterhq.io tag.wknd.ai js.zi-scripts.com cas.zma.gs ws.zoominfo.com;frame-src 'self' *.bazaarvoice.com assets.bounceexchange.com *.braintreegateway.com flex.cybersource.com 10375605.fls.doubleclick.net www.facebook.com www.google.com *.klarna.com h.online-metrix.net *.paypal.com ct.pinterest.com sees.com *.sees.com sgtm.sees.com imgs.signifyd.com;frame-ancestors 'self' runtime.commercecloud.com;worker-src 'self' blob: sees.com *.sees.com;form-action 'self' api.bazaarvoice.com www.facebook.com;object-src 'none';manifest-src 'self' sees.com *.sees.com;report-uri https:\/\/csp-sees.domdog.io\/report-uri\/sees.com\/3\/1-1","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/www.googleadservices.com https:\/\/static.ads-twitter.com https:\/\/*.google.com https:\/\/*.google.be https:\/\/*.cloudflareinsights.com https:\/\/*.freshworks.com https:\/\/*.tiktok.com https:\/\/*.tiktokw.us https:\/\/*.zzgtech.com https:\/\/*.facebook.net https:\/\/widget.trustpilot.com https:\/\/*.ssevt.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google-analytics.com https:\/\/*.facebook.com https:\/\/*.googletagmanager.com https:\/\/*.signalsight.io https:\/\/cdn.jsdelivr.net https:\/\/kit.fontawesome.com https:\/\/*.pinimg.com https:\/\/ct.pinterest.com 'unsafe-inline'; img-src 'self' data: https:\/\/*.zzgtech.com https:\/\/*.pinterest.com https:\/\/*.tiktok.com https:\/\/*.tiktokw.us https:\/\/*.facebook.net https:\/\/*.ssevt.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google-analytics.com https:\/\/*.facebook.com https:\/\/*.googletagmanager.com https:\/\/*.signalsight.io https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/analytics.twitter.com https:\/\/t.co https:\/\/*.google.com https:\/\/*.google.be; font-src 'self' https:\/\/*.bootstrapcdn.com https:\/\/*.sc-static.net https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.fontawesome.com; style-src 'self' https:\/\/*.freshworks.com https:\/\/*.signalsight.io https:\/\/signalsight.io https:\/\/*.fontawesome.com https:\/\/*.bootstrapcdn.com https:\/\/*.googleapis.com 'unsafe-inline'; connect-src 'self' https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/*.freshworks.com https:\/\/*.zzgtech.com https:\/\/*.tiktok.com https:\/\/*.tiktokw.us https:\/\/*.facebook.net https:\/\/*.ssevt.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google-analytics.com https:\/\/*.facebook.com https:\/\/*.googletagmanager.com https:\/\/*.signalsight.io https:\/\/*.fontawesome.com https:\/\/*.pinterest.com https:\/\/*.google.com https:\/\/*.google.be https:\/\/analytics.twitter.com https:\/\/t.co; frame-src 'self' https:\/\/www.googleadservices.com https:\/\/widget.trustpilot.com https:\/\/www.googletagmanager.com https:\/\/*.zzgtech.com https:\/\/*.pinterest.com https:\/\/*.google.com https:\/\/*.google.be; form-action 'self'; frame-ancestors *.signalsight.io;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'nonce-UBO2hCdGSowkJnv1Y6q1_tKVp_lXs6q2'; base-uri 'none'","count":1},{"content-security-policy-report-only":" script-src       'self'       'report-sample'       'unsafe-inline'       'unsafe-eval'       *.zohocdn.com       static.zohocdn.com.cn       *.zohostatic.com       *.zohowebstatic.com       dre.zoho.com       salesiq.zoho.in       creator.zoho.com       desk.zoho.in       js.zohostatic.in       cdn.pagesense.io       live.zwidgets.com       zapier.com       cdn.zapier.com       www.googletagmanager.com       www.google-analytics.com       www.recaptcha.net       www.gstatic.com;       script-src-elem       'self'       'report-sample'       *.zohocdn.com       static.zohocdn.com.cn       *.zohostatic.com       *.zohowebstatic.com       dre.zoho.com       salesiq.zoho.in       creator.zoho.com       desk.zoho.in       js.zohostatic.in       cdn.pagesense.io       live.zwidgets.com       zapier.com       cdn.zapier.com       www.googletagmanager.com       www.google-analytics.com       www.recaptcha.net       www.gstatic.com;       script-src-attr       'report-sample'       'unsafe-inline';       report-uri https:\/\/logsapi.zoho.com\/csplog?service=creator;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.thechronicle.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.zma.gs *.devhec.com *.abtasty.com abtasty.com api-data-connector.abtasty.com ariane.abtasty.com assets-manager.abtasty.com common-fonts.abtasty.com dcinfos-cache.abtasty.com try.abtasty.com *.ipredictive.com ipredictive.com adlucent.com deepsearch.adlucent.com *.everesttech.net everesttech.net *.typekit.net typekit.net amazonaws.com execute-api.us-west-2.amazonaws.com us-east-2.amazonaws.com socialannex.com *.adnxs.com adnxs.com *.auryc.com auryc.com *.bidr.io prod.bidr.io *.bing.com *.bing.net bat.bing.net bing.com *.brxcdn.com brxcdn.com *.btttag.com btttag.com *.builder.io builder.io *.cloudflare.com *.cloudflareinsights.com cdnfonts.com cloudflare.com cloudflareinsights.com *.cloudfront.net cloudfront.net *.cloudinary.com cloudinary.com *.cnstrc.com cnstrc.com *.contentsquare.net bf.contentsquare.net contentsquare.net hj.contentsquare.net *.criteo.com criteo.com *.delighted.com delighted.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.dstillery.com dstillery.com media6degrees.com *.facebook.com *.facebook.net facebook.com facebook.net *.getfastr.com getfastr.com *.iesnare.com iesnare.com *.google.com *.googlesyndication.com *.gstatic.com analytics.google.com google.bg google.bs google.ca google.ch google.co.cr google.co.il google.co.in google.co.jp google.co.th google.co.uk google.co.vi google.co.za google.com google.com.ar google.com.au google.com.br google.com.bz google.com.co google.com.eg google.com.hk google.com.mx google.com.my google.com.ng google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.sa google.com.sg google.com.sv google.com.tr google.com.tw google.de google.es google.fr google.hn google.hr google.ie google.it google.nl google.pt google.ro google.sc google.se google.sk google.tt googlesyndication.com gstatic.com *.googleadservices.com googleadservices.com *.googleapis.com googleapis.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.fsastore.com *.hsastore.com *.welldeservedhealth.com fsastore.com hsastore.com welldeservedhealth.com *.heap-api.com *.heapanalytics.com heap-api.com heapanalytics.com us.heap-api.com ip-api.com *.izooto.com izooto.com jquery.com listrak.com listrakbi.com *.liadm.com liadm.com *.pcapredict.com *.postcodeanywhere.co.uk pcapredict.com bing.net *.clarity.ms mountain.com *.northbeam.io northbeam.io *.oursprivacy.com oursprivacy.com *.paypalobjects.com paypalobjects.com *.pepperjam.com *.pepperjamnetwork.com pepperjam.com pepperjamnetwork.com *.pinimg.com *.pinterest.com pinimg.com pinterest.com *.pdst.fm *.powerreviews.com powerreviews.com *.riskified.com riskified.com disstg.commercecloud.salesforce.com *.segment.com *.segment.io segment.com segment.io ingest.sentry.io *.spotify.com *.mobify-storefront.com mobify-storefront.com alocdn.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com acsbapp.com postcodeanywhere.co.uk telemetry.vaultdcr.com zma.gs *.vaultdcr.com *.youtube.com *.ytimg.com youtube.com ytimg.com *.zdassets.com *.zendesk.com zdassets.com zendesk.com zopim.com *.zmags.com *.zmags.workers.dev creator-prod.zmags.com zmags.com zmags.workers.dev *.hsastore.com; frame-ancestors capacitor:\/\/localhost;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; object-src 'none'; report-to stott-security-endpoint;","count":1},{"content-security-policy-report-only":" base-uri 'self';script-src 'self' *.aliyun.com *.alicdn.com *.qwen.ai *.alibaba.com googleads.g.doubleclick.net www.googletagmanager.com www.google.com *.cloudflare.com appleid.cdn-apple.com 'unsafe-inline' 'unsafe-eval' 'report-sample' https: http: 'nonce-TzKuClCmRDDML-3dC5B_Ag' 'Strict-Dynamic' 'unsafe-hashes';frame-src 'self' *.aliyun.com *.alicdn.com td.doubleclick.net *.alibaba-inc.com qwenlm.io *.alibabacloud.com www.googletagmanager.com www.google.com *.cloudflare.com appleid.cdn-apple.com;worker-src blob: 'self' *.alicdn.com assets.alicdn.com;object-src 'none';frame-ancestors 'self' *.qwen.ai;report-uri \/report-csp","count":1},{"content-security-policy-report-only":" frame-ancestors 'none'; report-uri \/csp_logger\/;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-zyNbO8Yyy1mijGtJUiAdfw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src https:\/\/fonts.gstatic.com userlike-cdn-umm.b-cdn.net *.gstatic.com data: *.cloudfront.net *.mey.com app.usercentrics.eu 'self';form-action secure.authorize.net pilot-payflowlink.paypal.com www.facebook.com 'self' 'unsafe-inline';frame-ancestors https:\/\/*.etracker.com www.gstatic.com 'self';frame-src *.google.com vimeo.com charger-v2.trbo.com static.trbo.com track2.trbo.com collect.trbo.com https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net *.youtube-nocookie.com https:\/\/collect.mey.com https:\/\/*.criteo.com userlike-cdn-umm.b-cdn.net userlike-cdn-widgets.s3-eu-west-1.amazonaws.com api.userlike.com https:\/\/static.criteo.net *.zenaps.com *.awin1.com bid.g.doubleclick.net ct.pinterest.com www.awin1.com fast.amc.demdex.net *.adobe.com secure.authorize.net www.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.adyen.com www.google.com ad.ad-srv.net *.adsrvr.org *.fls.doubleclick.net www.facebook.com opt.kuponacdn.de gum.criteo.com pixel.mathtag.com pp.payengine.de checkoutshopper.adyen.com\/ 'self' 'unsafe-inline';img-src *.google.at *.3lift.com ad.360yield.com *.adfarm1.adition.com *.adition.com *.adnxs.com *.adobe.com *.adscale.de ads.creative-serving.com *.ad.smaato.net ad.sxp.smartclip.net ads.yahoo.com *.adyen.com ad.yieldlab.net aggregator.service.usercentrics.eu amcglobal.sc.omtrdc.net api.usercentrics.eu app.usercentrics.eu assets.adobedtm.com *.awin1.com bat.bing.com beacon.krxd.net *.behance.net *.bidswitch.net *.bing.com *.casalemedia.com *.cdninstagram.com cdn.stickyadstv.com checkoutshopper.adyen.com\/ *.clarity.ms *.cloudfront.net cm.adform.net cm.everesttech.net collect.trbo.com contextual.media.net cotads.adscale.de *.criteo.com criteo-partners.tremorhub.com criteo-sync.teads.tv ct.pinterest.com *.doubleclick.net dpm.demdex.net *.emxdgt.com exchange.mediavine.com fpdbs.paypal.com *.ftcdn.net *.g.doubleclick.net googleads.g.doubleclick.net *.googleapis.com *.google.com *.google.de *.googleusercontent.com *.gstatic.com https:\/\/*.google.ch https:\/\/*.google.nl https:\/\/googleads.g.doubleclick.net https:\/\/*.googleapis.com https:\/\/google.com https:\/\/*.gstatic.com https:\/\/*.outbrain.com https:\/\/pagead2.googlesyndication.com https:\/\/*.roeye.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.wepowerconnections.com id5-sync.com i.ytimg.com *.liadm.com matching.ivitrack.com match.sharethrough.com *.mey.com *.pinterest.com pixel.mathtag.com pixel.rubiconproject.com *.pubmatic.com *.smartadserver.com sp.analytics.yahoo.com static.trbo.com stats.g.doubleclick.net s.thebrighttag.com *.stickyadstv.com sync-criteo.ads.yieldmo.com sync.outbrain.com *.taboola.com t.paypal.com track2.trbo.com *.twiago.com *.uimserv.net ups.analytics.yahoo.com *.usercentrics.eu userlike-cdn-operators.s3-eu-west-1.amazonaws.com userlike-cdn-operators.userlike.com userlike-cdn-web.b-cdn.net userlike-store-media-files.s3.amazonaws.com *.vimeocdn.com visitor.omnitagjs.com widgets.magentocommerce.com www.awin1.com www.etracker.de www.facebook.com www.googleadservices.com www.google-analytics.com www.google.com www.google.de www.googletagmanager.com www.paypal.com www.paypalobjects.com www.userlike.com *.zenaps.com 'self';script-src *.adform.net *.adnxs.com *.adobe.com *.adyen.com api.userlike.com api-v4.trbo.com app.theadx.com app.usercentrics.eu assets.adobedtm.com *.awin1.com bam.eu01.nr-data.net bam.nr-data.net bat.bing.com browser.sentry-cdn.com browser-update.org cdn.polyfill.io charger-v2.trbo.com *.clarity.ms *.cloudfront.net collect.mey.com connect.facebook.net ct.pinterest.com *.dt51.net *.etracker.com *.etracker.de googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com *.google.de *.googletagmanager.com *.googleusercontent.com *.gstatic.com https:\/\/*.criteo.com https:\/\/*.ggpht.com https:\/\/googleads.g.doubleclick.net https:\/\/*.googleapis.com https:\/\/googletagmanager.com https:\/\/*.gstatic.com https:\/\/*.outbrain.com https:\/\/pagead2.googlesyndication.com https:\/\/*.roeyecdn.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/www.googletagmanager.com jquery.sellxed.com js.adsrvr.org js-agent.newrelic.com js.braintreegateway.com *.kuponacdn.de mastertag.kpcustomer.de *.mey.com opt.kuponacdn.de pixel.mathtag.com platform.instagram.com player.vimeo.com secure.authorize.net s.pinimg.com sslwidget.criteo.com static.criteo.net static.shopgate.com static.trbo.com s.ytimg.com tagmanager.google.com the.sciencebehindecommerce.com t.paypal.com *.usercentrics.eu userlike-cdn-umm.b-cdn.net userlike-cdn-widgets.s3-eu-west-1.amazonaws.com *.vimeocdn.com vimeo.com www.awin1.com www.dwin1.com www.googleadservices.com www.google-analytics.com www.googleapis.com www.google.com www.googleoptimize.com www.gstatic.com www.instagram.com www.paypal.com www.paypalobjects.com www.vimeo.com *.zenaps.com 'self' 'unsafe-inline' 'unsafe-eval';style-src https:\/\/fonts.googleapis.com static.trbo.com https:\/\/tagmanager.google.com https:\/\/googletagmanager.com https:\/\/www.googletagmanager.com *.adobe.com fonts.googleapis.com *.usercentrics.eu *.cloudfront.net *.mey.com *.googleapis.com *.gstatic.com app.usercentrics.eu 'self' 'unsafe-inline';object-src 'self' 'unsafe-inline';media-src *.cdninstagram.com www.userlike.com userlike-store-media-files.s3.amazonaws.com userlike-cdn-umm.b-cdn.net *.adobe.com blob: 'self' 'unsafe-inline';manifest-src 'self' 'unsafe-inline';connect-src https:\/\/*.gstatic.com https:\/\/*.googleapis.com www.instagram.com platform.instagram.com *.cdninstagram.com data.trbo.com newsletter-api.trbo.com api-v4.trbo.com *.snplow.net commerce.adobedc.net *.adobe.io https:\/\/www.google.com https:\/\/google.com https:\/\/www.googleadservices.com https:\/\/pagead2.googlesyndication.com https:\/\/player.vimeo.com vimeo.com http:\/\/bat.bing.net https:\/\/*.outbrain.com www.userlike.com userlike-cdn-web.b-cdn.net umd.userlike.com wss:\/\/umd.userlike.com ct.pinterest.com https:\/\/*.etracker.de https:\/\/*.criteo.com https:\/\/*.wepowerconnections.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.de https:\/\/*.google.ch https:\/\/*.google.nl https:\/\/*.google.at https:\/\/collect.mey.com https:\/\/*.googletagmanager.com *.addressy.com maps.googleapis.com userlike-cdn-umm.b-cdn.net api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com sentry.mey.netz98.org eu-api.friendlycaptcha.eu www.etracker.de www.facebook.com www.clarity.ms dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.paypalobjects.com www.paypal.com *.adyen.com stats.g.doubleclick.net mey.dvinci-hr.com bam.eu01.nr-data.net the.sciencebehindecommerce.com *.usercentrics.eu bat.bing.com *.pinterest.com *.google-analytics.com *.maps.googleapis.com *.mey.com *.cloudfront.net *.clarity.ms www.googletagmanager.com api.usercentrics.eu aggregator.service.usercentrics.eu blob: 'self'  'unsafe-inline';child-src userlike-cdn-umm.b-cdn.net userlike-cdn-widgets.s3-eu-west-1.amazonaws.com api.userlike.com http: https: blob: 'self' 'unsafe-inline';default-src https:\/\/*.outbrain.com https:\/\/*.clarity.ms https:\/\/c.bing.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval';base-uri 'self' 'unsafe-inline';report-uri https:\/\/sentry.mey.netz98.org\/api\/2\/security\/?sentry_key=81ac2c0efc304bedbb370dc8e745b346&sentry_environment=production;report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.dm.cz https:\/\/mpsnare.iesnare.com https:\/\/omt.dm.cz https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.dm.cz https:\/\/www.google.com https:\/\/www.gstatic.com; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.dm.cz https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.dm.cz https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.dm.cz https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.dm.cz https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.dm.cz; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.dm.cz https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.dm.cz https:\/\/app.datadoghq.eu https:\/\/checkout.dm.cz https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.dm.cz https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.dm.cz https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.dm.cz https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.dm.cz https:\/\/player.podigee-cdn.net https:\/\/sandbox.om.dm.cz https:\/\/signin.dm.cz https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.dm.cz; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com *.cloudflare.com *.typekit.net *.trustedshops.com *.fontawesome.com fonts.gstatic.com https:\/\/fonts.bunny.net *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * www.google.com youtu.be *.vimeo.com *.addthis.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com js.mollie.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.googleapis.com *.gstatic.com https:\/\/images.unsplash.com *.cloudflare.com https:\/\/cdn.klarna.com https:\/\/s.ytimg.com *.usercentrics.eu blob: magefan.com cm.magefan.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.doubleclick.net *.googletagmanager.com https:\/\/firebasestorage.googleapis.com *.alothemes.com *.magepow.com https:\/\/www.mollie.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.cloudflare.com *.google-analytics.com *.google.com *.googleadservices.com *.trustedshops.com *.usercentrics.eu *.addthis.com *.addthisedge.com *.moatads.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com *.doubleclick.net *.avada.io *.shopify.com *.alothemes.com *.magepow.com js.mollie.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.maxmind.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline assets.braintreegateway.com fonts.googleapis.com *.cloudflare.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.googleapis.com *.googletagmanager.com *.fontawesome.com https:\/\/fonts.bunny.net *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.googleapis.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.cloudflare.com *.google-analytics.com *.doubleclick.net *.googlesyndication.com https:\/\/www.merchant-center-analytics.goog https:\/\/get.geojs.io *.avada.io *.alothemes.com *.magepow.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.mmapiws.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-NCgxFveLrdAvUAyd32mADA' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/tagmanager.google.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: blob: https:\/\/big-reward-5b88d17b18.strapiapp.com; font-src 'self' data:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/*.amplitude.com https:\/\/big-reward-5b88d17b18.strapiapp.com https:\/\/www.app.lorka.ai; frame-src 'self' https:\/\/www.googletagmanager.com; media-src 'self' https:\/\/big-reward-5b88d17b18.strapiapp.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https:\/\/big-reward-5b88d17b18.strapiapp.com; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: fonts.googleapis.com fonts.gstatic.com *.fontawesome.com * *.cloudflare.com *.twitter.com *.typekit.net *.twimg.com *.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.twitter.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.dotdigital-pages.com *.dotdigital.com www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.twitter.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net data: www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.gstatic.com *.googleapis.com *.trackedlink.net maps.googleapis.com maps.gstatic.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com gateway.apaylater.com gateway.atome.sg ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com *.facebook.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal maps.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ maps.gstatic.com fonts.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com gateway.apaylater.com gateway.atome.sg cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com *.googletagmanager.com *.facebook.net *.avada.io https:\/\/*.googletagmanager.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline assets.braintreegateway.com fonts.googleapis.com gateway.apaylater.com gateway.atome.sg cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com downloads.mailchimp.com *.fontawesome.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.googleapis.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com webchat.dotdigital.com webchat.staging.dotdigital.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com *.google-analytics.com https:\/\/get.geojs.io *.avada.io https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com *.cloudflare.com *.twitter.com *.twimg.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri http:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.onsolve.com https:\/\/onsolve.com https:\/\/*.onsolve.net https:\/\/onsolve.net https:\/\/*.onsolve.eu https:\/\/onsolve.eu https:\/\/*.worldtravelprotection.com  https:\/\/*.datadoghq-browser-agent.com https:\/\/*.ddog-gov-browser-agent.com https:\/\/*.quicksight.aws.amazon.com  https:\/\/*.gstatic.com https:\/\/*.arcgisonline.com https:\/\/*.stabilitas.io https:\/\/*.svstaging.net https:\/\/*.arcgis.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.mapbox.com https:\/\/*.googletagmanager.com  https:\/\/*.bugsnag.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-ddog-gov.com  wss:\/\/*.svstaging.net wss:\/\/*.onsolve.com wss:\/\/onsolve.com wss:\/\/*.onsolve.net wss:\/\/onsolve.net wss:\/\/*.onsolve.eu wss:\/\/onsolve.eu https:\/\/*.s3.amazonaws.com https:\/\/*.cloudfront.net  https:\/\/*.walkme.com https:\/\/s3.walkmeusercontent.com  https:\/\/*.openstreetmap.org https:\/\/*.cartocdn.com https:\/\/*.maptiler.com; base-uri 'none'; object-src 'none'; connect-src 'self' https:\/\/*.onsolve.com https:\/\/onsolve.com https:\/\/*.onsolve.net https:\/\/onsolve.net https:\/\/*.onsolve.eu https:\/\/onsolve.eu https:\/\/*.worldtravelprotection.com  https:\/\/*.datadoghq-browser-agent.com https:\/\/*.ddog-gov-browser-agent.com https:\/\/*.quicksight.aws.amazon.com  https:\/\/*.gstatic.com https:\/\/*.arcgisonline.com https:\/\/*.stabilitas.io https:\/\/*.svstaging.net https:\/\/*.arcgis.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.mapbox.com https:\/\/*.googletagmanager.com  https:\/\/*.bugsnag.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-ddog-gov.com  wss:\/\/*.svstaging.net wss:\/\/*.onsolve.com wss:\/\/onsolve.com wss:\/\/*.onsolve.net wss:\/\/onsolve.net wss:\/\/*.onsolve.eu wss:\/\/onsolve.eu https:\/\/*.s3.amazonaws.com https:\/\/*.cloudfront.net  https:\/\/*.walkme.com https:\/\/s3.walkmeusercontent.com  https:\/\/*.openstreetmap.org https:\/\/*.cartocdn.com https:\/\/*.maptiler.com  https:\/\/*.onsolvestack-useast1.onsolve.com https:\/\/*.ocp.onsolve.net https:\/\/*.ocp.onsolve.eu https:\/\/*.integration-configuration.com https:\/\/api.twitter.com; worker-src 'self' blob: https:\/\/*.onsolve.com https:\/\/onsolve.com https:\/\/*.onsolve.net https:\/\/onsolve.net https:\/\/*.onsolve.eu https:\/\/onsolve.eu https:\/\/*.worldtravelprotection.com  https:\/\/*.datadoghq-browser-agent.com https:\/\/*.ddog-gov-browser-agent.com https:\/\/*.quicksight.aws.amazon.com  https:\/\/*.gstatic.com https:\/\/*.arcgisonline.com https:\/\/*.stabilitas.io https:\/\/*.svstaging.net https:\/\/*.arcgis.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.mapbox.com https:\/\/*.googletagmanager.com  https:\/\/*.bugsnag.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-ddog-gov.com  wss:\/\/*.svstaging.net wss:\/\/*.onsolve.com wss:\/\/onsolve.com wss:\/\/*.onsolve.net wss:\/\/onsolve.net wss:\/\/*.onsolve.eu wss:\/\/onsolve.eu https:\/\/*.s3.amazonaws.com https:\/\/*.cloudfront.net  https:\/\/*.walkme.com https:\/\/s3.walkmeusercontent.com  https:\/\/*.openstreetmap.org https:\/\/*.cartocdn.com https:\/\/*.maptiler.com; font-src 'self' data: https:\/\/*.onsolve.com https:\/\/onsolve.com https:\/\/*.onsolve.net https:\/\/onsolve.net https:\/\/*.onsolve.eu https:\/\/onsolve.eu https:\/\/*.worldtravelprotection.com  https:\/\/*.datadoghq-browser-agent.com https:\/\/*.ddog-gov-browser-agent.com https:\/\/*.quicksight.aws.amazon.com  https:\/\/*.gstatic.com https:\/\/*.arcgisonline.com https:\/\/*.stabilitas.io https:\/\/*.svstaging.net https:\/\/*.arcgis.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.mapbox.com https:\/\/*.googletagmanager.com  https:\/\/*.bugsnag.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-ddog-gov.com  wss:\/\/*.svstaging.net wss:\/\/*.onsolve.com wss:\/\/onsolve.com wss:\/\/*.onsolve.net wss:\/\/onsolve.net wss:\/\/*.onsolve.eu wss:\/\/onsolve.eu https:\/\/*.s3.amazonaws.com https:\/\/*.cloudfront.net  https:\/\/*.walkme.com https:\/\/s3.walkmeusercontent.com  https:\/\/*.openstreetmap.org https:\/\/*.cartocdn.com https:\/\/*.maptiler.com;img-src 'self' data: blob: https:\/\/*.onsolve.com https:\/\/onsolve.com https:\/\/*.onsolve.net https:\/\/onsolve.net https:\/\/*.onsolve.eu https:\/\/onsolve.eu https:\/\/*.worldtravelprotection.com  https:\/\/*.datadoghq-browser-agent.com https:\/\/*.ddog-gov-browser-agent.com https:\/\/*.quicksight.aws.amazon.com  https:\/\/*.gstatic.com https:\/\/*.arcgisonline.com https:\/\/*.stabilitas.io https:\/\/*.svstaging.net https:\/\/*.arcgis.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.mapbox.com https:\/\/*.googletagmanager.com  https:\/\/*.bugsnag.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-ddog-gov.com  wss:\/\/*.svstaging.net wss:\/\/*.onsolve.com wss:\/\/onsolve.com wss:\/\/*.onsolve.net wss:\/\/onsolve.net wss:\/\/*.onsolve.eu wss:\/\/onsolve.eu https:\/\/*.s3.amazonaws.com https:\/\/*.cloudfront.net  https:\/\/*.walkme.com https:\/\/s3.walkmeusercontent.com  https:\/\/*.openstreetmap.org https:\/\/*.cartocdn.com https:\/\/*.maptiler.com; style-src 'self' 'unsafe-inline' https:\/\/*.onsolve.com https:\/\/onsolve.com https:\/\/*.onsolve.net https:\/\/onsolve.net https:\/\/*.onsolve.eu https:\/\/onsolve.eu https:\/\/*.worldtravelprotection.com  https:\/\/*.datadoghq-browser-agent.com https:\/\/*.ddog-gov-browser-agent.com https:\/\/*.quicksight.aws.amazon.com  https:\/\/*.gstatic.com https:\/\/*.arcgisonline.com https:\/\/*.stabilitas.io https:\/\/*.svstaging.net https:\/\/*.arcgis.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.mapbox.com https:\/\/*.googletagmanager.com  https:\/\/*.bugsnag.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-ddog-gov.com  wss:\/\/*.svstaging.net wss:\/\/*.onsolve.com wss:\/\/onsolve.com wss:\/\/*.onsolve.net wss:\/\/onsolve.net wss:\/\/*.onsolve.eu wss:\/\/onsolve.eu https:\/\/*.s3.amazonaws.com https:\/\/*.cloudfront.net  https:\/\/*.walkme.com https:\/\/s3.walkmeusercontent.com  https:\/\/*.openstreetmap.org https:\/\/*.cartocdn.com https:\/\/*.maptiler.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.onsolve.com https:\/\/onsolve.com https:\/\/*.onsolve.net https:\/\/onsolve.net https:\/\/*.onsolve.eu https:\/\/onsolve.eu https:\/\/*.worldtravelprotection.com  https:\/\/*.datadoghq-browser-agent.com https:\/\/*.ddog-gov-browser-agent.com https:\/\/*.quicksight.aws.amazon.com  https:\/\/*.gstatic.com https:\/\/*.arcgisonline.com https:\/\/*.stabilitas.io https:\/\/*.svstaging.net https:\/\/*.arcgis.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.mapbox.com https:\/\/*.googletagmanager.com  https:\/\/*.bugsnag.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-ddog-gov.com  wss:\/\/*.svstaging.net wss:\/\/*.onsolve.com wss:\/\/onsolve.com wss:\/\/*.onsolve.net wss:\/\/onsolve.net wss:\/\/*.onsolve.eu wss:\/\/onsolve.eu https:\/\/*.s3.amazonaws.com https:\/\/*.cloudfront.net  https:\/\/*.walkme.com https:\/\/s3.walkmeusercontent.com  https:\/\/*.openstreetmap.org https:\/\/*.cartocdn.com https:\/\/*.maptiler.com; frame-src 'self' https:\/\/*.onsolve.com https:\/\/onsolve.com https:\/\/*.onsolve.net https:\/\/onsolve.net https:\/\/*.onsolve.eu https:\/\/onsolve.eu https:\/\/*.worldtravelprotection.com  https:\/\/*.datadoghq-browser-agent.com https:\/\/*.ddog-gov-browser-agent.com https:\/\/*.quicksight.aws.amazon.com  https:\/\/*.gstatic.com https:\/\/*.arcgisonline.com https:\/\/*.stabilitas.io https:\/\/*.svstaging.net https:\/\/*.arcgis.com  https:\/\/*.google-analytics.com https:\/\/*.googleapis.com https:\/\/*.mapbox.com https:\/\/*.googletagmanager.com  https:\/\/*.bugsnag.com https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-ddog-gov.com  wss:\/\/*.svstaging.net wss:\/\/*.onsolve.com wss:\/\/onsolve.com wss:\/\/*.onsolve.net wss:\/\/onsolve.net wss:\/\/*.onsolve.eu wss:\/\/onsolve.eu https:\/\/*.s3.amazonaws.com https:\/\/*.cloudfront.net  https:\/\/*.walkme.com https:\/\/s3.walkmeusercontent.com  https:\/\/*.openstreetmap.org https:\/\/*.cartocdn.com https:\/\/*.maptiler.com  https:\/\/*.onsolvestack-useast1.onsolve.com https:\/\/*.ocp.onsolve.net https:\/\/*.ocp.onsolve.eu https:\/\/*.integration-configuration.com https:\/\/api.twitter.com; frame-ancestors 'self'; form-action 'self'  https:\/\/*.onsolvestack-useast1.onsolve.com https:\/\/*.ocp.onsolve.net https:\/\/*.ocp.onsolve.eu https:\/\/*.integration-configuration.com https:\/\/api.twitter.com; report-uri \/csp-violation-report;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' adform.net *.adform.net betano.bg *.betano.bg betano.com *.betano.com betgenius.com *.betgenius.com cloudflare.com *.cloudflare.com cookielaw.org *.cookielaw.org facebook.net *.facebook.net fullstory.com *.fullstory.com gmlinteractive.com *.gmlinteractive.com creativecdn.com *.creativecdn.com googletagmanager.com *.googletagmanager.com kaizengaming.com *.kaizengaming.com kameleoon.eu *.kameleoon.eu optimove.net *.optimove.net sportradar.com *.sportradar.com stoiximan.com.cy *.stoiximan.com.cy cloudflareinsights.com *.cloudflareinsights.com app.delivery *.app.delivery lgrckt-in.com *.lgrckt-in.com tostarsbuilding.com *.tostarsbuilding.com *.bing.com *.taboola.com *.geocomply.com *.kameleoon.io *.ads-twitter.com *.google-analytics.com *.jsdelivr.net *.kwai.net *.clarity.ms *.greencolumnart.com *.adalyser.com *.performgroup.com *.scoutgg.net *.sportradarserving.com *.pa4r.com *.brandinsight.tech res-odx.op-mobile.opera.com *.bannerflow.net *.facebook.com *.cloudfront.net *.maze.co; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=fEGOZHc3FAwMoWTJUjMz1xX6EkwmcMf0j3.j1GqR3lY-1778729112.6801453-1.0.1.1-7V5Aphv7MasAT3sxXOyysnOgFfQwc._QZWx6e3Q50b683nNaNrdlZdBN7gmB7JqKgV.VMLzwb09D3u7nRLw56_pc8oFq7k6ytydlxgRn7TgP54vPgr4kqkCpNE2cAUqITVONilQfAUFayVV49XNTAvVzFftaNQZDVy4KaoBycjJluDIKKT6GoqKl1J5fW2CWiVKkOw.WE8.1tjb_jZ71AQ; report-to cf-mxmwwoyljfpbydxp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' *.andrew.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; img-src 'self' data: https:; font-src 'self' data: https:; style-src 'self' 'unsafe-inline' https:; script-src 'self' https:; connect-src 'self' https:;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/js.stripe.com https:\/\/www.google-analytics.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com; img-src 'self' data: blob: https:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/api.stripe.com https:\/\/sockjs.pusher.com wss: ws:; frame-src https:\/\/js.stripe.com https:\/\/hooks.stripe.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" base-uri 'none';   connect-src     'self'     analytics-ipv6.tiktokw.us     api.ldnfrpl.com     api.leadinfo.com     c.ba.contentsquare.net     cdn.cookielaw.org     collector.leadinfo.net     collector4.leadinfo.net     *.bing.com     *.bing.net     *.brightsg.com     *.clarity.ms     *.cloudflare.com     *.doubleclick.net     *.facebook.com     *.google-analytics.com     *.google.com     *.googleapis.com     *.googletagmanager.com     *.googlesyndication.com     *.hotjar.com     *.hotjar.io     *.hubapi.com     *.hubspot.com     *.linkedin.com     *.onetrust.com     *.reddit.com     *.redditstatic.com     *.tiktok.com     sentry.io     wss:\/\/ws.hotjar.com;   default-src 'none';   font-src     https:     data:;   form-action     'self'     *.hsforms.com     shop.ie.brightsg.com;   frame-ancestors 'self';   frame-src     'self'     *.cloudflare.com     *.google.com     *.googletagmanager.com     *.hs-sites-eu1.com     *.hs-sites.com     *.hsforms.com     *.hubspot.com     *.jotform.com     *.vimeo.com     *.youtube.com;   img-src     https:     data:     blob:;   media-src     https:     data:;   object-src 'none';   prefetch-src     'self'     https:;   script-src     'self'     'unsafe-inline'    brightsg.referralrock.com     cdn.cookielaw.org     cdn.ldnfrpl.com     cdn.leadinfo.net     *.bing.com     *.bing.net     *.brightsg.com     *.capterra.com     *.clarity.ms     *.cloudflare.com     *.doubleclick.net     *.facebook.com     *.facebook.net     *.google-analytics.com     *.google.com     *.googleadservices.com     *.googletagmanager.com     *.googlesyndication.com     *.gstatic.com     *.hotjar.com     *.hotjar.io     *.hs-analytics.net     *.hs-banner.com     *.hs-scripts.com     *.hsadspixel.net     *.hsforms.net     *.hubapi.com     *.hubspot.com     *.jotform.com     *.licdn.com     *.linkedin.com     *.tiktok.com;   script-src-attr     'unsafe-inline';   style-src     'self'     'unsafe-inline'     https:;   upgrade-insecure-requests;   worker-src     'self'     blob:; report-uri https:\/\/brightsg.report-uri.com\/r\/d\/csp\/wizard; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net fonts.googleapis.com *.googleapis.com *.gstatic.com data: *.cloudflare.com *.twitter.com *.typekit.net *.twimg.com *.trustedshops.com *.chaordicsystems.com *.useinsider.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.twitter.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/accounts.google.com https:\/\/www.facebook.com https:\/\/login.live.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.twitter.com *.criteo.com *.criteo.net *.chaordicsystems.com *.googletagmanager.com *.doubleclick.net *.prospin.com.br *.facebook.com *.useinsider.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.weltpixel.com *.typeform.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io https:\/\/images.unsplash.com maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.paypal.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.google.com.br *.prospin.com.br *.criteo.com *.freshchat.com *.bat.com *.bing.com *.linximpulse.net *.linximpulse.com *.chaordicsystems.com *.doubleclick.net *.smartadserver.com *.taboola.com *.tremorhub.com *.bidswitch.net *.media.net *.adnxs.com *.casalemedia.com *.stickyadstv.com *.360yield.com *.liadm.com *.mediavine.com *.postrelease.com *.outbrain.com *.pubmatic.com *.revcontent.com *.rubiconproject.com *.clmbtech.com *.3lift.com *.adgrx.com *.agkn.com *.unrulymedia.com *.teads.tv *.1rx.io *.wikimedia.org *.clarity.ms *.hotjar.com *.useinsider.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.googletagmanager.com *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net https:\/\/maps.googleapis.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.jsdelivr.net *.addtoany.com *.fw-cdn.com *.google.com *.google.com.br 'self' data: 'self' *.linximpulse.net *.prospin.com.br *.bing.com *.clarity.com *.clarity.ms *.criteo.com *.chaordicsystems.com *.doubleclick.net *.hotjar.com *.useinsider.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.typeform.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.useinsider.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io https:\/\/maps.googleapis.com https:\/\/player.vimeo.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.google.com *.google.com.br *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com *.chaordicsystems.com *.linximpulse.net *.linximpulse.com *.prospin.com.br *.clarity.ms *.criteo.com *.hotjar.com *.hotjar.io *.useinsider.com *.merchant-center-analytics.goog *.facebook.com *.google-analytics.com https:\/\/ipinfo.io\/json *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.chaordicsystems.com 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.zorgdomein.nl; style-src 'self' 'unsafe-inline' https:\/\/*.zorgdomein.nl https:\/\/fonts.googleapis.com https:\/\/surveys-static.survicate.com https:\/\/surveys-static-prd.survicate-cdn.com; style-src-elem 'self' 'unsafe-inline' https:\/\/*.zorgdomein.nl https:\/\/fonts.googleapis.com https:\/\/surveys-static.survicate.com https:\/\/surveys-static-prd.survicate-cdn.com; script-src 'self' 'nonce-907af8406cbb13404cbc179db6188cac' 'wasm-unsafe-eval' https:\/\/*.zorgdomein.nl https:\/\/*.zdassets.com https:\/\/*.zendesk.com https:\/\/*.zopim.com https:\/\/zendesk-eu.my.sentry.io wss:\/\/*.zendesk.com wss:\/\/*.zopim.com https:\/\/*.googleapis.com https:\/\/survey.survicate.com https:\/\/surveys-static.survicate.com https:\/\/surveys-static-prd.survicate-cdn.com https:\/\/survey-prd.survicate-cdn.com; img-src https:\/\/* 'self' https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com *.googleusercontent.com blob: data: https:\/\/surveys-static.survicate.com https:\/\/surveys-static-prd.survicate-cdn.com https:\/\/assets.survicate.com https:\/\/img.survicate.com https:\/\/images.unsplash.com; connect-src https:\/\/*.zorgdomein.nl wss:\/\/*.zorgdomein.nl https:\/\/*.zdassets.com https:\/\/*.zendesk.com https:\/\/*.zopim.com https:\/\/zendesk-eu.my.sentry.io wss:\/\/*.zendesk.com wss:\/\/*.zopim.com https:\/\/*.googleapis.com *.google.com https:\/\/*.gstatic.com https:\/\/respondent.survicate.com https:\/\/hv.survicate.com https:\/\/survey.survicate.com https:\/\/survey-prd.survicate-cdn.com https:\/\/production-respondent-uploads.s3.eu-west-1.amazonaws.com https:\/\/surveys-static-prd.survicate-cdn.com; frame-src 'self' https:\/\/*.zorgdomein.nl https:\/\/*.quicksight.aws.amazon.com *.google.com http: https:; report-uri \/api\/v1\/report-uri; font-src 'self' https:\/\/*.zorgdomein.nl https:\/\/fonts.gstatic.com data: https:\/\/surveys-static.survicate.com https:\/\/surveys-static-prd.survicate-cdn.com; worker-src 'self' blob:; base-uri 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' *.google.com *.nr-data.net; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.pendo.io https:\/\/*.jquery.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.storage.googleapis.com https:\/\/js-agent.newrelic.com *.newrelic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com *.googleusercontent.com blob: *.newrelic.com; script-src-elem 'self' https:\/\/*.pendo.io *.newrelic.com *.googleapis.com; img-src 'self' https:\/\/*.pendo.io https:\/\/myhealthrecord.com:9999 https:\/\/*.myhealthrecord.com:9999 https:\/\/*.greenwayhealth.com:9999 https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com  *.googleusercontent.com blob data:; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/*.greenwayhealth.com https:\/\/*.login.greenwayhealth.com https:\/\/*.authstagingpoc.aws.greenwayhealth.com https:\/\/*.gisdev.aws.greenwayhealth.com data:; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com *.googleapis.com; style-src-elem 'self' 'unsafe-inline' https:\/\/*.storage.googleapis.com https:\/\/*.googleapis.com https:\/\/myhealthrecord.com:9999 https:\/\/*.myhealthrecord.com:9999 https:\/\/*.greenwayhealth.com:9999 https:\/\/pendo-static-4979136297566208.storage.googleapis.com *.googleapis.com https:\/\/*.pendo.io; style-src-elem 'self' *.googleapis.com https:\/\/pendo-static-4979136297566208.storage.googleapis.com https:\/\/*.pendo.io; connect-src 'self' https:\/\/*.pendo.io https:\/\/*.greenwayhealth.com:9004 https:\/\/*.myhealthrecord.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net *.nr-data.net https:\/\/phprod-patient-specific-documents.s3.amazonaws.com *.googleapis.com https:\/\/pendo-static-4979136297566208.storage.googleapis.com; frame-src 'self' https:\/\/*.instamed.com https:\/\/*.aws.greenwayhealth.com https:\/\/*.google.com https:\/\/*.pendo.io; report-uri https:\/\/api.myhealthrecord.com\/PortalAPI\/v1\/CspReporting\/LogCspReport","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.intercom.io https:\/\/*.intercomcdn.com https:\/\/js.intercomcdn.com https:\/\/script.getreditus.com https:\/\/plausible.io; style-src 'self' 'unsafe-inline' https:\/\/assets.calendly.com; img-src 'self' data: blob: https:\/\/landing-cdn.liqvid.io https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.intercomcdn.com https:\/\/*.intercomassets.com https:\/\/i.ytimg.com https:\/\/*.doubleclick.net https:\/\/www.google.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/*.intercomcdn.com; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/api.intercom.io https:\/\/*.intercomcdn.com wss:\/\/*.intercom.io https:\/\/www.google.com https:\/\/*.doubleclick.net https:\/\/analytics.google.com https:\/\/*.getreditus.com https:\/\/plausible.io; frame-src 'self' https:\/\/calendly.com https:\/\/*.calendly.com https:\/\/*.intercom.io https:\/\/www.googletagmanager.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; media-src 'self' https:\/\/landing-cdn.liqvid.io; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-H52V2mC0scT-3_RbP2OZ2-xwJnTUnlS1cj5Rp-lCcKIxJ04uFLt4Kg' data: https:\/\/api-web.educagri.fr *.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/analytics-sc.institut-agro.fr https:\/\/player.vimeo.com 'report-sample' https:\/\/ajax.googleapis.com\/ https:\/\/analytics-sc.institut-agro.fr\/; style-src-attr 'unsafe-inline' 'self' 'report-sample' data: https:\/\/api-web.educagri.fr https:\/\/use.fontawesome.com *.ckeditor.com; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/api-web.educagri.fr https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.youtube-nocookie.com\/ https:\/\/www.youtube.com\/; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com *.data.sigea.educagri.fr *.dailymotion.com *.genially.com *.view.genial.ly https:\/\/view.genial.ly *.arteradio.com *.calameo.com *.facebook.com https:\/\/www.google.com https:\/\/fermewikisagro.fr *.francetv.fr; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/use.fontawesome.com https:\/\/api-web.educagri.fr; connect-src 'self' data: https:\/\/api-web.educagri.fr *.google-analytics.com https:\/\/analytics-sc.institut-agro.fr https:\/\/analytics-sc.institut-agro.fr\/; style-src 'self' 'report-sample' data: https:\/\/api-web.educagri.fr https:\/\/fonts.googleapis.com https:\/\/use.fontawesome.com; script-src-elem 'self' 'nonce-H52V2mC0scT-3_RbP2OZ2-xwJnTUnlS1cj5Rp-lCcKIxJ04uFLt4Kg' data: https:\/\/api-web.educagri.fr *.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/analytics-sc.institut-agro.fr https:\/\/player.vimeo.com 'report-sample'; report-uri https:\/\/cem.educagri.fr\/api\/csp\/0\/FE","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-sEqUbUuWvJgkgMV7HResjQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src *.zip.co *.iyzipay.com *.gstatic.com *.cloudfront.net *.checkout.com data: 'self' 'unsafe-inline';frame-ancestors 'self';frame-src *.tradedoubler.com *.googletagmanager.com *.teads.tv *.demdex.net *.euw2.pure.cloud 'self' 'unsafe-inline';img-src *.dyson.vn *.google.co.in *.google.com *.boldchat.com *.googleadservices.com *.dyson.com *.zip.co *.bazaarvoice.com *.teads.tv *.facebook.com *.boltdns.net *.brightcove.com *.afterpay.com *.doubleclick.net *.everesttech.net *.omtrdc.net *.googletagmanager.com *.demdex.net *.everesttech.net *.euw2.pure.cloud *.assetsadobe2.com *.amazonaws.com *.adobe.com *.google-analytics.com *.riskified.com data: 'self' 'unsafe-inline';script-src *.go-mpulse.net *.tamara.co *.paypal.com *.paypalobjects.com *.zencdn.net *.zipmoney.com.au *.afterpay.com *.facebook.net *.teads.tv *.brightcove.net *.tiktok.com *.googletagmanager.com *.dynatrace.com *.go-mpulse.net *.googletagmanager.com *.boldchat.com *.newrelic.com *.googleapis.com *.google-analytics.com *.adobedtm.com *.bazaarvoice.com *.optimizely.com *.nr-data.net *.newrelic.com *.euw2.pure.cloud blob: 'self' 'unsafe-inline' 'unsafe-eval';style-src *.zip.co *.checkout.com *.gstatic.com *.googleapis.com *.optimizely.com 'self' 'unsafe-inline';object-src *.euw2.pure.cloud 'self' 'unsafe-inline';child-src *.euw2.pure.cloud blob: 'self' 'unsafe-inline';media-src *.dyson.com *.s3.amazonaws.com *.assetsadobe.com *.euw2.pure.cloud blob: 'self' 'unsafe-inline';manifest-src 'self' 'unsafe-inline';connect-src *.boldchat.com *.paypal.com *.bazaarvoice.com *.googleadservices.com *.breezometer.com *.accuweather.com *.teads.tv *.pangle-ads.com *.akamaihd.net *.boltdns.net *.brightcove.com *.cloudfront.net *.dynatrace.com *.tiktok.com *.dyson.vn *.doubleclick.net *.google-analytics.com *.go-mpulse.net *.google.com *.omtrdc.net *.demdex.net *.nr-data.net *.amazonaws.com *.newrelic.com *.euw2.pure.cloud 'self' 'unsafe-inline';base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'nonce-EYlm6rpbcbFXXtJcHiQoVw==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=7de6b90a-f614-4068-a681-a73d14e5367d; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com 'self' data: 'unsafe-inline' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.google.com www.googletagmanager.com *.adyen.com widgets.sandbox.afterpay.com widgets.sandbox.clearpay.co.uk *.sharethis.com platform.cloud-iq.com.au *.facebook.com *.doubleclick.net *.bedbathntable.com.au *.criteo.com *.pinterest.com *.dotdigital-pages.com *.dotdigital.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com zip.co sandbox.zip.co zipmoney.com.au sandbox.zipmoney.com.au checkout.gb.zip.co checkout.quadpay.com checkout-sandbox.quadpay.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.ftcdn.net *.behance.net *.adyen.com https:\/\/static.afterpay.com https:\/\/site-assets.afterpay.com\/ *.sharethis.com *.googleapis.com *.gstatic.com dev.visualwebsiteoptimizer.com *.google.com *.facebook.com *.cloud-iq.com.au *.afterpay.com *.linksynergy.com *.google.com.au *.bedbathntable.com.au bbnt-m2-image-library.s3-ap-southeast-2.amazonaws.com *.cdninstagram.com *.google.lk *.doubleclick.net *.bidswitch.net *.adnxs.com *.smartadserver.com *.taboola.com *.socdm.com *.criteo.com *.casalemedia.com *.dable.io *.adingo.jp *.stickyadstv.com *.360yield.com *.rlcdn.com *.media.net *.bing.com *.yieldmo.com *.aralego.com *.3lift.com *.clmbtech.com *.teads.tv *.smaato.net *.rubiconproject.com *.pubmatic.com *.outbrain.com *.aralego.net *.1rx.io *.bluekai.com *.contextweb.com *.unrulymedia.com *.trackedlink.net *.ddlnk.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com t.zip.co static.zipmoney.com.au data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.gstatic.com *.google.com www.googletagmanager.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.adyen.com https:\/\/rum.hlx.page https:\/\/portal.sandbox.clearpay.co.uk https:\/\/portal.clearpay.co.uk https:\/\/portal.sandbox.afterpay.com https:\/\/portal.afterpay.com https:\/\/static.afterpay.com https:\/\/js.sandbox.afterpay.com https:\/\/js.afterpay.com *.sharethis.com *.googleapis.com applepay.cdn-apple.com dev.visualwebsiteoptimizer.com *.afterpay.com *.newrelic.com cdnjs.cloudflare.com bam-cell.nr-data.net platform.cloud-iq.com.au *.crazyegg.com *.facebook.net *.facebook.com *.rakuten.com googleads.g.doubleclick.net cdn.lr-ingest.io *.foursixty.com *.bedbathntable.com.au *.tiktok.com *.pinimg.com *.criteo.com *.pinterest.com *.freshworks.net *.freshworks.com *.abtasty.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com static.zipmoney.com.au zip.co https:\/\/www.bedbathntable.com.au 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com static.afterpay.com\/ js.sandbox.afterpay.com js.afterpay.com *.sharethis.com unpkg.com *.foursixty.com *.bedbathntable.com.au *.cloud-iq.com.au *.use.typekit.net *.p.typekit.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.adyen.com static.afterpay.com static.sandbox.afterpay.com js.sandbox.afterpay.com js.afterpay.com *.sharethis.com *.googleapis.com *.crazyegg.com googleads.g.doubleclick.net bam-cell.nr-data.net *.lr-ingest.io *.foursixty.com *.google-analytics.com *.doubleclick.net *.bedbathntable.com.au *.nr-data.net foursixty.com *.pinterest.com *.pangle-ads.com *.tiktok.com *.criteo.com *.google.com *.freshworks.net *.freshworks.com *.attraqt.io *.abtasty.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" frame-ancestors 'none'; report-uri https:\/\/13fc2e96c75baedc98bc60c37c2c93be.report-uri.com\/r\/d\/csp\/wizard; script-src 'strict-dynamic' 'nonce-6BwtHVmP5LAeuJjHouS6FA=='","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'none'; report-uri https:\/\/o225139.ingest.us.sentry.io\/api\/4508413967400960\/security\/?sentry_key=3e448f8df21f7ffe3ceda28e5ae1b362&sentry_environment=PRODUCTION; script-src 'unsafe-eval' 'strict-dynamic' 'report-sample' 'unsafe-hashes' 'sha256-lo7ZdP6kFds+wf1WMWvn7MhcFVFJV44kAXODRevzRZ8=' 'sha256-rRMdkshZyJlCmDX27XnL7g3zXaxv7ei6Sg+yt4R3svU=' 'sha256-kbHtQyYDQKz4SWMQ8OHVol3EC0t3tHEJFPCSwNG9NxQ=' 'nonce-CVsMrXoYgJ4sqor9OHDiyg=='","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src 'none'; base-uri 'none'; frame-ancestors 'none';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-kNF3XSoR7I9Xz3jJ4vZpaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-ZIBkJehoKOgugYQUsqvY4Q' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-ancestors 'self'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" worker-src blob: 'self' *.noibu.com wss:\/\/*.noibu.com; font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.yotpo.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/hpp.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/secure-test.worldpay.com\/shopper\/3ds\/ddc.html https:\/\/secure.worldpay.com\/shopper\/3ds\/ddc.html https:\/\/payments-test.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/payments-live.hpp.apps.eu-west-1-7z55k.dev.msp.worldpay.io\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/payments.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors https:\/\/pay.google.com\/ 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/payments-test.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/payments.worldpay.com\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/payments-live.hpp.apps.eu-west-1-7z55k.dev.msp.worldpay.io\/app\/hpp-iframe\/integration\/wpg\/corporate https:\/\/pay.google.com https:\/\/secure-test.worldpay.com https:\/\/hpp.worldpay.com\/ https:\/\/www.paypal.com\/sdk\/js *.yotpo.com www.xtento.com *.fls.doubleclick.net *.worldpay.com *.trustarc.com sdx.microsoft.com *.googleapis.com blob: *.dwin1.com *.awin1.com *.zenaps.com *.sciencebehindecommerce.com *.hub-box.com *.dam.wexup.com fidelitepro.screwfix.fr 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.trackedlink.net *.ddlnk.net *.dycdn.net *.cloudflare.com www.google-analytics.com *.yotpo.com www.xtento.com cdn.xtento.com *.googleapis.com https:\/\/*.ggpht.com media.screwfix.fr media.screwfix.eu consent.trustarc.com *.doubleclick.net *.contentsquare.net *.postcodeanywhere.co.uk yotpo-editor-production.s3.amazonaws.com sp.analytics.yahoo.com s.yimg.com p1.zemanta.com *.googletagmanager.com *.googleusercontent.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.bing.com *.microsoft.com *.dwin1.com *.awin1.com *.zenaps.com *.sciencebehindecommerce.com cdn.optimizely.com *.tealiumiq.com *.facebook.com *.facebook.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com *.dycdn.net dn1i8v75r669j.cloudfront.net dkpklk99llpj0.cloudfront.net ds9p2a60lh6fp.cloudfront.net d1y9qtn9cuc3xw.cloudfront.net d81mfvml8p5ml.cloudfront.net *.freshrelevance.com *.dotdigital.com https:\/\/www.google.com\/recaptcha\/api.js www.gstatic.com cdnjs.cloudflare.com https:\/\/pay.google.com\/gp\/p\/js\/pay.js https:\/\/applepay.cdn-apple.com\/jsapi\/v1\/apple-pay-sdk.js https:\/\/payments.worldpay.com\/resources\/cse\/js\/worldpay-cse-1.0.2.min.js https:\/\/payments.worldpay.com\/resources\/hpp\/integrations\/embedded\/js\/hpp-embedded-integration-library.js https:\/\/d35p4vvdul393k.cloudfront.net\/sdk_library\/us\/stg\/ops\/pc_gsmpi_web_sdk.js https:\/\/d16i99j5zwwv51.cloudfront.net\/sdk_library\/us\/prd\/ops\/pc_gsmpi_web_sdk.js https:\/\/www.paypal.com\/sdk\/js *.yotpo.com *.sdiapi.com www.xtento.com cdn.xtento.com *.googleapis.com storage.googleapis.com consent.trustarc.com js-agent.newrelic.com bam.nr-data.net tags.tiqcdn.com www.res-x.com *.googletagmanager.com unsafe-inline t.contentsquare.net app.contentsquare.com payments.worldpay.com *.pcapredict.com services.postcodeanywhere.co.uk www.google.com *.contentsquare.net *.truste.com sp.analytics.yahoo.com s.yimg.com js-tag.zemanta.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat region1.google-analytics.com bat.bing.com r.bing.com *.dwin1.com *.awin1.com *.zenaps.com *.sciencebehindecommerce.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com strict-dynamic *.confirmit.com *.creativecdn.com *.tealiumiq.com *.facebook.com *.facebook.net *.noibu.com wss:\/\/*.noibu.com https:\/\/www.screwfix.fr 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com webchat.dotdigital.com webchat.staging.dotdigital.com *.dycdn.net cdnjs.cloudflare.com https:\/\/fonts.googleapis.com\/css *.yotpo.com *.googleapis.com payments.worldpay.com services.postcodeanywhere.co.uk *.bing.com *.dwin1.com *.awin1.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.dycdn.net *.freshrelevance.com wss:\/\/*.freshrelevance.com wss:\/\/*.dycdn.net dn1i8v75r669j.cloudfront.net *.dotdigital.com *.hub-box.com https:\/\/www.google.com\/pay https:\/\/pay.google.com\/gp\/p\/web_manifest.json https:\/\/pay.google.com\/gp\/p\/payment_method_manifest.json https:\/\/pay.google.com\/ https:\/\/google.com\/pay *.worldpay.com https:\/\/hpp.worldpay.com\/app\/hpp\/135-0\/telemetry https:\/\/hpp.worldpay.com\/app\/hpp\/135-0\/payment\/paypalsmartbutton\/continue https:\/\/www.paypal.com\/sdk\/js https:\/\/payments.worldpay.com\/app\/hpp\/135-0\/telemetry\/iframe *.yotpo.com *.sdiapi.com *.googleapis.com www.google-analytics.com stats.g.doubleclick.net bam.nr-data.net *.contentsquare.net media.screwfix.fr *.postcodeanywhere.co.uk sp.analytics.yahoo.com s.yimg.com *.bing.com wss:\/\/*.bing.com region1.google-analytics.com *.sciencebehindecommerce.com *.google.co.uk *.optimizely.com *.creativecdn.com *.confirmit.com *.tealiumiq.com *.facebook.com *.facebook.net *.noibu.com wss:\/\/*.noibu.com 'self' 'unsafe-inline'; child-src blob: http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/e90dc890-c7f3-4322-adbb-3a37b4df98b3.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' *.salesforce.com 'report-sample'; style-src *.force.com 'unsafe-inline' 'self' *.salesforce.com *.visualforce.com:*; img-src *.force.com slack-mil-dev.com slack-imgs-mil-dev.com *.slack.com 'self' blob: *.slack-imgs.com slack-imgs-gov.com *.slack-edge.mil *.salesforce-experience.com slack-imgs.com slack-gov-dev.com *.sfdcstatic.com *.slack-edge-gov.com *.salesforce.com *.twimg.com *.my-salesforce.com slack-imgs-gov-dev.com *.slack-edge.com slack-imgs.mil *.cloudinary.com data:; media-src 'self' *.salesforce.com; frame-src *.force.com *.quip.com *.arkoselabs.com 'self' *.youtube-nocookie.com *.youtube.co.uk *.cybersource.com *.youtube.com.br *.youtube.es *.salesforce-experience.com *.salesforceliveagent.com *.adis.ws *.sfdcfc.net *.youtube.ca *.youtube.ie *.cloudinary.com *.vidyard.com *.vimeo.com *.youtube.jp bcove.video *.youtube.fr *.forceusercontent.com *.brightcove.net *.youtube.com *.wistia.net *.salesforce.com *.youtube.nl *.youtube.pl; font-src *.force.com 'self' *.salesforce.com blob: data:; connect-src 'self' *.amazonaws.com *.salesforce.com https:\/\/cdn.cbweb.code-builder.platform.salesforce.com api.salesforce.com wss:\/\/*.api.salesforce.com *.api.salesforce.com wss:\/\/api.salesforce.com wss:\/\/*.slack.com; report-to sfdc-csp-ep; report-uri https:\/\/csp-report.force.com\/_\/ContentDomainCSPNoAuth?type=login","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net apps.bazaarvoice.com script.hotjar.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com api.bazaarvoice.com stg.api.bazaarvoice.com *.punchout2go.com www.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.google.com *.googletagmanager.com esqa.moneris.com www3.moneris.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.dotdigital-pages.com *.dotdigital.com *.punchout2go.com e.bmr.co www.facebook.net www.facebook.com ct.pinterest.com td.doubleclick.net static.addtoany.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.googleapis.com *.gstatic.com *.google.com *.googleusercontent.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.trackedlink.net *.ddlnk.net https:\/\/axeptio.imgix.net apps-stg.bazaarvoice.com www.bmr.ca  *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat static.hotjar.com script.hotjar.com survey.hotjar.com www.facebook.net www.facebook.com cdn.cookielaw.org maps.googleapis.com maps.gstatic.com aq.flippenterprise.net dam.flippenterprise.net cdn.flippenterprise.net *.wishabi.com *.wishabi.net https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com *.googletagmanager.com esqa.moneris.com www3.moneris.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal *.punchout2go.com https:\/\/*.axept.io e.bmr.co js-agent.newrelic.com s.pinimg.com ct.pinterest.com static.hotjar.com script.hotjar.com connect.facebook.net connect.facebook.com plausible.io cdn.cookielaw.org maps.googleapis.com www.gstatic.com r2-t.trackedlink.net bam.nr-data.net bam-cell.nr-data.net static.cloud.coveo.com static.addtoany.com aq.flippenterprise.net dam.flippenterprise.net cdn.flippenterprise.net p.flipp.com cdn-gateflipp.flippback.com https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net https:\/\/www.bmr.ca 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com display.ugc.bazaarvoice.com *.punchout2go.com static.hotjar.com script.hotjar.com cdn.cookielaw.org www.gstatic.com static.cloud.coveo.com aq.flippenterprise.net dam.flippenterprise.net cdn.flippenterprise.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io *.googleapis.com *.gstatic.com *.google.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com https:\/\/*.axept.io https:\/\/*.axeptio.eu https:\/\/*.axeptio.techimg-src https:\/\/axeptio.imgix.net network-a.bazaarvoice.com network-stg-a.bazaarvoice.com apps-stg.bazaarvoice.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.hotjar.com wss:\/\/*.hotjar.com *.hotjar.io www.facebook.com ct.pinterest.com plausible.io cdn.cookielaw.org maps.googleapis.com stats.g.doubleclick.net bam.nr-data.net bam-cell.nr-data.net static.cloud.coveo.com *.org.coveo.com aq.flippenterprise.net dam.flippenterprise.net cdn.flippenterprise.net p.flipp.com cdn-gateflipp.flippback.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/a4825dc4-e033-47b9-830c-751e434948c6.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" script-src 'strict-dynamic' 'nonce-022036a0dedc24189b9ce37cb5e330a7' 'unsafe-inline' 'unsafe-eval' https: ; frame-ancestors 'self' ; base-uri 'self'; object-src 'none'; report-uri https:\/\/csp.phenompeople.com\/violations;","count":1},{"content-security-policy-report-only":" connect-src *.spiraxsarco.com *.onetrust.com *.onetrust.io *.google-analytics.com *.hotjar.com *.hotjar.io *.clarity.ms wss:\/\/*.hotjar.com 'self' px.ads.linkedin.com google.com analytics.google.com region1.analytics.google.com www.google-analytics.com www.googletagmanager.com pagead2.googlesyndication.com www.googleadservices.com ad.doubleclick.net stats.g.doubleclick.net 680-ryi-639.mktoresp.com forms.hubspot.com forms.hsforms.com cdn.linkedin.oribi.io hummingbirdwebsocket-nld2.cloud.adobe.io adservice.google.com translate.googleapis.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.google.ae www.google.by www.google.com.gh www.google.com.mm www.google.ga www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.bi www.google.bs www.google.ca www.google.cd www.google.cg www.google.ch www.google.ci www.google.cl www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.hu www.google.co.id www.google.co.il www.google.co.im www.google.co.in www.google.co.je www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.nz www.google.co.th www.google.co.ug www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.com.af www.google.com.ag www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kw www.google.com.ly www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.uz www.google.com.vc www.google.com.vn www.google.cn www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.gg www.google.gl www.google.gm www.google.gr www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.is www.google.it www.google.jo www.google.kg www.google.kz www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.mn www.google.ms www.google.mu www.google.mw www.google.net www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.tm www.google.tn www.google.to www.google.tp www.google.tt www.google.tv www.google.uz www.google.vg www.google.vu www.google.ws www.google.co.zw www.google.dz\/ads\/ga-audiences www.google.al\/ads\/ga-audiences www.google.bf\/ads\/ga-audiences ttps:\/\/www.google.by\/ads\/ga-audiences www.google.cm\/ads\/ga-audiences www.google.co.ao\/ads\/ga-audiences ttps:\/\/www.google.co.mz\/ads\/ga-audiences www.google.co.tz\/ads\/ga-audiences www.google.com.bn\/ads\/ga-audiences ttps:\/\/www.google.com.gh\/ads\/ga-audiences www.google.com.kh\/ads\/ga-audiences www.google.com.lb\/ads\/ga-audiences ttps:\/\/www.google.com.mm\/ads\/ga-audiences www.google.com.ng\/ads\/ga-audiences www.google.com.pg\/ads\/ga-audiences ttps:\/\/www.google.dz\/ads\/ga-audiences www.google.ge\/ads\/ga-audiences www.google.iq\/ads\/ga-audiences www.google.sr\/ads\/ga-audiences 680-ryi-639.mktoutil.com wss:\/\/lo.msg.liveperson.net bat.bing.com js.calltrk.com mc.yandex.ru yandexmetrica.com:30103 ymetrica1.com; font-src *.onetrust.com 'self' fonts.gstatic.com use.typekit.net script.hotjar.com data:; img-src optimize.google.com www.google-analytics.com www.googletagmanager.com 'self' data: *; manifest-src 'self'; script-src *.onetrust.com *.scr.kaspersky-labs.com www.googleanalytics.com www.googleoptimize.com optimize.google.com static.ads-twitter.com 'self' 'nonce-ZDEzOTgxNWUtYmVjZC00YjNkLWJhYWItZjA3MDM1YmYzNzgx' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes' 'sha256-MhtPZXr7+LpJUY5qtMutB+qWfQtMaPccfe7QXtCcEYc=' 'sha256-NiPpcuG5iPK1KPR3YIEEEz98KT0W7243V6u7FeP7hdE=' 'sha256-gRuNVLzs+xy+3p6+I1CnZb8pDmnXUWSlO9ejbnSR\/lQ=' 'sha256-ibqfaR\/CmFL3wQZAxIuZ0V4RMm9txqHSln46Z5WyeVA=' 'sha256-30EB3olZggJZ3OT2ahL22VzuYSIEPTzmMb+L3StxKgI=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-qbWCytLP5JMsZSG1DsvruBVK5O5otEfzrwtrYklbihw=' 'sha256-bkXrlHTrWu78qnQooXw+JqlG1rZijbuVZIkNBzTfagM=' 'sha256-vbs\/XR7vkC12NXdDH8FEaUASiJdg\/16cqF\/0T3ze1ks=' 'sha256-4nxBwvGtrokGNkqD2OxOt8Y07P7caJHk00sGwjNYF5I=' 'sha256-\/Fu0G2rh4wmpTYIDt4lb\/x5WJp6zusqpavun8dZ8Yns=' 'sha256-yqVa7ver8F3o3KAsmdt2r10wQlIPCHuaBhkxEMbFQKE=' 'sha256-pZ\/qdkaCfUhJbPDW6dxGk6IT\/oRRR\/mlpXeonIs9iew=' 'sha256-t2dxu6v8zWLBnuT0wS9gbS8+6dWSZKwyh8Oc1O+KFKM=' 'sha256-nOEqrdYQbjOqHNv8REn7NbgmgfgpHFGAMJeDad9+6Cc=' 'sha256-i9Hqrp5R5xqtEYAfxGINmtDPcds\/LnLceINVGS0StZg=' 'sha256-5E\/6sj96qbSHixz46qooKeWA+LIjK6XzdMgxXJYGMCo=' 'sha256-ZjDDDO\/TrMCju3UiIns3DMC7cnl6jp0zh9NKm11JAyY=' 'sha256-pJrmX8BIQNU7+D+cF3F3p3Z\/mHxe83gyTZAzRGq+YBE=' solutions.spiraxsarco.com ssl.google-analytics.com connect.facebook.net www.facebook.net www.google-analytics.com www.googletagmanager.com www.gstatic.com www.youtube.com platform.twitter.com cdn.syndication.twimg.com www.google.com accdn.lpsnmedia.net googleads.g.doubleclick.net js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsforms.net js.hsleadflows.net lo.v.liveperson.net lpcdn.lpsnmedia.net lptag.liveperson.net munchkin.marketo.net script.hotjar.com snap.licdn.com static.hotjar.com www.googleadservices.com www3.spiraxsarco.com cdn.calltrk.com pi.pardot.com bat.bing.com js.calltrk.com; style-src-elem *.onetrust.com 'self' solutions.spiraxsarco.com fonts.googleapis.com p.typekit.net use.typekit.net platform.twitter.com ton.twimg.com assets.calendly.com optimize.google.com www.googletagmanager.com 'unsafe-inline'; frame-src *.spiraxsarco.com *.doubleclick.net optimize.google.com vars.hotjar.com *.liveperson.net lpcdn.lpsnmedia.net www.traceparts.com traceparts-cache.s3.eu-west-1.amazonaws.com www.googletagmanager.com www.facebook.com www.google.com www.youtube.com m.youtube.com share.hsforms.com platform.twitter.com syndication.twitter.com player.vimeo.com calendly.com spiraxsarco.octadesk.com www.buzzsprout.com go.pardot.com www.linkedin.com; media-src 'self' *.spiraxsarco.com lpcdn.lpsnmedia.net; form-action 'self' resources.spiraxsarco.com; style-src-attr 'unsafe-inline'; object-src 'none'; base-uri 'self'; report-uri https:\/\/steam.report-uri.com\/r\/d\/csp\/enforce","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-ev$","count":1},{"content-security-policy-report-only":" script-src 'nonce-UBvq8r1E47DHykvpDWkukg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/static-on-bigtable; base-uri 'none'","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com *.fonts.googleapis.com *.gstatic.com data: *.cloudflare.com *.elecrow.com *.chromestatus.com *.bootcss.com maxcdn.bootstrapcdn.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com https:\/\/store.plumrocket.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.google.com *.addthis.com *.pinterest.com *.amazonaws.com *.awin1.com *.zenaps.com *.fls.doubleclick.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * https:\/\/store.plumrocket.com cashier1.uat.useepay.com cashier.useepay.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.cloudflare.com *.cdn.klarna.com *.s.ytimg.com *.widgets.magentocommerce.com *.fpdbs.paypal.com *.t.paypal.com *.paypal.com *.fpdbs.sandbox.paypal.com *.googleapis.com *.gstatic.com *.addthis.com *.pinterest.com *.cdninstagram.com *.elecrow.com *.shopify.com github.com *.githubusercontent.com *.wp.com *.imgur.com bitronics.store www.longan-labs.cc www.facebook.com elecrow.s3.us-west-1.amazonaws.com *.sharethis.com *.awin1.com *.zenaps.com *.wepowerconnections.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com 'self' data: blob: 'unsafe-inline' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com *.google-analytics.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.facebook.net *.pinterest.com *.instagram.com *.dwin1.com *.livechatinc.com *.elecrow.com *.bootcdn.net *.googletagmanager.com *.doubleclick.net t.contentsquare.net *.awin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com s7.addthis.com *.fontawesome.com *.gstatic.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com cashier.useepay.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.bootcss.com maxcdn.bootstrapcdn.com *.fontawesome.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com *.elecrow.com *.googletagmanager.com *.doubleclick.net *.amazonaws.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com ekr.zdassets.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-kKDtrNlxgBjiyHnL2Dt7mA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src  'none'; connect-src 'self' *.evilangel.com cognito-identity.us-east-1.amazonaws.com backend.getbeamer.com *.comm100.io *.algolia.net insights.algolia.io *.algolianet.com *.gammaapis.com *.gammacdn.com analytics.google.com *.google-analytics.com adservice.google.com *.analytics.google.com *.doubleclick.net *.pubnub.com *.lovense.com *.handyfeeling.com www.gammaentertainment.com *.tiypa.com *.recombee.us dasasoveekepl.cloudfront.net capture.trackjs.com ws: jlduihq7lrcdxgw4vrndhdfcsq.appsync-api.us-east-1.amazonaws.com tcs4u525zrg5hnnoe5kzndxuaq.appsync-api.us-east-1.amazonaws.com xtnzefcqrb.execute-api.us-east-1.amazonaws.com 2aed6ghjsb4436qtebuqk3gfzq0xeauy.lambda-url.us-east-1.on.aws lzzos7clo5.execute-api.us-east-1.amazonaws.com *.izooto.com www.idealgasm.com 3tt0xhv5u7.execute-api.us-east-1.amazonaws.com; form-action 'self' *.evilangel.com join.gammasecure.com; script-src 'self' *.evilangel.com app.getbeamer.com static.getbeamer.com blob: vue.comm100.com standby.comm100vue.com *.gammacdn.com www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com code.jquery.com d3a3ewgd1iewwz.cloudfront.net cdn.izooto.com 'unsafe-eval' 'unsafe-inline'; frame-src 'self' *.evilangel.com push.getbeamer.com app.getbeamer.com www.google.com *.doubleclick.net cdn.izooto.com *.banhq.com; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub787d5a6164b329b26f2e4f7956bbed10&dd-evp-origin=content-security-policy&ddsource=csp-prod&ddtags=CSP-Prod;","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; font-src 'self' https: data:; img-src 'self' data: https:; object-src 'none'; style-src 'self' https: 'unsafe-inline'; connect-src 'self' https:; manifest-src https:\/\/s3.amazonaws.com\/galore-assets\/manifest.json; frame-src 'self' https:\/\/js.stripe.com https:\/\/www.recaptcha.net\/ https:\/\/www.facebook.com\/ https:\/\/bid.g.doubleclick.net; frame-ancestors 'self' https:\/\/www.care.com\/ https:\/\/getgalore.com\/; script-src 'self' https: 'unsafe-inline' http:\/\/cdn.mxpnl.com\/libs\/mixpanel-2.2.min.js http:\/\/connect.facebook.net\/en_US\/sdk.js https:\/\/connect.facebook.net\/en_US\/fbevents.js https:\/\/connect.facebook.net\/en_US\/sdk.js; upgrade-insecure-requests; report-uri https:\/\/o466311.ingest.sentry.io\/api\/6004104\/security\/?sentry_key=2c284ff228ac4d0e8b8ad9ea17497eee&sentry_release=galore-mfe@v18.286.1&sentry_environment=prod","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/matomo.eah-jena.de\/matomo.js https:\/\/*.openstreetmap.org 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/*.openstreetmap.org https:\/\/www.studycheck.de https:\/\/*.typo3.org https:\/\/https\/\/www.studycheck.de\/%2A https:\/\/matomo.eah-jena.de\/matomo.php; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https:\/\/www2.hochschulsport.eah-jena.de; connect-src 'self' data: https:\/\/*.openstreetmap.org https:\/\/www.eah-jena.de https:\/\/matomo.eah-jena.de; media-src 'self' blob:; font-src 'self' data:; style-src blob: data: 'self' 'unsafe-inline' 'report-sample'; worker-src blob: 'report-sample'; report-uri https:\/\/www.eah-jena.de\/@http-reporting?csp=report&requestTime=1778724572799404&requestHash=e3daf7aa1ed6c8616ac3f4553d554d30bf499494","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.yelp.com\/csp_report_only?id=c06b600c85a94c96&page=csp_report_frame_directives%2Cfull_site_ssl_csp_report_directives&policy_hash=41d0c45536d2a082f11d1cd0e00fde7f&site=www&timestamp=1778725380; frame-ancestors 'self' https:\/\/*.yelp.com; default-src https:; img-src https: data: blob:; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; font-src data: https:; child-src https: yelp-webview:\/\/* yelp:\/\/* data:; object-src 'none'; worker-src blob: https:; base-uri 'self'; form-action https:","count":1},{"content-security-policy-report-only":" default-src https:; font-src https: data:; style-src 'unsafe-inline' https:; object-src 'self';connect-src https: wss:; script-src 'nonce-ZrGgWR1sjf+to7O+yRuS9oqSrakEgvb0uqx1wR2HrV4=' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; img-src https: data:; report-uri \/webhooks\/csp-log\/create","count":1},{"content-security-policy-report-only":" default-src 'none'; media-src 'self' *.america250.org *.classy.org classy.org america-250.helloprobability.io fonts.gstatic.com fonts.googleapis.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.gstatic.com i.ytimg.com *.ytimg.com www.youtube.com *.youtube.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.nextdoor.com *.pinterest.com *.pinimg.com *.doubleclick.net *.googlesyndication.com *.licdn.com *.linkedin.com *.facebook.net *.facebook.com manage.america250.org; object-src 'none'; worker-src 'self' blob:; child-src 'self' blob:; manifest-src 'self'; base-uri 'none'; form-action 'self'; img-src 'self' data: *.america250.org *.classy.org classy.org america-250.helloprobability.io fonts.gstatic.com fonts.googleapis.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.gstatic.com i.ytimg.com *.ytimg.com www.youtube.com *.youtube.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.nextdoor.com *.pinterest.com *.pinimg.com *.doubleclick.net *.googlesyndication.com *.licdn.com *.linkedin.com *.facebook.net *.facebook.com manage.america250.org; frame-src 'self' *.america250.org *.classy.org classy.org america-250.helloprobability.io fonts.gstatic.com fonts.googleapis.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.gstatic.com i.ytimg.com *.ytimg.com www.youtube.com *.youtube.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.nextdoor.com *.pinterest.com *.pinimg.com *.doubleclick.net *.googlesyndication.com *.licdn.com *.linkedin.com *.facebook.net *.facebook.com manage.america250.org; frame-ancestors 'none'; script-src 'self' *.america250.org *.classy.org classy.org america-250.helloprobability.io fonts.gstatic.com fonts.googleapis.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.gstatic.com i.ytimg.com *.ytimg.com www.youtube.com *.youtube.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.nextdoor.com *.pinterest.com *.pinimg.com *.doubleclick.net *.googlesyndication.com *.licdn.com *.linkedin.com *.facebook.net *.facebook.com manage.america250.org 'unsafe-inline'; style-src 'self' *.america250.org *.classy.org classy.org america-250.helloprobability.io fonts.gstatic.com fonts.googleapis.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.gstatic.com i.ytimg.com *.ytimg.com www.youtube.com *.youtube.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.nextdoor.com *.pinterest.com *.pinimg.com *.doubleclick.net *.googlesyndication.com *.licdn.com *.linkedin.com *.facebook.net *.facebook.com manage.america250.org 'unsafe-inline'; font-src 'self' https:\/\/fonts.gstatic.com; connect-src 'self' *.america250.org *.classy.org classy.org america-250.helloprobability.io fonts.gstatic.com fonts.googleapis.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.gstatic.com i.ytimg.com *.ytimg.com www.youtube.com *.youtube.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.nextdoor.com *.pinterest.com *.pinimg.com *.doubleclick.net *.googlesyndication.com *.licdn.com *.linkedin.com *.facebook.net *.facebook.com manage.america250.org; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=fQv-YnucYmycxqzZhKP9HhmpiwU_QTxFCTCyzbOyrjv9rlTutEJTE8c479M04x-xnpQ=&policy_id=71&user_id=&request_id=bf5b2ca8-66c6-495a-bba8-28f84c6035b1; report-to csp-endpoint-fqvynucymycxqzzhkphhmpiwuqtxfctcyzboyrjvrltutejtecmxxnpq; frame-ancestors 'none'","count":1},{"content-security-policy-report-only":" connect-src 'self' *.licdn.com *.linkedin.com; script-src static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'unsafe-inline' 'unsafe-eval'; worker-src blob: 'self' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: *.licdn.com *.linkedin.com; media-src blob: 'self' *.licdn.com *.linkedin.com; frame-src 'self' *.licdn.com *.linkedin.com","count":1},{"content-security-policy-report-only":" font-src cdn.jsdelivr.net fonts.gstatic.com cdn.almapay.com https:\/\/applepay.cdn-apple.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.getalma.eu *.almapay.com\/ *.stripe.com\/ *.checkout.com\/ *.adyen.com\/ *.instagram.com https:\/\/www.googletagmanager.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.payplug.com *.dalenys.com https:\/\/applepay.cdn-apple.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.cdninstagram.com cdn.doofinder.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/img.youtube.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/secure-magenta.dalenys.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ cdn.jsdelivr.net *.instagram.com cdn.doofinder.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ s7.addthis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/secure-magenta.dalenys.com https:\/\/applepay.cdn-apple.com api-qa.payplug.com cdn-qa.payplug.com api.payplug.com cdn.payplug.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com cdn.jsdelivr.net fonts.googleapis.com *.doofinder.com unsafe-inline assets.braintreegateway.com https:\/\/secure-magenta.dalenys.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.getalma.eu *.almapay.com *.doofinder.com wss:\/\/*.doofinder.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ ekr.zdassets.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/*.insightsc3m.com *.fontawesome.com *.insightsc3m.com *.googleapis.com *.yellowmessenger.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.certcapture.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com www.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.omtrdc.net *.adobedtm.com *.certcapture.com *.azurewebsites.net *.insightsc3m.com *.googleapis.com *.yellowmessenger.com altriagroupinc.112.2o7.net\/ ad.ipredictive.com ad.doubleclick.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com 'self' data: www.xtento.com cdn.xtento.com smetrics.onnicotine.com target.onnicotine.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.certcapture.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com *.datadome.co *.azurewebsites.net *.insightsc3m.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.yellowmessenger.com rtag.onnicotine.com bam.nr-data.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com *.azurewebsites.net *.insightsc3m.com *.fontawesome.com *.yellowmessenger.com *.googleapis.com assets.braintreegateway.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.omtrdc.net *.adobedtm.com *.certcapture.com *.datadome.co *.azurewebsites.net https:\/\/*.insightsc3m.com *.googleapis.com *.yellow.ai wss:\/\/*.yellow.ai cdn.yellowmessenger.com altriagroupinc.112.2o7.net bam.nr-data.net *.dipdirect.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com smetrics.onnicotine.com target.onnicotine.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/*.cookiebot.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/js-agent.newrelic.com https:\/\/js.appboycdn.com https:\/\/cdn.getid.cloud https:\/\/cdn.seonintelligence.com https:\/\/cdn0.match2one.net https:\/\/connect.facebook.net https:\/\/capi-automation.s3.us-east-2.amazonaws.com https:\/\/*.anjouangaming.org; script-src-elem 'self' 'unsafe-inline' https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/*.cookiebot.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/js-agent.newrelic.com https:\/\/js.appboycdn.com https:\/\/cdn.getid.cloud https:\/\/cdn.seonintelligence.com https:\/\/cdn0.match2one.net https:\/\/connect.facebook.net https:\/\/capi-automation.s3.us-east-2.amazonaws.com https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com https:\/\/*.anjouangaming.org https:\/\/*.sptpub.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https: https:\/\/imagedelivery.net https:\/\/*.steamstatic.com https:\/\/steamcdn-a.akamaihd.net https:\/\/cdn.ucraft.com https:\/\/luckmedia.link; font-src 'self' data: https:; connect-src 'self' wss: data: https:\/\/*.cookiebot.com https:\/\/*.clarity.ms https:\/\/*.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/*.googletagmanager.com https:\/\/bam.nr-data.net https:\/\/js-agent.newrelic.com https:\/\/snowplow-collector.duel.com https:\/\/snowplow-collector.csgoempire.com https:\/\/api.paymentiq.io https:\/\/test-api.paymentiq.io https:\/\/api-iam.intercom.io https:\/\/sdk.iad-07.braze.com https:\/\/api.drand.sh wss:\/\/api.elevenlabs.io https:\/\/unpkg.com https:\/\/director.millicast.com https:\/\/*.sptpub.com; frame-src *  blob: data: https:\/\/*.cookiebot.com https:\/\/api.paymentiq.io https:\/\/test-api.paymentiq.io https:\/\/*.getid.ee https:\/\/*.sb.getid.dev https:\/\/cdn-secure.zen.com https:\/\/pulsegiftcards.com https:\/\/*.sptpub.com https:\/\/rgs-livedealerwebclient.bcrgslaunchgame.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri \/api\/csp-report;","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" object-src  'none'; connect-src 'self' *.puretaboo.com cognito-identity.us-east-1.amazonaws.com backend.getbeamer.com *.comm100.io *.algolia.net insights.algolia.io *.algolianet.com *.gammaapis.com *.gammacdn.com analytics.google.com *.google-analytics.com adservice.google.com *.analytics.google.com *.doubleclick.net *.pubnub.com *.lovense.com *.handyfeeling.com www.gammaentertainment.com *.tiypa.com *.recombee.us dasasoveekepl.cloudfront.net capture.trackjs.com ws: jlduihq7lrcdxgw4vrndhdfcsq.appsync-api.us-east-1.amazonaws.com tcs4u525zrg5hnnoe5kzndxuaq.appsync-api.us-east-1.amazonaws.com xtnzefcqrb.execute-api.us-east-1.amazonaws.com 2aed6ghjsb4436qtebuqk3gfzq0xeauy.lambda-url.us-east-1.on.aws lzzos7clo5.execute-api.us-east-1.amazonaws.com *.izooto.com www.idealgasm.com 3tt0xhv5u7.execute-api.us-east-1.amazonaws.com; form-action 'self' *.puretaboo.com join.gammasecure.com; script-src 'self' *.puretaboo.com app.getbeamer.com static.getbeamer.com blob: vue.comm100.com standby.comm100vue.com *.gammacdn.com www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com code.jquery.com d3a3ewgd1iewwz.cloudfront.net cdn.izooto.com 'unsafe-eval' 'unsafe-inline'; frame-src 'self' *.puretaboo.com push.getbeamer.com app.getbeamer.com www.google.com *.doubleclick.net cdn.izooto.com *.banhq.com; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub787d5a6164b329b26f2e4f7956bbed10&dd-evp-origin=content-security-policy&ddsource=csp-prod&ddtags=CSP-Prod;","count":1},{"content-security-policy-report-only":" form-action 'report-sample' 'self'","count":1},{"content-security-policy-report-only":" default-src https: 'unsafe-inline' 'unsafe-eval'; worker-src 'self'; img-src https: data:","count":1},{"content-security-policy-report-only":" script-src 'nonce-laIl\/Oz2VPMCnsmPojdL7g==' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'; base-uri 'none'; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=Avyj0s3p2xLmT5-RgQyIZUpiMPPIj-yXZLCxxnrr3OyTIo4PSsnS5jU9g3thAQWKptWJ&policy_id=28711&user_id=&request_id=8ca9bade-a005-414a-a897-3eed6554eec2; report-to csp-endpoint-avyjspxlmtrgqyizupimppijyxzlcxxnrroytiopssnsjugthaqwkptwj; object-src https:\/\/http2.mlstatic.com\/ https:\/\/mlstaticquic-a.akamaihd.net\/; frame-ancestors 'self' https:\/\/*.mercadolibre.cl:* https:\/\/*.mercadolibre.com:* https:\/\/*.mercadolibre.com.ve:* https:\/\/*.mercadolibre.com.ar:* https:\/\/*.mercadolivre.com.br:* https:\/\/*.mercadolibre.com.co:* https:\/\/*.mercadolibre.com.ec:* https:\/\/*.mercadolibre.com.mx:* https:\/\/*.mercadolibre.com.pe:* https:\/\/*.mercadolibre.com.uy:* https:\/\/*.mercadopago.cl:* https:\/\/*.mercadopago.com.ar:* https:\/\/*.mercadopago.com.br:* https:\/\/*.mercadopago.com.co:* https:\/\/*.mercadopago.com.mx:* https:\/\/*.mercadopago.com.pe:* https:\/\/*.mercadopago.com.uy:* https:\/\/*.mercadopago.com.ve:* https:\/\/*.mercadopago.com:* https:\/\/*.adminml.com:* https:\/\/*.mercadolibre.co.cr:* https:\/\/*.mercadolibre.com.pa:* https:\/\/*.mercadolibre.com.do:* https:\/\/*.mercadolibre.com.bo:* https:\/\/*.mercadolibre.com.py:* https:\/\/*.mercadolibre.com.gt:* https:\/\/*.mercadolibre.com.hn:* https:\/\/*.mercadolibre.com.ni:* https:\/\/*.mercadolibre.com.sv:* https:\/\/*.mercadopago.com.ec:* https:\/\/*.portalinmobiliario.com:* https:\/\/*.mercadolivre.com:*","count":1},{"content-security-policy-report-only":" default-src 'nonce-59b1aa9fe1b67530a4c2b6fc104c0928' 'self'; object-src 'self'; frame-ancestors 'none'; base-uri 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data https:\/\/images.ctfassets.net; script-src 'self' 'self' 'unsafe-inline' https:\/\/browser.sentry-cdn.com\/ https:\/\/europcar.adding-sst.dev\/ https:\/\/sdk.privacy-center.org\/ https:\/\/*.europcar.com https:\/\/*.goldcar.com; connect-src 'self' sentry.io *.sentry.io https:\/\/*.europcar.com https:\/\/*.goldcar.com; report-uri https:\/\/f7b20c2f87f95d7d60d819766c53e983@o274321.ingest.us.sentry.io\/1887943; report-to https:\/\/f7b20c2f87f95d7d60d819766c53e983@o274321.ingest.us.sentry.io\/1887943","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-T1zCz22xPeKriMGCuv2WkA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" base-uri 'self'; child-src 'self'; connect-src 'self' https:\/\/*.optimizely.com\/ https:\/\/analytics.domstol.se https:\/\/api.mediaflow.com https:\/\/app-eu.readspeaker.com https:\/\/cdn1.readspeaker.com https:\/\/m.mediaflow.com https:\/\/media.lifeinside.io https:\/\/mfstatic.com https:\/\/predict.rekai.se https:\/\/stats.mediaflow.com https:\/\/v1.mediaflow.com https:\/\/v2.mediaflow.com https:\/\/v4.mediaflow.com https:\/\/v6.mediaflow.com https:\/\/view.rekai.se https:\/\/vtdnntts-eu.readspeaker.com https:\/\/widget-api.lifeinside.io https:\/\/wrapi-eu.readspeaker.com https:\/\/www.captcha.eu; default-src 'none'; font-src 'self' data: https:\/\/*.cloudfront.net https:\/\/cdn1.readspeaker.com https:\/\/widget.lifeinside.io; form-action 'none'; frame-ancestors 'self'; frame-src 'self' https:\/\/*.optimizely.com\/ https:\/\/app-eu.readspeaker.com https:\/\/play.mediaflow.com https:\/\/play.mediaflowpro.com; img-src 'self' blob: data: https:\/\/*.optimizely.com\/ https:\/\/analytics.domstol.se https:\/\/assets.mediaflowpro.com https:\/\/cdn1.readspeaker.com https:\/\/m.mediaflow.com https:\/\/media.lifeinside.io https:\/\/recruit.visma.com; manifest-src 'self' https:\/\/www.domstol.se; script-src-elem 'self' 'unsafe-inline' https:\/\/*.optimizely.com\/ https:\/\/analytics.domstol.se https:\/\/cdn1.readspeaker.com https:\/\/mfstatic.com https:\/\/static.rekai.se https:\/\/widget.lifeinside.io https:\/\/www.captcha.eu; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/*.optimizely.com\/ https:\/\/cdn1.readspeaker.com https:\/\/mfstatic.com https:\/\/static.rekai.se https:\/\/widget.lifeinside.io https:\/\/www.captcha.eu; style-src-elem 'self' 'unsafe-inline' https:\/\/*.optimizely.com\/ https:\/\/cdn1.readspeaker.com https:\/\/mfstatic.com; style-src 'self' 'unsafe-inline' https:\/\/*.optimizely.com\/ https:\/\/cdn1.readspeaker.com https:\/\/mfstatic.com; worker-src 'self' blob:; style-src-attr 'unsafe-inline'; media-src blob: data: https:\/\/cdn1.readspeaker.com https:\/\/m.mediaflow.com https:\/\/media.lifeinside.io https:\/\/v1.mediaflow.com https:\/\/v2.mediaflow.com https:\/\/v4.mediaflow.com https:\/\/v6.mediaflow.com; object-src 'none'; report-to stott-security-endpoint;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-gfRBG1O7Gmqwg8JnS1m2Ew' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' wss: *.gravatar.com *.seeclickfix.com *.civicplus.com *.civicplus.pro *.civicclerk.com engage6.azureedge.net *.audioeye.com *.pendo.io *.zdassets.com *.zendesk.com *.zopim.com *.arcgis.com *.arcgisonline.com *.services.visualstudio.com *.monitor.azure.com *.googleapis.com *.googletagmanager.com *.google-analytics.com use.fontawesome.com *.google.com *.gstatic.com gstatic.com cdn.embedly.com\/widgets\/platform.js cdnjs.cloudflare.com static.cloudflareinsights.com *.fontawesome.com *.countyofsb.org * 'self'; style-src * 'self' 'unsafe-inline'; img-src * 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googletagmanager.com *.seeclickfix.com *.civicplus.com *.civicplus.pro *.civicclerk.com engage6.azureedge.net *.audioeye.com *.pendo.io *.zdassets.com *.zendesk.com *.zopim.com *.arcgis.com *.arcgisonline.com *.services.visualstudio.com *.monitor.azure.com *.googleapis.com *.googletagmanager.com *.google-analytics.com use.fontawesome.com *.google.com *.gstatic.com gstatic.com cdn.embedly.com\/widgets\/platform.js cdnjs.cloudflare.com static.cloudflareinsights.com *.fontawesome.com * 'self' about: 'unsafe-inline' 'unsafe-eval' data:; worker-src * 'self' data: blob: 'unsafe-eval' 'unsafe-inline'; frame-src * 'self'; media-src 'self' blob: *; font-src * 'self' data: *.fontawesome.com * 'self' data:; upgrade-insecure-requests; form-action 'self'; frame-ancestors 'self';report-uri \/contentsecuritypolicy\/report","count":1},{"content-security-policy-report-only":" default-src * https: data: blob: 'unsafe-inline' 'unsafe-hashes';","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.mojadm.sk https:\/\/mpsnare.iesnare.com https:\/\/omt.mojadm.sk https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.mojadm.sk; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.mojadm.sk https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.mojadm.sk https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.mojadm.sk https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.mojadm.sk https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.mojadm.sk; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.mojadm.sk https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.mojadm.sk https:\/\/app.datadoghq.eu https:\/\/checkout.mojadm.sk https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.mojadm.sk https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.mojadm.sk https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.mojadm.sk https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.mojadm.sk https:\/\/player.podigee-cdn.net https:\/\/sandbox.om.mojadm.sk https:\/\/signin.mojadm.sk https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.mojadm.sk; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.google-analytics.com https:\/\/connect.facebook.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/js.hsforms.net https:\/\/js.hs-scripts.com https:\/\/js.hs-banner.com https:\/\/js.hubspot.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/cdn.siteground.com https:\/\/www.google.com https:\/\/www.gstatic.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https:\/\/fonts.googleapis.com https:\/\/cdn.siteground.com 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' https:\/\/fonts.gstatic.com data:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/region1.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/api.hubapi.com https:\/\/forms.hsforms.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com; frame-src 'self' https:\/\/forms.hsforms.com https:\/\/js.hsforms.net https:\/\/www.google.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com; frame-ancestors 'self'; form-action 'self' https:\/\/forms.hsforms.com; object-src 'none'; base-uri 'self'; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com cdn.livechatinc.com stats.g.doubleclick.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.livechatinc.com *.dotit.com *.ncco.com dotit.wufoo.com stats.g.doubleclick.net 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.livechatinc.com stats.g.doubleclick.net dotit.wufoo.com www.wrike.com *.google.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.livechatinc.com *.disqus.com *.dotit.com *.ncco.com stats.g.doubleclick.net cp-ywz-382.chili-publish.online cp-ywz-382.chili-publish-sandbox.online https:\/\/img.youtube.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.livechatinc.com *.disqus.com stats.g.doubleclick.net chimpstatic.com *.wufoo.com www.youtube.com apis.google.com *.google.pl 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com stats.g.doubleclick.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.livechatinc.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.livechatinc.com stats.g.doubleclick.net *.analytics.google.com *.google-analytics.com dotit.wufoo.com *.smartystreets.com apis.google.com *.google.pl 'self' 'unsafe-inline'; child-src stats.g.doubleclick.net http: https: blob: 'self' 'unsafe-inline'; default-src stats.g.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri stats.g.doubleclick.net 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.googleapis.com *.bootstrapcdn.com *.hsappstatic.net *.ivaws.com *.ravecapture.com s3.amazonaws.com trustspot-app-assets.s3.amazonaws.com trustspot.io https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com *.fontawesome.com fonts.googleapis.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.authorize.net https:\/\/plumrocket.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.affirm.com *.affirm.ca *.attn.tv *.bing.com *.doubleclick.net *.facebook.com *.googletagmanager.com *.livechatinc.com *.opendns.com *.paypalobjects.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.authorize.net https:\/\/plumrocket.com *.wesupply.xyz https:\/\/wesupplylabs.com guarantee-cdn.com *.weltpixel.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.googleapis.com https:\/\/aheadworks.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/images.unsplash.com *.affirm.com *.affirm.ca https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ magefan.com cm.magefan.com *.disqus.com *.attentivemobile.com *.attn.tv *.bing.com *.bing.net *.doubleclick.net *.facebook.com *.facebook.net *.google.com *.googleadservices.com *.googletagmanager.com *.imgix.net *.ivaws.com *.paypalobjects.com *.ravecapture.com *.trustspot.io *.ytimg.com ravecapture-app-assets.s3.amazonaws.com s3.amazonaws.com www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.bs www.google.by www.google.ca www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ma www.google.co.nz www.google.co.th www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.eg www.google.com.et www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.sv www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vn www.google.cz www.google.de www.google.dj www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ge www.google.gg www.google.gr www.google.gy www.google.hn www.google.hr www.google.hu www.google.ie www.google.iq www.google.is www.google.it www.google.jo www.google.kg www.google.kz www.google.li www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mk www.google.mn www.google.mu www.google.mv www.google.nl www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.se www.google.si www.google.sk www.google.sn www.google.so www.google.sr www.google.tn https:\/\/connect.facebook.net https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com guarantee-cdn.com *.reddit.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/maps.googleapis.com *.affirm.com *.affirm.ca https:\/\/cdn.attn.tv https:\/\/events.attentivemobile.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.disqus.com https:\/\/cdn.jsdelivr.net *.addthis.com *.algolia.net *.algolianet.com *.attn.tv *.authorize.net *.bing.com *.doubleclick.net *.facebook.net *.fullstory.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.livechatinc.com *.paypal.com *.ravecapture.com trustspot.io https:\/\/hogworkz.com https:\/\/static-tracking.klaviyo.com https:\/\/app.ravecapture.com https:\/\/hogworkz.attn.tv https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net widget.freshworks.com m2epro.freshdesk.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.avada.io *.shopify.com *.cloudflare.com guarantee-cdn.com *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.googleapis.com https:\/\/static.klaviyo.com https:\/\/cdn.jsdelivr.net *.bootstrapcdn.com *.gstatic.com *.klaviyo.com *.ravecapture.com s3.amazonaws.com trustspot.io widget.freshworks.com m2epro.freshdesk.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.fontawesome.com https:\/\/fonts.bunny.net *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.youtube.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.afterpay.com *.afterpay-beta.com *.afterpaycdn.com *.squarecdn.com *.cash.app api.lab.amplitude.com *.googleapis.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.attentivemobile.com *.authorize.net *.bing.com *.bing.net *.doubleclick.net *.facebook.com *.googleadservices.com *.googletagmanager.com *.imgix.net *.klaviyo.com *.livechatinc.com *.ravecapture.com ravecapture-app-assets.s3.amazonaws.com trustspot.io www.google.ae www.google.al www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.bs www.google.by www.google.ca www.google.ch www.google.ci www.google.cl www.google.cm www.google.co.ao www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ma www.google.co.nz www.google.co.th www.google.co.uk www.google.co.ve www.google.co.vi www.google.co.za www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.eg www.google.com.gh www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mt www.google.com.mx www.google.com.my www.google.com.ng www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vn www.google.cz www.google.de www.google.dj www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ge www.google.gr www.google.gy www.google.hn www.google.hr www.google.hu www.google.ie www.google.iq www.google.is www.google.it www.google.jo www.google.kg www.google.kz www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mk www.google.mn www.google.mu www.google.nl www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.se www.google.si www.google.sk www.google.sn https:\/\/events.attentivemobile.com https:\/\/bam.nr-data.net https:\/\/hogworkz.com widget.freshworks.com m2epro.freshdesk.com https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/get.geojs.io *.avada.io *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.run.app 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com *.googleapis.com https:\/\/applepay.cdn-apple.com https:\/\/maxcdn.bootstrapcdn.com *.feedbackcompany.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.feedbackcompany.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/www.paypal.com https:\/\/www.sandbox.paypal.com https:\/\/pay.google.com https:\/\/applepay.cdn-apple.com https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googletagmanager.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/static.buckaroo.nl https:\/\/www.buckaroo.nl https:\/\/www.paypalobjects.com https:\/\/pay.google.com https:\/\/developers.google.com https:\/\/applepay.cdn-apple.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.feedbackcompany.com 'self' data: magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com * *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.fontawesome.com *.googleapis.com *.gstatic.com https:\/\/cdn.jsdelivr.net https:\/\/static.buckaroo.nl https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/buckaroo.nl https:\/\/www.paypal.com https:\/\/www.sandbox.paypal.com https:\/\/applepay.cdn-apple.com https:\/\/pay.google.com https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.feedbackcompany.com *.avada.io *.shopify.com * *.googletagmanager.com tagmanager.google.com https:\/\/*.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com assets.braintreegateway.com *.fontawesome.com https:\/\/cdn.jsdelivr.net https:\/\/static.buckaroo.nl https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/maxcdn.bootstrapcdn.com *.googleapis.com https:\/\/fonts.bunny.net tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/static.buckaroo.nl wss:\/\/websockets.buckaroo.io\/ https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/hostedfields-externalapi.alpha.buckaroo.aws https:\/\/hostedfields-externalapi.prod-pci.buckaroo.io https:\/\/applepay.buckaroo.io https:\/\/smp-paymentservices.apple.com https:\/\/www.paypal.com https:\/\/www.sandbox.paypal.com https:\/\/pay.google.com https:\/\/maps.googleapis.com https:\/\/pagead2.googlesyndication.com https:\/\/sst.wagnershop.eu https:\/\/google.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.mida.so https:\/\/*.ahrefs.com https:\/\/*.cookieconfirm.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.feedbackcompany.com https:\/\/get.geojs.io *.avada.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com https:\/\/*.lambda-url.eu-central-1.on.aws\/ https:\/\/*.g.doubleclick.net https:\/\/*.google.nl https:\/\/*.visualwebsiteoptimizer.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" report-uri https:\/\/opensociety.report-uri.com\/r\/d\/csp\/reportOnly;base-uri 'self';connect-src 'self' https:\/\/translate.googleapis.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.ingest.sentry.io https:\/\/docket.justiceinitiative.org https:\/\/justiceinitiative.piwik.pro https:\/\/justiceinitiative.containers.piwik.pro https:\/\/cdn.matomo.cloud https:\/\/theideasletter.matomo.cloud https:\/\/cdn-cookieyes.com https:\/\/log.cookieyes.com https:\/\/*.cookieyes.com;default-src 'self';form-action 'self';img-src 'self' data: https: https:\/\/www.gstatic.com https:\/\/*.googletagmanager.com https:\/\/osjicontent.imgix.net https:\/\/*.google-analytics.com;object-src 'self';script-src 'self' 'unsafe-eval' https:\/\/translate.googleapis.com https:\/\/www.justiceinitiative.org https:\/\/cdn.plyr.io\/3.4.4\/plyr.polyfilled.js https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/picturefill\/3.0.2\/picturefill.min.js https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/www.youtube.com\/iframe_api https:\/\/www2.osfound.org\/shorten https:\/\/*.ingest.sentry.io https:\/\/docket.justiceinitiative.org https:\/\/justiceinitiative.containers.piwik.pro https:\/\/*.justiceinitiative.org https:\/\/cdn-cookieyes.com https:\/\/log.cookieyes.com https:\/\/*.cookieyes.com https:\/\/cdn.matomo.cloud https:\/\/theideasletter.matomo.cloud 'sha256-fowkKyEQi1SMOmkzKHVR3kVRCxAkb7eITj4LYDwWuwE=' 'sha256-oLlgRvu5927ZsW\/Ke7hqoXyWhVhfjYt888\/If4Yk6Cc=' 'sha256-zTv\/Ocm+3ZUxPK95MsRtR405opnhJuWd8OOOlDOY4jg=' 'sha256-rWd9UEdKeFeLqC7IaJz1wxlZctnoLlCVLl196dQ3XcM=' 'sha256-Wuuo8pjCq8p1DupaB6iKVd7xGXUV2cZ6FNKupyZkqtA=' 'sha256-Yo0rp6K5ZDMBPy3XfvFf6KNJPsyXl4KgVKlu1R1a3xQ=' 'sha256-MM3CG7szGAeVIKY58JGR+X+7xTDccDemqcIY0lQLrX8=' 'sha256-oh6ZTSefRfIBPlcye8dBjlQBkC0A32V1QIb2htJq7ao=' 'sha256-NmZgHsyoB9XJ6Wd+G4VMaoO3gnTIG8KiH+uVcxOeeoc=' 'sha256-qwhoBj+FiypvTPR3eQkqsvLUkSeShbVBRVleFpBWM0g=' 'sha256-ojZToIWnCw4yAO2wwSr0xkCYSoCACGXKKYmr9ZV6u7I=' 'sha256-MK\/1crn2Wl\/TYQNKpPss5ootd4EotbGRxQsmw+4y1gU=' 'sha256-IobZaBCT4PRq1c9DaVhn7w+Z0rXZcBjmuQBfk+M+z64=' 'sha256-DqrJErZI\/7pog0A9GesbTSM9ARg5dFwEiTotQt+PXns=' 'sha256-veJ+ybPvqZmAOLrVwklPodQgAnVnspZnObsF0U42hqo' 'sha256-+fx2G+aE0ETxN+0K\/lnVPgcwJBbC7vQs8fcKUg1eWKc=' 'sha256-lGf\/YZe+HEzkMEOQc5bjVpCG99fBIWrHzKnAn+UsbmE=' 'nonce-rgdGyIRog4y2wzOLMOhdNWhZINqFoAln';style-src 'self' 'unsafe-inline' https:;frame-src 'self';font-src 'self' https:;media-src 'self' https:;manifest-src 'self';worker-src 'none'","count":1},{"content-security-policy-report-only":" default-src 'self' https:; connect-src 'self' https: properties:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'strict-dynamic' *.halalstatic.com www.googletagmanager.com accounts.google.com maps.google.com connect.facebook.net applepay.cdn-apple.com *.checkout.com x.klarnacdn.net *.stripe.com *.recaptcha.net cdn.safecharge.com 'nonce-HenAnBa3A+ebIR6FEhgONw=='; style-src 'self' https: 'nonce-HenAnBa3A+ebIR6FEhgONw=='; style-src-elem 'self' https: 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src-attr 'unsafe-inline'","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klevu.com *.ksearchnet.com maxcdn.bootstrapcdn.com d17anp2eo56k6j.cloudfront.net d9h1vtbtgkgvf.cloudfront.net 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/plumrocket.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.affirm.com *.affirm.ca d17anp2eo56k6j.cloudfront.net d9h1vtbtgkgvf.cloudfront.net https:\/\/plumrocket.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.affirm.com *.affirm.ca https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com d17anp2eo56k6j.cloudfront.net d9h1vtbtgkgvf.cloudfront.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com 'self' data: https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.googletagmanager.com *.affirm.com *.affirm.ca https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com d17anp2eo56k6j.cloudfront.net d9h1vtbtgkgvf.cloudfront.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com https:\/\/cdn-scripts.signifyd.com https:\/\/cdn-scripts.signifyd.com\/api\/script-tag.js https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com maxcdn.bootstrapcdn.com d17anp2eo56k6j.cloudfront.net d9h1vtbtgkgvf.cloudfront.net unsafe-inline assets.braintreegateway.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.affirm.com *.affirm.ca https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com d17anp2eo56k6j.cloudfront.net d9h1vtbtgkgvf.cloudfront.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com https:\/\/www.gstatic.com *.fontawesome.com https:\/\/live.icecat.biz data: https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/fonts.gstatic.com locator.uberall.com script.hotjar.com *.hotjar.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com js.mollie.com dashboard.trustprofile.com td.doubleclick.net https:\/\/s3-eu-west-1.amazonaws.com\/ https:\/\/td.doubleclick.net https:\/\/google-analytics.com https:\/\/objects.icecat.biz\/ *.trustpilot.com https:\/\/www.google.com www.xtento.com trafic-career.talent-soft.com view.publitas.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.googleapis.com *.gstatic.com *.doofinder.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/www.mollie.com funtrafic.imgix.net bat.bing.com www.google.be lqip-funtrafic.imgix.net https:\/\/funtrafic-large.imgix.net\/media\/ https:\/\/funtrafic-thumb.imgix.net\/media\/ https:\/\/pdpthumb-funtrafic.imgix.net https:\/\/pdplarge-funtrafic.imgix.net https:\/\/pdpfull-funtrafic.imgix.net https:\/\/content.fun.be https:\/\/adservice.google.com https:\/\/region1.analytics.google.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/bat.bing.com  https:\/\/pagead2.googlesyndication.com https:\/\/td.doubleclick.net https:\/\/google-analytics.com www.xtento.com cdn.xtento.com bat.bing.net catalogmedia.trafic.com funtrafic-thumb.imgix.net joko-mobile-app-media.s3.eu-west-1.amazonaws.com locator.uberall.com magentoadmin.trafic.com www.google.de www.google.fr www.google.lt www.google.lu *.google.com www.trafic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.googleapis.com https:\/\/www.gstatic.com *.doofinder.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com js.mollie.com static.hotjar.com eu1-config.doofinder.com widget.trustpilot.com invitejs.trustpilot.com cdn.doofinder.com script.hotjar.com bat.bing.com js-agent.newrelic.com https:\/\/live.icecat.biz https:\/\/bat.bing.com  https:\/\/js-agent.newrelic.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/td.doubleclick.net https:\/\/google-analytics.com *.trustpilot.com www.xtento.com cdn.xtento.com api.mapbox.com locator.uberall.com view.publitas.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.doofinder.com *.fontawesome.com cdn.doofinder.com https:\/\/live.icecat.biz blob: https:\/\/googletagmanager.com https:\/\/tagmanager.google.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com *.doofinder.com wss:\/\/*.doofinder.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com region1.analytics.google.com eu1-api.doofinder.com bam.eu01.nr-data.net https:\/\/invitejs.trustpilot.com https:\/\/live.icecat.biz https:\/\/magentoadmin.trafic.docker https:\/\/adservice.google.com https:\/\/region1.analytics.google.com https:\/\/www.google.com https:\/\/www.google.be https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/td.doubleclick.net https:\/\/google-analytics.com  https:\/\/pagead2.googlesyndication.com api.mapbox.com bat.bing.com bat.bing.net content.hotjar.io events.mapbox.com locator.uberall.com surveystats.hotjar.io vc.hotjar.io *.hotjar.com wss: wss:\/\/ws.hotjar.com www.google.lu *.google.com *.mapbox.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src bat.bing.com bam.eu01.nr-data.net googleads.g.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src cash-f.squarecdn.com *.squarecdn.com *.googleapis.com https:\/\/www.gstatic.com *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com *.bootstrapcdn.com *.stamped.io foursixty.com *.zipmoney.com.au font.static.useinsider.com *.pinterest.com *.cloudfront.net *.livechatinc.com *.zip.co https:\/\/fonts.gstatic.com maxcdn.bootstrapcdn.com *.yotpo.com dhv2ziothpgrr.cloudfront.net https:\/\/cdn.livechatinc.com\/ data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * *.facebook.com https:\/\/plumrocket.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ * widgets.sandbox.afterpay.com *.cash.app https:\/\/www.google.com *.doubleclick.net www.facebook.com *.affirm.com *.affirm.ca https:\/\/plumrocket.com *.livechatinc.com *.paypal.com *.kaptcha.com beaconlighting.api.useinsider.com *.addthis.com *.addthisedge.com *.pinterest.com *.cloudfront.net *.scarabresearch.com www.xtento.com connect.facebook.net graph.facebook.com business.facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com photos.pixlee.co https:\/\/accounts.google.com *.yotpo.com zip.co static.zip.co sandbox.zip.co zipmoney.com.au sandbox.zipmoney.com.au checkout.gb.zip.co checkout.quadpay.com checkout-sandbox.quadpay.com https:\/\/www.affirm.com\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io * *.afterpay.com\/ *.cash.app *.googleapis.com *.gstatic.com 'self' data: *.google.com *.google.bg www.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.affirm.com *.affirm.ca *.beaconlighting.com.au *.trackjs.com *.cdninstagram.com *.zipmoney.com.au *.magentosite.cloud *.stamped.io *.scarabresearch.com *.paypal.com *.api.useinsider.com *.pinterest.com *.cloudfront.net *.livechatinc.com blob: *.zip.co www.xtento.com cdn.xtento.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com connect.facebook.net graph.facebook.com business.facebook.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.pixlee.com *.yotpo.com dhv2ziothpgrr.cloudfront.net t.zip.co static.zipmoney.com.au static.zip.co https:\/\/web1.acsbapp.com\/ data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/api.addressfinder.io *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com https:\/\/portal.sandbox.afterpay.com https:\/\/portal.afterpay.com https:\/\/static.afterpay.com *.squarecdn.com https:\/\/hbiq.net polyfill.io *.googleapis.com https:\/\/www.gstatic.com https:\/\/www.google.com *.google.bg *.googletagmanager.com www.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.affirm.com *.affirm.ca s7.addthis.com iguana2.com *.stamped.io *.zipmoney.com.au foursixty.com *.trackjs.com *.bootstrapcdn.com *.livechatinc.com beaconlighting.api.useinsider.com *.addthis.com *.addthisedge.com z.moatads.com *.api.useinsider.com *.pinterest.com *.cloudfront.net *.scarabresearch.com *.zip.co www.xtento.com cdn.xtento.com chimpstatic.com downloads.mailchimp.com *.list-manage.com *.plugins.emarsys.net connect.facebook.net graph.facebook.com business.facebook.com *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.pxlecdn.com *.pixlee.com https:\/\/accounts.google.com https:\/\/cdn.searchspring.net\/intellisuggest\/is.min.js *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net static.zipmoney.com.au static.zip.co zip.co https:\/\/cdn1.affirm.com\/js\/v2\/affirm.js https:\/\/acsbapp.com\/ https:\/\/trx-cdn.zip.co\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/api.addressfinder.io *.cash.app static.afterpay.com\/ *.squarecdn.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.fontawesome.com *.bootstrapcdn.com *.stamped.io foursixty.com *.api.useinsider.com *.pinterest.com *.cloudfront.net *.livechatinc.com *.scarabresearch.com *.zip.co downloads.mailchimp.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com https:\/\/accounts.google.com https:\/\/www.gstatic.com *.yotpo.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/api.addressfinder.io * *.afterpay.com *.squarecdn.com https:\/\/hbiq.net https:\/\/iq.afterpay-beta.com https:\/\/iq.afterpay.com *.cash.app api.lab.amplitude.com *.algolia.net *.algolia.com *.algolianet.com *.googleapis.com *.google-analytics.com www.facebook.com *.facebook.net *.google.com *.affirm.com *.affirm.ca ekr.zdassets.com\/ *.bootstrapcdn.com *.zipmoney.com.au foursixty.com *.foursixty.com *.labs.au.edge.zip.co *.trackjs.com stamped.io *.livechatinc.com *.api.useinsider.com carrier.useinsider.com *.doubleclick.net *.pinterest.com *.cloudfront.net *.scarabresearch.com *.zip.co *.eservice.emarsys.net connect.facebook.net graph.facebook.com business.facebook.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com https:\/\/inbound-analytics.pixlee.com https:\/\/accounts.google.com https:\/\/beacon.searchspring.io\/beacon *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com https:\/\/cdn.acsbapp.com\/ https:\/\/trx.zip.co\/z\/t https:\/\/www.affirm.com\/ https:\/\/tracker.affirm.com\/ 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri https:\/\/www.affirm.com\/ 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com data: code.ionicframework.com maxcdn.bootstrapcdn.com media.flixfacts.com media.flixcar.com *.fontawesome.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.google.com media.flixcar.com *.zdassets.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.gstatic.com *.googleapis.com gateway.apaylater.com gateway.atome.sg media.flixcar.com *.flix360.com *.flix360.io 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-ds.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ gateway.apaylater.com gateway.atome.sg static.hotjar.com cdnjs.cloudflare.com js-agent.newrelic.com bam-cell.nr-data.net www.google.com www.gstatic.com media.flixcar.com media.flixfacts.com *.zendesk.com *.zdassets.com *.outbrain.com www.datadoghq-browser-agent.com *.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com gateway.apaylater.com gateway.atome.sg code.ionicframework.com *.freshchat.com maxcdn.bootstrapcdn.com media.flixcar.com *.fontawesome.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io commerce.adobe.net qa-api.magedevteam.com *.sentry.io *.googleapis.com bam-cell.nr-data.net *.google-analytics.com media.flixcar.com *.zendesk.com *.zdassets.com *.outbrain.com *.datadoghq.com browser-intake-datadoghq.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src https:\/\/*.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self' https:\/\/*.stripe.com 'self'; frame-src player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ bid.g.doubleclick.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' https:\/\/player.vimeo.com https:\/\/*.youtube.com https:\/\/bid.g.doubleclick.net https:\/\/td.doubleclick.net https:\/\/*.doubleclick.net https:\/\/www.paypal.com https:\/\/www.sandbox.paypal.com https:\/\/pilot-payflowlink.paypal.com https:\/\/*.stripe.com https:\/\/*.klarna.com https:\/\/*.klarnacdn.net https:\/\/*.klarnaevt.com https:\/\/www.googletagmanager.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: *.vimeocdn.com i.ytimg.com *.youtube.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com https:\/\/firebasestorage.googleapis.com blob: 'self' https:\/\/www.paypal.com https:\/\/www.sandbox.paypal.com https:\/\/www.paypalobjects.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/*.google.de https:\/\/*.stripe.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/*.clarity.ms data: 'self' 'unsafe-inline'; script-src *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.avada.io *.shopify.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com maps.googleapis.com www.gstatic.com 'self' https:\/\/esd.equipment https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.paypal.com https:\/\/*.stripe.com https:\/\/*.klarna.com https:\/\/cdn.ampproject.org https:\/\/*.newrelic.com https:\/\/*.nr-data.net https:\/\/s.ytimg.com https:\/\/*.doubleclick.net https:\/\/static.cloudflareinsights.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/bat.bing.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms 'self' 'unsafe-inline' 'unsafe-eval'; style-src https:\/\/*.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.stripe.network *.stripecdn.com *.amazon.com www.gstatic.com 'self' https:\/\/maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.newrelic.com *.nr-data.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/get.geojs.io *.avada.io *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com places.googleapis.com www.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.paypal.com https:\/\/*.stripe.com https:\/\/*.klarna.com https:\/\/*.klarnacdn.net https:\/\/*.klarnaevt.com https:\/\/*.google.com https:\/\/*.analytics.google.com https:\/\/*.newrelic.com https:\/\/*.nr-data.net https:\/\/google.com https:\/\/*.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/*.bing.com https:\/\/*.clarity.ms 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self';  script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/app.intercom.io https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com https:\/\/www.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/cdn.segment.com;  style-src 'self' 'unsafe-inline';  img-src 'self' blob: data: https:\/\/js.intercomcdn.com https:\/\/static.intercomassets.com https:\/\/downloads.intercomcdn.com https:\/\/downloads.intercomcdn.eu https:\/\/downloads.au.intercomcdn.com https:\/\/uploads.intercomusercontent.com https:\/\/gifs.intercomcdn.com https:\/\/video-messages.intercomcdn.com https:\/\/messenger-apps.intercom.io https:\/\/messenger-apps.eu.intercom.io https:\/\/messenger-apps.au.intercom.io https:\/\/*.intercom-attachments.com https:\/\/static.intercomassets.eu https:\/\/static.au.intercomassets.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.google.com https:\/\/*.doubleclick.net https:\/\/www.google.com.tr;  font-src 'self' https:\/\/js.intercomcdn.com https:\/\/fonts.intercomcdn.com;  connect-src 'self' https:\/\/api-iam.intercom.io https:\/\/api-iam.eu.intercom.io https:\/\/api-iam.au.intercom.io https:\/\/api-ping.intercom.io https:\/\/nexus-websocket-a.intercom.io wss:\/\/nexus-websocket-a.intercom.io https:\/\/nexus-websocket-b.intercom.io wss:\/\/nexus-websocket-b.intercom.io https:\/\/nexus-europe-websocket.intercom.io wss:\/\/nexus-europe-websocket.intercom.io https:\/\/nexus-australia-websocket.intercom.io wss:\/\/nexus-australia-websocket.intercom.io https:\/\/uploads.intercomcdn.com https:\/\/uploads.intercomcdn.eu https:\/\/uploads.au.intercomcdn.com https:\/\/uploads.eu.intercomcdn.com https:\/\/uploads.intercomusercontent.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/cdn.segment.com https:\/\/api.segment.io https:\/\/vitals.vercel-insights.com https:\/\/*.doubleclick.net https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net;  object-src 'none';  base-uri 'self';  form-action 'self' https:\/\/intercom.help https:\/\/api-iam.intercom.io https:\/\/api-iam.eu.intercom.io https:\/\/api-iam.au.intercom.io;  frame-src https:\/\/intercom-sheets.com https:\/\/www.intercom-reporting.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.net https:\/\/*.doubleclick.net;  worker-src 'self' https:\/\/intercom-sheets.com https:\/\/www.intercom-reporting.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.net;  media-src https:\/\/js.intercomcdn.com https:\/\/downloads.intercomcdn.com https:\/\/downloads.intercomcdn.eu https:\/\/downloads.au.intercomcdn.com;  frame-ancestors 'none';  manifest-src 'self' https:\/\/upstash.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubf6ba9bcf3c8946fb103ec6260f14c9ec&dd-evp-origin=content-security-policy&ddsource=csp-report; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/js.hsadspixel.net https:\/\/cognito-identity.eu-west-1.amazonaws.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/cdn.cookielaw.org http:\/\/cdn-4.convertexperiments.com https:\/\/cdn.yellowmessenger.com https:\/\/www.gstatic.com https:\/\/s.pinimg.com https:\/\/dx.mountain.com https:\/\/bat.bing.com https:\/\/www.redditstatic.com https:\/\/smct.co https:\/\/advertiserpro.flexoffers.com http:\/\/collector-22856.us.tvsquared.com https:\/\/share.iflyworld.com https:\/\/www.clarity.ms https:\/\/c.amazon-adsystem.com https:\/\/connect.facebook.net https:\/\/cdn.attn.tv http:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net http:\/\/origin-5.xtlo.net http:\/\/origin-2.xtlo.net http:\/\/origin-7.xtlo.net https:\/\/js.smct.io https:\/\/scripts.clarity.ms https:\/\/ct.pinterest.com http:\/\/px.mountain.com https:\/\/maps.googleapis.com https:\/\/gs.mountain.com https:\/\/js.hs-scripts.com https:\/\/js.hubspot.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.smct.co https:\/\/unpkg.com https:\/\/www.instagram.com https:\/\/capi-automation.s3.us-east-2.amazonaws.com; script-src-elem 'self' 'unsafe-inline' https:\/\/js.hsadspixel.net https:\/\/cognito-identity.eu-west-1.amazonaws.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/cdn.cookielaw.org http:\/\/cdn-4.convertexperiments.com https:\/\/cdn.yellowmessenger.com https:\/\/www.gstatic.com https:\/\/s.pinimg.com https:\/\/dx.mountain.com https:\/\/bat.bing.com https:\/\/www.redditstatic.com https:\/\/smct.co https:\/\/advertiserpro.flexoffers.com http:\/\/collector-22856.us.tvsquared.com https:\/\/share.iflyworld.com https:\/\/www.clarity.ms https:\/\/c.amazon-adsystem.com https:\/\/connect.facebook.net https:\/\/cdn.attn.tv http:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net http:\/\/origin-5.xtlo.net http:\/\/origin-2.xtlo.net http:\/\/origin-7.xtlo.net https:\/\/js.smct.io https:\/\/scripts.clarity.ms https:\/\/ct.pinterest.com http:\/\/px.mountain.com https:\/\/maps.googleapis.com https:\/\/gs.mountain.com https:\/\/js.hs-scripts.com https:\/\/js.hubspot.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/js.smct.co https:\/\/unpkg.com https:\/\/www.instagram.com https:\/\/capi-automation.s3.us-east-2.amazonaws.com https:\/\/apis.google.com https:\/\/cdn.segment.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.yellowmessenger.com https:\/\/fonts.googleapis.com https:\/\/unpkg.com https:\/\/www.gstatic.com; style-src-elem 'self' 'unsafe-inline' https:\/\/cdn.yellowmessenger.com https:\/\/fonts.googleapis.com https:\/\/unpkg.com https:\/\/www.gstatic.com https:\/\/www.paypalobjects.com; media-src 'self' blob: data: https:\/\/cdn-development-products.iflyworld.com https:\/\/cdn-production-products.iflyworld.com https:\/\/stable-baseball-0abcece43b.media.strapiapp.com https:\/\/patient-flower-5496d2d8a2.strapiapp.com; img-src 'self' data: https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/analytics.google.com https:\/\/bat.bing.com https:\/\/c.bing.com https:\/\/cdn-production-products.iflyworld.com https:\/\/cdn-development-products.iflyworld.com https:\/\/patient-flower-5496d2d8a2.media.strapiapp.com https:\/\/stable-baseball-0abcece43b.media.strapiapp.com https:\/\/patient-flower-5496d2d8a2.strapiapp.com https:\/\/cdn.cookielaw.org https:\/\/bidagent.xad.com https:\/\/alb.reddit.com http:\/\/collector-22856.us.tvsquared.com https:\/\/*.clarity.ms https:\/\/cdn.yellowmessenger.com https:\/\/googleads.g.doubleclick.net https:\/\/www.facebook.com https:\/\/events.smct.co https:\/\/stats.g.doubleclick.net https:\/\/perf-na1.hsforms.com https:\/\/www.googleadservices.com https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/track.hubspot.com https:\/\/connect.facebook.net https:\/\/events.attentivemobile.com https:\/\/fonts.gstatic.com https:\/\/px.premion.com https:\/\/region1.analytics.google.com https:\/\/storage.googleapis.com https:\/\/api.phia.com https:\/\/www.google.be https:\/\/www.google.ca https:\/\/www.google.co.za https:\/\/www.google.com.ec https:\/\/iflyworld-us.attn.tv https:\/\/www.google.es https:\/\/www.google.nl https:\/\/streetviewpixels-pa.googleapis.com https:\/\/khms0.googleapis.com https:\/\/khms1.googleapis.com https:\/\/lh3.googleusercontent.com https:\/\/lh3.ggpht.com https:\/\/www.paypalobjects.com https:\/\/pagead2.googlesyndication.com https:\/\/www.google.com.au https:\/\/www.google.co.uk https:\/\/www.google.co.in https:\/\/www.google.se https:\/\/www.google.com.mx https:\/\/www.google.com.ph https:\/\/www.google.com.pk https:\/\/www.google.com.sg https:\/\/www.google.com.tw https:\/\/www.google.bg https:\/\/www.google.com.ng https:\/\/www.google.com.co https:\/\/www.google.com.br https:\/\/www.google.pt https:\/\/www.google.ae https:\/\/www.google.com.vn https:\/\/www.google.hn https:\/\/www.google.bs https:\/\/www.google.no https:\/\/www.google.com.pr https:\/\/www.google.ro https:\/\/www.google.co.nz https:\/\/www.google.co.th https:\/\/www.google.co.jp https:\/\/www.google.dk https:\/\/www.google.fr https:\/\/www.google.it; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/cdn.yellowmessenger.com https:\/\/www.paypalobjects.com https:\/\/cdn.honey.io; connect-src 'self' https:\/\/s.pinimg.com https:\/\/cdn.yellowmessenger.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/stg-coreapi.iflyworld.com https:\/\/coreapi.iflyworld.com https:\/\/sgtm.iflyworld.com https:\/\/px.premion.com https:\/\/ct.pinterest.com https:\/\/c.amazon-adsystem.com https:\/\/s.amazon-adsystem.com https:\/\/ara.paa-reporting-advertising.amazon https:\/\/bat.bing.com https:\/\/pixel-config.reddit.com https:\/\/cdn.cookielaw.org https:\/\/r4.cloud.yellow.ai https:\/\/geolocation.onetrust.com https:\/\/events.attentivemobile.com https:\/\/www.googleadservices.com https:\/\/iflyworld-us.attn.tv https:\/\/*.clarity.ms https:\/\/cognito-identity.eu-west-1.amazonaws.com https:\/\/maps.googleapis.com wss:\/\/r4.cloud.yellow.ai https:\/\/browser-intake-datadoghq.com https:\/\/browser-intake-us3-datadoghq.com https:\/\/js.smct.io https:\/\/www.facebook.com https:\/\/cdn-4.convertexperiments.com https:\/\/firehose.eu-west-1.amazonaws.com https:\/\/mpc2-prod-29-is5qnl632q-uc.a.run.app https:\/\/privacyportal.onetrust.com https:\/\/googleads.g.doubleclick.net https:\/\/api.hubapi.com https:\/\/cta-service-cms2.hubspot.com https:\/\/aax-eu.amazon-adsystem.com https:\/\/bot-service.enegel.ai https:\/\/iflyworld.attn.tv https:\/\/js.smct.co https:\/\/100.20.58.101 https:\/\/18.210.229.244 https:\/\/3.212.39.155 https:\/\/34.215.155.61 https:\/\/35.160.46.251 https:\/\/35.85.84.151 https:\/\/44.212.189.233 https:\/\/44.228.85.26 https:\/\/44.238.122.172 https:\/\/52.22.50.55 https:\/\/52.71.121.170 https:\/\/54.156.2.105 https:\/\/pagead2.googlesyndication.com https:\/\/demo-1.conversionsapigateway.com https:\/\/bat.bing.net; frame-src 'self' https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/ct.pinterest.com https:\/\/sgtm.iflyworld.com https:\/\/d2d7do8qaecbru.cloudfront.net https:\/\/s.amazon-adsystem.com https:\/\/www.facebook.com https:\/\/ls.smct.io https:\/\/creatives.attn.tv https:\/\/www.instagram.com https:\/\/toolytics.pa.clients6.google.com https:\/\/6994014.fls.doubleclick.net; object-src 'none'; base-uri 'self'; worker-src 'self' blob:; child-src 'self' blob:; form-action 'self' https:\/\/booking.iflyworld.com https:\/\/www.facebook.com;","count":1},{"content-security-policy-report-only":" font-src https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com *.fontawesome.com https:\/\/cdnjs.cloudflare.com https:\/\/static.klaviyo.com *.typekit.net *.yotpo.com dhv2ziothpgrr.cloudfront.net www-wp.silencercentral.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.authorize.net *.yotpo.com www-wp.silencercentral.com 'self' 'unsafe-inline'; frame-ancestors *.authorize.net www-wp.silencercentral.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.certcapture.com https:\/\/elements.sandbox.fortis.tech https:\/\/elements.fortis.tech *.authorize.net *.yotpo.com www-wp.silencercentral.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ magefan.com cm.magefan.com store.paradoxlabs.com maps.gstatic.com https:\/\/*.ipredictive.com https:\/\/www.googletagmanager.com *.gleamjs.io *.gleam.io https:\/\/p.yotpoapi.com *.yotpo.com dhv2ziothpgrr.cloudfront.net www-wp.silencercentral.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ tagmanager.google.com https:\/\/www.googletagmanager.com *.certcapture.com https:\/\/developer.adobe.com https:\/\/magento.com https:\/\/cdn.avmws.com\/ http:\/\/cdn.avmws.com\/ https:\/\/js.sandbox.fortis.tech https:\/\/js.fortis.tech https:\/\/elements.sandbox.fortis.tech https:\/\/elements.fortis.tech https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ code.jquery.com cdnjs.cloudflare.com *.authorize.net maps.googleapis.com https:\/\/js.ipredictive.com *.gleamjs.io *.gleam.io cdn.popt.in https:\/\/silencer-central.chat.getzowie.com https:\/\/cdn.jsdelivr.net https:\/\/web-sdk.smartlook.com\/ *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net www-wp.silencercentral.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com *.certcapture.com https:\/\/static.klaviyo.com cdnjs.cloudflare.com *.typekit.net *.yotpo.com dhv2ziothpgrr.cloudfront.net www-wp.silencercentral.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/silencer-central.chat.getzowie.com www-wp.silencercentral.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io https:\/\/www.google-analytics.com *.certcapture.com https:\/\/developer.adobe.com https:\/\/cdn.avmws.com\/ http:\/\/cdn.avmws.com\/ https:\/\/elements.sandbox.fortis.tech https:\/\/elements.fortis.tech https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.authorize.net maps.googleapis.com https:\/\/www.google.com https:\/\/silencer-central.chat.getzowie.com https:\/\/manager.eu.smartlook.cloud *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com www-wp.silencercentral.com 'self' 'unsafe-inline'; child-src www-wp.silencercentral.com http: https: blob: 'self' 'unsafe-inline'; default-src www-wp.silencercentral.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" base-uri 'self'; form-action 'self'; default-src 'self'; connect-src 'self' data: https:\/\/stats.nederhost.nl\/ https:\/\/zammad.nederhost.nl\/ wss:\/\/zammad.nederhost.nl\/; frame-ancestors 'none'; frame-src 'self'; img-src 'self' data:; report-to csp-endpoint; report-uri \/_\/report_csp_violation; script-src 'self' 'nonce-XdSt1tE7EJw65EDP' 'unsafe-eval' https:\/\/stats.nederhost.nl\/ https:\/\/cdn.matomo.cloud\/stats.nederhost.nl\/ https:\/\/zammad.nederhost.nl\/; style-src 'self' data: 'nonce-XdSt1tE7EJw65EDP' https:\/\/zammad.nederhost.nl\/; style-src-attr 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.authorize.net *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.authorize.net 'self'; frame-src www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.authorize.net *.wesupply.xyz https:\/\/wesupplylabs.com *.weltpixel.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io magefan.com cm.magefan.com *.alothemes.com *.magepow.com *.gstatic.com *.facebook.com *.reddit.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ widget.freshworks.com m2epro.freshdesk.com *.alothemes.com *.magepow.com *.authorize.net *.cloudflare.com https:\/\/www.googletagmanager.com tagmanager.google.com analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com unpkg.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src widget.freshworks.com m2epro.freshdesk.com *.fontawesome.com *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com widget.freshworks.com m2epro.freshdesk.com *.alothemes.com *.magepow.com *.authorize.net *.google-analytics.com analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.doubleclick.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:; img-src 'self' https: assets.braintreegateway.com checkout.paypal.com bam.nr-data.net staging.shirtspace.com *.googletagmanager.com data:; font-src 'self' *.typekit.net cdn.shirtspace.com *.gstatic.com *.googleapis.com *.acsbapp.com data:; object-src 'none'; script-src 'self' 'unsafe-eval' *.google-analytics.com *.google.com *.googletagmanager.com *.gstatic.com *.googleadservices.com *.g.doubleclick.net *.googlecommerce.com *.newrelic.com bam.nr-data.net *.braintreegateway.com www.paypalobjects.com *.paypal.com c.paypal.com widget.trustpilot.com connect.facebook.net graph.facebook.com bat.bing.com s.yimg.com sp.analytics.yahoo.com *.pinterest.com *.pinimg.com device.maxmind.com *.typekit.net cdn.jsdelivr.net *.honeybadger.io *.ckeditor.com io.clickguard.com acsbapp.com sc-static.net api.ipify.org cdnjs.cloudflare.com *.easysize.me *.klaviyo.com unleash.shirtspace.com unpkg.com *.frontapp.com cdn.shirtspace.com 'nonce-'; style-src 'self' cdn.shirtspace.com *.googleapis.com *.typekit.net *.typeform.com *.ckeditor.com cdnjs.cloudflare.com *.easysize.me *.klaviyo.com 'unsafe-inline' 'nonce-'; child-src 'self' assets.braintreegateway.com c.paypal.com; frame-src 'self' assets.braintreegateway.com *.paypal.com widget.trustpilot.com www.facebook.com *.g.doubleclick.net *.google.com *.googletagmanager.com *.pinterest.com www.youtube.com *.acsbapp.com accessibe.com player.vimeo.com tr.snapchat.com tpc.googlesyndication.com *.easysize.me *.typeform.com; connect-src 'self' *.braintreegateway.com 'unsafe-inline' *.google-analytics.com *.g.doubleclick.net *.google.com *.braintree-api.com *.paypal.com *.pinterest.com *.mmapiws.com widget.trustpilot.com *.typekit.net www.facebook.com s.yimg.com http:\/\/localhost:3035 ws:\/\/localhost:3035 *.acsbapp.com io.clickguard.com bam.nr-data.net *.klaviyo.com *.easysize.me unleash.shirtspace.com cdn.shirtspace.com","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bing.com *.braintreegateway.com *.cardinalcommerce.com *.doubleclick.net *.dwin1.com *.facebook.net *.getwisp.co *.google.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.helpscout.net *.klaviyo.com *.paypal.com *.roeyecdn.com *.trustpilot.com *.wisepops.com *.wisepops.net *.youtube.com cdn-cookieyes.com wisepops.net; style-src 'self' 'unsafe-inline' *.fontawesome.com *.googleapis.com *.gstatic.com; img-src 'self' data: *.awin1.com *.bing.com *.bing.net *.doubleclick.net *.facebook.com *.google.com *.google.co.uk *.googleadservices.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.paypal.com *.roeye.com *.wisepops.com *.youtube.com *.ytimg.com cdn-cookieyes.com image-charts.com; font-src 'self' *.fontawesome.com *.gstatic.com; frame-src 'self' *.bing.com *.braintreegateway.com *.cardinalcommerce.com *.doubleclick.net *.facebook.com *.getwisp.co *.google.com *.googletagmanager.com *.trustpilot.com *.wisepops.com *.wisepops.net *.youtube.com wisepops.net; connect-src 'self' *.bing.com *.bing.net *.braintree-api.com *.braintreegateway.com *.cardinalcommerce.com *.cookieyes.com *.doubleclick.net *.facebook.com *.google-analytics.com *.google.com *.googlesyndication.com *.helpscout.net *.klaviyo.com *.paypal.com *.wisepops.com *.wisepops.net cdn-cookieyes.com google.com wisepops.net; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests; report-uri https:\/\/b965d175-0c60-4d34-b3f2-c7244d93f81a.sansec.watch\/; media-src 'self'; object-src 'none'; worker-src 'self'; manifest-src 'self';","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com https:\/\/www.facebook.com\/tr\/ 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.gstatic.com landofcoder.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.googleapis.com *.gstatic.com https:\/\/www.facebook.com *.taggrs.io data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com *.googleapis.com *.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com *.croapp.net https:\/\/unpkg.com landofcoder.com *.taggrs.io 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline fonts.googleapis.com *.fontawesome.com *.googleapis.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.googleapis.com https:\/\/analytics.ringostat.net https:\/\/region1.analytics.google.com https:\/\/sst.kuz.ua https:\/\/www.google.com https:\/\/www.gstatic.com landofcoder.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'nonce-vlS4LI21B7RzfO-8LFrGQsOb' 'strict-dynamic' http: https:; base-uri 'none';","count":1},{"content-security-policy-report-only":" script-src 'self' padlet.net maps.googleapis.com apis.google.com ta-echo.padlet.com api.commandbar.com cdn.commandbar.com app.getbeamer.com challenges.cloudflare.com embed.cloudflarestream.com cdn.usefathom.com blob: 'unsafe-inline' 'unsafe-eval'; style-src 'self' padlet.net fonts.googleapis.com cdn.commandbar.com app.getbeamer.com 'unsafe-inline'; font-src 'self' padlet.net fonts.gstatic.com data:; report-uri https:\/\/padlet.com\/csp-report;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.gq.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.pixum.com;base-uri 'self';img-src 'self' https:\/\/assets.pixum.com https:\/\/cdn.pixum.com https:\/\/pixum-cms.imgix.net data: blob: https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.pixum.com https:\/\/app.usercentrics.eu https:\/\/gmm9n9.pixum.de https:\/\/bn3mcl4n8l.kameleoon.eu https:\/\/*.trustpilot.com https:\/\/widgets.trustedshops.com https:\/\/*.clarity.ms https:\/\/*.scarabresearch.com https:\/\/storage.googleapis.com\/photo-prints-journey-builds\/ https:\/\/*.pagent.ai https:\/\/spot.photoprintit.com https:\/\/www.paypal.com\/sdk\/js https:\/\/website-overlay.zenloop.com https:\/\/unpkg.com\/web-vitals@3\/dist\/web-vitals.iife.js https:\/\/zenloop-website-overlay-production.s3.amazonaws.com https:\/\/tag.mention-me.com https:\/\/static.mention-me.com https:\/\/pixum-assets.imgix.net https:\/\/unpkg.com\/core-js-bundle@3.16.2\/index.js https:\/\/tcan97.pixum.co.uk;connect-src 'self' https:\/\/*.pixum.com https:\/\/*.pixum-api.com https:\/\/api.usercentrics.eu https:\/\/gmm9n9.pixum.de https:\/\/bn3mcl4n8l.kameleoon.eu https:\/\/eu-data.kameleoon.eu https:\/\/pixum-assets.imgix.net https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/storage.googleapis.com\/pixum-api-images\/ https:\/\/*.clarity.ms https:\/\/webchannel-content.eservice.emarsys.net https:\/\/*.scarabresearch.com wss:\/\/peer-service.pixum-api.com https:\/\/www.pixum.be\/5fixu6 https:\/\/www.pixum.co.uk\/tcan97 https:\/\/tcan97.pixum.co.uk https:\/\/api.zenloop.com https:\/\/channels-api.zenloop.com https:\/\/website-overlay.zenloop.com https:\/\/graphql.usercentrics.eu https:\/\/tag.mention-me.com https:\/\/www.paypal.com\/xoplatform\/logger\/api\/logger https:\/\/guarantee-log.trustedshops.com https:\/\/*.pagent.ai https:\/\/aggregator.service.usercentrics.eu wss:\/\/chatbot-de.photoprintit.com https:\/\/trustbadge.api.etrusted.com https:\/\/shops-si.trustedshops.com https:\/\/pixum-cms.imgix.net https:\/\/photospicker.googleapis.com\/v1\/sessions\/ blob: data: https:\/\/api.trustedshops.com\/rest\/internal\/ https:\/\/api.trustbadge.etrusted.com\/accounts\/ https:\/\/data.kameleoon.eu https:\/\/mention-me.com\/api\/v2\/event\/ https:\/\/gum.criteo.com https:\/\/www.gstatic.com\/draco\/versioned\/decoders\/1.4.1\/ https:\/\/faro-collector-prod-eu-west-0.grafana.net\/collect\/ https:\/\/sdk-config.kameleoon.eu;style-src 'self' 'unsafe-inline' https:\/\/*.pixum.com;media-src 'self' data: https:\/\/cdn.pixum.com;font-src 'self' data: https:\/\/*.pixum.com https:\/\/assets.zenloop.com;frame-src 'self' https:\/\/widget.trustpilot.com https:\/\/dls.photoprintit.com https:\/\/mention-me.com https:\/\/www.youtube.com https:\/\/www.paypal.com blob:;worker-src 'self' blob:;child-src 'self' blob:; report-to csp-report-only; report-uri https:\/\/psi.pixum.com\/?ns=content-security-policy-report-only&service=base&module=status&action=report","count":1},{"content-security-policy-report-only":" img-src 'self' live.ternbicycles.com staging.ternbicycles.com dev.ternbicycles.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com *.googleusercontent.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.cloudflare.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com *.google.com https:\/\/*.ggpht.com *.googleusercontent.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/unpkg.com s3.amazonaws.com; script-src-attr 'self'; script-src-elem 'self' https:\/\/www.clarity.ms\/s\/0.8.1\/clarity.js https:\/\/www.googletagmanager.com https:\/\/cdn.fonts.net\/ https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/unpkg.com s3.amazonaws.com; style-src 'self' https:\/\/cdnjs.cloudflare.com; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https:\/\/ajax.cloudflare.com https:\/\/cdnjs.cloudflare.com; frame-ancestors 'self'; require-trusted-types-for 'script'","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klarnacdn.net https:\/\/fonts.gstatic.com data: *.klevu.com *.flixcar.com *.flixfacts.com https:\/\/bf-content.elon.se https:\/\/c.bannerflow.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.klarna.com *.klevu.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/briqpay.test *.briqpay.com *.klarna.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.hotjar.com *.klarnaservices.com *.ingrid.com *.klarnaevt.com *.dibspayment.eu 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.adnxs.com *.omtrdc.net *.bing.com *.cloudflare.com *.cookiebot.com *.elongroup.se *.elon.se elon.se *.facebook.com *.googleadservices.com *.google-analytics.com *.google.se *.googletagmanager.com *.googleapis.com *.imbox.io *.klevu.com *.klarnaservices.com *.vaimo.net *.ytimg.com *.pricerunner.se *.flixcar.com *.flixfacts.com *.flix360.com *.flix360.io *.jwpsrv.com *.jwplayer.com *.uc.se *.prisjakt.no *.googlesyndication.com *.where-to-buy.co *.clarity.ms *.doubleclick.net *.dialogtrail.com *.lemonpi.io *.facebook.net *.reddit.com *.elon.no *.wistia.com *.videoly.co https:\/\/where-to-buy.co https:\/\/bf-content.elon.se https:\/\/c.bannerflow.net js.live.kustom.co js.playground.kustom.co data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/briqpay.test *.briqpay.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.adnxs.com *.bing.com *.clarity.ms *.cookiebot.com *.depict.ai *.elongroup.se *.facebook.net *.googletagmanager.com *.googleapis.com *.hotjar.com *.imbox.io *.klevu.com *.myvisitors.se *.oribi.io *.pertento.ai *.pinimg.com *.pinterest.com *.testfreaks.com *.charpstar.net *.flixfacts.com *.loadbee.com *.flix360.io *.flixcar.com *.unpkg.com *.dialogtrail.com *.adform.net *.elon.se *.cloudfront.net *.videoly.co *.scaleflex.it *.redditstatic.com *.voyado.com https:\/\/unpkg.com https:\/\/bf-content.elon.se https:\/\/c.bannerflow.net js.live.kustom.co js.playground.kustom.co js.adsrvr.org *.redeal.se blob: *.ingrid.com *.klarnaevt.com https:\/\/www.elon.se 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src *.adobe.com fonts.googleapis.com *.klarnacdn.net https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com assets.braintreegateway.com *.depict.ai *.dibspayment.eu *.googleapis.com *.gstatic.com *.klevu.com *.flixcar.com https:\/\/www.elon.se 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.flixcar.com blob: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/ipinfo.io https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.adnxs.com *.demdex.net *.clarity.ms *.cookiebot.com *.depict.ai *.dibspayment.eu *.google-analytics.com *.g.doubleclick.net *.hotjar.com *.hotjar.io *.klarnauserservices.com *.ksearchnet.com *.pertento.ai *.pinterest.com security-hub.vaimo.network *.vaimo.net *.apptus.cloud *.iconify.design *.dialogtrail.com *.flix360.io *.charpstar.net *.loadbee.com *.flixcar.com *.googlesyndication.com *.elon.no *.bing.com *.facebook.com *.reddit.com *.unisvg.com *.testfreaks.com wss:\/\/ws.depict.ai wss:\/\/headless.dialogtrail.com https:\/\/bf-content.elon.se https:\/\/c.bannerflow.net js.live.kustom.co js.playground.kustom.co ad.doubleclick.net insight.adsrvr.org *.voyado.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com cash-f.squarecdn.com fonts.googleapis.com *.googleapis.com data: *.fontawesome.com *.oct8ne.com oct8necdneu.azureedge.net blob: *.yotpo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * https:\/\/plumrocket.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com * www.google.com *.certcapture.com www.xtento.com https:\/\/plumrocket.com js.mollie.com *.oct8ne.com static-eu.oct8ne.com *.yotpo.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net * https:\/\/images.unsplash.com maps.googleapis.com maps.gstatic.com *.googleapis.com *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ blob: www.xtento.com cdn.xtento.com https:\/\/maps.gstatic.com https:\/\/purecatamphetamine.github.io https:\/\/cdnjs.cloudflare.com https:\/\/www.mollie.com *.oct8ne.com static-eu.oct8ne.com oct8necdneu.azureedge.net *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com beacon-qa.magento-datasolutions.com beacon-stage.magento-ds.com beacon.magento-ds.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/rum.hlx.page maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.xtento.com cdn.xtento.com js.mollie.com *.oct8ne.com static-eu.oct8ne.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.cash.app *.certcapture.com https:\/\/static.klaviyo.com *.fontawesome.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/www.youtube.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.snplow.net commerce.adobedc.net p13n-mr.adobe.io *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.adobedc.net *.demdex.net *.magento-datasolutions.com *.magento-ds.com * https:\/\/maps.googleapis.com https:\/\/player.vimeo.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.certcapture.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/ipinfo.io\/json *.oct8ne.com static-eu.oct8ne.com *.yotpo.com 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" worker-src blob:; font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/fonts.gstatic.com data: https:\/\/ws.colissimo.fr https:\/\/static.lyra.com\/static\/ *.stape.io *.fontawesome.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/fonts.googleapis.com fonts.googleapis.com fonts.axept.io *.cdn-apple.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/api.lyra.com\/api-payment\/ https:\/\/static.lyra.com\/static\/ 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com self www.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.instagram.com www.google.com https:\/\/www.youtube.com https:\/\/form.typeform.com https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/static.lyra.com\/static\/ *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com *.stape.io www.gstatic.com apis.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * sibautomation.com api.socloz.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.googleapis.com *.cdninstagram.com a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/ws.colissimo.fr https:\/\/*.tile.openstreetmap.fr https:\/\/*.onyourmap.com https:\/\/google.fr https:\/\/secure.lyra.com\/static\/latest\/images\/type-carte\/ https:\/\/static.lyra.com\/static\/ https:\/\/secure.lyra.com\/vads-payment\/ magefan.com cm.magefan.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.doubleclick.net *.googletagmanager.com *.stape.io https:\/\/firebasestorage.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.openstreetmap.org maps.googleapis.com maps.gstatic.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com placehold.co axeptio.imgix.net *.bing.com pagead2.googlesyndication.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com *.instagram.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com https:\/\/api.lyra.com\/api-payment\/ https:\/\/static.lyra.com\/static\/ *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com *.doubleclick.net *.stape.io https:\/\/static.addtoany.com *.avada.io *.shopify.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/maps.gstatic.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com analytics.ahrefs.com *.axept.io *.bing.com *.brevo.com sibautomation.com *.socloz.com analytics.passionbeaute.fr passionbeauteconnect.fr *.wonderpush.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/fonts.googleapis.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com https:\/\/static.lyra.com\/static\/ *.googleapis.com *.googletagmanager.com *.stape.io *.fontawesome.com *.google.com *.gstatic.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com assets.braintreegateway.com fonts.axept.io passionbeauteconnect.fr 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline';, connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com https:\/\/ws.colissimo.fr https:\/\/maps.googleapis.com https:\/\/nominatim.openstreetmap.org https:\/\/*.onyourmap.com https:\/\/*.mapbox.com https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/api.lyra.com\/api-payment\/ *.doubleclick.net *.googlesyndication.com https:\/\/www.merchant-center-analytics.goog *.stape.io http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/get.geojs.io *.avada.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com maps.googleapis.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com analytics.ahrefs.com *.axept.io *.bing.com *.brevo.com analytics.passionbeaute.fr 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/api.lyra.com\/api-payment\/ https:\/\/static.lyra.com\/static\/ *.axept.io fonts.axept.io axeptio.imgix.net *.stape.io analytics.ahrefs.com analytics.passionbeaute.fr *.google-analytics.com *.analytics.google.com *.googleapis.com apis.google.com *.gstatic.com *.googlesyndication.com *.doubleclick.net *.googletagmanager.com www.googleadservices.com *.google.com www.google.com *.google.fr *.google.de *.google.co.uk *.google.be *.google.nl *.google.it *.google.com.ua https:\/\/www.merchant-center-analytics.goog https:\/\/firebasestorage.googleapis.com connect.facebook.net www.facebook.com graph.facebook.com business.facebook.com *.instagram.com *.cdninstagram.com api.braintreegateway.com api.sandbox.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com www.paypalobjects.com b.stats.paypal.com dub.stats.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com pay.google.com *.cardinalcommerce.com *.arcot.com 3ds-secure.cardcomplete.com acs.sia.eu rsa3dsauth.com *.wirecard.com *.wlp-acs.com www.clicksafe.lloydstsb.com www.securesuite.co.uk *.touchtechpayments.com www.commercepartnerhub.com pay.activa-card.com *.youtube.com *.youtube-nocookie.com i.ytimg.com s.ytimg.com vimeo.com www.vimeo.com player.vimeo.com *.vimeocdn.com https:\/\/api.mapbox.com https:\/\/*.mapbox.com *.openstreetmap.org https:\/\/*.tile.openstreetmap.fr https:\/\/nominatim.openstreetmap.org https:\/\/*.onyourmap.com https:\/\/get.geojs.io *.bing.com *.brevo.com sibautomation.com *.socloz.com api.socloz.com *.wonderpush.com passionbeauteconnect.fr *.cdn-apple.com https:\/\/ws.colissimo.fr magefan.com cm.magefan.com https:\/\/fonts.bunny.net *.fontawesome.com maxcdn.bootstrapcdn.com *.monzo.com *.shopify.com placehold.co *.avada.io http:\/\/dpm.demdex.net https:\/\/*.typeform.com https:\/\/secure.lyra.com\/static\/latest\/images\/type-carte\/ data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-jiW8eMFvt9RcyGtciaucvQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss:\/\/*.xenzonegroup.com wss:\/\/*.twilio.com *.snapchat.com media.twiliocdn.com flex-api.twilio.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com www.googletagmanager.com *.doubleclick.net connect.facebook.net sc-static.net *.snapchat.com media.twiliocdn.com flex-api.twilio.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com https:\/\/next-serenity.koothapi.com wss:\/\/*.xenzonegroup.com wss:\/\/*.twilio.com *.analytics.google.com *.google-analytics.com *.snapchat.com media.twiliocdn.com flex-api.twilio.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com www.googletagmanager.com *.doubleclick.net *.snapchat.com; object-src 'none'; report-uri https:\/\/o367623.ingest.sentry.io\/api\/5691169\/security\/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ceYfByM4tQrLRpXpZlagFQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.geelongadvertiser.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-0JLDQYXHGBradiagAKL6wQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.dm-drogeriemarkt.ro https:\/\/mpsnare.iesnare.com https:\/\/omt.dm.ro https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.dm.ro https:\/\/www.google.com https:\/\/www.gstatic.com; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.dm-drogeriemarkt.ro https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.dm.ro https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.dm.ro https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.dm.ro https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.dm.ro; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.dm-drogeriemarkt.ro https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.dm.ro https:\/\/app.datadoghq.eu https:\/\/checkout.dm.ro https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.dm.ro https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.dm.ro https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.dm.ro https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.dm.ro https:\/\/player.podigee-cdn.net https:\/\/sandbox.om.dm.ro https:\/\/signin.dm.ro https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.dm-drogeriemarkt.ro; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":1},{"content-security-policy-report-only":" default-src https:\/\/*.rsync.net:443 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:","count":1},{"content-security-policy-report-only":" font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ chimpstatic.com downloads.mailchimp.com *.list-manage.com js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com downloads.mailchimp.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.p.zjptg.com https:\/\/www.dwin2.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.kqzyfj.com https:\/\/*.anrdoezrs.net https:\/\/cdn.datatables.net; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/cdnjs.cloudflare.com; img-src 'self' https:\/\/howtostartanllc.com https:\/\/logomakercdn.truic.com https:\/\/www.facebook.com https:\/\/*.pxf.io data:; frame-src https:\/\/www.youtube.com https:\/\/www.facebook.com https:\/\/www.googletagmanager.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' pdfconvertertools.com *.pdfconvertertools.com *.google.com *.youtube.com *.facebook.com *.amazon.com sentry-cdn.com *.ingest.sentry.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: pdfconvertertools.com *.pdfconvertertools.com *.google.com *.youtube.com *.facebook.com *.amazon.com cdnjs.cloudflare.com js.sentry-cdn.com *.sentry-cdn.com chrome-extension: *.googletagmanager.com *.doubleclick.net *.googleadservices.com; style-src 'self' 'unsafe-inline' pdfconvertertools.com fonts.googleapis.com cdnjs.cloudflare.com; font-src 'self' data: fonts.gstatic.com fonts.googleapis.com cdnjs.cloudflare.com; media-src 'self' data: blob:; img-src 'self' data: https: chrome-extension: pdfconvertertools.com *.pdfconvertertools.com *.google.com *.youtube.com *.facebook.com *.amazon.com storage.googleapis.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com; frame-src 'self' pdfconvertertools.com *.pdfconvertertools.com *.google.com *.youtube.com *.facebook.com *.amazon.com *.googletagmanager.com *.doubleclick.net; report-uri \/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self' static.hebban.nl www.hebban.nl browser.sentry-cdn.com *.ingest.us.sentry.io www.google.com consentcdn.cookiebot.com analytics.ahrefs.com region1.google-analytics.com region1.analytics.google.com www.googletagmanager.com *.aso1.net euc-widget.freshworks.com cpnb.freshdesk.com pagead2.googlesyndication.com scripts.simpleanalyticscdn.com queue.simpleanalyticscdn.com;style-src *  'unsafe-inline'; img-src * 'self' data: ;font-src *; frame-src consentcdn.cookiebot.com *.doubleclick.net www.google.com www.googletagmanager.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' hebbandemo.nl www.hebbandemo.nl www.gstatic.com google.com www.google.com hebbanstatic.yunademo.nl static.hebban.nl consent.cookiebot.com consentcdn.cookiebot.com js.sentry-cdn.com browser.sentry-cdn.com hebban.yunademo.nl www.hebban.nl *.google-analytics.com *.googletagmanager.com *.chartbeat.com sb.scorecardresearch.com *.hotjar.com track.adform.net connect.facebook.net *.doubleclick.net analytics.ahrefs.com *.aso1.net euc-widget.freshworks.com scripts.simpleanalyticscdn.com;worker-src 'self' blob:;media-src *;frame-ancestors *;","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com *.accelasearch.io *.googleapis.com *.gstatic.com *.fontawesome.com maxcdn.bootstrapcdn.com cdn.motoabbigliamento.it *.scalapay.com data: 'self' 'unsafe-inline'; form-action * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src * 'self' 'unsafe-inline'; img-src *.doubleclick.net assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com www.google.com *.analytics.google.com www.googletagmanager.com www.paypalobjects.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.accelasearch.io https:\/\/images.unsplash.com *.gstatic.com *.googleapis.com assets.braintreegateway.com *.paypal.com https:\/\/www.mollie.com cdn.motoabbigliamento.it *.facebook.com *.bing.net *.scalapay.com data: 'self' 'unsafe-inline'; script-src *.cardinalcommerce.com *.braintreegateway.com *.google.com assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.googletagmanager.com *.newrelic.com *.nr-data.net includestest.ccdc02.com www.paypalobjects.com s.ytimg.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.accelasearch.io *.googleapis.com *.gstatic.com *.paypal.com js.mollie.com cdn.motoabbigliamento.it *.cookiebot.com *.bing.com *.clarity.ms *.facebook.net *.scalapay.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.accelasearch.io *.fontawesome.com assets.braintreegateway.com maxcdn.bootstrapcdn.com cdn.motoabbigliamento.it *.scalapay.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.braintreegateway.com dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.paypalobjects.com *.accelasearch.io https:\/\/player.vimeo.com *.googleapis.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.googlesyndication.com *.cookiebot.com *.bing.net *.clarity.ms *.scalapay.com *.gstatic.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com *.gstatic.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cybersource.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.weltpixel.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.cybersource.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.googletagmanager.com *.doubleclick.net *.typeform.com *.yotpo.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com *.online-metrix.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/dev.visualwebsiteoptimizer.com *.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com *.yotpo.com dhv2ziothpgrr.cloudfront.net https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com https:\/\/rum.hlx.page https:\/\/fmgaggi.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.disqus.com *.cardinalcommerce.com *.cardinaltrusted.com *.online-metrix.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/dev.visualwebsiteoptimizer.com *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net https:\/\/cdn-scripts.signifyd.com https:\/\/cdn-scripts.signifyd.com\/api\/script-tag.js https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io https:\/\/fmgaggi.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.cardinalcommerce.com *.cardinaltrusted.com *.online-metrix.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.google.com google.com https:\/\/dev.visualwebsiteoptimizer.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src data: *.gstatic.com oct8necdneu.azureedge.net *.oct8ne.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com accounts.google.com api.twitter.com www.linkedin.com api.instagram.com *.amazon.com *.twitch.tv login.microsoftonline.com https:\/\/pinterest.com https:\/\/www.pinterest.com appleid.apple.com sis-t.redsys.es:* sis.redsys.es sis-t.sermepa.es:* sis.sermepa.es *.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.googleapis.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.vimeo.com *.oct8ne.com *.marvimundo.es *.marvimundo.com *.asesorcoloracion.es *.asesordecuidado.es *.diadermine.es *.ekomi.es *.jebbit.com *.reskyt.com *.cookiebot.com *.facebook.com *.doubleclick.net *.sequrapi.com www.xtento.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com js.monei.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com *.google.com *.google.es *.google.com.br *.gstatic.com *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net oct8necdneu.azureedge.net *.oct8ne.com *.cookiebot.com *.google.com.ua *.facebook.com *.bing.com *.ggpht blob: *.marvimundo.com *.ekomiapps.de cdn.doofinder.com *.clarity.ms *.rawgit.com *.jsdelivr.net *.doubleclick.net *.connectif.cloud *.google.sm *.google.sk *.google.si *.google.se *.google.rs *.google.ro *.google.pt *.google.pl *.google.no *.google.me *.google.lv *.google.lu *.google.lt *.google.li *.google.it *.google.is *.google.ie *.google.hu *.google.hr *.google.gr *.google.fr *.google.fi *.google.ee *.google.de *.google.cz *.google.com.mt *.google.com.gi *.google.co.uk *.google.ch *.google.bg *.google.be *.google.at *.google.ad www.xtento.com cdn.xtento.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com maps.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.facebook.net connect.facebook.net graph.facebook.com business.facebook.com polyfill.io *.googleapis.com *.google.com *.google.es *.google.com.br *.gstatic.com *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.cookiebot.com *.oct8ne.com *.adyen.com *.webeyez.com *.nr-data.net *.bing.com *.googlesyndication.com blob: *.marvimundo.com *.ekomiapps.de *.cloudflare.com *.cloudflareinsights.com *.newrelic.com *.facebook.com *.clarity.ms *.doofinder.com *.connectif.cloud *.doubleclick.net *.google.sm *.google.sk *.google.si *.google.se *.google.rs *.google.ro *.google.pt *.google.pl *.google.no *.google.me *.google.lv *.google.lu *.google.lt *.google.li *.google.it *.google.is *.google.ie *.google.hu *.google.hr *.google.gr *.google.fr *.google.fi *.google.ee *.google.de *.google.cz *.google.com.ua *.google.com.mt *.google.com.gi *.google.co.uk *.google.ch *.google.bg *.google.be *.google.at *.google.ad *.sequrapi.com *.hotjar.com www.xtento.com cdn.xtento.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com maps.googleapis.com js.monei.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.ekomiapps.de *.doofinder.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.google.com *.google.es *.google.com.br *.googletagmanager.com *.google-analytics.com *.g.doubleclick.net *.oct8ne.com *.adyen.com *.googleapis.com *.webeyez.com cognito-identity.eu-west-1.amazonaws.com firehose.eu-west-1.amazonaws.com *.trackingplan.com *.nr-data.net *.cookiebot.com *.googlesyndication.com *.bing.com *.marvimundo.com *.ekomiapps.de *.cloudflare.com *.cloudflareinsights.com *.newrelic.com *.doofinder.com wss:\/\/*.doofinder.com *.clarity.ms *.connectif.cloud *.facebook.com *.doubleclick.net *.google.sm *.google.sk *.google.si *.google.se *.google.rs *.google.ro *.google.pt *.google.pl *.google.no *.google.me *.google.lv *.google.lu *.google.lt *.google.li *.google.it *.google.is *.google.ie *.google.hu *.google.hr *.google.gr *.google.fr *.google.fi *.google.ee *.google.de *.google.cz *.google.com.ua *.google.com.mt *.google.com.gi *.google.co.uk *.google.ch *.google.bg *.google.be *.google.at *.google.ad *.sequrapi.com eu1-search.doofinder.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com api.monei.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https: 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src https:\/\/fonts.gstatic.com *.gstatic.com *.bootstrapcdn.com *.tawk.to data: eadn-wc05-6548239.nxedge.io *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.tawk.to *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.affirm.com *.affirm.ca *.weltpixel.com *.tawk.to static.addtoany.com *.braintreegateway.com eadn-wc05-6548239.nxedge.io *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.googleapis.com *.gstatic.com *.affirm.com *.affirm.ca cdn.jsdelivr.net *.tawk.to *.google.com *.google.ca eadn-wc05-6548239.nxedge.io https:\/\/firebasestorage.googleapis.com *.facebook.com flagpedia.net tawk.link s3.amazonaws.com\/ *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com *.affirm.com *.affirm.ca *.kaptcha.com *.tawk.to cdn.jsdelivr.net static.addtoany.com graph.facebook.com eadn-wc05-6548239.nxedge.io *.avada.io *.shopify.com maps.googleapis.com *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline assets.braintreegateway.com fonts.googleapis.com *.googleapis.com *.bootstrapcdn.com cdn.jsdelivr.net eadn-wc05-6548239.nxedge.io *.fontawesome.com https:\/\/fonts.bunny.net *.addtoany.com maxcdn.bootstrapcdn.com *.gstatic.com *.tawk.to *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.tawk.to tawk.link 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.googleapis.com *.affirm.com *.affirm.ca *.kaptcha.com *.google-analytics.com stats.g.doubleclick.net *.tawk.to wss:\/\/*.tawk.to eadn-wc05-6548239.nxedge.io https:\/\/get.geojs.io *.avada.io http:\/\/dpm.demdex.net www.gstatic.com maps.googleapis.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com maxcdn.bootstrapcdn.com *.revolut.com *.google.com google.com *.cdn-apple.com pay.google.com geowidget.easypack24.net 'self' data: https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com sandbox.przelewy24.pl secure.przelewy24.pl 'self' 'unsafe-inline'; frame-ancestors pay.google.com *.revolut.com *.google.com *.cdn-apple.com google.com *.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/sandbox.blpaczka.com https:\/\/send.blpaczka.com pudofinder.dpd.com.pl https:\/\/www.googletagmanager.com\/ *.facebook.com pay.google.com apm.przelewy24.pl secure.payu.com merch-prod.snd.payu.com *.revolut.com *.cdn-apple.com *.gstatic.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com ruch-osm.sysadvisors.pl p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.cdninstagram.com magefan.com cm.magefan.com static.przelewy24.pl www.gstatic.com gstatic.com static.payu.com *.revolut.com *.google.com *.cdn-apple.com google.com pay.google.com geowidget.easypack24.net maps.googleapis.com *.hsforms.net *.hsforms.com 'self' data: https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ ruch-osm.sysadvisors.pl amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/sandbox.blpaczka.com https:\/\/send.blpaczka.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ player.vimeo.com connect.facebook.net cdnjs.cloudflare.com *.googleapis.com sandbox.przelewy24.pl secure.przelewy24.pl pay.google.com apm.przelewy24.pl secure.payu.com secure.snd.payu.com *.revolut.com *.gstatic.com geowidget.easypack24.net *.hsforms.net *.hsforms.com maps.googleapis.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com ruch-osm.sysadvisors.pl fonts.googleapis.com maxcdn.bootstrapcdn.com geowidget.easypack24.net *.googleapis.com *.gstatic.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com ruch-osm.sysadvisors.pl *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/sandbox.blpaczka.com https:\/\/send.blpaczka.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ sandbox.przelewy24.pl secure.przelewy24.pl wss:\/\/ws.przelewy24.pl wss:\/\/sandbox-ws.przelewy24.pl wss:\/\/secure-ws.przelewy24.pl apple-pay-gateway.apple.com apm.przelewy24.pl www.google.com pay.google.com secure.payu.com merch-prod.snd.payu.com *.revolut.com *.cdn-apple.com *.gstatic.com api-pl-points.easypack24.net maps.googleapis.com t.elasticsuite.io *.hsforms.net *.hsforms.com places.googleapis.com https:\/\/secure.tpay.com https:\/\/secure.sandbox.tpay.com https:\/\/tpay.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src amplitude.com *.amplitude.com cash.app *.cash.app cloudflare.com *.cloudflare.com cloudflareinsights.com *.cloudflareinsights.com datatables.net *.datatables.net doubleclick.net *.doubleclick.net google-analytics.com *.google-analytics.com google.com *.google.com googletagmanager.com *.googletagmanager.com jquery.com *.jquery.com paypal.com *.paypal.com sentry.io *.sentry.io tiny.cloud *.tiny.cloud tinymce.com *.tinymce.com citconpay.com *.citconpay.com facebook.net *.facebook.net google.co.uk *.google.co.uk kcp.co.kr *.kcp.co.kr ngrok-free.app *.ngrok-free.app sift.com *.sift.com 'unsafe-inline' 'unsafe-eval' 'self'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=l6TBhbDUGU_KhrWTMWIgtpEMVuFYq3jE7CgiPOktofE-1778724098.0807292-1.0.1.1-dQBeyS0jU6Mrmnsbhdyn_NHw4xiextebevRw1uUPUZ6S6pbInz1y5a3oyHA8FrSExl670mz07FX9f356vdfOQdeXxfsBXCjT8CiVXe6D3OXU4cqW3w.T0qzsHJOmqWZE3UfQPfo9tr2ap6OtP8lAI1i2qMRXlGy8nRHwXrX_F5HpEQKx4hPBOjT4863Flwiq; report-to cf-jtmzaqprwjeyqefo","count":1},{"content-security-policy-report-only":" font-src maxcdn.bootstrapcdn.com *.oct8ne.com fonts.gstatic.com *.azureedge.net *.doofinder.com *.typekit.net *.googleapis.com data: 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com *.storyblok.com 'self'; frame-src www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com platform.twitter.com *.multisafepay.com https:\/\/pay.google.com *.oct8ne.com www.googletagmanager.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.hotjar.com *.pinterest.com *.doofinder.com *.empathybroker.com *.empathy.co *.criteo.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com https:\/\/images.unsplash.com www.facebook.com pinterest.com assets.pinterest.com syndication.twitter.com *.multisafepay.com *.oct8ne.com www.googletagmanager.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.facebook.com *.google.com *.google.es widgets.trustedshops.com *.twitter.com t.co *.azureedge.net *.pinterest.com *.doofinder.com *.bing.com *.storyblok.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.salesmanago.pl *.salesmanago.es *.salesmanago.com https:\/\/maps.googleapis.com connect.facebook.net twitter.com platform.twitter.com *.multisafepay.com https:\/\/pay.google.com *.oct8ne.com www.googletagmanager.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.googleoptimize.com widgets.trustedshops.com static-eu.oct8ne.com static.zdassets.com *.facebook.net *.tradedoubler.com *.doubleclick.net *.hotjar.com *.ads-twitter.com smct.co *.bsmartdata.com *.retargeted.co *.bing.com *.clarity.ms *.smartsuppcdn.com *.smartsuppchat.com *.smartsupp.com *.connectif.cloud *.klaviyo.com *.photoslurp.com *.pinimg.com *.nosto.com *.doofinder.com *.empathybroker.com *.unpkg.com *.storyblok.com *.usizy.es 'self' 'unsafe-inline' 'unsafe-eval'; style-src maxcdn.bootstrapcdn.com *.multisafepay.com *.photoslurp.com *.nosto.com *.doofinder.com *.klaviyo.com *.typekit.net *.storyblok.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.storyblok.com *.zdassets.com *.doofinder.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.multisafepay.com *.oct8ne.com www.googletagmanager.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.zendesk.com *.zopim.com *.doubleclick.net *.hotjar.com *.hotjar.io *.clarity.ms *.smartsuppcdn.com *.googleapis.com *.gstatic.com *.google-analytics.com *.google.es *.connectif.cloud *.klaviyo.com *.photoslurp.com *.zdassets.com *.pinterest.com *.nosto.com *.doofinder.com *.empathybroker.com *.empathy.co usizy.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.salesmanago.pl *.salesmanago.es *.salesmanago.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; form-action https:\/\/sis.redsys.es\/ pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/pagesense-collect.zoho.com https:\/\/stats.g.doubleclick.net https:\/\/translate.googleapis.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; font-src 'self' data: https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/connect.facebook.net https:\/\/m.facebook.com https:\/\/maps.google.com https:\/\/maps.googleapis.com https:\/\/mobile.facebook.com https:\/\/platform.twitter.com https:\/\/static.addtoany.com https:\/\/web.facebook.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.youtube.com; img-src 'self' data: blob: https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/fonts.gstatic.com https:\/\/pagesense-collect.zoho.com https:\/\/*.fbcdn.net https:\/\/stats.g.doubleclick.net https:\/\/translate.google.com https:\/\/translate.googleapis.com https:\/\/www.gcis.gov.za https:\/\/www.google.com https:\/\/www.google.co.za https:\/\/www.googletagmanager.com https:\/\/www.gov.za https:\/\/www.gstatic.com https:\/\/www.publicsectormanager.gov.za https:\/\/www.sanews.gov.za https:\/\/www.vukuzenzele.gov.za https:\/\/*.openstreetmap.org https:\/\/*.ytimg.com https:\/\/www.google-analytics.com; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https:\/\/*.google-analytics.com https:\/\/cdn.pagesense.io https:\/\/connect.facebook.net https:\/\/maps.googleapis.com https:\/\/platform.twitter.com https:\/\/static.addtoany.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/www.sanews.gov.za; style-src 'self' 'report-sample' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/platform.twitter.com; webrtc 'block'; worker-src 'self'; base-uri 'self'; form-action 'self' https:\/\/list.gcis.gov.za; frame-ancestors 'self'; report-uri https:\/\/www.sanews.gov.za\/system\/reporting\/default; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self' *.typekit.net *.googletagmanager.com *.bootstrapcdn.com *.google.com *.google-analytics.com *.facebook.com *.crazyegg.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.quantserve.com https:\/\/rules.quantcount.com *.cloudflare.com *.basis.net *.doubleclick.net *.optimizely.com https:\/\/cdn.optimizely.com *.calendly.com *.tailwindcss.com *.jsdelivr.net *.gstatic.com *.google-analytics.com *.crazyegg.com *.facebook.net *.simpli.fi *.google.com *.googleapis.com *.googletagmanager.com https:\/\/code.jquery.com *.cdn4dd.com https:\/\/drive-widget.cdn4dd.com *.tribalfusion.com; connect-src 'self' *.cheetahedp.com *.crazyegg.com *.google-analytics.com *.google.com *.typekit.net *.gstatic.com *.doubleclick.net https:\/\/pixel.quantserve.com *.quantserve.com *.optimizely.com https:\/\/logx.optimizely.com; frame-src 'self' *.googletagmanager.com calendly.com *.calendly.com *.gstatic.com *.google.com *.doubleclick.net https:\/\/pixel-sync.sitescout.com *.sitescout.com *.optimizely.com https:\/\/a12600010354.cdn.optimizely.com; font-src 'self' data: *.deltaco.com *.gstatic.com *.bootstrapcdn.com *.typekit.net https:\/\/fonts.gstatic.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.calendly.com *.googleapis.com https:\/\/fonts.googleapis.com *.typekit.net www.googletagmanager.com maxcdn.bootstrapcdn.com; img-src 'self' https: data: *.quantserve.com *.sitescout.com; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self' litium.revolutionrace.de fbcdn.revolutionrace.de wss:\/\/fbcdn.revolutionrace.de *.klarnaservices.com *.klarnauserservices.com *.klarnacdn.net *.klarna.com *.klarnaevt.com *.kustom.co *.adyen.com www.paypal.com js.stripe.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.gstatic.com ajax.googleapis.com fonts.googleapis.com maps.googleapis.com *.apptus.cloud *.storyblok.com *.symplify.com cdn-sitegainer.com *.cdn-sitegainer.com sitegainer.com wss:\/\/recording.sitegainer.com *.criteo.net *.criteo.com *.doubleclick.net *.emarsys.net *.mention-me.com *.imedia.cz *.scarabresearch.com *.spinnaker-js.com bat.bing.com www.seznam.cz tags.creativecdn.com *.kindlycdn.com *.kindly.ai wss:\/\/sage.kindly.ai *.facebook.net *.tiktok.com *.snapchat.com *.pinterest.com *.bambuser.com *.facebook.com www.pinterest.se *.cloudflare.com *.digitaloceanspaces.com *.distancify.workers.dev cdn.jsdelivr.net maxcdn.bootstrapcdn.com player.vimeo.com pro.ip-api.com recommender.scarabresearch.com s.pinimg.com sc-static.net vimeo.com ws-eu.pusher.com wss:\/\/ws-eu.pusher.com 'unsafe-inline' 'unsafe-eval'; img-src data: blob: https:\/\/* 'self'; media-src https:\/\/*; frame-src analytics.revolutionrace.de *.mention-me.com *.google.com *.adyen.com *.paypal.com *.sitegainer.com revolutionrace.customerfirst.ai; style-src 'self' 'unsafe-inline'; connect-src data: *;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/cdn-cookieyes.com https:\/\/js.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js.hs-banner.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com data:; img-src 'self' data: https:; connect-src 'self' https:\/\/api.hubapi.com https:\/\/forms.hsforms.com https:\/\/www.google-analytics.com https:\/\/analytics.google.com; frame-src https:\/\/js.hsforms.net; frame-ancestors 'self'; base-uri 'self'; form-action 'self' https:\/\/forms.hsforms.com;","count":1},{"content-security-policy-report-only":" report-to *.usercentrics.eu; font-src https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com https:\/\/geowidget.easypack24.net https:\/\/widgets.trustedshops.com *.fontawesome.com *.usercentrics.eu data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.usercentrics.eu 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * secure.payu.com merch-prod.snd.payu.com https:\/\/geowidget-app.inpost.pl\/ https:\/\/sandbox-easy-geowidget.easypack24.net\/ *.usercentrics.eu *.google.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.gstatic.com https:\/\/images.unsplash.com *.googleapis.com static.payu.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.usercentrics.eu https:\/\/admin.helikon-tex.com *.etrusted.com *.googlesyndication.com *.google.pl *.facebook.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com tagmanager.google.com https:\/\/www.googletagmanager.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js https:\/\/maps.googleapis.com *.googleapis.com *.gstatic.com secure.payu.com secure.snd.payu.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.avada.io *.usercentrics.eu https:\/\/id1247.entirem.com *.cloudflareinsights.com *.trustedshops.com *.clarity.ms https:\/\/mailing.entirem.com *.ahrefs.com *.crazyegg.com *.gr-cdn.com *.gr-wcon.com *.facebook.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline assets.braintreegateway.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com fonts.googleapis.com maxcdn.bootstrapcdn.com https:\/\/geowidget.easypack24.net https:\/\/geowidget.inpost.pl https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.fontawesome.com *.usercentrics.eu *.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/geowidget.easypack24.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.googleapis.com secure.payu.com merch-prod.snd.payu.com *.easypack24.net *.inpost.pl *.openstreetmap.org *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site https:\/\/get.geojs.io *.avada.io *.usercentrics.eu https:\/\/id1247.entirem.com *.cloudflareinsights.com *.frankfurter.app *.doubleclick.net *.clarity.ms *.getresponse.com *.ahrefs.com *.crazyegg.com *.facebook.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.ing.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/tags.tiqcdn.com; connect-src 'self'  https:\/\/api.www.homebank.ro https:\/\/api.homebank.ro https:\/\/cdn.ing.com https:\/\/*.googlevideo.com https:\/\/jnn-pa.googleapis.com https:\/\/analytics.homebank.ro https:\/\/ingbankromania.sc.omtrdc.net; img-src 'self' https:\/\/analytics.homebank.ro https:\/\/dealwise-static.homebank.ro https:\/\/dw-static.homebank.ro https:\/\/i.ytimg.com https:\/\/yt3.ggpht.com https:\/\/ing.ro https:\/\/www.ing.ro data: blob:; style-src 'self' 'unsafe-inline'; font-src 'self' https:\/\/fonts.gstatic.com data:; frame-ancestors 'self' https:\/\/securepay.ing.ro; child-src 'self'; form-action 'self'; upgrade-insecure-requests; frame-src 'self' https:; media-src https:\/\/*.googlevideo.com blob:;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-8h2p1LHTQqW4KapmIi4GnA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" img-src 'self' staccwexerius.blob.core.windows.net cdn.xerius.be consentcdn.cookiebot.com *.cookiebot.com data: *.google-analytics.com www.googletagmanager.com xerius-prd-911.azureedge.net media.xerius.be media.accdesk.be media.myfamily.be media.xerius-lei.eu *.google.* *.ads.linkedin.com *.linkedin.com connect.facebook.net www.facebook.com *.doubleclick.net *.tiktok.com dev.visualwebsiteoptimizer.com *.clarity.ms *.bing.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' app.varify.io media.xerius.be media.accdesk.be media.myfamily.be media.xerius-lei.eu cxppusa1formui01cdnsa01-endpoint.azureedge.net *.google.* *.googleadservices.com googleads.g.doubleclick.net pagead2.googlesyndication.com *.google-analytics.com *.doubleclick.net fonts.gstatic.com www.googleoptimize.com www.googletagmanager.com *.cookiebot.com consentcdn.cookiebot.com connect.facebook.net www.facebook.com *.ads.linkedin.com *.linkedin.com cdn.xerius.be staccwexerius.blob.core.windows.net xerius-prd-911.azureedge.net www.youtube.com data: xerius.piwik.pro www.gstatic.com script.hotjar.com static.hotjar.com js.monitor.azure.com js.cdn.applicationinsights.io js.cdn.monitor.azure.com *.tiktok.com amazon-adsystem.com *.amazon-adsystem.com paa-reporting-advertising.amazon *.paa-reporting-advertising.amazon trk.adbutter.net *.adnxs.com *.clarity.ms *.bing.com snap.licdn.com *.bannernow.com; worker-src 'none'; frame-ancestors 'self' auth.xerius.be","count":1},{"content-security-policy-report-only":" img-src https:\/\/higherlogicdownload.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/img.youtube.com\/vi\/ https:\/\/static.filestackapi.com\/picker\/ https:\/\/d2x5ku95bkycr3.cloudfront.net https:\/\/higherlogiclongterm.s3.amazonaws.com\/UNIFORMLAWS\/ blob: https:\/\/d132x6oi8ychic.cloudfront.net 'self'; style-src https:\/\/d132x6oi8ychic.cloudfront.net 'unsafe-inline' https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/ajax.googleapis.com\/ajax\/libs\/jqueryui\/ https:\/\/use.fortawesome.com\/ https:\/\/cdn.higherlogic.com\/ai-assistant https:\/\/static.filestackapi.com\/picker\/ https:\/\/fonts.googleapis.com\/ https:\/\/d3uf7shreuzboy.cloudfront.net\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/higherlogiclongterm.s3.amazonaws.com\/UNIFORMLAWS\/ 'self'; font-src https:\/\/fonts.googleapis.com\/ https:\/\/fonts.gstatic.com\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/higherlogicdownload.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/UNIFORMLAWS\/ 'self' https:\/\/higherlogiclongterm.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/maxcdn.bootstrapcdn.com\/font-awesome\/ https:\/\/d2x5ku95bkycr3.cloudfront.net https:\/\/d132x6oi8ychic.cloudfront.net data:; script-src-elem https:\/\/www.google.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-ui-1.13.3.min.js https:\/\/d3uf7shreuzboy.cloudfront.net\/ https:\/\/static.filestackapi.com\/picker\/ https:\/\/cdn.higherlogic.com\/ai-assistant https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-3.7.1.min.js https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/static.filestackapi.com\/filestack-js\/ 'self' https:\/\/ajax.aspnetcdn.com\/ajax\/ 'unsafe-eval' 'unsafe-inline'; media-src https:\/\/higherlogiclongterm.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/higherlogicstream.s3.amazonaws.com\/UNIFORMLAWS\/ 'self' https:\/\/d132x6oi8ychic.cloudfront.net; script-src https:\/\/higherlogiclongterm.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/ajax.aspnetcdn.com\/ajax\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-ui-1.13.3.min.js https:\/\/d132x6oi8ychic.cloudfront.net https:\/\/cdn.informz.net 'unsafe-eval' https:\/\/use.fortawesome.com\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/UNIFORMLAWS\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ 'unsafe-inline' https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/static.filestackapi.com https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-3.7.1.min.js https:\/\/d3uf7shreuzboy.cloudfront.net\/ 'self'; frame-src https:\/\/www.google.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/api.connectedcommunity.org\/ 'self' https:\/\/www.youtube.com\/embed\/; connect-src https:\/\/upload.filestackapi.com https:\/\/static.filestackapi.com https:\/\/cloud.filestackapi.com\/folder\/list\/ 'self' https:\/\/hl-managedservices.informz.net https:\/\/d3uf7shreuzboy.cloudfront.net\/ blob:; worker-src 'self'; default-src 'self'; base-uri 'self'; frame-ancestors https:\/\/*.connectedcommunity.org\/ 'self'; object-src 'none'; manifest-src 'self';","count":1},{"content-security-policy-report-only":" default-src *; script-src * 'unsafe-inline' 'unsafe-eval' blob: data:; style-src * 'unsafe-inline'; img-src * data:; font-src *; connect-src * wss:; frame-src *; object-src *;","count":1},{"content-security-policy-report-only":" ; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.klaviyo.com *.paypalobjects.com *.licdn.com *.clarity.ms https:\/\/ttz41d7zd1.execute-api.eu-west-1.amazonaws.com\/Prod\/js storage.googleapis.com cdn.mxpnl.com *.finance-calculator.co.uk angus.finance-calculator.co.uk *.collector-11207.tvsquared.com collector-11207.tvsquared.com bat.bing.com cdn.sub2tech.com *.sub2tech.com dmtrk.net dmtrk.com r1.dmtrk.net r1.dmtrk.com r2.dmtrk.net r2.dmtrk.com r3.dmtrk.net r3.dmtrk.com ddlnk.net ddlnk.com r1.ddlnk.net r1.ddlnk.com r2.ddlnk.net r2.ddlnk.com r3.ddlnk.net r3.ddlnk.com t.trackedlink.net r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net webinsight.s3.amazonaws.com static.trackedweb.net trackedweb.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net i.emlfiles.com i.emlfiles1.com i.emlfiles2.com i.emlfiles3.com i.emlfiles4.com i.emlfiles5.com i.emlfiles6.com i.emlfiles7.com i.emlfiles8.com i.emfiles9.com r1.dotmailer-surveys.com r2.dotmailer-surveys.com r3.dotmailer-surveys.com r1.dotdigital-surveys.com r2.dotdigital-surveys.com r3.dotdigital-surveys.com *.dotdigital-pages.com script.hotjar.com player.vimeo.com www.googleoptimize.com *.bookingbug.com *.paypal.com static.trackedweb.net *.trackedlink.net *.gstatic.com static.zdassets.com *.trustpilot.com optimize.google.com tagmanager.google.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.facebook.net *.cquotient.com services.postcodeanywhere.co.uk cdn.cquotient.com www.googletagmanager.com googleads.g.doubleclick.net https:\/\/iploc.tryzens-analytics.com:12443 *.pcapredict.com maps.googleapis.com services.postcodeanywhere.co.uk *.collector-11207.tvsquared.com collector-11207.tvsquared.com bat.bing.com cdn.sub2tech.com *.collector-11207.tvsquared.com collector-11207.tvsquared.com *.sub2tech.com www.google-analytics.com p.cquotient.com static.hotjar.com www.googleadservices.com *.adyen.com geolocation.onetrust.com cdn.cookielaw.org *.googletagmanager.com extend.vimeocdn.com *.christopherward.com *.appointedd.com *.ratepay.com unpkg.com *.tryzens-analytics.com tally.so *.tally.so; style-src 'self' 'unsafe-inline' *.klaviyo.com angus.finance-calculator.co.uk storage.googleapis.com *.collector-11207.tvsquared.com collector-11207.tvsquared.com bat.bing.com cdn.sub2tech.com *.sub2tech.com *.paypalobjects.com dmtrk.net dmtrk.com r1.dmtrk.net r1.dmtrk.com r2.dmtrk.net r2.dmtrk.com r3.dmtrk.net r3.dmtrk.com ddlnk.net ddlnk.com r1.ddlnk.net r1.ddlnk.com r2.ddlnk.net r2.ddlnk.com r3.ddlnk.net r3.ddlnk.com t.trackedlink.net r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net webinsight.s3.amazonaws.com static.trackedweb.net trackedweb.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net i.emlfiles.com i.emlfiles1.com i.emlfiles2.com i.emlfiles3.com i.emlfiles4.com i.emlfiles5.com i.emlfiles6.com i.emlfiles7.com i.emlfiles8.com i.emfiles9.com r1.dotmailer-surveys.com r2.dotmailer-surveys.com r3.dotmailer-surveys.com r1.dotdigital-surveys.com r2.dotdigital-surveys.com r3.dotdigital-surveys.com *.adyen.com optimize.google.com tagmanager.google.com foursixty.com cdn.jsdelivr.net fonts.googleapis.com services.postcodeanywhere.co.uk cdn.cookielaw.org *.christopherward.com; frame-src 'self' *.doubleclick.net storage.googleapis.com *.surveymonkey.com *.finance-calculator.co.uk *.collector-11207.tvsquared.com collector-11207.tvsquared.com bat.bing.com cdn.sub2tech.com *.sub2tech.com *.dotdigital-pages.com *.bookingbug.com vars.hotjar.com *.paypal.com *.paypalobjects.com *.google.com widget.trustpilot.com *.youtube.com *.vimeo.com optimize.google.com www.facebook.com *.klarnaservices.com *.adyen.com extend.vimeocdn.com *.appointedd.com tally.so *.tally.so https:\/\/www.googletagmanager.com https:\/\/data.christopherward.com; child-src 'none'; img-src 'self' data: *.doubleclick.net *.vimeocdn.com *.clarity.ms px.ads.linkedin.com c.bing.com storage.googleapis.com angus.finance-calculator.co.uk *.paypalobjects.com dmtrk.net dmtrk.com r1.dmtrk.net r1.dmtrk.com r2.dmtrk.net r2.dmtrk.com r3.dmtrk.net r3.dmtrk.com ddlnk.net ddlnk.com r1.ddlnk.net r1.ddlnk.com r2.ddlnk.net r2.ddlnk.com r3.ddlnk.net r3.ddlnk.com t.trackedlink.net r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net webinsight.s3.amazonaws.com static.trackedweb.net trackedweb.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net i.emlfiles.com i.emlfiles1.com i.emlfiles2.com i.emlfiles3.com i.emlfiles4.com i.emlfiles5.com i.emlfiles6.com i.emlfiles7.com i.emlfiles8.com i.emfiles9.com r1.dotmailer-surveys.com r2.dotmailer-surveys.com r3.dotmailer-surveys.com r1.dotdigital-surveys.com r2.dotdigital-surveys.com r3.dotdigital-surveys.com www.jrni.com *.bookingbug.com *.paypal.com stats.g.doubleclick.net *.collector-11207.tvsquared.com collector-11207.tvsquared.com bat.bing.com cdn.sub2tech.com *.sub2tech.com edge.disstg.commercecloud.salesforce.com *.collector-11207.tvsquared.com collector-11207.tvsquared.com cdn.sub2tech.com *.sub2tech.com www.google-analytics.com *.paypalobjects.com static.secure-afterpay.com.au um.simpli.fi www.instagram.com www.googletagmanager.com services.postcodeanywhere.co.uk pixel.mathtag.com aa.agkn.com cx.atdmt.com www.facebook.com *.pbbl.co *.optimove.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.gstatic.com *.googleapis.com *.google.com *.adyen.com t1.stormiq.com cdn.cookielaw.org *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.christopherward.com *.cloudflare.com *.ctfassets.net bat.bing.net; font-src 'self' data: www.christopherward.com fonts.gstatic.com res.cloudinary.com *.paypalobjects.com googleads.g.doubleclick.net; connect-src 'self' *.onetrust.com *.mixpanel.com *.klaviyo.com *.collector-11207.tvsquared.com g.clarity.ms clarity.ms collector-11207.tvsquared.com bat.bing.com cdn.sub2tech.com *.sub2tech.com angus.finance-calculator.co.uk dmtrk.net dmtrk.com r1.dmtrk.net r1.dmtrk.com r2.dmtrk.net r2.dmtrk.com r3.dmtrk.net r3.dmtrk.com ddlnk.net ddlnk.com r1.ddlnk.net r1.ddlnk.com r2.ddlnk.net r2.ddlnk.com r3.ddlnk.net r3.ddlnk.com t.trackedlink.net r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net webinsight.s3.amazonaws.com static.trackedweb.net trackedweb.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net i.emlfiles.com i.emlfiles1.com i.emlfiles2.com i.emlfiles3.com i.emlfiles4.com i.emlfiles5.com i.emlfiles6.com i.emlfiles7.com i.emlfiles8.com i.emfiles9.com r1.dotmailer-surveys.com r2.dotmailer-surveys.com r3.dotmailer-surveys.com r1.dotdigital-surveys.com r2.dotdigital-surveys.com r3.dotdigital-surveys.com wss:\/\/*.hotjar.com *.hotjar.com *.hotjar.io *.paypal.com *.adyen.com widget.trustpilot.com wss:\/\/widget-mediator.zopim.com christopherward.zendesk.com *.trackedweb.net ekr.zdassets.com https:\/\/ttz41d7zd1.execute-api.eu-west-1.amazonaws.com\/Prod\/js* *.klarnaevt.com stats.g.doubleclick.net www.facebook.com https:\/\/www.tryzens-analytics.com:12280 *.pinterest.com *.klarnauserservices.com *.optimove.events www.google-analytics.com *.hotjar.com *.optimove.net *.hotjar.io https:\/\/uat.tryzens-analytics.com:12280 api.cquotient.com services.postcodeanywhere.co.uk cdn.cookielaw.org *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat google.com\/pay extend.vimeocdn.com unpkg.com *.tryzens-analytics.com player.vimeo.com download-video-ak.vimeocdn.com px.ads.linkedin.com https:\/\/data.christopherward.com ; form-action 'self' http:\/\/portal.afterpay.com http:\/\/portal-sandbox.afterpay.com *.playground.klarna.com *.klarna.com *.afterpay.com www.facebook.com *.collector-11207.tvsquared.com collector-11207.tvsquared.com bat.bing.com cdn.sub2tech.com *.sub2tech.com *.paypal.com *.adyen.com https:\/\/data.christopherward.com px.ads.linkedin.com; media-src 'self' static.zdassets.com res.cloudinary.com *.akamaized.net download-video-ak.vimeocdn.com player.vimeo.com;; report-uri https:\/\/chw-csp.tryzens-analytics.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; media-src 'self' https:","count":1},{"content-security-policy-report-only":" default-src *.emersya.com emersya.com 'self'; script-src  'unsafe-inline' *.vimeocdn.com *.emersya.com cdn-cookieyes.com *.hubspot.com yoast.com js-eu1.hubspot.com *.hs-scripts.com *.hs-analytics.net *.hscollectedforms.net *.hs-banner.com *.hsforms.net 146805878.hs-sites-eu1.com *.hsappstatic.net google.com beacon-v2.helpscout.net www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net 'self' blob:; connect-src yoast.com my.yoast.com cdn-cookieyes.com *.cookieyes.com *.emersya.com *.hubspot.com *.hscollectedforms.net d3hb14vkzrxvla.cloudfront.net *.mixpanel.com 'self'; img-src *.w.org *.gravatar.com *.vimeocdn.com emersya.com *.emersya.com *.hubspot.com *.hsforms.com static.hsappstatic.net cdn-cookieyes.com assets.elementor.com 'self' data:; style-src  'unsafe-inline' emersya.com *.emersya.com *.vimeocdn.com designsystem.brevo.com fonts.googleapis.com 'self';  media-src *.vimeocdn.com 'self';frame-src emersya.com *.emersya.com player.vimeo.com 146805878.hs-sites-eu1.com *.hsforms.net *.hubspot.com google.com 'self'; font-src emersya.com *.emersya.com designsystem.brevo.com fonts.gstatic.com 'self' data:; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.versapay.com *.paynup.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.twitter.com *.versapay.com *.paynup.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.certcapture.com *.twitter.com *.paynup.com *.versapay.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: *.certcapture.com *.amazonaws.com *.google.co.in t.co.in t.co *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.versapay.com *.paynup.com *.trackedlink.net magefan.com cm.magefan.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com maps.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.certcapture.com *.ads-twitter.com *.pinimg.com *.qualtrics.com *.hotjar.com *.pinterest.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.versapay.com *.paynup.com *.datadoghq.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com maps.googleapis.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.bing.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com unpkg.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.versapay.com *.paynup.com webchat.dotdigital.com webchat.staging.dotdigital.com assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com *.pinterest.com *.googleapis.com *.qualtrics.com *.hotjar.com *.hotjar.io stats.g.doubleclick.net wss:\/\/ws.hotjar.com *.google.co.in *.cloudflare.com *.twitter.com *.twimg.com *.versapay.com *.paynup.com *.datadoghq.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com maps.googleapis.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri http:\/\/127.0.0.1\/magento_os\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" font-src https:\/\/cdnjs.cloudflare.com https:\/\/static.payzen.eu\/static\/ https:\/\/fonts.gstatic.com *.fontawesome.com *.typekit.net https:\/\/static.lyra.com\/static\/ maxcdn.bootstrapcdn.com fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de https:\/\/secure.payzen.eu\/vads-payment\/ https:\/\/api.payzen.eu\/api-payment\/ https:\/\/static.payzen.eu\/static\/ *.facebook.com https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/api.lyra.com\/api-payment\/ https:\/\/static.lyra.com\/static\/ 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com js.stripe.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de https:\/\/secure.payzen.eu\/vads-payment\/ https:\/\/static.payzen.eu\/static\/ *.avis-verifies.com *.botnation.ai *.doubleclick.net *.facebook.com *.googletagmanager.com *.hotjar.com *.zenaps.com https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/static.lyra.com\/static\/ *.myspectro.io *.kxcdn.com *.weltpixel.com js.mollie.com www.xtento.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com https:\/\/images.unsplash.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de axeptio.imgix.net https:\/\/secure.payzen.eu\/static\/latest\/images\/type-carte\/ https:\/\/static.payzen.eu\/static\/ https:\/\/secure.payzen.eu\/vads-payment\/ https:\/\/www.google.fr https:\/\/api.mapbox.com *.tile.openstreetmap.org *.avis-verifies.com *.awin1.com *.bing.com *.clarity.ms *.facebook.com *.google.com *.analytics.google.com *.lacompagniedesanimaux.com *.netreviews.eu *.twgdns.com *.zenaps.com *.youtube.com *.vumbnail.com https:\/\/secure.lyra.com\/static\/latest\/images\/type-carte\/ https:\/\/static.lyra.com\/static\/ https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/www.mollie.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com *.gstatic.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ js.stripe.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.axept.io https:\/\/cdnjs.cloudflare.com https:\/\/api.payzen.eu\/api-payment\/ https:\/\/static.payzen.eu\/static\/ widget.freshworks.com m2epro.freshdesk.com *.avis-verifies.com *.bing.com *.botnation.ai *.clarity.ms *.doubleclick.net *.dwin1.com *.facebook.net *.analytics.google.com *.hotjar.com *.iadvize.com *.newrelic.com *.nr-data.net *.remisesetprivileges.fr *.roeyecdn.com *.sciencebehindecommerce.com *.skeepers.io *.twenga.fr *.zdassets.com *.zenaps.com https:\/\/api.lyra.com\/api-payment\/ https:\/\/static.lyra.com\/static\/ *.myspectro.io *.kxcdn.com s.kk-resources.com js.mollie.com *.googletagmanager.com *.googleadservices.com *.google.com *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com https:\/\/static.payzen.eu\/static\/ widget.freshworks.com m2epro.freshdesk.com *.fontawesome.com *.botnation.ai *.jsdelivr.net *.typekit.net https:\/\/static.lyra.com\/static\/ maxcdn.bootstrapcdn.com *.tagmanager.google.com *.googletagmanager.com fonts.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de api.axept.io client.axept.io https:\/\/secure.payzen.eu\/vads-payment\/ https:\/\/api.payzen.eu\/api-payment\/ widget.freshworks.com m2epro.freshdesk.com *.fact-finder.de *.fact-finder.com *.fact-finder.co.uk *.fact-finder.fr *.fact-finder.pl *.fact-finder.it *.fact-finder.at *.fact-finder.ch *.fact-finder.cloud https:\/\/nominatim.openstreetmap.org *.botnation.ai *.clarity.ms *.doubleclick.net *.google.com *.google-analytics.com *.analytics.google.com *.googleapis.com *.iadvize.com *.nr-data.net *.remisesetprivileges.fr *.sciencebehindecommerce.com *.zdassets.com *.zendesk.com https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/api.lyra.com\/api-payment\/ *.myspectro.io *.kxcdn.com s.kelkoogroup.net *.hotjar.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.run.app 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src https:\/\/secure.payzen.eu\/vads-payment\/ https:\/\/api.payzen.eu\/api-payment\/ https:\/\/static.payzen.eu\/static\/ https:\/\/secure.lyra.com\/vads-payment\/ https:\/\/api.lyra.com\/api-payment\/ https:\/\/static.lyra.com\/static\/ 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.dm.hu https:\/\/mpsnare.iesnare.com https:\/\/omt.dm.hu https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.dm.hu https:\/\/www.google.com https:\/\/www.gstatic.com; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.dm.hu https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.dm.hu https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.dm.hu https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.dm.hu https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.dm.hu; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.dm.hu https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.dm.hu https:\/\/app.datadoghq.eu https:\/\/checkout.dm.hu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.dm.hu https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.dm.hu https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.dm.hu https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.dm.hu https:\/\/player.podigee-cdn.net https:\/\/sandbox.om.dm.hu https:\/\/signin.dm.hu https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.dm.hu; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-LcoIJkExhKn8hm6IKJ5hbQ==' 'strict-dynamic' 'wasm-unsafe-eval'; worker-src 'self' blob:; manifest-src 'self' https:\/\/cdn.caffeine.ai; style-src 'self' https:\/\/cdn.caffeine.ai https:\/\/fonts.googleapis.com 'unsafe-inline'; img-src 'self' https: data: blob: https:\/\/cdn.caffeine.tech; connect-src 'self' https:\/\/api.caffeine.ai https:\/\/*.caffeine.xyz https:\/\/cdn.caffeine.ai https:\/\/cdn.caffeine.tech https:\/\/browser-intake-datadoghq.com https:\/\/*.datadoghq.com https:\/\/*.datadoghq-browser-agent.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/www.google.pt https:\/\/www.google.es https:\/\/www.google.co.uk https:\/\/www.google.fr https:\/\/www.google.de https:\/\/www.google.it https:\/\/www.google.nl https:\/\/www.google.be https:\/\/www.google.ch https:\/\/www.google.at https:\/\/www.google.ie https:\/\/www.google.dk https:\/\/www.google.se https:\/\/www.google.no https:\/\/www.google.fi https:\/\/www.google.pl https:\/\/www.google.cz https:\/\/www.google.hu https:\/\/www.google.ro https:\/\/www.google.gr https:\/\/www.google.com.br https:\/\/www.google.com.mx https:\/\/www.google.com.ar https:\/\/www.google.cl https:\/\/www.google.com.co https:\/\/www.google.com.pe https:\/\/www.google.ca https:\/\/www.google.com.au https:\/\/www.google.co.nz https:\/\/www.google.co.jp https:\/\/www.google.co.kr https:\/\/www.google.co.in https:\/\/www.google.co.id https:\/\/www.google.com.sg https:\/\/www.google.com.tr https:\/\/analytics.tiktok.com https:\/\/static.cloudflareinsights.com https:\/\/px.ads.linkedin.com https:\/\/mpc2-prod-26-is5qnl632q-uc.a.run.app https:\/\/demo-1.conversionsapigateway.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/www.facebook.com https:\/\/analytics.twitter.com https:\/\/t.co; font-src 'self' https:\/\/cdn.caffeine.ai https:\/\/fonts.gstatic.com; frame-src https:\/\/www.googletagmanager.com https:\/\/www.facebook.com https:\/\/www.youtube.com https:\/\/*.caffeine.xyz; object-src 'none'; base-uri 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' *.fls.doubleclick.net *.google-analytics.com *.overdrive.com bam.nr-data.net connect.facebook.net hello.myfonts.net stats.g.doubleclick.net tracking.crazyegg.com\/clock; connect-src 'self' *.google-analytics.com analytics.google.com bam.nr-data.net hello.myfonts.net manager.us.smartlook.cloud script.crazyegg.com\/pages\/data-scripts\/0023\/8294.json stats.g.doubleclick.net tracking.crazyegg.com\/clock www.facebook.com\/tr\/ api.digioh.com jsapi.azurewebsites.net analytics.digioh.com; script-src 'self' apis.google.com\/js\/platform.js bam.nr-data.net connect.facebook.com connect.facebook.net js-agent.newrelic.com script.crazyegg.com servedbyadbutler.com\/adserve\/ servedbyadbutler.com\/app.js web-sdk.smartlook.com www.google-analytics.com\/analytics.js www.googletagmanager.com cdn.digioh.com scripts.digioh.com lightboxcdn.digioh.com 'unsafe-eval' 'unsafe-inline'; script-src-elem 'self' apis.google.com\/ apis.google.com\/_\/scs\/apps-static\/_\/js\/ apis.google.com\/js\/platform.js bam.nr-data.net connect.facebook.net js-agent.newrelic.com\/ script.crazyegg.com\/pages\/scripts\/0023\/8294.js script.crazyegg.com\/pages\/versioned\/common-scripts\/ servedbyadbutler.com\/adserve\/ servedbyadbutler.com\/app.js web-sdk.smartlook.com www.google-analytics.com\/analytics.js www.google-analytics.com\/plugins\/ua\/ec.js www.google.com\/recaptcha www.googletagmanager.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'nonce-YRyjPoKe5P8JvtF3q23rM1jQofc='; img-src 'self' data: images.contentreserve.com\/ img1.od-cdn.com servedbyadbutler.com\/getad.img\/ t.co\/i\/ www.facebook.com\/tr\/ www.google-analytics.com\/collect www.google.com\/ads\/ www.googletagmanager.com\/a www.googletagmanager.com\/td cdn.digioh.com *.google-analytics.com *.doubleclick.net; frame-src 'self' 9250847.fls.doubleclick.net accounts.google.com\/ classroom.google.com www.facebook.com\/ www.gstatic.com\/; worker-src blob:; object-src 'none'; report-uri https:\/\/itsentry.overdrive.com\/api\/13\/security\/?sentry_key=86a98bc6ee19c71aed01755910f50c3c","count":1},{"content-security-policy-report-only":" font-src *.klarnacdn.net *.fontawesome.com *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com *.google.com *.youtube.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.twitter.com *.google.com *.youtube.com maps.googleapis.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.klarna.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.twitter.com *.google.com *.facebook.com maps.googleapis.com lightwidget.com *.maps.gstatic.com *.wesupply.xyz https:\/\/wesupplylabs.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.klarna.com *.klarnaevt.com *.klarnacdn.net * www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.cloudflare.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.google.com maps.googleapis.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.googleapis.com *.placeholder.com *.maps.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.klarna.com *.klarnacdn.net *.klarnaservices.com *.avada.io * js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.google.com maps.googleapis.com *.facebook.net cdn.lightwidget.com *.instagram.com *.cdninstagram.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.googleapis.com *.placeholder.com *.maps.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.klarnacdn.net *.fontawesome.com unsafe-inline assets.braintreegateway.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.google.com *.youtube.com maps.googleapis.com *.cdninstagram.com s7.addthis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.placeholder.com *.maps.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.klarnaevt.com *.klarnacdn.net *.klarna.com *.klarnaservices.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.cloudflare.com *.twitter.com *.twimg.com *.youtube.com maps.googleapis.com facebook.net *.maps.gstatic.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:; connect-src 'self' https: wss:; script-src 'unsafe-inline' 'self' https:; worker-src blob:; style-src 'unsafe-inline' 'self' https:; object-src 'none'; img-src 'self' data: https:; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/*.braintree-api.com https:\/\/*.braintreegateway.com https:\/\/*.adyen.com https:\/\/*.adyenpayments.com https:\/\/*.adyencdn.com https:\/\/*.checkout.com https:\/\/*.cko-cdn.com https:\/\/*.pingpongx.com https:\/\/*.worldpay.com https:\/\/*.cardinalcommerce.com https:\/\/*.arcot.com https:\/\/*.online-metrix.net https:\/\/*.forter.com https:\/\/*.cloudfront.net https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/retcode.alicdn.com https:\/\/*.aliyuncs.com https:\/\/*.lilith.com https:\/\/*.lilithgame.com https:\/\/*.lilithgames.com https:\/\/*.farlightgames.com https:\/\/*.plutomall.com https:\/\/*.lilithcdn.com https:\/\/*.farlicdn.com; style-src 'self' 'unsafe-inline' https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/*.braintree-api.com https:\/\/*.braintreegateway.com https:\/\/*.adyen.com https:\/\/*.adyenpayments.com https:\/\/*.adyencdn.com https:\/\/*.checkout.com https:\/\/*.cko-cdn.com https:\/\/*.pingpongx.com https:\/\/*.worldpay.com https:\/\/*.cardinalcommerce.com https:\/\/*.arcot.com https:\/\/*.online-metrix.net https:\/\/*.forter.com https:\/\/*.cloudfront.net https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.lilith.com https:\/\/*.lilithgame.com https:\/\/*.lilithgames.com https:\/\/*.farlightgames.com https:\/\/*.plutomall.com https:\/\/*.lilithcdn.com https:\/\/*.farlicdn.com; img-src 'self' data: blob: https:; font-src 'self' data: https:; frame-src 'self' https:; connect-src 'self' https:; manifest-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self' https:; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/cdn.goentri.com https:\/\/cdn.tolt.io https:\/\/cdn.jsdelivr.net https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/www.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/tpc.googlesyndication.com https:\/\/*.posthog.com https:\/\/us-assets.i.posthog.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' data: https:\/\/fonts.gstatic.com; img-src 'self' data: blob: https:\/\/cdn.blink.new https:\/\/firebasestorage.googleapis.com https:\/\/storage.googleapis.com https:\/\/images.unsplash.com https:\/\/lh3.googleusercontent.com https:\/\/avatars.githubusercontent.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/*.posthog.com; connect-src 'self' https:\/\/core.blink.new https:\/\/*.sites.blink.new https:\/\/*.exp.direct https:\/\/*.preview-blink.com https:\/\/*.googleapis.com wss:\/\/*.blink.new https:\/\/cdn.tolt.io https:\/\/*.tolt.io https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/www.google-analytics.com https:\/\/analytics.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/pagead2.googlesyndication.com https:\/\/*.posthog.com https:\/\/us.i.posthog.com https:\/\/us-assets.i.posthog.com; frame-src 'self' https:\/\/*.sites.blink.new https:\/\/*.blink.new https:\/\/*.exp.direct https:\/\/*.preview-blink.com https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-jNKnsax3zVWoBfvRLvucaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src 'self' fonts.googleapis.com fonts.gstatic.com fonts.soundestlink.com data:;style-src 'self' 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com fonts.soundestlink.com assets.mxapis.com *.cloudfront.net www.gstatic.com;style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com fonts.soundestlink.com www.gstatic.com assets.mxapis.com *.cloudfront.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.cookiebot.com *.google-analytics.com *.googleapis.com *.google.com *.google.lt *.google.lv *.googleadservices.com *.googlesyndication.com *.facebook.net *.bing.com *.cloudflare.com *.hotjar.com *.cloudflare.com *.doubleclick.net static.cloudflareinsights.com *.clarity.ms *.nosto.com omnisnippet1.com *.rackcdn.com *.equalweb.com *.mxapis.com *.ladesk.com cdn.dot.vu tags.creativecdn.com analytics.tiktok.com chimpstatic.com *.mailchimp.com *.list-manage.com *.cloudfront.net static.cloudflareinsights.com *.adform.net *.googleapis.com;script-src-elem 'self' 'unsafe-inline' cdn.datatables.net static.cloudflareinsights.com *.clarity.ms *.googletagmanager.com *.cookiebot.com *.google-analytics.com *.googleapis.com *.google.com *.google.lt *.google.lv *.googleadservices.com *.googlesyndication.com *.facebook.net *.bing.com *.cloudflare.com *.cloudflare.com *.doubleclick.net www.youtube.com pagead2.googlesyndication.com *.nosto.com omnisnippet1.com *.rackcdn.com *.equalweb.com *.mxapis.com *.ladesk.com cdn.dot.vu tags.creativecdn.com analytics.tiktok.com chimpstatic.com *.mailchimp.com *.list-manage.com *.cloudfront.net static.cloudflareinsights.com *.adform.net;connect-src 'self' https:\/\/api.e-menessaptieka.lv *.nordcode.io *.google-analytics.com *.doubleclick.net *.google.com *.cookiebot.com *.bing.com *.googlesyndication.com *.clarity.ms *.facebook.com adservice.google.com graph.facebook.com www.googleadservices.com www.google.com www.google.lt www.google.lv googleadservices.com google.com google.lt google.lv pagead2.googlesyndication.com *.nosto.com *.sentry.io *.googleapis.com *.equalweb.com *.soundestlink.com *.dot.vu ams.creativecdn.com analytics.tiktok.com *.e-menessaptieka.lv *.moonmart.lt *.mxapis.com *.tiktokw.us;frame-src 'self' *.cookiebot.com *.doubleclick.net *.youtube.com accounts.google.com *.ladesk.com live.dot.vu ams.creativecdn.com cdn.mxapis.com;img-src 'self' data: https:\/\/api.e-menessaptieka.lv https:\/\/images.e-menessaptieka.lv *.klix.app *.cookiebot.com *.google-analytics.com *.doubleclick.net *.googlesyndication.com *.googletagmanager.com *.google.com *.google.lt *.google.lv *.cloudflare.com *.tawk.to tawk.link *.hotjar.com *.soundestlink.com *.googleapis.com *.gstatic.com *.facebook.com *.youtube.com *.doubleclick.net *.dmxleo.com *.hotjar.com *.bing.com *.adform.net *.criteo.com *.clarity.ms *.demdex.net x.bidswitch.net ib.adnxs.com rtb-csync.smartadserver.com sync-t1.taboola.com visitor.omnitagjs.com r.casalemedia.com ad.360yield.com matching.ivitrack.com contextual.media.net exchange.mediavine.com jadserve.postrelease.com sync.outbrain.com simage2.pubmatic.com pixel.rubiconproject.com match.sharethrough.com criteo-sync.teads.tv criteo-partners.tremorhub.com eb2.3lift.com ad.yieldlab.net sync-criteo.ads.yieldmo.com e1.emxdgt.com googleads.g.doubleclick.net omnisnippet1.com csm.fr3.eu.criteo.net id5-sync.com ade.googlesyndication.com *.nosto.com *.appspot.com serve.mxapis.com *.e-menessaptieka.lv *.moonmart.lt www.googleadservices.com *.creativecdn.com static.salidzini.lv ema.ladesk.com;default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https:\/\/api.e-menessaptieka.lv https:\/\/images.e-menessaptieka.lv;report-uri https:\/\/api.e-menessaptieka.lv\/csp\/report","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.townsvillebulletin.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/accounts.google.com\/gsi\/client https:\/\/www.googletagmanager.com https:\/\/geddle.com https:\/\/o.alicdn.com https:\/\/static.twtcdn.com https:\/\/www.clarity.ms https:\/\/scripts.clarity.ms https:\/\/visitorchat.twt.com; style-src 'self' 'unsafe-inline' https:\/\/accounts.google.com\/gsi\/style; img-src 'self' data: blob: https:\/\/*.googleusercontent.com https:\/\/www.googletagmanager.com https:\/\/static.twtcdn.com https:\/\/www.clarity.ms; font-src 'self' data:; frame-src https:\/\/accounts.google.com\/gsi\/ https:\/\/visitorchat.twt.com; connect-src 'self' https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google-analytics.com https:\/\/geddle.com https:\/\/static.twtcdn.com https:\/\/f.clarity.ms https:\/\/visitorchat.twt.com;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/api.mapbox.com https:\/\/one.bhs.ion3.io https:\/\/one.bhsusa.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.jsdelivr.net https:\/\/code.jquery.com https:\/\/unpkg.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/cht-srvc.net https:\/\/cdn.livechatinc.com https:\/\/api.livechatinc.com https:\/\/www.narrpr.com https:\/\/challenges.cloudflare.com https:\/\/performance.radar.cloudflare.com https:\/\/apis.google.com https:\/\/3001.scriptcdn.net; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; media-src 'self' blob: data: https:; connect-src 'self' https: wss:; frame-src 'self' https:; worker-src 'self' blob:; child-src 'self' blob:; manifest-src 'self'; object-src 'none'; frame-ancestors 'self'; base-uri 'self'; form-action 'self' https:\/\/www.facebook.com; report-uri https:\/\/9ptrdkbg.uriports.com\/reports\/report; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' *.artfut.com *.bootstrapcdn.com *.clarity.ms *.cloudfront.net *.criteo.com *.facebook.com *.fullstory.com *.gstatic.com *.google-analytics.com *.google.com *.googleapis.com *.jsdelivr.net *.livechatinc.com *.moengage.com *.onetrust.com *.razorpay.com *.tatadigital.com *.trackier.com *.unbxdapi.com c.amazon-adsystem.com connect.facebook.net googleads.g.doubleclick.net sc-static.net tr.snapchat.com www.googleadservices.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com *.googleapis.com *.jsdelivr.net *.onetrust.com www.gstatic.com; img-src 'self' data: https:; connect-src 'self' aax-eu.amazon-adsystem.com ad.doubleclick.net analytics.google.com api.fastrackeyewear.com apac-recommendations.unbxd.io ara.paa-reporting-advertising.amazon connect.facebook.net d3995ea24pmi7m.cloudfront.net google.com *.amazon.in *.clarity.ms *.criteo.com *.facebook.com *.fullstory.com *.google.com *.googleapis.com *.livechatinc.com *.moengage.com *.onetrust.com *.paytm.in *.phonepe.com *.razorpay.com *.tatadigital.com *.titaneyeplus.com *.unbxdapi.com s.amazon-adsystem.com search.unbxd.io secure.paytmpayments.com stats.g.doubleclick.net tr.snapchat.com tr6.snapchat.com www.google-analytics.com www.google.co.in www.google.com www.googleadservices.com; font-src 'self' *.amazon-adsystem.com *.gstatic.com *.google.co.in *.onetrust.com *.unbxd.io ad.doubleclick.net ara.paa-reporting-advertising.amazon google.com stats.g.doubleclick.net www.google-analytics.com www.googleadservices.com; frame-src 'self' *;","count":1},{"content-security-policy-report-only":" default-src 'self';media-src 'self' blob: data: https:\/\/ *.onnetwork.tv *.tvp.pl;worker-src 'self' blob: data: *.sadeczanin.info;script-src 'self' 'unsafe-inline' 'unsafe-eval'  *.googleapis.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com https:\/\/weatherwidget.io *.weatherwidget.io *.google.com *.g.doubleclick.net *.instagram.com *.googlesyndication.com *.twitter.com  *.openxcdn.net *.4dex.io *.criteo.net tags.crwdcntrl.net *.creativecdn.com cdn.id5-sync.com cdn.prod.uidapi.com *.onnetwork.tv *.googleapis.com *.jsdelivr.net *.facebook.net *.2mdn.net *.google-analytics.com *.optad360.io *.script.ac *.ampproject.org; img-src 'self' https: data: blob: http:\/\/api.sadeczanin.info; style-src 'self' 'unsafe-inline' www.fonts.googleapis.com *.googleapis.com *.onnetwork.tv *.google.com; font-src 'self' data:  *.fonts.googleapis.com *.onnetwork.tv *.gstatic.com; frame-src 'self' https:\/\/weatherwidget.io *.weatherwidget.io https:\/\/instagram.com *.instagram.com https:\/\/twitframe.com *.twitframe.com *.twitter.com *.facebook.com *.googlesyndication.com *.google.com *.g.doubleclick.net *.googleadservices.com *.youtube.com *.youtu.be https:\/\/youtube.com https:\/\/youtu.be https:\/\/zrzutka.pl *.zrzutka.pl *.criteo.com *.onnetwork.tv *.googleapis.com *.aztv.pl *.casalemedia.com *.openx.net *.quantumdex.io *.adxbid.info *.openx.net *.quantumdex.io https:\/\/adxbid.info *.adxbid.info https:\/\/onetag-sys.com *.onetag-sys.com *.openx.net *.smartadserver.com *.wp.pl *.rubiconproject.com *.pubmatic.com *.a-mo.net *.indexww.com *.adnxs.com *.3lift.com https:\/\/hdsystem.pl https:\/\/www.hdsystem.pl *.richaudience.com; connect-src 'self' *.google-analytics.com *.sadeczanin.info pagead2.googlesyndication.com *.google.com *.g.doubleclick.net *.gstatic.com bcp.crwdcntrl.net id5-sync.com *.criteo.com *.criteo.net *.onnetwork.tv *.jsdelivr.net *.openx.net *.adnxs.com *.quantumdex.io *.wp.pl *.rubiconproject.com https:\/\/dnacdn.net *.dnacdn.net *.onetag-sys.com https:\/\/onetag-sys.com *.a-mo.net *.casalemedia.com *.pubmatic.com *.smartadserver.com *.adform.net *.creativecdn.com *.vidoomy.com *.4dex.io *.adxpremium.services *.adsrvr.org *.richaudience.com;","count":1},{"content-security-policy-report-only":" default-src 'self' 'report-sample'; img-src 'self' data: https:\/\/tile.openstreetmap.org; object-src 'none'; script-src 'self' 'nonce-VzBYUEVsd2lCRVZiWFQxbVN5V3lOaw==' 'report-sample'; style-src 'self' 'unsafe-inline' 'report-sample'; report-to csp; report-uri \/csp-report?parent_request_id=005oron5o9somg8rtu70&parent_request_id_hmac=5143b1f83972fb73fcb61632d1269d84de2fbc61","count":1},{"content-security-policy-report-only":" script-src 'self' 'nonce-uGqjE0y5CRN5DtJDWcKgFHgLm9QpPLIAZbCpv8L5fpM=' 'strict-dynamic' 'wasm-unsafe-eval' www.youtube.com  az416426.vo.msecnd.net cdn.cookielaw.org www.google-analytics.com maps.googleapis.com www.googletagmanager.com  dl.episerver.net www.youtube.com www.google.com www.gstatic.com snap.licdn.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.com https:\/\/*.google.ad https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.com.ai https:\/\/*.google.al https:\/\/*.google.am https:\/\/*.google.co.ao https:\/\/*.google.com.ar https:\/\/*.google.as https:\/\/*.google.at https:\/\/*.google.com.au https:\/\/*.google.az https:\/\/*.google.ba https:\/\/*.google.com.bd https:\/\/*.google.be https:\/\/*.google.bf https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.bi https:\/\/*.google.bj https:\/\/*.google.com.bn https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.bs https:\/\/*.google.bt https:\/\/*.google.co.bw https:\/\/*.google.by https:\/\/*.google.com.bz https:\/\/*.google.ca https:\/\/*.google.cd https:\/\/*.google.cf https:\/\/*.google.cg https:\/\/*.google.ch https:\/\/*.google.ci https:\/\/*.google.co.ck https:\/\/*.google.cl https:\/\/*.google.cm https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.cr https:\/\/*.google.com.cu https:\/\/*.google.cv https:\/\/*.google.com.cy https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.dj https:\/\/*.google.dk https:\/\/*.google.dm https:\/\/*.google.com.do https:\/\/*.google.dz https:\/\/*.google.com.ec https:\/\/*.google.ee https:\/\/*.google.com.eg https:\/\/*.google.es https:\/\/*.google.com.et https:\/\/*.google.fi https:\/\/*.google.com.fj https:\/\/*.google.fm https:\/\/*.google.fr https:\/\/*.google.ga https:\/\/*.google.ge https:\/\/*.google.gg https:\/\/*.google.com.gh https:\/\/*.google.com.gi https:\/\/*.google.gl https:\/\/*.google.gm https:\/\/*.google.gr https:\/\/*.google.com.gt https:\/\/*.google.gy https:\/\/*.google.com.hk https:\/\/*.google.hn https:\/\/*.google.hr https:\/\/*.google.ht https:\/\/*.google.hu https:\/\/*.google.co.id https:\/\/*.google.ie https:\/\/*.google.co.il https:\/\/*.google.im https:\/\/*.google.co.in https:\/\/*.google.iq https:\/\/*.google.is https:\/\/*.google.it https:\/\/*.google.je https:\/\/*.google.com.jm https:\/\/*.google.jo https:\/\/*.google.co.jp https:\/\/*.google.co.ke https:\/\/*.google.com.kh https:\/\/*.google.ki https:\/\/*.google.kg https:\/\/*.google.co.kr https:\/\/*.google.com.kw https:\/\/*.google.kz https:\/\/*.google.la https:\/\/*.google.com.lb https:\/\/*.google.li https:\/\/*.google.lk https:\/\/*.google.co.ls https:\/\/*.google.lt https:\/\/*.google.lu https:\/\/*.google.lv https:\/\/*.google.com.ly https:\/\/*.google.co.ma https:\/\/*.google.md https:\/\/*.google.me https:\/\/*.google.mg https:\/\/*.google.mk https:\/\/*.google.ml https:\/\/*.google.com.mm https:\/\/*.google.mn https:\/\/*.google.ms https:\/\/*.google.com.mt https:\/\/*.google.mu https:\/\/*.google.mv https:\/\/*.google.mw https:\/\/*.google.com.mx https:\/\/*.google.com.my https:\/\/*.google.co.mz https:\/\/*.google.com.na https:\/\/*.google.com.ng https:\/\/*.google.com.ni https:\/\/*.google.ne https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.com.np https:\/\/*.google.nr https:\/\/*.google.nu https:\/\/*.google.co.nz https:\/\/*.google.com.om https:\/\/*.google.com.pa https:\/\/*.google.com.pe https:\/\/*.google.com.pg https:\/\/*.google.com.ph https:\/\/*.google.com.pk https:\/\/*.google.pl https:\/\/*.google.pn https:\/\/*.google.com.pr https:\/\/*.google.ps https:\/\/*.google.pt https:\/\/*.google.com.py https:\/\/*.google.com.qa https:\/\/*.google.ro https:\/\/*.google.ru https:\/\/*.google.rw https:\/\/*.google.com.sa https:\/\/*.google.com.sb https:\/\/*.google.sc https:\/\/*.google.se https:\/\/*.google.com.sg https:\/\/*.google.sh https:\/\/*.google.si https:\/\/*.google.sk https:\/\/*.google.com.sl https:\/\/*.google.sn https:\/\/*.google.so https:\/\/*.google.sm https:\/\/*.google.sr https:\/\/*.google.st https:\/\/*.google.com.sv https:\/\/*.google.td https:\/\/*.google.tg https:\/\/*.google.co.th https:\/\/*.google.com.tj https:\/\/*.google.tl https:\/\/*.google.tm https:\/\/*.google.tn https:\/\/*.google.to https:\/\/*.google.com.tr https:\/\/*.google.tt https:\/\/*.google.com.tw https:\/\/*.google.co.tz https:\/\/*.google.com.ua https:\/\/*.google.co.ug https:\/\/*.google.co.uk https:\/\/*.google.com.uy https:\/\/*.google.co.uz https:\/\/*.google.com.vc https:\/\/*.google.co.ve https:\/\/*.google.vg https:\/\/*.google.co.vi https:\/\/*.google.com.vn https:\/\/*.google.vu https:\/\/*.google.ws https:\/\/*.google.rs https:\/\/*.google.co.za https:\/\/*.google.co.zm https:\/\/*.google.co.zw https:\/\/*.google.cat  https:\/\/connect.facebook.net\/ https:\/\/munchkin.marketo.net\/ static.hotjar.com script.hotjar.com https:\/\/cdn.jsdelivr.net\/ https:\/\/cdn.cookielaw.org\/;object-src 'none';base-uri 'self';report-uri https:\/\/o4507537122852864.ingest.de.sentry.io\/api\/4507764299726928\/security\/?sentry_key=2e67b3fa9c193f38db8ea33933d09ffa&sentry_environment=production&sentry_release=sprint24;","count":1},{"content-security-policy-report-only":" object-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/statistiek.rijksoverheid.nl\/; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' https:\/\/statistiek.rijksoverheid.nl\/matomo.js; style-src 'self'; style-src-elem 'self' 'unsafe-inline'; frame-ancestors 'self'; report-uri https:\/\/www.examenblad.nl\/log-report-uri\/reportOnly","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com fonts.googleapis.com 'self' data: *.carpriss.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.cloudfront.net www.google.es www.google-analytics.com stats.g.doubleclick.net *.onetrust.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com 'self' data: *.carpriss.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.gstatic.com sl.google-analytics.com js-agent.newrelic.com bam.nr-data.net *.onetrust.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com *.carpriss.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com fonts.gstatic.com assets.braintreegateway.com *.googleapis.com *.gstatic.com *.carpriss.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.google-analytics.com stats.g.doubleclick.net bam.nr-data.net *.onetrust.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.carpriss.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com *.carpriss.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" child-src self; connect-src self; default-src self; font-src self; img-src self; manifest-src self; media-src self; prefetch-src self; object-src self; script-src 'strict-dynamic' 'sha256-SR8bN339OMynNJtiOzokEXzJnun61AQRM3sZP6Vm+M4=' 'sha256-e7BqW+Mz8De6tDOpzCgFFWJBq9fvGqslbgDO6DpdXgk=' 'nonce-YWQyN2VhZDliMjM1ZDMxNDVlOGRmMmFjZWIyZjY0YjBhZmEzYTVkY2EwZWZmNjNhNGY3OTlhMzg2Mjk4NWZkNDIyMzEyMjI0N2M5NDE4ODcxMzg5ODgyZmNiOTIzMDI1ODlmZTgwOGZjOWMwM2VlNTdiYjQ2NzRjNGRiMjliMzI=' self; style-src  'nonce-YWQyN2VhZDliMjM1ZDMxNDVlOGRmMmFjZWIyZjY0YjBhZmEzYTVkY2EwZWZmNjNhNGY3OTlhMzg2Mjk4NWZkNDIyMzEyMjI0N2M5NDE4ODcxMzg5ODgyZmNiOTIzMDI1ODlmZTgwOGZjOWMwM2VlNTdiYjQ2NzRjNGRiMjliMzI=' self; worker-src self; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' data: https: wss:; frame-src 'self' https:; media-src 'self' data: https:; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self' https:; upgrade-insecure-requests; report-uri https:\/\/www.northwestfirearms.com\/_csp\/report; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src *.pharm24.gr *.skroutz.gr static.zdassets.com data:; frame-src *.pharm24.gr virtual-assistants.gr *.googletagmanager.com *.skroutz.gr *.hotjar.com *.checkout.com *.dco.gr *.disqus.com *.linkwi.se *.adsrvr.org *.google.com *.googlesyndication.com *.agkn.com *.facebook.net *.facebook.com *.youtube.com *.cookiebot.com *.aimtell.com; img-src * data: *.pharm24.gr *.youtube.com *.facebook.com trustmark.gr; script-src 'self' 'unsafe-inline' *.pharm24.gr *.skroutz.gr *.google.com *.debugbear.com virtual-assistants.gr secure.dcomodo.net *.vc-portal.com *.skroutz.gr *.gstatic.com *.checkout.com salesmanago.com *.salesmanago.com *.saleago.com bat.bing.com *.clarity.ms *.adman.gr *.hotjar.com *.googleapis.com *.google.com *.cloudflareinsights.com *.cloudflare.com *.disquscdn.com *.shareaholic.com *.shareaholic.net *.stackpathcdn.com *.cloudfront.net *.adsrvr.org *.instagram.com *.ampproject.org *.googlesyndication.com *.disqus.com *.cookiebot.com trustmark.gr *.agkn.com *.zdassets.com *.trustmark.gr *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.facebook.com connect.facebook.net *.facebook.net googleads.g.doubleclick.net *.doubleclick.net *.zopim.com *.linkwi.se s3.amazonaws.com *.amazonaws.com *.aimtell.com cdn-cfdnp.nitrocdn.com 'unsafe-inline' 'unsafe-eval' blob: data: gap:; style-src 'self' *.googleapis.com *.pharm24.gr *.vc-portal.com *.bootstrapcdn.com cdn-cfdnp.nitrocdn.com 'unsafe-inline'; worker-src 'self' *.aimtell.com blob: data: gap:; font-src 'self' *.hotjar.com *.stats.pharm24.gr *.pharm24.gr *.vc-portal.com *.gstatic.com *.bootstrapcdn.com *.stackpathcdn.com *.zopim.com cdn-cfdnp.nitrocdn.com data:; connect-src *.debugbear.com google.com *.checkout.com *.cookiebot.com *.zendesk.com *.saleago.com *.salesmanago.com *.salesmanago.pl *.getnitropack.com *.adman.gr *.hotjar.com *.googlesyndication.com *.trustmark.gr *.ampproject.org *.google.com *.google.gr *.disqus.com *.shareaholic.com *.shareaholic.net backup.pharm24.gr:* *.pharm24.gr *.doubleclick.net *.google-analytics.com *.agkn.com *.zdassets.com  *.amazonaws.com *.zopim.com bat.bing.com a.clarity.ms *.facebook.com *.aimtell.com wss:\/\/widget-mediator.zopim.com wss:\/\/ws6.hotjar.com\/api\/v2\/client\/ws","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.supercoach.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.klevu.com *.ksearchnet.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com powertoolworld.co.uk *.powertoolworld.co.uk *.cloudflare.com *.google.co.uk *.google.com *.googleapis.com *.googleusercontent.com *.facebook.net data: *.cardinalcommerce.com *.cloudfront.net *.reviews.io *.bugherd.com *.reviews.co.uk data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.facebook.com *.googlesyndication.com *.nosto.com *.nos.to *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * powertoolworld.co.uk *.powertoolworld.co.uk *.google.co.uk *.google.com *.gstatic.com *.googleapis.com *.googleusercontent.com *.doubleclick.net *.facebook.net *.geoplugin.net *.braintreegateway.com data: *.reviews.io *.reviews.co.uk 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.doubleclick.net *.facebook.com *.googlesyndication.com *.clearpay.co.uk *.nosto.com *.nos.to mirakl.m2e.cloud js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com powertoolworld.co.uk *.powertoolworld.co.uk *.cloudflare.com *.google.co.uk *.gstatic.com *.googleapis.com *.googleusercontent.com *.facebook.net data: *.reviews.io *.kaptcha.com *.braintree-api.com *.geoplugin.net *.sharethis.com *.sharethis.mgr.consensu.org *.hotjar.com *.tagserve.com *.clic2buy.com *.clic2drive.com *.reviews.co.uk www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de static-eu.payments-amazon.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.afterpay.com *.clearpay.co.uk *.nosto.com *.nos.to https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ magefan.com cm.magefan.com *.disqus.com *.klevu.com *.ksearchnet.com https:\/\/img.youtube.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com powertoolworld.co.uk *.powertoolworld.co.uk *.cloudflare.com *.google.co.uk *.googleapis.com *.googleusercontent.com *.ytimg.com *.paypalobjects.com *.cloudfront.net *.payments-amazon.com *.cardinalcommerce.com *.reviews.io *.geoplugin.net *.postcodeanywhere.co.uk *.sharethis.com *.trackjs.com *.hotjar.com *.tagserve.com *.bing.com *.wisepops.com wisepops.net *.wisepops.net *.clarity.ms *.clic2buy.com *.clic2drive.com *.reviews.co.uk www.google.com.ua www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.afterpay.com *.clearpay.co.uk *.squarecdn.com https:\/\/hbiq.net widget.freshworks.com m2epro.freshdesk.com *.nosto.com *.nos.to https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.disqus.com https:\/\/cdn.jsdelivr.net js.klevu.com *.ksearchnet.com js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com powertoolworld.co.uk *.powertoolworld.co.uk chimpstatic.com *.chimpstatic.com *.cloudflare.com *.cloudflareinsights.com *.trackedlink.net *.google.co.uk *.googleapis.com *.googleusercontent.com *.klevu.com data: *.reviews.io *.cardinalcommerce.com *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazonservices.com *.amazonservices.co.uk *.amazonservices.co.jp *.amazonservices.jp *.amazonservices.it *.amazonservices.fr *.amazonservices.es *.trackedweb.net *.dotdigital-pages.com *.comapi.com *.dotdigital.com *.authorize.net *.cloudfront.net *.dynamicyield.com *.geoplugin.net *.postcodeanywhere.co.uk *.pcapredict.com *.sharethis.com *.trackjs.com cdn.jsdelivr.net *.hotjar.com *.tagserve.com *.zendesk.com *.zdassets.com static.zdassets.com *.zopim.com *.bing.com widget-mediator.zopim.com *.wisepops.com wisepops.net *.wisepops.net *.clarity.ms *.clic2buy.com *.clic2drive.com *.reviews.co.uk www.xtento.com cdn.xtento.com https:\/\/js.klevu.com https:\/\/www.powertoolworld.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.afterpay.com\/ *.squarecdn.com widget.freshworks.com m2epro.freshdesk.com *.nosto.com *.nos.to https:\/\/static.klaviyo.com https:\/\/cdn.jsdelivr.net *.klevu.com *.ksearchnet.com unsafe-inline assets.braintreegateway.com *.stripe.network *.stripecdn.com *.amazon.com powertoolworld.co.uk *.powertoolworld.co.uk *.cloudflare.com *.google.co.uk *.google.com *.googleusercontent.com *.facebook.net data: *.cardinalcommerce.com *.paypal.com *.cloudfront.net *.reviews.io *.geoplugin.net *.postcodeanywhere.co.uk *.sharethis.com *.hotjar.com *.tagserve.com *.reviews.co.uk https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com powertoolworld.co.uk *.powertoolworld.co.uk *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.clearpay.co.uk *.squarecdn.com https:\/\/hbiq.net https:\/\/iq.afterpay-beta.com https:\/\/iq.afterpay.com widget.freshworks.com m2epro.freshdesk.com api.addressy.com *.nosto.com *.nos.to https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com powertoolworld.co.uk *.powertoolworld.co.uk *.cloudflare.com *.google.co.uk *.gstatic.com *.googleapis.com *.googleusercontent.com *.reviews.co.uk data: *.amazonservices.com *.amazonservices.co.uk *.amazonservices.co.jp *.amazonservices.jp *.amazonservices.it *.amazonservices.fr *.amazonservices.es *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.comapi.com *.dotdigital.com *.bugsnag.com *.pusherapp.com ws.pusherapp.com *.bugherd.com *.geoplugin.net *.postcodeanywhere.co.uk *.sharethis.com *.trackjs.com *.hotjar.com *.hotjar.io *.tagserve.com *.zendesk.com *.zdassets.com static.zdassets.com *.zopim.com widget-mediator.zopim.com wss:\/\/widget-mediator.zopim.com *.wisepops.com wisepops.net *.wisepops.net *.clarity.ms *.clic2buy.com *.clic2drive.com *.cloudfront.net *.reviews.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' https:\/\/analytics.tiktok.com https:\/\/bat.bing.com https:\/\/cdn-3.convertexperiments.com https:\/\/cdn-4.convertexperiments.com https:\/\/cdn.cookielaw.org https:\/\/cdn.debugbear.com https:\/\/cdn.ometria.com https:\/\/script.hotjar.com https:\/\/code.jquery.com https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/p.teads.tv https:\/\/s.pinimg.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/unpkg.com https:\/\/widget.trustpilot.com https:\/\/www.bing.com https:\/\/js.klarna.com https:\/\/payments.worldpay.com https:\/\/rum-static.pingdom.net https:\/\/www.awin1.com https:\/\/www.dwin1.com https:\/\/www.google.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/app.convert.com https:\/\/ct.pinterest.com https:\/\/no-cdn.convertexperiments.com https:\/\/r.bing.com https:\/\/apis.google.com https:\/\/js.playground.klarna.com https:\/\/translate-pa.googleapis.com https:\/\/translate.google.com https:\/\/translate.googleapis.com https:\/\/www.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/*.ssl.ak.dynamic.tiles.virtualearth.net https:\/\/www.flyingflowers.co.uk https:\/\/www.interflora.ie https:\/\/www.interflora.co.uk https:\/\/www.paypal.com https:\/\/static.zdassets.com 'report-sample'; script-src-attr 'self'; script-src-elem 'self' https:\/\/cdn-4.convertexperiments.com https:\/\/www.paypal.com https:\/\/tr.snapchat.com https:\/\/atlas.microsoft.com https:\/\/static.zdassets.com https:\/\/www.googletagmanager.com https:\/\/www.dwin1.com https:\/\/widget.trustpilot.com https:\/\/unpkg.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/s.pinimg.com https:\/\/rum-static.pingdom.net https:\/\/js.klarna.com https:\/\/googleads.g.doubleclick.net https:\/\/ct.pinterest.com https:\/\/connect.facebook.net https:\/\/cdn.ometria.com https:\/\/cdn.debugbear.com https:\/\/cdn.cookielaw.org https:\/\/bat.bing.com https:\/\/analytics.tiktok.com https:\/\/payments.worldpay.com; connect-src 'self' https:\/\/hpp.worldpay.com https:\/\/tr.snapchat.com https:\/\/tr6.snapchat.com https:\/\/*.metrics.convertexperiments.com https:\/\/ekr.zdassets.com https:\/\/ad.doubleclick.net https:\/\/analytics.tiktok.com https:\/\/ask.hotjar.io https:\/\/bat.bing.com https:\/\/cdn-3.convertexperiments.com https:\/\/cdn.cookielaw.org https:\/\/cdn.debugbear.com https:\/\/cm.teads.tv https:\/\/content.hotjar.io https:\/\/ct.pinterest.com https:\/\/data.debugbear.com https:\/\/googleads.g.doubleclick.net https:\/\/in.hotjar.com https:\/\/insights.algolia.io https:\/\/l.teads.tv https:\/\/logs.convertexperiments.com https:\/\/metrics.hotjar.io https:\/\/msn7pvpzhu-1.algolianet.com https:\/\/msn7pvpzhu-2.algolianet.com https:\/\/msn7pvpzhu-3.algolianet.com https:\/\/msn7pvpzhu-dsn.algolia.net https:\/\/stats.g.doubleclick.net https:\/\/surveystats.hotjar.io https:\/\/t.teads.tv https:\/\/trk.ometria.com https:\/\/unpkg.com https:\/\/vc.hotjar.io https:\/\/widget.trustpilot.com wss:\/\/ws.hotjar.com https:\/\/www.bing.com https:\/\/www.facebook.com https:\/\/media.interflora.co.uk https:\/\/apis.google.com https:\/\/cdn.ometria.com https:\/\/geolocation.onetrust.com https:\/\/payments.worldpay.com https:\/\/privacyportal-eu.onetrust.com https:\/\/rum-collector-2.pingdom.net https:\/\/rum-static.pingdom.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/uksouth-0.in.applicationinsights.azure.com https:\/\/region1.google-analytics.com https:\/\/pagead2.googlesyndication.com https:\/\/o4506853695881216.ingest.us.sentry.io https:\/\/*.playground.klarnaevt.com https:\/\/adservice.google.com https:\/\/cdn-4.convertexperiments.com https:\/\/connect.facebook.net https:\/\/js.klarna.com https:\/\/js.playground.klarna.com https:\/\/oc.klarnaevt.com https:\/\/eu.klarnaevt.com https:\/\/region1.analytics.google.com https:\/\/analytics.google.com https:\/\/api.edq.com https:\/\/bat.bing.net https:\/\/dev.virtualearth.net https:\/\/translate.googleapis.com https:\/\/translate-pa.googleapis.com https:\/\/www.google.co.uk https:\/\/na.klarnaevt.com https:\/\/atlas.microsoft.com https:\/\/na.klarnaevt.com https:\/\/www.interflora.ie https:\/\/www.flyingflowers.co.uk https:\/\/dc.services.visualstudio.com https:\/\/www.awin1.com https:\/\/www.googleadservices.com https:\/\/wepowerconnections.com https:\/\/fonts.gstatic.com https:\/\/google.com https:\/\/www.paypal.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/www.sandbox.paypal.com https:\/\/cdn.media.amplience.net https:\/\/o24547.ingest.sentry.io; style-src 'self' 'unsafe-inline'; frame-src 'self' https:\/\/tr.snapchat.com https:\/\/*.fls.doubleclick.net https:\/\/match.adsrvr.org https:\/\/ct.pinterest.com https:\/\/hpp.worldpay.com https:\/\/js.klarna.com https:\/\/payments.worldpay.com https:\/\/td.doubleclick.net https:\/\/widget.trustpilot.com https:\/\/www.awin1.com https:\/\/www.facebook.com https:\/\/js.klarna.com https:\/\/pay.klarna.com https:\/\/www.paypal.com https:\/\/www.googletagmanager.com https:\/\/www.sandbox.paypal.com; img-src 'self' data: https:\/\/www.interflora.co.uk https:\/\/media.interflora.co.uk https:\/\/ad.doubleclick.net https:\/\/analytics.tiktok.com https:\/\/bat.bing.com https:\/\/cdn.cookielaw.org https:\/\/cm.teads.tv https:\/\/connect.facebook.net https:\/\/googleads.g.doubleclick.net https:\/\/l.teads.tv https:\/\/stats.g.doubleclick.net https:\/\/t.teads.tv https:\/\/trk.ometria.com https:\/\/www.awin1.com https:\/\/www.bing.com https:\/\/www.facebook.com https:\/\/logs.convertexperiments.com https:\/\/adservice.google.com https:\/\/media.flyingflowers.co.uk https:\/\/translate.google.com https:\/\/www.flyingflowers.co.uk https:\/\/www.googletagmanager.com https:\/\/t.ssl.ak.dynamic.tiles.virtualearth.net https:\/\/interflora.a.bigcontent.io https:\/\/ade.googlesyndication.com https:\/\/www.wepowerconnections.com https:\/\/eu.fareye.co https:\/\/cdn.media.amplience.net https:\/\/media.interflora.ie https:\/\/www.interflora.ie https:\/\/fonts.gstatic.com https:\/\/www.google.co.uk https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/bat.bing.net https:\/\/analytics-ipv6.tiktokw.us https:\/\/google.com https:\/\/www.googleadservices.com; form-action 'self' https:\/\/payments.worldpay.com; worker-src 'self'; report-uri https:\/\/interflorauk.report-uri.com\/r\/t\/csp\/reportOnly; ","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: *.klarnacdn.net *.cdn-apple.com *.fontawesome.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/fonts.bunny.net *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.klarna.com *.playground.klarna.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.stripe.com klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.facebook.com *.bing.com *.coccinelle.com stileo.it *.cookiebot.com *.google.it *.klarnacdn.net *.klarnaservices.com *.playground.klarnaservices.com *.klarna.com *.klarnaevt.com *.worldline-solutions.com *.secured-by-ingenico.com https:\/\/firebasestorage.googleapis.com *.webtrekk.net *.wt-eu02.net https:\/\/fbc.wcfbc.net https:\/\/*.flx1.com\/ https:\/\/dmp.adform.net\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de kit.fontawesome.com *.cookiebot.com *.jsdelivr.net *.facebook.net *.clarity.ms *.bing.com glamipixel.com *.coccinelle.com *.rakuten.com *.rmtag.com *.criteo.com *.adobedtm.com *.cardinalcommerce.com *.doubleclick.net *.google.com *.r-data.net *.accelasearch.io *.klarnacdn.net *.klarnaservices.com *.playground.klarnaservices.com *.klarna.com x.klarnacdn.net *.cdn-apple.com *.avada.io https:\/\/responder.wt-safetag.com https:\/\/*.flx1.com\/ https:\/\/www.googletagmanager.com https:\/\/*.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarnaevt.com *.amazon.com *.link.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.klarnacdn.net *.gstatic.com *.fontawesome.com *.googleapis.com *.google.com https:\/\/fonts.bunny.net unsafe-inline assets.braintreegateway.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.stripe.network *.stripecdn.com *.amazon.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cloudfront.net *.amazonaws.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.cookiebot.com *.googlesyndication.com *.google-analytics.com *.doubleclick.net *.coccinelle.com *.criteo.com *.klarnaevt.com *.playground.klarnaevt.com *.klarnaservices.com *.playground.klarnaservices.com *.klarnacdn.net x.klarnacdn.net *.klarna.com *.worldline-solutions.com http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/get.geojs.io *.avada.io https:\/\/*.flx1.com\/ https:\/\/*.gstatic.com https:\/\/jamie.g.shortest-route.com https:\/\/*.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.stripe.com klarna.com *.link.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; connect-src 'self' https:\/\/*.ai-messenger-static.app https:\/\/*.sentry.io https:\/\/*.googleapis.com https:\/\/*.ai-messenger.app https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.co.jp https:\/\/zipcloud.ibsnet.co.jp; form-action 'self' https:\/\/search.aterm.jp; font-src 'self' https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/cyberagent-286.firebaseapp.com; img-src 'self' https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.co.jp https:\/\/*.globalsign.com https:\/\/i.ytimg.com https:\/\/m.ai-messenger-static.app https:\/\/*.widget-api.ai-messenger.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/w.ai-messenger-static.app https:\/\/cache.dga.jp https:\/\/rsv.dga.jp https:\/\/*.googletagmanager.com https:\/\/www.youtube.com https:\/\/i39-t11.dga.jp https:\/\/*.google-analytics.com; script-src-elem 'self' 'unsafe-inline' https:\/\/w.ai-messenger-static.app https:\/\/cache.dga.jp https:\/\/rsv.dga.jp https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.globalsign.com https:\/\/cdn.jsdelivr.net https:\/\/i39-t11.dga.jp https:\/\/c.amazon-adsystem.com https:\/\/www.youtube.com; script-src-attr 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https:\/\/cache.dga.jp https:\/\/rsv.dga.jp; style-src-elem 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cache.dga.jp https:\/\/rsv.dga.jp; report-uri https:\/\/twww.aterm.jp\/cgi-bin\/SecurityPolicy\/report.cgi;","count":1},{"content-security-policy-report-only":" report-uri \/core\/api\/Monitoring\/SaveCSPReport","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com static.klaviyo.com www.shopperapproved.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/img.youtube.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com tracking.avantlink.com dgjcoqnzn763b.cloudfront.net www.shopperapproved.com seal.trustguard.com tgscript.s3.amazonaws.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/developer.adobe.com https:\/\/magento.com https:\/\/cdn.avmws.com\/ http:\/\/cdn.avmws.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ s7.addthis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com acsbapp.com *.google-analytics.com js-agent.newrelic.com googletagmanager.com *.hotjar.com ssl.avmws.com d395yjvh5spyzw.cloudfront.net edge.curalate.com www.google.com *.googleapis.com config.gorgias.chat contact.gorgias.help s.pinimg.com *.pinterest.com https:\/\/cdn.searchspring.net\/intellisuggest\/is.min.js www.shopperapproved.com shopperapproved.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com analytics.tiktok.com tgscript.s3.amazonaws.com https:\/\/app.zinrelo.com app.zinrelo.com https:\/\/cdn.zinrelo.com\/js\/all.js snapui.searchspring.io 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com https:\/\/static.klaviyo.com www.gstatic.com www.shopperapproved.com use.typekit.net p.typekit.net tgscript.s3.amazonaws.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/developer.adobe.com https:\/\/cdn.avmws.com\/ http:\/\/cdn.avmws.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ ekr.zdassets.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com cdn.acsbapp.com stats.g.doubleclick.net *.google-analytics.com googletagmanager.com *.hotjar.io *.hotjar.com wss:\/\/*.hotjar.com *.tiktokw.us *.googleapis.com config.gorgias.chat wss:\/\/us-east1-898b.gorgias.chat s.pinimg.com ct.pinterest.com *.pinterest.com https:\/\/beacon.searchspring.io\/beacon shopperapproved.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com analytics.tiktok.com api.trustguard.com *.searchspring.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src assets.gorgias.chat 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=w_E7fSdjIQr2Ppx.wuwe5Bd69Eyzd.zTvE50qzn7WMQ-1778726379.4299316-1.0.1.1-KtPFZfeWgayuAovd5x3ltnHv7Yzxt2GH_1dFCIm.8u_zJ7nQRONL4bF4rKfrxFxFdzk1jN4aUl_2O7S9tNoNKdyRVHuWpsXVIGosXkR4Lren4Jjqg0wibmsrn36.C9fVgyqIwY45nyZA4Bnii_nsnBV3_W.eOoxCfezThxXNdFI; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" default-src * data: blob: ; script-src 'nonce-80d543fcc4c5fe718355b3288f07833c' 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/www.realmusic.ru https:\/\/www.realrocks.ru https:\/\/*.realmusic.ru https:\/\/*.realrocks.ru https:\/\/s.ytimg.com https:\/\/*.google-analytics.com https:\/\/*.youtube.com https:\/\/maps.googleapis.com https:\/\/translate.googleapis.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.gstatic.com https:\/\/*.google.ru https:\/\/www.googletagmanager.com https:\/\/googletagmanager.com https:\/\/fonts.googleapis.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/yastatic.net https:\/\/mc.yandex.ru https:\/\/mc.yandex.com https:\/\/unpkg.com\/ https:\/\/cdn.jsdelivr.net https:\/\/code.jquery.com ; script-src-attr 'self' 'unsafe-inline' ; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com\/ https:\/\/cdnjs.cloudflare.com\/ https:\/\/unpkg.com\/ https:\/\/cdn.jsdelivr.net ; media-src 'self' about: https:\/\/*.realrocks.ru https:\/\/*.realmusic.ru ; frame-ancestors 'self' https:\/\/vk.com https:\/\/*.vk.com https:\/\/away.vk.com https:\/\/www.vk.com ; report-uri \/report-to.php ; report-to csp","count":1},{"content-security-policy-report-only":" default-src 'self' jhnet.okta.com sso.jhnet.com *.oktacdn.com; connect-src 'self' jhnet.okta.com jhnet-admin.okta.com sso.jhnet.com *.oktacdn.com *.mixpanel.com *.mapbox.com jhnet.kerberos.okta.com jhnet.mtls.okta.com *.authenticatorlocalprod.com:8769 http:\/\/localhost:8769 http:\/\/127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http:\/\/localhost:65111 http:\/\/127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http:\/\/localhost:65121 http:\/\/127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http:\/\/localhost:65131 http:\/\/127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http:\/\/localhost:65141 http:\/\/127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http:\/\/localhost:65151 http:\/\/127.0.0.1:65151 https:\/\/oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' jhnet.okta.com sso.jhnet.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' jhnet.okta.com sso.jhnet.com *.oktacdn.com; frame-src 'self' jhnet.okta.com jhnet-admin.okta.com sso.jhnet.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' jhnet.okta.com sso.jhnet.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' jhnet.okta.com sso.jhnet.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' media1.jpc.de wom.de; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; script-src 'self' media1.jpc.de wom.de 'nonce-QWDNE8B9XeRLo6c+H33kEp3GIzoWwnZhbEiZLw7qsdpB\/E3L2WJBbnso0HQqyUQ48mqwXTak2ASx8j\/8VqkS3g==' 'report-sample'; style-src 'self' media1.jpc.de wom.de 'report-sample' 'unsafe-inline'; font-src 'self' media1.jpc.de wom.de; img-src 'self' media1.jpc.de wom.de data:; connect-src 'self' media1.jpc.de wom.de https:\/\/use.jpc.de; report-uri \/csp\/; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self' http:\/\/www.google-analytics.com https:\/\/consent.bumble.com; script-src 'self' 'unsafe-inline' 'report-sample' 'nonce-b43LDYYdFZsjGezWXnztRw==' http:\/\/www.google-analytics.com https:\/\/consent.bumble.com; style-src 'self' 'unsafe-inline'; connect-src 'self' http:\/\/www.google-analytics.com https:\/\/consent.bumble.com; child-src 'self'; font-src * data:; manifest-src 'self'; base-uri 'self'; frame-src 'self' http:\/\/www.google-analytics.com https:\/\/consent.bumble.com https:\/\/bumble.com https:\/\/support.bumble.com; img-src * data: blob:; media-src * data: blob:; report-uri \/jss\/csp_report.phtml?token=bumble_safety_center&env=production;","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; report-uri https:\/\/mhi-uk.uriports.com\/reports\/report; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.bimbostore.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/js.api.here.com https:\/\/cdn.scalapay.com https:\/\/*.scalapay.com https:\/\/*.klarnacdn.net https:\/\/*.klarna.com https:\/\/eu1-config.doofinder.com https:\/\/*.doofinder.com https:\/\/invitejs.trustpilot.com https:\/\/*.trustpilot.com https:\/\/www.dwin1.com https:\/\/*.awin1.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.bimbostore.com https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https:\/\/cdn.bimbostore.com https:\/\/www.bimbostore.com https:\/\/www.toyscenter.it https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/stats.g.doubleclick.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/*.here.com https:\/\/*.hereapi.com https:\/\/*.scalapay.com https:\/\/*.klarnacdn.net https:\/\/*.trustpilot.com https:\/\/*.awin1.com https:\/\/*.dwin1.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/cdn.bimbostore.com; connect-src 'self' https:\/\/www.bimbostore.com https:\/\/cdn.bimbostore.com https:\/\/*.doofinder.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/maps.googleapis.com https:\/\/*.api.here.com https:\/\/*.hereapi.com https:\/\/*.scalapay.com https:\/\/*.klarna.com https:\/\/*.trustpilot.com https:\/\/*.awin1.com https:\/\/*.dwin1.com; frame-src https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/ https:\/\/*.scalapay.com https:\/\/*.klarna.com https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com; frame-ancestors 'self'; form-action 'self' https:\/\/www.bimbostore.com; base-uri 'self'; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https:\/\/889ecefd2de50feabce01d0fae49ca81.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" default-src https:\/\/d13qcyivyon4xf.cloudfront.net https:\/\/*.recollect.net https:\/\/www2.elpasotexas.gov https:\/\/*.piktochart.com https:\/\/elpasotx.citysourced.com https:\/\/alive5.com https:\/\/*.pure.cloud https:\/\/td.doubleclick.net https:\/\/*.userway.org https:\/\/*.powerbigov.us 'self' data:; script-src https:\/\/*.fontawesome.com https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.gstatic.com https:\/\/*.jquery.com 'sha256-EFV8pmp\/wh+U6PZamj4KQ0q8X4ZQK18tF7skjashMC0=' 'sha256-d470bixwKmL9bRvqX+\/YcGn63ywAfKoybYPkM5Uytpg=' 'sha256-CWheM\/qrotfHL9rkBHCUQoQJ26R59qBT9Y6zmdWMo4I=' https:\/\/*.cloudflare.com https:\/\/*.jsdelivr.net https:\/\/*.recollect.net 'sha256-GZcyqV0YX2St+S\/OQczTu1wNNg\/O+RTwzw2JTTta3P0=' https:\/\/googletagmanager.com https:\/\/acsbapp.com https:\/\/*.pure.cloud https:\/\/*.acsbapp.com 'sha256-EhQpu6NNucte8YbnJ4xqNQ3ZEr6lZr9OylXRM08U23w=' 'sha256-6LGMzcnzg+kSHN9kCfnGBfyFkTD5ralHy4kgX9bEKac=' https:\/\/*.userway.org https:\/\/alive5.com 'sha256-Ktbr5+uWaq\/tdIzd+uSnzMynWRb8C1GgwNmidruZnl4=' https:\/\/*.elpasotexas.gov 'sha256-N\/ojzpn0NH2iToAWgtz7\/qj3VTBrzGc5Kq\/wcHmeC9g=' 'sha256-32mhgs7qr26DY71TSkr2GH6b4cN1O1vqJZeD8VqK09E=' 'sha256-ogBzyJChbukfa3Sy3FmuFfBT4HErpPzLDY1mDXuD08I=' https:\/\/*.clarity.ms 'sha256-1Mtgu0LP1N914Q7hPqP5oj1G7I5kj4eUK9emzGHCGU0=' https:\/\/*.youtube.com 'sha256-ISZqhiP5lsW\/o4tzWAjiLcmBSgn4ci50MHTdBAJeJzo=' https:\/\/*.googleadservices.com 'unsafe-eval' https:\/\/*.facebook.net https:\/\/*.adtrafficquality.google https:\/\/*.cloudflareinsights.com 'self' 'report-sample' 'nonce-989013017af9d8b6'; style-src https:\/\/*.googleapis.com https:\/\/*.fontawesome.com https:\/\/*.google.com https:\/\/*.jsdelivr.net https:\/\/*.typekit.net https:\/\/*.fastly.net https:\/\/alive5.com https:\/\/*.userway.org https:\/\/*.gstatic.com 'self' 'unsafe-inline' 'report-sample'; connect-src https:\/\/*.fontawesome.com https:\/\/*.google-analytics.com https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/googletagmanager.com https:\/\/*.acsbapp.com https:\/\/webmessaging.usw2.pure.cloud https:\/\/*.pure.cloud https:\/\/*.userway.org https:\/\/*.alive5.com https:\/\/alive5.com https:\/\/*.clarity.ms https:\/\/*.adtrafficquality.google https:\/\/*.g.doubleclick.net https:\/\/*.googleapis.com https:\/\/*.youtube.com https:\/\/youtube.com 'self' data:; font-src https:\/\/*.gstatic.com https:\/\/*.fontawesome.com https:\/\/*.jsdelivr.net https:\/\/*.typekit.net https:\/\/*.fastly.net https:\/\/acsbapp.com https:\/\/*.userway.org 'self' data:; img-src https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.google-analytics.com https:\/\/*.jsdelivr.net https:\/\/*.fastly.net https:\/\/*.recollect.net https:\/\/*.piktochart.com https:\/\/*.userway.org https:\/\/*.alive5.com https:\/\/*.clarity.ms https:\/\/*.gstatic.com https:\/\/*.googletagmanager.com https:\/\/*.bing.com https:\/\/tip411.com https:\/\/*.tip411.com https:\/\/*.adtrafficquality.google https:\/\/*.g.doubleclick.net https:\/\/*.google.com.mx https:\/\/*.youtube.com 'self' data:; Strict-Transport-Security max-age=31536000; frame-src https:\/\/syndicatedsearch.goog https:\/\/www2.elpasotexas.gov https:\/\/alive5.com https:\/\/*.youtube.com https:\/\/*.powerbigov.us https:\/\/*.google.com https:\/\/*.adtrafficquality.google https:\/\/*.userway.org https:\/\/googletagmanager.com https:\/\/coepgis.map.arcgis.com https:\/\/*.googletagmanager.com https:\/\/tip411.com https:\/\/*.tip411.com https:\/\/youtube.com https:\/\/www.youtube-nocookie.com 'self'; media-src https:\/\/*.gstatic.com https:\/\/*.youtube.com https:\/\/youtube.com 'self'; script-src-elem https:\/\/*.fontawesome.com https:\/\/*.googletagmanager.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.gstatic.com https:\/\/*.jquery.com 'sha256-EFV8pmp\/wh+U6PZamj4KQ0q8X4ZQK18tF7skjashMC0=' 'sha256-d470bixwKmL9bRvqX+\/YcGn63ywAfKoybYPkM5Uytpg=' 'sha256-CWheM\/qrotfHL9rkBHCUQoQJ26R59qBT9Y6zmdWMo4I=' https:\/\/*.cloudflare.com https:\/\/*.jsdelivr.net https:\/\/*.recollect.net 'sha256-GZcyqV0YX2St+S\/OQczTu1wNNg\/O+RTwzw2JTTta3P0=' https:\/\/googletagmanager.com https:\/\/acsbapp.com https:\/\/*.pure.cloud https:\/\/*.acsbapp.com 'sha256-EhQpu6NNucte8YbnJ4xqNQ3ZEr6lZr9OylXRM08U23w=' 'sha256-6LGMzcnzg+kSHN9kCfnGBfyFkTD5ralHy4kgX9bEKac=' https:\/\/*.userway.org https:\/\/alive5.com 'sha256-Ktbr5+uWaq\/tdIzd+uSnzMynWRb8C1GgwNmidruZnl4=' https:\/\/*.elpasotexas.gov 'sha256-N\/ojzpn0NH2iToAWgtz7\/qj3VTBrzGc5Kq\/wcHmeC9g=' 'sha256-32mhgs7qr26DY71TSkr2GH6b4cN1O1vqJZeD8VqK09E=' 'sha256-ogBzyJChbukfa3Sy3FmuFfBT4HErpPzLDY1mDXuD08I=' https:\/\/*.clarity.ms 'sha256-1Mtgu0LP1N914Q7hPqP5oj1G7I5kj4eUK9emzGHCGU0=' https:\/\/*.youtube.com 'sha256-ISZqhiP5lsW\/o4tzWAjiLcmBSgn4ci50MHTdBAJeJzo=' https:\/\/*.googleadservices.com 'unsafe-eval' https:\/\/*.facebook.net https:\/\/*.adtrafficquality.google 'sha256-RlhVC6WGhVrcsY0hAmbU\/YhaSUz2iA2q1f16\/7A6jLU=' 'self' 'report-sample' 'nonce-989013017af9d8b6'; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/www.googletagmanager.com *.googleapis.com maxcdn.bootstrapcdn.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com accounts.google.com api.twitter.com www.linkedin.com api.instagram.com *.amazon.com www.paypal.com *.twitch.tv login.microsoftonline.com https:\/\/pinterest.com https:\/\/www.pinterest.com appleid.apple.com *.borica.bg 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com https:\/\/images.unsplash.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com magefan.com cm.magefan.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com https:\/\/maps.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com tagmanager.google.com https:\/\/www.googletagmanager.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js chimpstatic.com downloads.mailchimp.com *.list-manage.com *.hsforms.net *.hsforms.com *.gstatic.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com downloads.mailchimp.com maxcdn.bootstrapcdn.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/www.google-analytics.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" img-src https:\/\/placehold.co 'self' data: app.usercentrics.eu privacy-proxy-server.usercentrics.eu uct.service.usercentrics.eu https:\/\/lh3.ggpht.com https:\/\/*.google-analytics.com *.google.com https:\/\/www.google.com https:\/\/*.googleadservices.com https:\/\/*.googleapis.com *.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/*.googletagmanager.com https:\/\/maps.gstatic.com https:\/\/*.hsforms.com *.hubspot.com https:\/\/*.lenze.com\/ https:\/\/*.linkedin.com https:\/\/*.hana.ondemand.com\/ https:\/\/via.placeholder.com https:\/\/*.twimg.com https:\/\/platform.twitter.com https:\/\/syndication.twitter.com https:\/\/*.vimeocdn.com *.youtube.com *.ytimg.com https:\/\/i.ytimg.com https:\/\/www.google.de https:\/\/eu6.heatmap.it *.doubleclick.net https:\/\/*.hubspotusercontent40.net https:\/\/*.google.nl https:\/\/cdn.cookielaw.org https:\/\/*.ads.linkedin.com https:\/\/px.ads.linkedin.com fonts.gstatic.com *.gstatic.com gstatic.com https:\/\/www.google.hu https:\/\/www.google.co https:\/\/www.google.ch https:\/\/www.google.pt https:\/\/www.google.com.mx https:\/\/www.google.ca https:\/\/www.google.es https:\/\/www.google.sm https:\/\/www.google.com.sa https:\/\/www.google.com.tw https:\/\/www.google.com.pk https:\/\/www.facebook.com  *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat https:\/\/googleads.g.doubleclick.net https:\/\/ad.doubleclick.net https:\/\/ade.googlesyndication.com blob: cdn2.hubspot.net forms.hsforms.com https:\/\/x4support.lenze.digital https:\/\/outlook.office365.com https:\/\/static.hsappstatic.net *.hubspotusercontent-na1.net https:\/\/cdn.ixon.cloud; script-src 'report-sample' 'self' 'nonce-e29c9c87b2342d1b9d4639a93f91ed02' blob: data: https:\/\/web.cmp.usercentrics.eu\/ https:\/\/privacy-proxy.usercentrics.eu\/latest\/uc-block.bundle.js https:\/\/maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com https:\/\/kit.fontawesome.com https:\/\/*.google-analytics.com\/ https:\/\/*.google.com https:\/\/www.google.com https:\/\/*.googleadservices.com https:\/\/maps.googleapis.com https:\/\/*.googlesyndication.com https:\/\/www.googletagmanager.com\/ https:\/\/*.googletagservices.com https:\/\/js.hs-banner.com https:\/\/js.hs-scripts.com https:\/\/forms.hsforms.com https:\/\/*.hubspot.com https:\/\/code.jquery.com https:\/\/*.lenze.com https:\/\/snap.licdn.com\/li.lms-analytics\/ https:\/\/*.hana.ondemand.com\/ https:\/\/geolocation.onetrust.com https:\/\/cdn.syndication.twimg.com https:\/\/platform.twitter.com https:\/\/unpkg.com https:\/\/js.usemessages.com https:\/\/m.youtube.com https:\/\/www.youtube.com https:\/\/players.yumpu.com https:\/\/polyfill.io https:\/\/u.heatmap.it https:\/\/u.heatmap.it\/log.js https:\/\/*.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/connect.facebook.net https:\/\/js.hs-analytics.net https:\/\/js.hsadspixel.net https:\/\/js.hscta.net https:\/\/js.hsforms.net https:\/\/js.hsleadflows.net https:\/\/cdn.jsdelivr.net https:\/\/cdn.cookielaw.org https:\/\/google-analytics.com about: https:\/\/js.hsadspixel.net https:\/\/js.hubspotfeedback.com https:\/\/js.hscollectedforms.net https:\/\/js-na1.hs-scripts.com ajax.googleapis.com; style-src 'report-sample' 'self' 'nonce-e29c9c87b2342d1b9d4639a93f91ed02' 'strict-dynamic' 'unsafe-hashes' *.google.com fonts.googleapis.com https:\/\/*.lenze.com\/ https:\/\/*.hana.ondemand.com\/ https:\/\/ton.twimg.com https:\/\/platform.twitter.com https:\/\/www.googletagmanager.com translate.googleapis.com 'sha256-N6HduNaywXTc9TsAJfAPIddstNgqLVZjNhYByeI9B8g=' 'sha256-kFAIUwypIt04FgLyVU63Lcmp2AQimPh\/TdYjy04Flxs=' 'sha256-vuylZAqj8xbIZieH0Mdx8nP+L3+qg8czsM8La7NZ3cw=' 'sha256-BZun+khwG2fSO7p\/mr18d7W9Q3Th2SjNpYGYCPfiX38=' 'sha256-IrAm3nf7lrwi8JeUTq5X87foQzHdKlkPu14M36iGhcM=' 'sha256-9e7+vw3gfExD8UlOjcnBl044HG2UAr5vCYHxq0OyOr8=' 'sha256-GBZYAyS\/Xk\/Q5vM5oBcqhkK5E7uQb9XjPLm9APfWY1Q=' 'sha256-n3PICNRXPxCQtkC63gpriSKMUgP920Pe+2XzgMWdYYI=' 'sha256-Y3p8ZBYNOKyJ+oQnQ0QTFqwf1wz2S7tq\/6yiNiNdFXE=' 'sha256-47DEQpj8HBSa+\/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-REKDcBnwNN0DM5oaVP\/QJ0XHxQPTvNGliT1Hcq+1Wdg=' 'sha256-e+Z0n8P0IwqIce2RMye3\/p5TaNb2k\/QdJT4urKCsrwk=' 'sha256-edW+KixhylnxLGOJoo3iC5UsjEj4HijvIQvP3cgo7ig=' 'sha256-0rhr2SSs9caOx9I4sAMu+RJi6pXlKeDNcZSStYLSLqg=' 'sha256-VgXfHGJN9u67JkhhEY53qSsi4C3YeVA7zXT0WTmb\/7I=' 'sha256-K9flzbVzWnVGoln6FNPgUlW32\/n8CUJbkheAQ60Mu9s=' 'sha256-Te\/ldmUBtNOJo\/wprIEf1hh\/PIt5Nv+BZye1kjdPF00='; frame-src https:\/\/web.cmp.usercentrics.eu https:\/\/player.vimeo.com blob: forms.hsforms.com *.yumpu.com *.google.com *.googlesyndication.com https:\/\/*.lenze.com\/ https:\/\/lenze-portal.rexx-recruitment.com www.youtube-nocookie.com youtu.be *.youtube.com *.doubleclick.net *.hana.ondemand.com https:\/\/www.googletagmanager.com https:\/\/www.linkedin.com https:\/\/platform.twitter.com https:\/\/www.facebook.com https:\/\/syndication.twitter.com https:\/\/onyx.www.linkedin.com https:\/\/www.linkedin.cn https:\/\/www.linkedin.com https:\/\/web.facebook.com https:\/\/bid.g.doubleclick.net js.hsadspixel.net *.hubspot.com js.hscollectedforms.net js.usemessages.com https:\/\/docfinderreloadedstg.blob.core.windows.net https:\/\/outlook.office365.com https:\/\/6269699.hs-sites.com https:\/\/www.lenze.cn; media-src dai.google.com https:\/\/*.lenze.com\/ data: https:\/\/*.hana.ondemand.com *.lenze.cn; frame-ancestors 'self' https:\/\/js.hsforms.net; object-src 'self' *.googlesyndication.com https:\/\/*.lenze.com\/ https:\/\/*.hana.ondemand.com; font-src 'self' data: https:\/\/website-widgets.pages.dev https:\/\/ka-f.fontawesome.com fonts.googleapis.com fonts.gstatic.com https:\/\/*.lenze.com\/ https:\/\/*.hana.ondemand.com\/ https:\/\/ui5.sap.com https:\/\/sdk.openui5.org\/; form-action forms.hsforms.com forms.hubspot.com *.google.com https:\/\/*.lenze.com https:\/\/*.hana.ondemand.com https:\/\/syndication.twitter.com platform.twitter.com *.lenze.cn https:\/\/get.teamviewer.com; worker-src blob: www.google.com https:\/\/*.lenze.com\/ https:\/\/*.hana.ondemand.com; connect-src 'self' https:\/\/api.ci9qprcp-bhndienst1-p1-public.model-t.cc.commerce.ondemand.com https:\/\/privacy-proxy.usercentrics.eu https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/consent-api.service.consent.usercentrics.eu\/ about: https:\/\/geo.fcc.gov https:\/\/api.opencagedata.com https:\/\/forms.hscollectedforms.net https:\/\/region1.google-analytics.com https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/extreme-ip-lookup.com https:\/\/ka-f.fontawesome.com https:\/\/www.google-analytics.com *.google.com https:\/\/maps.googleapis.com *.googlesyndication.com https:\/\/pagead2.googlesyndication.com www.googletagservices.com forms.hsforms.com api.hubapi.com *.hubspot.com https:\/\/forms.hubspot.com https:\/\/*.lenze.com\/ https:\/\/*.hana.ondemand.com\/ https:\/\/privacyportal-de.onetrust.com https:\/\/scandk1.scandit.com https:\/\/*.lenze.eec.gec.io *.doubleclick.net https:\/\/cdn.jsdelivr.net https:\/\/cdn.cookielaw.org fonts.googleapis.com fonts.gstatic.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com https:\/\/geolocation.onetrust.com api.hsforms.com apps-digital-services.lenze.com https:\/\/cdn.linkedin.oribi.io https:\/\/px.ads.linkedin.com https:\/\/js.hscollectedforms.net https:\/\/www.google.hu https:\/\/www.google.co https:\/\/www.google.ch https:\/\/www.google.pt https:\/\/www.google.com.mx https:\/\/www.google.ca https:\/\/www.google.es https:\/\/www.google.sm https:\/\/www.google.com.sa https:\/\/www.google.com.tw https:\/\/www.google.com.pk https:\/\/www.facebook.com  *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.de; child-src blob: *.google.com *.googlesyndication.com https:\/\/*.lenze.com\/ www.youtube.com *.doubleclick.net https:\/\/*.hana.ondemand.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; default-src 'self' blob: https:\/\/*.facebook.com https:\/\/www.google.com https:\/\/forms.hsforms.com https:\/\/forms.hubspot.com https:\/\/*.lenze.com\/ https:\/\/www.linkedin.com https:\/\/*.hana.ondemand.com\/ https:\/\/lenze-portal.rexx-recruitment.com https:\/\/platform.twitter.com https:\/\/syndication.twitter.com https:\/\/player.vimeo.com https:\/\/www.youtube-nocookie.com https:\/\/www.youtube.com https:\/\/www.yumpu.com https:\/\/*.doubleclick.net https:\/\/*.lenze.cn; report-uri https:\/\/csp-report.lenze.com\/api\/3\/security\/?sentry_key=38d57e3bed4640f198e8cb5a750ff134&sentry_environment=production","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/analytics.tiktok.com https:\/\/googleads.g.doubleclick.net https:\/\/cdn.jsdelivr.net https:\/\/embed.tawk.to https:\/\/player.vimeo.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/embed.tawk.to; img-src 'self' data: https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.google.com.cy https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/analytics.tiktok.com https:\/\/px.ads.linkedin.com https:\/\/i.vimeocdn.com https:\/\/embed.tawk.to https:\/\/*.tawk.to https:\/\/tawk.link https:\/\/s3.amazonaws.com https:\/\/embed.videosdk.live; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/embed.tawk.to; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/analytics.tiktok.com https:\/\/analytics-ipv6.tiktokv.us https:\/\/stats.g.doubleclick.net https:\/\/www.google.com https:\/\/www.google.com.cy https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/embed.tawk.to https:\/\/va.tawk.to wss:\/\/*.tawk.to https:\/\/run.app https:\/\/*.a.run.app; frame-src 'self' https:\/\/player.vimeo.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/embed.tawk.to; media-src 'self' https:\/\/vod-adaptive-ak.vimeocdn.com https:\/\/embed.tawk.to; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'   https:\/\/*.googletagmanager.com   https:\/\/www.google.com https:\/\/www.gstatic.com   https:\/\/webforms.pipedrive.com https:\/\/cdn.cmh-1.pipedriveassets.com https:\/\/cdn.was-1.pipedriveassets.com   https:\/\/client.crisp.chat   https:\/\/static.hotjar.com https:\/\/script.hotjar.com   https:\/\/use.typekit.net   https:\/\/cdn-cookieyes.com; connect-src 'self'   https:\/\/*.googletagmanager.com   https:\/\/www.google.com https:\/\/www.gstatic.com   https:\/\/client.crisp.chat wss:\/\/client.relay.crisp.chat   https:\/\/api.weglot.com   https:\/\/cdn-cookieyes.com https:\/\/log.cookieyes.com   https:\/\/vc.hotjar.io   https:\/\/stats.g.doubleclick.net; frame-src 'self'   https:\/\/www.google.com   https:\/\/webforms.pipedrive.com   https:\/\/*.googletagmanager.com   https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com   https:\/\/datastudio.google.com https:\/\/lookerstudio.google.com; img-src 'self' data: https:   https:\/\/image.crisp.chat   https:\/\/img.youtube.com; style-src 'self' 'unsafe-inline'   https:\/\/client.crisp.chat   https:\/\/use.typekit.net https:\/\/p.typekit.net; font-src 'self' data: https: https:\/\/use.typekit.net; object-src 'none';","count":1},{"content-security-policy-report-only":" object-src 'none'; worker-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' addtocalendar.com https:\/\/api.mapbox.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.rawgit.com https:\/\/cdnjs.cloudflare.com https:\/\/static.addtoany.com https:\/\/unpkg.com https:\/\/www.google.com https:\/\/www.tintup.com unpkg.com; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' https:\/\/apps.elfsight.com https:\/\/static.elfsight.com https:\/\/www.youtube.com https:\/\/storage.elfsight.com https:\/\/apis.google.com https:\/\/www.googletagmanager.com addtocalendar.com https:\/\/api.mapbox.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.rawgit.com https:\/\/cdnjs.cloudflare.com https:\/\/static.addtoany.com https:\/\/unpkg.com https:\/\/www.google.com https:\/\/www.tintup.com unpkg.com; style-src 'self' 'unsafe-inline' https:\/\/p.typekit.net addtocalendar.com https:\/\/api.mapbox.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/use.typekit.net unpkg.com; style-src-attr 'self' 'unsafe-inline'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'none'; base-uri 'self'; connect-src 'self' https:\/\/www.google-analytics.com; font-src 'self' https:\/\/fonts.gstatic.com; frame-ancestors 'none'; frame-src https:\/\/www.google.com; img-src 'self' https:\/\/www.google-analytics.com; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'report-sample' 'self' https:\/\/s.go-mpulse.net https:\/\/www.googletagmanager.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/; style-src 'report-sample' 'self' https:\/\/fonts.googleapis.com; worker-src 'none'","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src https:;                                                 script-src https: 'unsafe-inline' 'unsafe-eval';                                                 style-src https: 'unsafe-inline';                                                 font-src https: data:;                                                 img-src https: data: about: ;                                                 connect-src https: wss: 'self';                                                 worker-src https: blob: 'self';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.hs-scripts.com *.hs-analytics.net static.hsappstatic.net *.hsforms.net *.hsforms.com *.hsadspixel.net js.hscta.net js-eu1.hscta.net *.hubspot.com *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hubspotfeedback.com feedback.hubapi.com feedback-eu1.hubapi.com www.googletagmanager.com www.google-analytics.com snap.licdn.com genio.co; style-src 'self' 'unsafe-inline' static.hsappstatic.net fonts.googleapis.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net genio.co; img-src 'self' data: *.hubspot.com *.hs-scripts.com www.google-analytics.com licdn.com js.hscta.net js-eu1.hscta.net no-cache.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com; connect-src 'self' *.hubapi.com js.hscta.net js-eu1.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com *.hs-analytics.net *.azure.com *.posthog.com www.google-analytics.com; frame-src 'self' *.hubspot.com *.hs-sites.com *.hs-sites-eu1.com play.hubspotvideo.com play-eu1.hubspotvideo.com *.hubspot.net *.hsforms.net *.hsforms.com www.youtube.com player.vimeo.com genio.co; child-src *.hsforms.com; font-src 'self' static.hsappstatic.net fonts.gstatic.com; upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" manifest-src 'self'; style-src 'self' 'unsafe-inline' *.fontawesome.com r.testfreaks.com fonts.googleapis.com *.videoly.co *.aptrinsic.com; img-src https:\/\/app.optimizely.com https:\/\/cdn.optimizely.com 'self' data: *.granngarden.se *.google.com *.google.se *.google.no *.google.fi *.google.fr *.google.ca *.google.co.uk *.google.co.in *.google.be *.google.dk *.google.nl *.google.de *.google.is *.google.ch *.google.ro *.google.pl *.google.es *.google.ee *.google.lv *.googletagmanager.com *.googlesyndication.com *.googleadservices.com *.clarity.ms *.bing.com *.doubleclick.net *.kxcdn.com maps.googleapis.com retail.googleapis.com *.imgi.no *.imageshop.no *.testfreaks.com *.ytimg.com i.vimeocdn.com *.videoly.co pricespy-75b8.kxcdn.com api.unifaun.com *.kustom.co cdn.ecoonline.com; font-src 'self' data: *.fontawesome.com res-1.cdn.office.net res.cdn.office.net fonts.gstatic.com *.hotjar.com dhm5hy2vn8l0l.cloudfront.net; report-to report-only-endpoint; connect-src https:\/\/dc.services.visualstudio.com https:\/\/js.monitor.azure.com https:\/\/*.optimizely.com 'self' *.granngarden.se *.clarity.ms *.run.app *.googlesyndication.com *.bing.com *.bing.net *.google.com *.google.se *.googletagmanager.com *.googleadservices.com *.doubleclick.net *.imgi.no *.testfreaks.com *.cookieinformation.com *.app.cookieinformation.com *.videoly.co api.schibsted.com api.pj.nu *.kustom.co *.voyado.com *.hotjar.com *.hotjar.io wss:\/\/ws.hotjar.com *.aptrinsic.com; default-src *.easycruit.com *.vismatalent.com; frame-src https:\/\/*.cdn.optimizely.com https:\/\/*.cdn-pci.optimizely.com *.youtube.com *.youtube-nocookie.com *.cookieinformation.com player.vimeo.com hire.vismatalent.com *.mimsafe.com *.mimsafe.se *.gardena.com *.kustom.co *.granngarden.se; report-uri https:\/\/www.granngarden.se\/report-endpoints\/report-only; script-src https:\/\/js.monitor.azure.com https:\/\/*.optimizely.com https:\/\/optimizely.s3.amazonaws.com https:\/\/cdn-assets-prod.s3.amazonaws.com 'self' *.granngarden.se 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' *.google.com *.google.se *.googletagmanager.com *.clarity.ms *.bing.com *.doubleclick.net www.gstatic.com *.testfreaks.com *.youtube.com *.cookieinformation.com *.app.cookieinformation.com *.videoly.co cdn.pji.nu api.unifaun.com *.kustom.co *.voyado.com *.hotjar.com *.aptrinsic.com;","count":1},{"content-security-policy-report-only":" script-src *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com *.googletagmanager.com *.hotjar.com 'unsafe-inline' *.mouseflow.com; img-src js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspot.net *.hsforms.net *.hsforms.com *.google-analytics.com *.googletagmanager.com *.hotjar.com *.mouseflow.com; connect-src *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hsforms.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.mouseflow.com; frame-src *.hubspot.com play.hubspotvideo.com *.hubspot.net *.hsforms.net *.mouseflow.com; style-src cdn2.hubspot.net *.harmonicinc.com; child-src *.hsforms.com *.mouseflow.com; font-src *.hotjar.com *.hotjar.io *.mouseflow.com;","count":1},{"content-security-policy-report-only":" font-src https:\/\/fonts.gstatic.com fonts.gstatic.com *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.klarnaservices.com *.klarnacdn.net *.klarna.com *.addsauce.com *.fontawesome.com *.bootstrapcdn.com *.funky-buddha.com *.cloudfront.net fonts.googleapis.com https:\/\/imgix.net https:\/\/*.imgix.net https:\/\/retraced-bucket-production-public.imgix.net skroutza.skroutz.gr data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com *.facebook.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com *.vivapayments.com skroutza.skroutz.gr *.modirum.com *.eurocommerce.gr 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.google.com *.doubleclick.net *.facebook.com *.klarna.com *.klarnacdn.net www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com bytedance: sslocal: connect.facebook.net graph.facebook.com business.facebook.com *.contactpigeon.com *.bestprice.gr *.googletagmanager.com *.cookiebot.com *.grxchange.gr *.criteo.com *.skroutz.gr skroutza.skroutz.gr https:\/\/player.vimeo.com https:\/\/www.youtube-nocookie.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com validator.swagger.io maps.googleapis.com maps.gstatic.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.plenigo.com *.klarnacdn.net *.klarnaservices.com *.klarna.com *.addsauce.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com connect.facebook.net graph.facebook.com business.facebook.com *.findbar.io *.contactpigeon.com *.designer-images.net *.bestprice.gr *.visualwebsiteoptimizer.com *.cloudflarestream.com *.rubiconproject.com *.smartadserver.com *.funky-buddha.com *.sharethrough.com *.casalemedia.com *.cookiebot.com *.bidswitch.net *.mediavine.com *.omnitagjs.com *.tremorhub.com *.linkedin.com *.outbrain.com *.360yield.com *.pubmatic.com *.yieldlab.net *.ivitrack.com *.taboola.com *.yieldmo.com *.demdex.net *.criteo.com *.google.gr *.3lift.com *.media.net *.adnxs.com *.teads.tv *.bing.com *.glami.gr *.emxdgt.com id5-sync.com trustmark.gr *.1rx.io *.e-satisfaction.com glamipixel.com fonts.googleapis.com https:\/\/retraced.com https:\/\/*.retraced.com https:\/\/imgix.net https:\/\/*.imgix.net https:\/\/retraced-bucket-production-public.imgix.net skroutza.skroutz.gr blob: https:\/\/updates.themepunch.tools http:\/\/updates.themepunch.tools https:\/\/updates.themepunch-ext-a.tools http:\/\/updates.themepunch-ext-a.tools https:\/\/updates.themepunch-ext-b.tools http:\/\/updates.themepunch-ext-b.tools https:\/\/dev.sliderrevolution.com https:\/\/revolution.themepunch.com http:\/\/revolution5.themepunch.com http:\/\/pbs.twimg.com https:\/\/pbs.twimg.com http:\/\/scontent.cdninstagram.com https:\/\/img.youtube.com http:\/\/live.staticflickr.com https:\/\/live.staticflickr.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.playground.klarnaservices.com *.klarnacdn.net *.klarnaservices.com *.klarna.com *.funky-buddha.com *.addsauce.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com *.vivapayments.com connect.facebook.net graph.facebook.com business.facebook.com *.findbar.io *.contactpigeon.com *.avada.io *.stat-track.com polyfill.io *.moosend.com *.bestprice.gr *.visualwebsiteoptimizer.com *.googleoptimize.com *.googleapis.com *.cookiebot.com *.socital.com *.eyefitu.com *.simpler.so *.skroutz.gr *.hotjar.com *.clarity.ms *.criteo.com *.tiktok.com *.linkwi.se *.licdn.com glamipixel.com *.adman.gr *.bing.com trustmark.gr 'self' snapppt.com *.e-satisfaction.com cdn.simpler.so sdk.local.simpler.so https:\/\/retraced.com https:\/\/*.retraced.com https:\/\/files.retraced.com https:\/\/rtcd.me https:\/\/*.rtcd.me https:\/\/imgix.net https:\/\/*.imgix.net https:\/\/retraced-bucket-production-public.imgix.net skroutza.skroutz.gr https:\/\/player.vimeo.com https:\/\/www.youtube.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.klarnacdn.net *.klarna.com *.addsauce.com *.findbar.io *.fontawesome.com *.moosend.com *.bootstrapcdn.com *.bestprice.gr *.contactpigeon.com *.funky-buddha.com *.cloudfront.net *.myfonts.net *.e-satisfaction.com skroutza.skroutz.gr https:\/\/fonts.googleapis.com http:\/\/fonts.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.funky-buddha.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com *.findbar.io blob: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.playground.klarnaservices.com *.playground.klarnaevt.com *.klarnaservices.com *.addsauce.com *.klarnacdn.net *.klarna.com *.klarnaevt.com www.apptrian.com tiktok.com www.tiktok.com connect.tiktok.net graph.tiktok.com analytics.tiktok.com connect.facebook.net graph.facebook.com business.facebook.com *.findbar.io *.contactpigeon.com https:\/\/get.geojs.io *.avada.io *.stat-track.com *.m-pages.com *.m-operations.com *.googlesyndication.com *.monitor.azure.com *.visualstudio.com *.funky-buddha.com *.googleapis.com *.cookiebot.com *.linkedin.com *.bestprice.gr *.socital.com *.eyefitu.com *.simpler.so *.criteo.com *.clarity.ms *.hotjar.io *.bing.com wss: *.e-satisfaction.com button.simpler.so button.staging.simpler.so analytics.simpler.so analytics.staging.simpler.so button.local.simpler.so fonts.googleapis.com https:\/\/retraced.com https:\/\/*.retraced.com https:\/\/rtcd.me https:\/\/*.rtcd.me https:\/\/imgix.net https:\/\/*.imgix.net https:\/\/retraced-bucket-production-public.imgix.net skroutza.skroutz.gr https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com https:\/\/api.weatherbit.io 'self' 'unsafe-inline'; child-src *.contactpigeon.com http: https: blob: 'self' 'unsafe-inline'; default-src *.funky-buddha.com *.clarity.ms *.criteo.net *.google.com *.tiktok.com *.bing.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.contactpigeon.com 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.cookielaw.org https:\/\/*.onetrust.com https:\/\/optanon.blob.core.windows.net https:\/\/assets.adobedtm.com https:\/\/*.omtrdc.net https:\/\/*.demdex.net https:\/\/cm.everesttech.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/ads.nextdoor.com https:\/\/img.en25.com https:\/\/wsmcdn.audioeye.com https:\/\/wsv3cdn.audioeye.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/cdn.walkme.com https:\/\/tags.srv.stackadapt.com https:\/\/bat.bing.com https:\/\/s.yimg.com https:\/\/cdn.callrail.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/*.hotjar.com https:\/\/wsv3cdn.audioeye.com https:\/\/cdn.walkme.com https:\/\/tags.srv.stackadapt.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/script.hotjar.com https:\/\/wsv3cdn.audioeye.com https:\/\/wsmcdn.audioeye.com https:\/\/cdn.walkme.com; img-src 'self' data: https:; connect-src 'self' https:\/\/*.onetrust.com https:\/\/cdn.cookielaw.org https:\/\/*.omtrdc.net https:\/\/*.demdex.net https:\/\/cm.everesttech.net https:\/\/*.hotjar.com https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/flask.nextdoor.com https:\/\/ads.nextdoor.com https:\/\/analytics.audioeye.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/cdn.walkme.com https:\/\/bat.bing.com https:\/\/s.yimg.com https:\/\/cdn.callrail.com; frame-src 'self' https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-91BcGbdcCdhX031StGviKA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/www.googletagmanager.com *.googleapis.com https:\/\/fonts.gstatic.com https:\/\/ws.colissimo.fr https:\/\/api-sogecommerce.societegenerale.eu\/static\/ *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com fonts.googleapis.com https:\/\/cdnjs.cloudflare.com 'self' data: https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/api-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/www.youtube.com https:\/\/form.typeform.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ *.trustpilot.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org magefan.com cm.magefan.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.disqus.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/ws.colissimo.fr https:\/\/*.tile.openstreetmap.fr https:\/\/*.onyourmap.com https:\/\/google.fr integrations.etrusted.com res-1.cloudinary.com t4.my-probance.one https:\/\/sogecommerce.societegenerale.eu\/static\/latest\/images\/type-carte\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com *.openstreetmap.org maps.googleapis.com maps.gstatic.com *.hsforms.net *.hsforms.com 'self' data: https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com tagmanager.google.com https:\/\/www.googletagmanager.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.disqus.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com app.zipchat.ai app.trygr.io cdn.trygr.io s.pinimg.com cdn.caast.tv ct.pinterest.com static.hotjar.com script.hotjar.com fast-static.smarketer.de widgets.trustedshops.com t4.my-probance.one https:\/\/api-sogecommerce.societegenerale.eu\/api-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ *.avada.io *.shopify.com player.vimeo.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.hsforms.net *.hsforms.com *.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com assets.braintreegateway.com https:\/\/fonts.googleapis.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com integrations.etrusted.com https:\/\/api-sogecommerce.societegenerale.eu\/static\/ *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com *.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/ws.colissimo.fr https:\/\/maps.googleapis.com https:\/\/nominatim.openstreetmap.org https:\/\/*.onyourmap.com https:\/\/*.mapbox.com app.zipchat.ai app.trygr.io cache.caast.tv ct.pinterest.com content.hotjar.io wss:\/\/ws.hotjar.com fast.smarketer.de https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/api-payment\/ https:\/\/get.geojs.io *.avada.io maps.googleapis.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src https:\/\/sogecommerce.societegenerale.eu\/vads-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/api-payment\/ https:\/\/api-sogecommerce.societegenerale.eu\/static\/ *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com *.ytimg.com *.wistia.com *.wistia.net *.qq.com *.gtimg.cn *.cookiefirst.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.linkedin.com snap.licdn.com *.facebook.com *.facebook.net connect.facebook.net *.dynamics.com *.microsoftonline.com *.friendlycaptcha.com friendlycaptcha.com *.heraeus-web.com *.cookiefirst.com; script-src-elem 'self' 'unsafe-inline' *.youtube.com *.wistia.com *.wistia.net *.qq.com *.cookiefirst.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.linkedin.com *.facebook.com *.facebook.net *.dynamics.com *.friendlycaptcha.com *.sociablekit.com localtesting.com *.azureedge.net *.maptiler.com *.licdn.com *.heraeus-web.com; style-src 'self' 'unsafe-inline' *.wistia.com *.wistia.net *.friendlycaptcha.com *.sociablekit.com *.cookiefirst.com *.heraeus-web.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.heraeus-web.com *.cookiefirst.com *.sociablekit.com; img-src 'self' data: blob: *.youtube.com *.ytimg.com *.googlevideo.com *.wistia.com *.wistia.net *.qq.com *.gtimg.cn *.cookiefirst.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.linkedin.com *.facebook.com *.facebook.net *.dynamics.com *.friendlycaptcha.com *.sociablekit.com *.azureedge.net *.heraeus.com *.heraeus-web.com; font-src 'self' data: *.wistia.com *.wistia.net *.heraeus-web.com; connect-src 'self' *.youtube.com *.wistia.com *.wistia.net *.qq.com *.cookiefirst.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.linkedin.com *.facebook.com *.facebook.net *.dynamics.com *.microsoftonline.com *.friendlycaptcha.com friendlycaptcha.com *.heraeus-web.com *.accentapi.com *.heraeus.com *.azurewebsites.net *.azureedge.net *.sociablekit.com *.maptiler.com *.highcharts.com localtesting.com sgtm.argor-heraeus.com sgtm.heraeus-medical.com sgtm.heraeus-medevio.com sgtm.heraeus-electronics.com sgtm.heraeus-precious-metals.com sgtm.heraeus-printed-electronics.com sgtm.heraeus-remloy.com sgtm.heraeus-electro-nite.com sgtm.heraeus-epurio.com sgtm.heraeus-amloy.com sgtm.heraeus.com; frame-src 'self' *.youtube.com *.youtube-nocookie.com *.wistia.com *.wistia.net *.qq.com *.linkedin.com *.facebook.com *.dynamics.com *.friendlycaptcha.com friendlycaptcha.com *.powerapps.com *.heraeus-web.com *.heraeus.com heraeus.sharepoint.com login.microsoftonline.com sgtm.argor-heraeus.com sgtm.heraeus-medical.com sgtm.heraeus-medevio.com sgtm.heraeus-group.com sgtm.heraeus-electronics.com sgtm.heraeus-precious-metals.com sgtm.heraeus-printed-electronics.com sgtm.heraeus-remloy.com sgtm.heraeus-electro-nite.com sgtm.heraeus-epurio.com sgtm.heraeus-amloy.com sgtm.heraeus.com; frame-ancestors 'self' *.heraeus-web.com *.heraeus.com; media-src 'self' data: blob: *.wistia.com *.wistia.net *.licdn.com *.heraeus-web.com *.heraeus.com; child-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self' *.dynamics.com; report-uri \/api\/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/stats.g.doubleclick.net; connect-src 'self' https: wss: data: https:\/\/www.facebook.com https:\/\/graph.facebook.com https:\/\/*.nr-data.net https:\/\/bam.nr-data.net https:\/\/bam.eu01.nr-data.net https:\/\/js-agent.newrelic.com https:\/\/www.bpp.com https:\/\/*.google-analytics.com http:\/\/*.google-analytics.com https:\/\/pro.ip-api.com\/json https:\/\/*.analytics.google.com http:\/\/*.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/ad.doubleclick.net https:\/\/td.doubleclick.net https:\/\/*.doubleclick.net https:\/\/tpc.googlesyndication.com https:\/\/*.onetrust.com https:\/\/pagead2.googlesyndication.com https:\/\/bat.bing.com http:\/\/bat.bing.com https:\/\/bat.bing.net http:\/\/bat.bing.net https:\/\/u.clarity.ms https:\/\/*.clarity.ms https:\/\/px.ads.linkedin.com https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net https:\/\/tagmanager.google.com https:\/\/www.googletagmanager.com https:\/\/*.googletagmanager.com https:\/\/secure.leadforensics.com https:\/\/*.agile-company-365.com https:\/\/*.igodigital.com https:\/\/connect.facebook.net https:\/\/www.facebook.net http:\/\/www.facebook.net http:\/\/www.facebook.com https:\/\/snap.licdn.com https:\/\/www.google-analytics.com https:\/\/cdn.mouseflow.com https:\/\/*.mouseflow.com wss:\/\/*.mouseflow.com https:\/\/aiden.learnwise.ai https:\/\/*.learnwise.ai https:\/\/tags.srv.stackadapt.com http:\/\/tags.srv.stackadapt.com https:\/\/*.usbrowserspeed.com https:\/\/*.salesforceliveagent.com https:\/\/ws-assets.zoominfo.com http:\/\/ws-assets.zoominfo.com https:\/\/analytics.tiktok.com http:\/\/analytics.tiktok.com https:\/\/analytics-ipv6.tiktokw.us http:\/\/analytics-ipv6.tiktokw.us https:\/\/pixels.spotify.com http:\/\/pixels.spotify.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/*.cdn.office.net https:\/\/use.typekit.net https:\/\/use.typekit.com https:\/\/fonts.googleapis.com https:\/\/cdn.mouseflow.com https:\/\/www.bpp.com; frame-src 'self' data: https:\/\/www.youtube-nocookie.com https:\/\/www.youtube.com https:\/\/*.fls.doubleclick.net http:\/\/*.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/adservice.google.com https:\/\/chat.learnwise.ai https:\/\/*.learnwise.ai https:\/\/match.adsrvr.org https:\/\/www.google.com https:\/\/www.datocms-assets.com https:\/\/*.opendns.com https:\/\/*.deferrerstrust.com https:\/\/*.safeframe.googlesyndication.com http:\/\/*.safeframe.googlesyndication.com https:\/\/consentcdn.cookiebot.com https:\/\/www.googleadservices.com https:\/\/*.id.opendns.com http:\/\/*.id.opendns.com; img-src 'self' https: data: blob: https:\/\/*.cloudfunctions.net https:\/\/www.google-analytics.com https:\/\/www.facebook.com http:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.co.uk https:\/\/i.ytimg.com https:\/\/pagead2.googlesyndication.com http:\/\/pagead2.googlesyndication.com https:\/\/ad.doubleclick.net http:\/\/ad.doubleclick.net https:\/\/*.onetrust.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/ade.googlesyndication.com https:\/\/tpc.googlesyndication.com https:\/\/c.clarity.ms https:\/\/px.ads.linkedin.com https:\/\/*.doubleclick.net https:\/\/bat.bing.com http:\/\/bat.bing.com https:\/\/bat.bing.net http:\/\/bat.bing.net https:\/\/c.bing.com https:\/\/pixel.byspotify.com http:\/\/pixel.byspotify.com https:\/\/*.igodigital.com https:\/\/www.datocms-assets.com https:\/\/*.mouseflow.com https:\/\/www.bpp.com; media-src 'self' https: data: blob:; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: * 'nonce-N2UzZTNlNmYtMjFmMS00YjhjLThjNDgtYTFkZjhjZTcwNGYz' 'strict-dynamic' http: https: https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net https:\/\/bam.eu01.nr-data.net https:\/\/www.bpp.com https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/*.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.googleoptimize.com https:\/\/connect.facebook.net https:\/\/*.onetrust.com http:\/\/*.onetrust.com https:\/\/bat.bing.com http:\/\/bat.bing.com https:\/\/bat.bing.net http:\/\/bat.bing.net https:\/\/snap.licdn.com https:\/\/secure.agile-company-365.com https:\/\/*.agile-company-365.com https:\/\/px.ads.linkedin.com https:\/\/www.clarity.ms https:\/\/*.clarity.ms https:\/\/www.clarity.com https:\/\/ts.clarity.com https:\/\/v.clarity.com https:\/\/ad.doubleclick.net https:\/\/*.doubleclick.net https:\/\/adservice.google.com https:\/\/adservice.google.co.uk https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/securepubads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/tpc.googlesyndication.com https:\/\/secure.leadforensics.com https:\/\/pixel.byspotify.com https:\/\/*.igodigital.com https:\/\/*.infinity-tracking.com https:\/\/cdn.mouseflow.com https:\/\/aiden.learnwise.ai https:\/\/*.learnwise.ai https:\/\/tags.srv.stackadapt.com https:\/\/*.usbrowserspeed.com https:\/\/*.salesforceliveagent.com; style-src 'self' 'unsafe-inline' blob: data: * https:\/\/fonts.googleapis.com https:\/\/aiden.learnwise.ai https:\/\/*.learnwise.ai; upgrade-insecure-requests; report-uri https:\/\/o4508693778268160.ingest.de.sentry.io\/api\/4509629814800465\/security\/?sentry_key=7af8eb49226dd30e4cc31a2e2f6ea5cc;","count":1},{"content-security-policy-report-only":" default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; media-src 'self' https:\/\/stream.klgd.ru rtmp:\/\/stream.klgd.ru https:\/\/wowza.klgd.ru https:\/\/cctv.klgd.ru","count":1},{"content-security-policy-report-only":" connect-src 'self' noembed.com *.plyr.io *.usercentrics.eu tracker.muellergroup.com translate.googleapis.com; img-src 'self' data: *.ytimg.com *.usercentrics.eu translate.google.com fonts.gstatic.com www.facebook.com; default-src 'self' 'unsafe-inline' *.usercentrics.eu *.youtube.com tracker.muellergroup.com data: connect.facebook.net; frame-src *.youtube.com *.youtube-nocookie.com; report-uri https:\/\/www.muellergroup.com\/@http-reporting?csp=report&requestTime=1778724110287434&requestHash=f28e01d52e884c55bfe620c3f93b896905930fc6","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=8S1J3YtupLo1uTsmRiruieGHMgKGJsXVOFZuZtGE7gA-1778724746.2596345-1.0.1.1-k5Rm39zTd16xrqo2pOiVl7xsOfngtYn2k_l3bOq6kc48TL6812_YFS6hbXfM7eysPR76vm9Eij.cTvjuIlEf9ehWo5boBDw0jD6pdYEOP0ahp.lFdOaXwoOr8tHvnZ0XnyoZcOHqX6vfpALT9RnEhaSUaImt9PpWpV0F9regDH8; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" connect-src *.bundesregierung.de analytics.bundesregierung.de 'self' https:\/\/hls-hd.myrasec.de *.stage.bio ; style-src *.bundesregierung.de 'self' 'unsafe-inline' ; script-src *.bundesregierung.de 'self' ; script-src-elem 'self' *.bundesregierung.de 'nonce-8YdagDBw2zs6kVfnQBhR+PnkqPJr0+opUPm3Hg59sz5cNxcAKCsIedBY9Fnjj8O0ykvzU5gMoU42YBtFAOUHOK4aonah14EzUa8B45kd94OWOdLnZU1rHIbXJr0gPOzZ9EI4eMD56XhUoNCkcVtaqniwOpbY53+gXfOHgnXG3Vw=' *.stage.bio ; frame-src *.bundesregierung.de 'self' ; media-src *.bundesregierung.de 'self' http:\/\/video.bundesregierung.de https:\/\/zdf-hls-18.akamaized.net *.stage.bio ; frame-ancestors *.bundesregierung.de 'self' ; img-src 'self' *.bundesregierung.de https:\/\/*.tile.openstreetmap.de data: *.stage.bio ; default-src *.bundesregierung.de 'self' ; font-src *.bundesregierung.de 'self' ; report-uri https:\/\/www.bundeskanzler.de\/service\/csp-report ;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/*.publitas.com *.fontawesome.com *.kohlerbycochez.com https:\/\/script.hotjar.com *.algolia.com *.googleapis.com *.bootstrapcdn.com https:\/\/*.bazaarvoice.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com https:\/\/*.publitas.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com * c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net www.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.kohlerbycochez.com network-a.bazaarvoice.com maps.gstatic.com *.algolia.com media.flixcar.com rt.flix360.com *.google.com *.google-analytics.com *.googleadservices.com https:\/\/www.google.com https:\/\/www.google.com.co maps.googleapis.com *.facebook.com *.reddit.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/*.bazaarvoice.com https:\/\/*.google.com.pa c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/*.publitas.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/apps.bazaarvoice.com *.kohlerbycochez.com apps.bazaarvoice.com static.hotjar.com script.hotjar.com h.online-metrix.net js-agent.newrelic.com www.google.com www.gstatic.com maps.googleapis.com *.algolia.com media.flixfacts.com media.flixcar.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/cdn.jsdelivr.net c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net https:\/\/view.publitas.com https:\/\/scripts.publitas.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/*.publitas.com *.fontawesome.com *.kohlerbycochez.com *.algolia.com *.google.com *.googleapis.com *.gstatic.com *.bootstrapcdn.com tagmanager.google.com assets.braintreegateway.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com videos.pexels.com *.algolia.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.kohlerbycochez.com bam.nr-data.net maps.googleapis.com https:\/\/surveystats.hotjar.io media.flixcar.com *.google-analytics.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/*.bazaarvoice.com https:\/\/*.hotjar.io c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net http: https: blob: 'self' 'unsafe-inline'; default-src bam.nr-data.net *.kohlerbycochez.com ws.hotjar.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com data: fonts.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com 'self' data: https:\/\/www.surviocdn.com\/ *.survicate.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com *.googletagmanager.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.magerocket.com *.despegar.com *.koin.com.br *.googletagmanager.com *.gocuotas.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com cdn.dnky.co amc.demdex.net www.google.com www.facebook.com youtube.com *.globalgetnet.com *.magerocket.com https:\/\/accounts.google.com *.despegar.com *.koin.com.br *.googletagmanager.com *.gocuotas.com *.mercadolibre.com mldp.mercadopago.com www.mercadolibre.com https:\/\/www.survio.com\/ *.doubleclick.net *.pinterest.com *.getblue.io *.groovinads.com *.online-metrix.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net maps.gstatic.com maps.googleapis.com accounts.google.com www.facebook.com *.globalgetnet.com *.magerocket.com *.despegar.com *.koin.com.br *.googletagmanager.com fonts.googleapis.com *.gocuotas.com imgmp.mlstatic.com *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar 'self' data: www.mercadolibre.com www.mercadolibre.com.mx www.mercadolibre.com.ar www.mercadolibre.com.br a248.e.akamai.net mercadolivre.com.br www.mercadolivre.com.br www.mercadolivre.com.mx www.mercadolivre.com.ar www.mercadopago.com secure.mlstatic.com *.google.com.ar *.doubleclick.net *.mercadolivre.com www.mailing.somosrex.com *.clarity.ms *.groovinads.com *.bing.com *.online-metrix.net img.survicate.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page cdn.dnky.co r1-t.trackedlink.net www.gstatic.com js-agent.newrelic.com bam.nr-data.net maps.googleapis.com connect.facebook.net player.vimeo.com https:\/\/live.decidir.com *.globalgetnet.com *.magerocket.com *.despegar.com *.koin.com.br *.googletagmanager.com *.gocuotas.com *.mlstatic.com https:\/\/www.google.com *.gstatic.com http2.mlstatic.com secure.mlstatic.com https:\/\/maps.googleapis.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ *.convertexperiments.com *.wcx.cloud *.pinimg.com *.survicate.com *.clarity.ms *.mathtag.com *.tiktok.com *.getblue.io *.groovinads.com *.wcentrix.com *.cloudfront.net *.pinterest.com *.icommarketing.com *.decidir.com *.mercadopago.com *.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com cdn.dnky.co https:\/\/accounts.google.com *.fontawesome.com maxcdn.bootstrapcdn.com *.googleapis.com *.gstatic.com https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ *.survicate.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com maps.googleapis.com api.comapi.com bam.nr-data.net https:\/\/developers.decidir.com\/ *.globalgetnet.com *.iesnare.com wss:\/\/mpsnare.iesnare.com *.magerocket.com https:\/\/accounts.google.com *.despegar.com *.googletagmanager.com *.gocuotas.com *.mercadopago.com *.google-analytics.com api.mercadopago.com events.mercadopago.com www.mercadolibre.com https:\/\/merchants.playdigital.com.ar\/ https:\/\/merchants.preprod.playdigital.com.ar\/ https:\/\/ecommerce-modal.modo.com.ar\/ https:\/\/ecommerce-modal.preprod.modo.com.ar\/ *.doubleclick.net notifications-icommkt.com track-icommkt.com *.clarity.ms *.pinterest.com *.tiktok.com *.convertexperiments.com *.decidir.com *.online-metrix.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.globalgetnet.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.twitter.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/seo.seosuite.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src www.googletagmanager.com https:\/\/connect.bolt.com https:\/\/*.bolt.com fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com widgets.sandbox.afterpay.com widgets.sandbox.clearpay.co.uk connect.bolt.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com *.twitter.com *.addthis.com *.facebook.com *.mixkit.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.xtento.com 'self' 'unsafe-inline'; base-uri headlightdepo.com headlightsdepot.com headlamprestoration.com www.discountpartsmonster.com www.google.com parts.americantoyota.com 'self' 'unsafe-inline'; media-src www.bing.com prod-streaming-video-msn-com.akamaized.net ssl.gstatic.com s-static.innovid.com m.media-amazon.com service.rvchat.com dict-dn.pstatic.net fonts.ninja app.guidemaker.com vidstatb.taboola.com cdn1.extremereach.io *.adobe.com 'self' 'unsafe-inline'; font-src code.ionicframework.com cdn.honey.io cdn.ivaws.com www.slant.co static.zip.co duckduckgo.com at.alicdn.com t-azmaps.azurelbs.com static3.avast.com puhuiti.oss-cn-hangzhou.aliyuncs.com www.tacomaworld.com www.headlightsdepot.com use.typekit.net simplycodes.com svcs.tql.com 35312385-2e8b-4f12-9f6d-051b45cbddbe de6ae568-06cd-4ef3-bd2f-95324c25c108 ee072aac-1d74-4dde-8f52-366c475f83b6 croissant-services-data-public-assets-us-east-2-production.s3.us-east-2.amazonaws.com images.simplycodes.com themes.googleusercontent.com cdn.scite.ai de1f9189-80b0-4de9-8f24-bbed06fd3bc2 sc-static.net fonts.cdnfonts.com 5b958cef-f97f-4d45-9869-523cf430a43f maxcdn.bootstrapcdn.com cdnjs.cloudflare.com account.affilitizer.com aceify.ai cdn.megabonus.com cdn.ziplyne.com static.hsappstatic.net fonts.gstatic.com migaku-public-data.migaku.com 9edcdc02-2a60-4848-b69c-3914d7e5dc96 f2d7cc05-a340-44a3-b759-3d4f7e835101 6e7f3874-5f08-4aa9-b470-d75f72b7282e cdn.jsdelivr.net c4927bf1-3ae6-4126-9a55-faaf7e3ce4d1 jcmcbmdmfmelmlelagelpfhmohipjjia static.preply.com assets.alicdn.com 2f2ac7e5-6cf1-4510-b3ed-13304c356efb ef1d9e3d-150b-4a00-a3b5-199e09a7a1b0 c8b67a02-2485-4a85-898f-7e6b178bc8d2 static.zohocdn.com unpkg.com cdn-uicons.flaticon.com res-1.cdn.office.net stylesheets.pixiebrix.com fonts.bunny.net r2cdn.perplexity.ai b3e26938-323d-431c-b510-27c82cbe4ca1 261d6510-f003-4e76-a1ff-777a00d81807 837e3089-a6c6-4737-b46a-50910e946806 96380900-aaf2-46f5-abb3-a45fe8bdc86b 3f2fe2db-34e8-488c-90b6-1c1afc92f97e 88e25ded-aa73-4463-b8e6-219f2cd442e4 7765fe7f-eb32-4f97-b671-09c78e68992e stwleprodwus.blob.core.windows.net static.shopback.com 8192f8ea-aade-4abd-8c2b-4a221da7aa45 a1ddf9dd-bd09-4a32-b960-82eccbe9631d 26ef611e-2654-46e9-abb2-d38013ef55b3 af30f207-938e-45fe-8d0d-a3768ab68d5e 4dcb38cd-a52e-4e9f-baf8-5805bf677f87 54f48da5-f98c-4185-9b9d-ecd00ce1fef0 173b7bd2-5764-4ef7-9c57-b8e7ba66d15e 272c1997-a5df-41fc-ba20-5b530ed7ee24 static.hivelighter.com 1c5a2b60-2d21-4cd8-b0df-1c84f97abe24 obs.dianleida.net assets.tailwindapp.com frontend-cdn.perplexity.ai *.typekit.net *.gstatic.com www.paypalobjects.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.fontawesome.com data: 'self' 'unsafe-inline'; style-src www.gstatic.com code.ionicframework.com cdn.honey.io app.certcapture.com maxcdn.bootstrapcdn.com pwm-image.trendmicro.com www.headlightsdepot.com fonts.googleapis.com static-tracking.klaviyo.com markups.kdanmobile.com l-sou.com js-c.etc4.com www.6ppn.com ext.dianxiaobao.net decision.etc4.com tool-bcg.bwe.io www.l-sou.com pwm-image.trendmicro.jp https:\/\/connect.bolt.com https:\/\/*.bolt.com https:\/\/src.mastercard.com *.aexp-static.com *.assets.mastercard.com *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.discover.com *.discover-src.com *.discovercard.com *.googleapis.com *.mastercard.com *.bolt.com *.earlywarning.com a7.mylivechat.com obs.dianleida.net *.adobe.com static.afterpay.com\/ js.sandbox.afterpay.com js.afterpay.com downloads.mailchimp.com https:\/\/static.klaviyo.com *.cloudflare.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.googletagmanager.com assets.braintreegateway.com 'self' 'unsafe-inline'; frame-ancestors www.headlightsdepot.com 'self'; object-src connect.bolt.com headlightsdepot.quiq-api.com www.google.com www.youtube.com accounts.google.com gateway.zscaler.net challenges.cloudflare.com noop.style ckr01.leb.k12.in.us static.quiq-cdn.com order.buywithprime.amazon.com dupe.com refid-43baf178-9e2f-4f17-bd51-552fc8d68e83.24c72b3988728ff6c9d6353367592355.resolve-id.block.wandera.com 'self' 'unsafe-inline'; connect-src bam.nr-data.net w.clarity.ms cdn.noibu.com input.noibu.com stats.g.doubleclick.net headlightsdepot.quiq-api.com rum-collector-2.pingdom.net bat.bing.com q.clarity.ms r.clarity.ms x.clarity.ms u.clarity.ms www.google.es t.clarity.ms o.clarity.ms p.clarity.ms s.clarity.ms m.clarity.ms e.clarity.ms j.clarity.ms notify.bugsnag.com z.clarity.ms v.clarity.ms h.clarity.ms www.facebook.com d.clarity.ms y.clarity.ms f.clarity.ms www.clarity.ms b.clarity.ms a.clarity.ms www.google.fr i.clarity.ms k.clarity.ms www.google.ca www.google.com.pr n.clarity.ms www.google.co.ke adservice.google.com www.google.co.nz www.google.ae www.google.co.uk www.google.nl www.google.co.jp www.google.com.pe clientstream.launchdarkly.com www.google.gr www.google.si www.google.com.tr www.google.ru www.google.com.ua cdn.acsbapp.com www.google.bs www.google.com.ag servail.com app.certcapture.com www.google.com.mx translate.googleapis.com api.killadsapi.com api.global-data-lab.com www.google.com.do www.google.com.au www.google.com.tw www.google.jo www.google.com.sa www.google.co.za www.google.co.in www.google.co.ve www.google.com.jm www.google.com.ec get663.com www.google.hr www.google.com.bh w88p9x.com api.datacloudstat.com overbridgenet.com www.google.co.th ad.doubleclick.net www.google.com.br www.google.ch www.google.com.gt www.google.co.cr www.google.hn www.google.cz www.google.sr www.google.co.il www.google.pt www.google.com.ph www.google.co.id www.google.bg www.google.com.sv www.google.lt www.google.ge www.google.tt subwayblaze.com www.google.com.gh sessions.bugsnag.com www.google.com.my www.google.cl www.google.rs www.google.kz www.google.am www.google.de www.google.com.pk www.google.md www.google.dm www.google.fi www.google.com.ng www.google.sn www.google.com.hk www.google.com.ly www.google.com.na www.google.it www.google.vu www.google.tm www.google.al logs.convertexperiments.com 10046935.metrics.convertexperiments.com www.google.ht www.google.kg www.google.no www.google.ie www.google.iq www.google.ro www.google.com.co api.amcreativemedia.com www.google.com.om d1lkfzu2puirk6.cloudfront.net translate-pa.googleapis.com www.google.com.ar www.google.com.lb www.google.com.pa www.google.com.kw www.google.lk www.google.co.kr www.google.com.ni fcgt742.com www.google.lv www.google.co.vi www.google.com.eg www.google.at www.google.com.mt www.google.com.qa www.headlightsdepot.com api.privacy-protector-adblocker.com api.mkmediaworks.com www.google.dz www.google.co.ao www.google.mg www.google.hu www.google.com.bo www.google.com.cy yandex.ru retcode-us-west-1.arms.aliyuncs.com www.google.pl www.google.az api.highdataanalytics.com api.awesomeblocker.com www.google.ee www.google.com.bz www.google.mu wedata.net www.google.co.mz www.google.sk www.i-shunxi.com sourcemaps.quiq.sh www.google.gy www.google.co.ug www.google.me src.mastercard.com secure.checkout.visa.com srcdcf.americanexpress.com content.discovercard.com h.online-metrix.net thm.visa.com www.google.com.sg ecmacore.com www.google.cm www.google.com.et www.google.mn www.google.com.mm g.clarity.ms l.clarity.ms api.fbanalytics.org api.video-adblock.com 127.0.0.1 acsbap.com accesswidget-log-receiver.acsbapp.com new229.com api.socialsolutionapp.com api.global-analytic.com www.google.be www.google.dk o19233.ingest.sentry.io www.google.mk www.google.is api.solarspireconsulting.com www.google.com.kh fonts.googleapis.com maxcdn.bootstrapcdn.com www.google.co.tz api.redirects-4.com gjtrack.ucweb.com www.google.se adtonus.com code.jquery.com rktds.net www.google.by www.google.as www.google.com.fj www.google.co.uz www.google.rw api.ciuvo.com www.bing.com www.google.so everyview.info topodat.info api.software-downloading.com www.google.cd www.google.com.bd api.solaranalyticscorp.com n.emojikeyboardforchrome.com analytics.google.com api.ultimateaderaser.com d3k81ch9hvuctc.cloudfront.net www.google.com.vn www.google.co.ma sbgse.com a.emojikeyboardforchrome.com www.google.ba n.sdmextension.com a.sdmextension.com api-js.datadome.co api.crystal-blocker.com publickeyservice.keys.adm-services.goog api.adblock360.net www.google.com.np readaloud.googleapis.com s3.ap-east-1.amazonaws.com s.pagerefresh-extension.com n.pagerefresh-extension.com upload.wikimedia.org www.google.com www.google.tn api.browsekeeper.com n.wistiaextension.com www.google.com.py sentry.goquiq.com n.noadsadblocker.com t.noadsadblocker.com live.noibu.com apis.google.com resource-proxy.noibu.com s.wistiaextension.com www.google-analytics.com api.rainbowblocker.com update.adblock360.org www.google.tg www.google.com.pg localhost l-sou.com www.google.gm www.google.bj c.colorchanger.net a.colorchanger.net api.vid-adblocker.com cr-input.mxpnl.net www.google.com.bn www.google.sh connect.facebook.net i.abfc-extension.com n.abfc-extension.com www.google.lu www.google.com.af www.google.bt www.google.co.zm infragrid.v.network www.google.ci bat.bing.net www.google.com.uy utq.vvipquan.com hm.baidu.com api.daily-guard.net api.adsfight.com www.google.co.zw s.blipshotextension.com api.earthyandenergy.com cdnmma.global-cache.online tl.ytlogs.ru d2rol5dpdbtxxu.cloudfront.net www.google.ps o622089.ingest.us.sentry.io www.google.co.bw api.freevideoguard.org api.nimblecapture.com r.nimblecapture.com www.google.mw search.standartanalog.com www.google.com.sl www.google.ws sbfse.com cap.nimblecapture.com o0rmue7xt0.execute-api.il-central-1.amazonaws.com api.blocksly.org polyfilljs.org www.google.cv api.aituria.com api.range-offer.com api.extremesecurityadblocker.com www.google.ne m.abu-xt.com prod-website-gateway.fetch.com ext.dianxiaobao.net decision.etc4.com 2ndstllc.com api.tokenmint.global fiendgamers.com api.adblockertool.com api.ginger-analytics.com www.6ppn.com at.alicdn.com www.google.ga www.google.bf www.google.mv www.google.com.tj d1r22q6sxlmkhx.cloudfront.net savingsslider-a.akamaihd.net stickyid-a.akamaihd.net ajax.googleapis.com www.google.com.vc search.firstmacs.com www.google.li www.google.co.ls www.google.ml n8.devzen.site www.google.je www.google.gg n.soundenhancementextension.com fast.a.klaviyo.com static-forms.klaviyo.com www.babylist.com www.google.dj www.google.fm headlightsdepot.com skincareadvertsking.com www.google.la metrics-dra.dt.dbankcloud.cn www.gstatic.com connect.bolt.com oob.script.ac backend.acsbapp.com px.wpk.quark.cn www.google.gl mon.tiktokv.com js-c.etc4.com www.googleadservices.com https:\/\/connect.bolt.com https:\/\/*.bolt.com https:\/\/src.mastercard.com https:\/\/src.apis.discover.com local.adblock360.com google.com rum.browser-intake-us5-datadoghq.com fonts.gstatic.com 10.135.209.243 browser-intake-datadoghq.com search.eportalmobile.com singleview.site sevendata.fun cdnmmh.global-cache.online service.gstatic-cache.com www.google.sc adban.net cdn.shopimgs.com digital-cloak.net www.google.tl report.clarity.ms effectssdk.ai error-analytics-sessions-production.shopifysvc.com nip.sinaydove.com www.google.bi uc.gre scripts.clarity.ms static.quiq-cdn.com static.cloudflareinsights.com ep1.adtrafficquality.google cdn.segment.com api.segment.io core-api.thebump.com secdomcheck.online www.google.cg events.binsiad.com dd.binsiad.com www.google.com.cu rum-static.pingdom.net api.disqometer.com nenlahapcbofgnanklpelkaejcehkggg emalgedpdlghbkikiaeocoblajamonoh bmnlcjabgnpnenekpadlanbbkooimhnj chhjbpecpncaggjpdakmflnfcopglcmi m.ctrip.com tessdata.projectnaptha.com log.finansavisen.no googleads.g.doubleclick.net headlightsdepo.com api.onsleek.ai publicsuffix.org www.google.com.gi sentry-uit.line-apps.com safesearchinc.com fivestat.com api.coralanalytic.com tausearch.com statsdata.online scripts.api.disqometer.com wallet.binance.com gadstat.com dpm.demdex.net amcglobal.sc.omtrdc.net www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com *.google.com *.braintreegateway.com *.braintree-api.com static.afterpay.com static.sandbox.afterpay.com js.sandbox.afterpay.com js.afterpay.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudflare.com *.twitter.com *.twimg.com *.google-analytics.com *.g.doubleclick.net *.addthis.com *.pinterest.com blob: https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; script-src cdn.noibu.com www.clarity.ms js-agent.newrelic.com ajax.cloudflare.com bat.bing.com static.cloudflareinsights.com connect.facebook.net rum-static.pingdom.net headlightsdepot.quiq-api.com static.quiq-cdn.com tracking.godatafeed.com www.googletagmanager.com www.headlightsdepot.com connect.bolt.com acsbap.com app.certcapture.com googleads.g.doubleclick.net apis.google.com get663.com infimv.com www.google-analytics.com conoret.com cdn-4.convertexperiments.com no-cdn.convertexperiments.com app.convert.com foodin.site www.google.com static01.tobeecloud.com sc-static.net exhabigou.com www.facebook.net trk.dolbanews.com px.srvcdn.net static.klaviyo.com toolsmagick.com hublosk.com jullyambery.net autroliner.com bootstrap.prod.scoville.dubai.aws.dev z7yj.82omyo.com 3001.scriptcdn.net translate.googleapis.com translate-pa.googleapis.com vacceedpasian.com lottingem.com infirc.com emojikeyboardforchrome.com tracksmall.com rialto-gms.s3.amazonaws.com www.googleadservices.com sdmextension.com noadsadblocker.com themesforytextension.com pagerefresh-extension.com wistiaextension.com appassets.androidplatform.net localhost in.masterquizzes.com l-sou.com colorchanger.net abfc-extension.com www.gstatic.com infird.com utq.vvipquan.com blipshotextension.com mainf.global-cache.online api.nimblecapture.com s3.amazonaws.com ritrag.com abu-xt.com crossydashcom-a.akamaihd.net ext.dianxiaobao.net fiendgamers.com js-c.etc4.com www.6ppn.com mstat.acestream.net decision.etc4.com blobby-boi.github.io js.userflow.com preach645.cloud cdn.optitc.com acsbapp.com search.firstmacs.com secured-pixel.com soundenhancementextension.com cdn.segment.com static-tracking.klaviyo.com lf26-cdn-tos.bytecdntp.com t7a.g4ui.com d3rhd9mxub2k80.cloudfront.net retagro.com images.uc.cn g.alicdn.com edge.eu1.fullstory.com https:\/\/connect.bolt.com https:\/\/*.bolt.com https:\/\/src.mastercard.com sofz9.82omyo.com 10.135.209.243 i7sqe0.82omyo.com s.skimresources.com scripts.clarity.ms www.l-sou.com cdn.mathjax.org embed.tawk.to cdn.mxpnl.com pagead2.googlesyndication.com ep2.adtrafficquality.google sb.scorecardresearch.com static.clmbtech.com static.ads-twitter.com static.chartbeat.com my.hellobar.com survey.survicate.com cdn.parsely.com cdn.cookielaw.org static.hotjar.com script.hotjar.com snap.licdn.com js.hs-scripts.com www.redditstatic.com tags.srv.stackadapt.com mc.yandex.ru cdn.binsiad.com cdn.browsiprod.com static.goquiq.com api.disqometer.com youwanoss.oss-cn-shanghai.aliyuncs.com mikkiload.com shortstack.services.atlassian.com www.myregistry.com node22.aizhantj.com node31.aizhantj.com a7.mylivechat.com cdn.livechatinc.com api.livechatinc.com static.tripcdn.com webresource.c-ctrip.com sf1-scmcdn-tos.pstatp.com unpkg.com log.finansavisen.no bdimg.share.baidu.com maps.googleapis.com emcharts.dfcfw.com cdn.doofinder.com scripts.api.disqometer.com cilkonlay.com gtmpx.com obs.dianleida.net us-assets.i.posthog.com assets.adobedtm.com *.adobe.com analytics.google.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/portal.sandbox.clearpay.co.uk https:\/\/portal.clearpay.co.uk https:\/\/portal.sandbox.afterpay.com https:\/\/portal.afterpay.com https:\/\/static.afterpay.com https:\/\/js.sandbox.afterpay.com https:\/\/js.afterpay.com connect-sandbox.bolt.com account.bolt.com account-sandbox.bolt.com chimpstatic.com downloads.mailchimp.com *.list-manage.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.addthis.com *.moatads.com *.addthisedge.com *.pinterest.com *.facebook.net https:\/\/ajax.googleapis.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.googletagmanager.com *.doubleclick.net *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src www.headlightsdepot.com www.google.co.in www.facebook.com www.google.es bat.bing.com c.clarity.ms www.google.com.tr api.fillr.com www.google.com.au www.google.pl www.google.fr c.bing.com www.google.co.nz www.google.ca www.google.ae www.google.com.pr www.google.co.jp www.google.co.ke storage.googleapis.com www.google.co.th static.afterpay.com www.google.com.sa www.bing.com www.google.com.mx googleads.g.doubleclick.net www.google.co.ve lh3.googleusercontent.com www.google.fi www.google.lk upload.wikimedia.org www.google.com.co www.google.com.pe www.google.bs www.google.com.kw www.google.si www.google.co.id www.google.rs www.google.ie images.capitaloneshopping.com www.google.gr www.google.se cdn.ivaws.com www.google.cz cdn.honey.io www.google.am www.google.iq www.google.ru www.google.com.bo www.google.at www.google.com.lb www.google.com.sg www.google.com.ag app.certcapture.com s3.amazonaws.com www.google.cn www.google.com.tw www.google.is www.google.com.do www.google.com.sv www.google.jo www.google.ne www.google.ge www.google.co.za www.google.com www.google.co.il www.google.com.jm www.google.ee yastatic.net www.google.com.ec www.google.com.pk www.google.hr www.google.com.my www.google.co.kr www.google.com.bh www.google.hn www.google.dk www.google.lv www.google.co.cr content.discovercard.com www.google.com.bz www.google.com.ph www.google.com.pa www.google.com.ni ad.doubleclick.net www.google.az www.google.com.br www.google.ch www.google.com.vn www.google.com.kh www.google.kz www.google.com.om www.google.com.gt www.pdiadmin.work cdn.exchmapdata.com www.google.gy www.google.sr www.google.pt www.google.lt www.google.com.ar www.google.bg www.google.com.ng www.google.tt connect.facebook.net www.google.com.gh www.google.cl www.google.com.qa www.google.com.ly s.cmptch.com www.google.ro www.google.com.bd www.google.md www.google.dm www.google.mw www.google.bj www.google.ml www.google.com.eg www.google.no www.google.je www.google.tn www.google.sn www.google.it www.google.com.hk www.google.co.vi www.google.ci www.google.com.na www.google.co.ug www.google.lu www.google.vu www.google.tm www.google.al www.google.hu abtest-img-upload.s3.eu-west-2.amazonaws.com www.google.ht logs.convertexperiments.com www.google.kg www.google.cm www.google.mk www.google.co.ao www.googletagmanager.com www.google.ba www.google.com.uy www.google.com.mt tpc.googlesyndication.com www.google.sk www.google.com.py www.google.com.cy www.google.com.tj www.google.by www.google.dz www.google.cg www.google.mg m.media-amazon.com i.ebayimg.com www.google.gl www.google.co.ma www.google.gm www.google.co.bw www.google.cd www.google.mu l.mbs.zip www.google.rw www.google.co.mz www.google.me www.google.com.sb d2j6dbq0eux0bg.cloudfront.net www.google.com.et cdn.simplycodes.com www.google.com.af white-mushroom-097d4720f-testing.eastus2.azurestaticapps.net www.google.mn www.google.com.mm d3k81ch9hvuctc.cloudfront.net www.google.com.bn toolsmagick.com www.google.com.fj www.google.co.tz cdn.joinmoolah.com www.google.com.np magecloud.com www.google.as www.google.dj translate.googleapis.com www.google.co.uz www.google.so www.google.com.gi cdn-images.mailchimp.com www.google.li www.google.co.zm www.google.bf dz310nzuyimx0.cloudfront.net images.carid.com www.esptruck.com tracksmall.com www.google.com.pg www.google.com.sl joko-mobile-app-media.s3.eu-west-1.amazonaws.com www.google.com.vc www.google.co.zw responsible-defenders-pages-production.s3.amazonaws.com maxcdn.bootstrapcdn.com www.google.mv i5.walmartimages.com www.google.ga api.v12.estore.catalograck.com www.google.ps www.google.td www.google.tg www.google.cv www.google.sh 2ol9uikb2smmh33igrfuajp3rzdbfn26dexlgukbbe1964cfade0ae5bsac.d.aa.online-metrix.net d1z0mfyqx7ypd2.cloudfront.net www.google.gg www.google.bt cdn.shopify.com bat.bing.net qpdzbdfymkxrfamkovac.supabase.co speechit.pro hm.baidu.com www.google.la www.google.im assets.jivox.com www.google.ws huaban.com thm.visa.com 2ol9uikbvvw5624jk7etmgjmapvmvxbomknoygioe458c65801c51665sac.d.aa.online-metrix.net www.coupert.com bank.gov.ua csi.gstatic.com www.google.co.ls pos.baidu.com www.google.nl cloud-tr.devzen.site dupe.com mc.yandex.ru headlights.com www.google.sc jonypractic.net app.dataspidy.com 2ol9uikbdkqasbim2e2unhyjwhbwnlo7rldi7ng7c2a4320ba2880877sac.d.aa.online-metrix.net static.xx.fbcdn.net www.google.bi performanceparts.ford.com www.couponscdn.com assets.grammarly.com www.google.ad softwaresuggest.imgix.net yt3.ggpht.com www.google.fm cdn.leanlibrary.app favicon.yandex.net www.google.com.cu www.adbstr.com l.facebook.com www.magentocommerce.com throtl.com cdn.menardc.com images.globalindustrial.com static.summitracing.com www.truevalue.com www.landmsupply.com scene7.samsclub.com linqcdn.avbportal.com svcs.tql.com www.searchencrypt.com google.com https:\/\/connect.bolt.com https:\/\/*.bolt.com https:\/\/src.mastercard.com www.googleadservices.com cars245.com images.orgill.com cdn10.bigcommerce.com db73q1dut0rlp.cloudfront.net auxbeam.com www.morimotohid.com cdn-product-images.revolutionparts.io www.yhqdashi.com di2ponv0v5otw.cloudfront.net cdn11.bigcommerce.com da8h1v3w8q6n5.cloudfront.net thumbs.smartframe.io www.google.tl shop.spencehardware.com www.partsgeek.com etc.roboform.com ep1.adtrafficquality.google sb.scorecardresearch.com ping.chartbeat.net t.skimresources.com track-na2.hubspot.com vehiclepartimages.com 2ol9uikbgw2kux4lk7h5utwwgpxnjg6k3kjiuxka46ead17deeeabb11sac.d.aa.online-metrix.net h.online-metrix.net static.rshughes.com m-api-01.coupert.com img.alicdn.com mikkiload.com library.iterable.com d15k2d11r6t6rl.cloudfront.net rockysandstudio.com static.cloudflareinsights.com www.google.co.ck www.google.to api.phia.com www.google.ki headlightsdepot.com cur.cursors-4u.net 2ol9uikb5l4fumvolnucvdqhenm4m6p4ngm4iymtb5c9de9a95d597d4sac.d.aa.online-metrix.net lexusboutique.net cilkonlay.com image.coupert.com obs.dianleida.net cdn.jsdelivr.net images.simplepart.net uniqperformance.ca assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.google-analytics.com bid.g.doubleclick.net analytics.google.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/static.afterpay.com https:\/\/site-assets.afterpay.com\/ ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.doubleclick.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline';report-uri https:\/\/www.headlightsdepot.com\/fl32csp\/report\/;","count":1},{"content-security-policy-report-only":" default-src 'self'  'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/recaptcha.net\/ https:\/\/gstatic.com\/ https:\/\/www.recaptcha.net\/ https:\/\/www.gstatic.com\/ https:\/\/assets.adobedtm.com\/; style-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net\/ https:\/\/recaptcha.net\/ https:\/\/gstatic.com\/; font-src 'self' https:\/\/cdn.jsdelivr.net\/; img-src 'self' https: data: blob:; connect-src https:; frame-src 'self' https:\/\/recaptcha.net\/ https:\/\/gstatic.com\/ https:\/\/www.recaptcha.net\/ https:\/\/www.gstatic.com\/ https:\/\/clydesdalebankplc.demdex.net\/; frame-ancestors 'none';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net *.fonts.googleapis.com data: *.cloudflare.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com magento2-typesense data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * magento2-typesense 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com magento2-typesense 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.addthis.com *.pinterest.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com magento2-typesense 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/cdn.arducam.com https:\/\/uctronics.com https:\/\/www.uctronics.com https:\/\/blog.arducam.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.cloudflare.com *.cdn.klarna.com *.s.ytimg.com *.widgets.magentocommerce.com *.fpdbs.paypal.com *.t.paypal.com *.fpdbs.sandbox.paypal.com *.googleapis.com *.addthis.com *.pinterest.com *.cdninstagram.com magento2-typesense data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.addthis.com *.moatads.com *.addthisedge.com *.facebook.com *.pinterest.com *.instagram.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com mysyscloud.com\/ magento2-typesense 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com *.googleapis.com *.stripe.network *.stripecdn.com *.amazon.com magento2-typesense 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com magento2-typesense 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com http:\/\/search.arducam.com https:\/\/search.arducam.com https:\/\/cdn.arducam.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.cloudflare.com *.googleapis.com *.addthis.com *.graph.instagram.com *.google-analytics.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com mysyscloud.com\/ magento2-typesense 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com magento2-typesense http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-EOBRNo6uuC6zPZxBCCWIjg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' https:; font-src 'self' https: data: https:\/\/d3858hfkbmzrt.cloudfront.net; img-src 'self' https: data: blob: https:\/\/d3858hfkbmzrt.cloudfront.net; object-src 'none'; script-src 'strict-dynamic' 'self' https: blob: 'unsafe-eval' https:\/\/js-agent.newrelic.com https:\/\/*.nr-data.net https:\/\/*.sdkassets.chime.aws https:\/\/d3858hfkbmzrt.cloudfront.net 'nonce-uIDRPSqR25RvGt1BV0ob9g=='; style-src 'self' https: 'unsafe-inline' https:\/\/d3858hfkbmzrt.cloudfront.net 'nonce-uIDRPSqR25RvGt1BV0ob9g=='; frame-src 'self' blob: https:\/\/helloglobo.looker.com; manifest-src 'self'; worker-src 'self' blob: https:\/\/*.sdkassets.chime.aws; media-src 'self' https: https:\/\/d3858hfkbmzrt.cloudfront.net; base-uri 'self'; connect-src 'self' ws: wss: wss:\/\/*.pusher.com wss:\/\/*.pusherapp.com https:\/\/*.pusher.com https:\/\/*.twilio.com wss:\/\/*.twilio.com https:\/\/js-agent.newrelic.com https:\/\/*.nr-data.net https:\/\/*.chime.aws wss:\/\/*.chime.aws https:\/\/*.amazonaws.com https:\/\/*.sdkassets.chime.aws","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' *.preview.devprod.cloudflare.dev;frame-src 'self' www.youtube.com player.vimeo.com www.recaptcha.net www.google.com www.googletagmanager.com sgtm-cr.vistra.com *.hsforms.com td.doubleclick.net consentcdn.cookiebot.com s.company-target.com cdn.yoshki.com cdn.userway.org platform.twitter.com; report-uri https:\/\/vistragroup.com\/csp-report","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com data: *.klarnacdn.net *.yotpo.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.klarna.com https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com https:\/\/cdn.ingrid.com\/ https:\/\/js.klarna.com\/ https:\/\/js.playground.kustom.co\/ https:\/\/js.live.kustom.co\/ https:\/\/td.doubleclick.net\/ https:\/\/widget.imbox.io\/ https:\/\/widget-launcher.imbox.io\/ *.trustpilot.com *.yotpo.com *.ingrid.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com *.googleapis.com *.klarna.com *.klarnaevt.com *.klarnacdn.net http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/js.klarna.com\/ https:\/\/js.playground.kustom.co\/ https:\/\/js.live.kustom.co\/ bat.bing.com bat.bing.net cdn-cookieyes.com *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/core.helloretail.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com *.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com bat.bing.com bat.bing.net cdn-cookieyes.com *.trustpilot.com *.yotpo.com *.ingrid.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com *.klarnacdn.net *.trustpilot.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/core.helloretail.com https:\/\/helloretailcdn.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/js.klarna.com\/ https:\/\/js.playground.kustom.co\/ https:\/\/js.live.kustom.co\/ region1.google-analytics.com region1.analytics.google.com pagead2.googlesyndication.com www.google.com\/ccm\/collect log.cookieyes.com cdn-cookieyes.com bat.bing.com bat.bing.net *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/26dd9fdb-d1ae-4de1-a1b1-9eeb5fbcd903.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" font-src *.sagepay.com *.yotpo.com *.googleapis.com *.gstatic.com www.partstown.co.uk data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.sagepay.com *.facebook.com *.yotpo.com www.partstown.co.uk 'self' 'unsafe-inline'; frame-ancestors www.partstown.co.uk 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.adyen.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.sagepay.com *.weltpixel.com *.yotpo.com www.partstown.co.uk 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.adyen.com maps.googleapis.com maps.gstatic.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.paypal.com *.sagepay.com validate.fishpig.co.uk *.gstatic.com *.facebook.com *.yotpo.com www.partstown.co.uk data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com maps.googleapis.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com chimpstatic.com downloads.mailchimp.com *.list-manage.com *.sagepay.com https:\/\/www.googletagmanager.com tagmanager.google.com analytics.google.com *.facebook.net *.yotpo.com www.partstown.co.uk https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com cdn.dnky.co webchat.dotdigital.com downloads.mailchimp.com *.sagepay.com tagmanager.google.com *.yotpo.com *.googleapis.com www.partstown.co.uk 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.partstown.co.uk 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com *.paypal.com *.sagepay.com *.google-analytics.com analytics.google.com *.facebook.net https:\/\/www.google-analytics.com *.yotpo.com www.partstown.co.uk 'self' 'unsafe-inline'; child-src www.partstown.co.uk http: https: blob: 'self' 'unsafe-inline'; default-src www.partstown.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'unsafe-inline' 'unsafe-eval'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=XDwnirFm52yG2LXRFhB1f2RsMqkYKLfvCLssT2p76Mk-1778723481.9221537-1.0.1.1-Ija_S_cTuTtBwgN.6qEZzmEBGsBuKsTRcrswjQUOuyCbYEs4fztPwSAf3LKZLVJZFD19InqxGmG7VQLEsOblYvZpG5RG34MUyFRf_TfUtpGOdq8H45oAcyOdZCDIdCfIMCS77jTsogOZSMhBhvWvU21KygsCvlR5lH.i5MFJWA4; report-to cf-csp-endpoint","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' http:\/\/*.mogucdn.com https:\/\/*.mogucdn.com http:\/\/*.juangua.com https:\/\/*.juangua.com http:\/\/*.meilishuo.com https:\/\/*.meilishuo.com http:\/\/*.meilishuo.net https:\/\/*.meilishuo.net http:\/\/*.mogujie.com https:\/\/*.mogujie.com http:\/\/*.qq.com https:\/\/*.qq.com http:\/\/*.mogujie.org https:\/\/*.mogujie.org http:\/\/*.meili-inc.com https:\/\/*.meili-inc.com http:\/\/*.mogu.com https:\/\/*.mogu.com http:\/\/*.mogu-inc.com https:\/\/*.mogu-inc.com; report-uri http:\/\/sd.mogujie.com\/index.php","count":1},{"content-security-policy-report-only":" default-src 'none'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; img-src 'self' data: https:\/\/elegant-harmony-f8a4c00980.strapiapp.com https:\/\/elegant-harmony-f8a4c00980.media.strapiapp.com https:\/\/cms.sandbox-london-b.fetch-ai.com https:\/\/res.cloudinary.com; font-src 'self' https:\/\/fonts.gstatic.com; media-src 'self' https:\/\/www.dropbox.com https:\/\/*.dropboxusercontent.com; connect-src 'self' https:\/\/www.google-analytics.com; frame-ancestors 'none'; base-uri 'self'; object-src 'none';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.klarnacdn.net https:\/\/static.unzer.com https:\/\/applepay.cdn-apple.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de https:\/\/plumrocket.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.typeform.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.awin1.com *.zenaps.com *.fls.doubleclick.net *.klarna.com https:\/\/plumrocket.com https:\/\/payment.unzer.com https:\/\/payment.heidelpay.com https:\/\/sbx-payment.heidelpay.com https:\/\/sbx-payment.unzer.com https:\/\/static-cc.test.unzer.com https:\/\/h.online-metrix.net https:\/\/google.com\/pay https:\/\/pay.google.com\/ https:\/\/test-heidelpay.hpcgw.net\/ https:\/\/sbx-api.heidelpay.com\/ https:\/\/sandbox.clicktopay.auth.visa.com https:\/\/clicktopay.visa.com https:\/\/sandbox.secure.checkout.visa.com https:\/\/secure.checkout.visa.com https:\/\/applepay.cdn-apple.com landofcoder.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com *.bw-online-shop.com lantern.roeye.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net https:\/\/a.delivery.consentmanager.net https:\/\/b.delivery.consentmanager.net https:\/\/c.delivery.consentmanager.net https:\/\/d.delivery.consentmanager.net d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.awin1.com *.zenaps.com *.wepowerconnections.com *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/static.unzer.com *.online-metrix.net https:\/\/www.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com *.clickcease.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net https:\/\/a.delivery.consentmanager.net https:\/\/b.delivery.consentmanager.net https:\/\/c.delivery.consentmanager.net https:\/\/d.delivery.consentmanager.net *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/static.unzer.com https:\/\/applepay.cdn-apple.com https:\/\/pay.google.com https:\/\/code.jquery.com https:\/\/h.online-metrix.net https:\/\/h64.online-metrix.net https:\/\/static-v2.unzer.com\/v2\/ui-components\/ https:\/\/*.src.mastercard.com landofcoder.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com *.klarnacdn.net https:\/\/sandbox.src.mastercard.com https:\/\/static-v2.unzer.com\/v2\/ui-components\/ 'self' 'unsafe-inline'; object-src https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net https:\/\/a.delivery.consentmanager.net https:\/\/b.delivery.consentmanager.net https:\/\/c.delivery.consentmanager.net https:\/\/d.delivery.consentmanager.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com *.youpilot.org *.fact-finder.de https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/api.unzer.com https:\/\/api.heidelpay.com https:\/\/sbx-api.heidelpay.com https:\/\/sbx-api.unzer.com https:\/\/payment.unzer.com https:\/\/payment.heidelpay.com https:\/\/sbx-payment.heidelpay.com https:\/\/sbx-payment.unzer.com https:\/\/h.online-metrix.net https:\/\/h64.online-metrix.net https:\/\/google.com\/pay https:\/\/www.google.com\/pay https:\/\/pay.google.com https:\/\/test-heidelpay.hpcgw.net\/ https:\/\/sbx-api.heidelpay.com\/ https:\/\/static-cc.test.unzer.com https:\/\/static-v2.unzer.com\/v2\/ui-components\/ https:\/\/*.src.mastercard.com landofcoder.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com http: https: blob: 'self' 'unsafe-inline'; default-src https:\/\/cdn.consentmanager.net https:\/\/delivery.consentmanager.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" connect-src *.bundesregierung.de analytics.bundesregierung.de 'self' https:\/\/hls-hd.myrasec.de *.stage.bio ; style-src *.bundesregierung.de 'self' 'unsafe-inline' ; script-src *.bundesregierung.de 'self' ; script-src-elem 'self' *.bundesregierung.de 'nonce-VIvV6mEmy3rBtrXIOGRUZHsjOiTu\/rm1by8s4dwl84nj9uER\/dZn3OUNJV6U++iM6j+E9apw4JQugEMPTtDUcHJ95l7OdHd1Pj0BCLjaEJwKn1Kjc\/dXBHuegjPrcHPyPqiQT58KFO4WM67JzTkxqB2zCcxFDJXZcQVfmu1Jt3E=' *.stage.bio ; frame-src *.bundesregierung.de 'self' ; media-src *.bundesregierung.de 'self' http:\/\/video.bundesregierung.de https:\/\/zdf-hls-18.akamaized.net *.stage.bio ; frame-ancestors *.bundesregierung.de 'self' ; img-src 'self' *.bundesregierung.de https:\/\/*.tile.openstreetmap.de data: *.stage.bio ; default-src *.bundesregierung.de 'self' ; font-src *.bundesregierung.de 'self' ; report-uri https:\/\/www.bundeskanzler.de\/service\/csp-report ;","count":1},{"content-security-policy-report-only":" font-src *.checkout.com *.cdn-apple.com *.oney.io *.staging.oney.io *.fontawesome.com https:\/\/fonts.bunny.net fonts.googleapis.com fonts.gstatic.com https:\/\/stackpath.bootstrapcdn.com https:\/\/fonts.gstatic.com\/ https:\/\/akio-25-49.akio.cloud\/ https:\/\/service.joomeo.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.fd-recette.net https:\/\/akio-25-49.akio.cloud\/ https:\/\/service.joomeo.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.checkout.com *.klarna.com *.hipay-tpp.com *.hipay.com *.paypal.com *.google.com\/ *.googleapis.com *.photoweb.com *.photoweb.es *.contentsquare.net *.kwanko.com https:\/\/hq-dev.magento.digitalphoto.dev https:\/\/cdn.segment.com https:\/\/events.eu1.segmentapis.com https:\/\/akio-25-49.akio.cloud\/ https:\/\/www.googletagmanager.com https:\/\/widget.trustpilot.com https:\/\/privacy.fnac.phoenix.digitalphoto.group https:\/\/www.dwin1.com *.awin1.com *.zenaps.com https:\/\/the.sciencebehindecommerce.com https:\/\/*.wepowerconnections.com https:\/\/lantern.roeyecdn.com https:\/\/lantern.roeye.com https:\/\/service.joomeo.com https:\/\/gum.criteo.com\/ https:\/\/www.mainadv.com\/ https:\/\/tag.perfmaker.net\/ https:\/\/tagassistant.google.com https:\/\/sst.photoweb.fr https:\/\/gum.criteo.com https:\/\/www.mainadv.com https:\/\/tag.perfmaker.net *.wepowerconnections.com *.facebook.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.checkout.com *.hipay.com *.google.com *.oney.io *.staging.oney.io magefan.com cm.magefan.com *.facebook.com https:\/\/firebasestorage.googleapis.com * https:\/\/www.magezon.com *.openstreetmap.org maps.googleapis.com maps.gstatic.com photoweb.com *.photoweb.com *.magento.digitalphoto.dev blob: *.contentsquare.net https:\/\/akio-25-49.akio.cloud\/ https:\/\/www.dwin1.com *.awin1.com *.zenaps.com https:\/\/the.sciencebehindecommerce.com https:\/\/*.wepowerconnections.com https:\/\/lantern.roeyecdn.com https:\/\/lantern.roeye.com https:\/\/service.joomeo.com *.hsforms.net *.hsforms.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.checkout.com *.klarnacdn.net *.cdn-apple.com *.hipay-tpp.com *.hipay.com mpsnare.iesnare.com *.paypal.com *.google.com *.oney.io *.staging.oney.io *.googletagmanager.com *.facebook.net *.avada.io *.shopify.com * maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.eu01.nr-data.net *.trustpilot.com *.contentsquare.net *.privacy-center.org *.kwanko.com https:\/\/hq-dev.magento.digitalphoto.dev https:\/\/cdn.segment.com https:\/\/events.eu1.segmentapis.com https:\/\/akio-25-49.akio.cloud\/ https:\/\/www.dwin1.com *.awin1.com *.zenaps.com https:\/\/the.sciencebehindecommerce.com https:\/\/*.wepowerconnections.com https:\/\/lantern.roeyecdn.com https:\/\/lantern.roeye.com https:\/\/service.joomeo.com https:\/\/cdn.jsdelivr.net *.hsforms.net *.hsforms.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.checkout.com *.hipay.com *.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net fonts.googleapis.com https:\/\/stackpath.bootstrapcdn.com https:\/\/fonts.googleapis.com\/ https:\/\/fonts.google.com https:\/\/akio-25-49.akio.cloud\/ https:\/\/service.joomeo.com https:\/\/cdn.jsdelivr.net *.gstatic.com https:\/\/www.googletagmanager.com https:\/\/tag.perfmaker.net\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com data: mpsnare.iesnare.com *.googleapis.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.checkout.com *.klarnaevt.com *.klarnacdn.net *.klarna.com *.browser-intake-datadoghq.com *.hipay-tpp.com *.hipay.com wss:\/\/mpsnare.iesnare.com *.googleapis.com *.oney.io *.staging.oney.io *.google-analytics.com https:\/\/get.geojs.io *.avada.io maps.googleapis.com *.google.com https:\/\/stats.g.doubleclick.net *.eu01.nr-data.net *.contentsquare.net *.kwanko.com https:\/\/hq-dev.magento.digitalphoto.dev https:\/\/cdn.segment.com https:\/\/events.eu1.segmentapis.com https:\/\/akio-25-49.akio.cloud\/ https:\/\/api.privacy-center.org\/v1\/events https:\/\/prompts.maze.co\/api\/widgets https:\/\/sdk.fra-02.braze.eu\/api\/v3\/data\/ https:\/\/pagead2.googlesyndication.com\/ https:\/\/jls.photoweb.fr\/ https:\/\/www.dwin1.com *.awin1.com *.zenaps.com https:\/\/the.sciencebehindecommerce.com https:\/\/*.wepowerconnections.com https:\/\/lantern.roeyecdn.com https:\/\/lantern.roeye.com https:\/\/service.joomeo.com t.elasticsuite.io *.hsforms.net *.hsforms.com https:\/\/sst.photoweb.fr *.googletagmanager.com region1.google-analytics.com region1.analytics.google.com stats.g.doubleclick.net https:\/\/halc.iadvize.com https:\/\/api.privacy-center.org https:\/\/prompts.maze.co https:\/\/sdk.fra-02.braze.eu https:\/\/akio-25-49.akio.cloud https:\/\/jls.photoweb.fr *.kameleoon.io *.merchant-center-analytics.goog *.iadvize.com *.tiktok.com *.perfmaker.net *.clarity.ms *.bing.com *.google.pt *.google.fr *.google.es *.google.de *.google.it *.google.be *.google.nl *.google.co.uk *.tiktokw.us *.trustpilot.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' stat.joomlapolis.com https:  data ;     script-src-attr 'self' 'unsafe-inline' stat.joomlapolis.com *.stripe.com *.stripe.network translate.google.com translate.googleapis.com      www.googletagmanager.comi www.google-analytics.com connect.facebook.net blob data ;     script-src 'self' 'unsafe-inline' 'unsafe-eval' stat.joomlapolis.com *.stripe.com *.stripe.network translate.google.com translate.googleapis.com      www.googletagmanager.comi www.google-analytics.com connect.facebook.net blob data ;     script-src-elem 'self' 'unsafe-inline' stat.joomlapolis.com *.stripe.com *.stripe.network translate.google.com translate.googleapis.com     www.google-analytics.com gc.kis.v2.scr.kaspersky-labs.com me.kis.v2.scr.kaspersky-labs.com *.kaspersky-labs.com www.pagespeed-mod.com connect.facebook.net  ;         style-src 'self' 'unsafe-inline' translate.google.com translate.googleapis.com ;     style-src-elem 'self' 'unsafe-inline' translate.googleapis.com  www.gstatic.com  fonts.googleapis.com gc.kis.v2.scr.kaspersky-labs.com me.kis.v2.scr.kaspersky-labs.com *.kaspersky-labs.com pwm-image.trendmicro.com adblockers.opera-mini.net ;     img-src 'self' data: www.joomlapolis.com stat.joomlapolis.com forge.joomlapolis.com *.stripe.com *.stripe.network *.ytimg.com www.gstatic.com www.google.com translate.google.com translate.googleapis.com www.google.com\/images fonts.gstatic.com    yastatic.net i.imgur.com servimg.com tinypic.com www.google-analytics.com www.googleadservices.com www.facebook.com img391.imageshack.us blob data ;         frame-src 'self' *.stripe.com *.stripe.network www.youtube.com www.youtube-nocookie.com www.slideshare.net      mozbar.moz.com div.show pwm-image.trendmicro.com ;     font-src 'self' data: fonts.gstatic.com use.typekit.net     *.avast.com chrome-extension github.com\/google\/fonts\/blob chrome-extension   ;     connect-src *.joomlapolis.com *.googleapis.com ;     report-uri \/report-csp-jp-c.php ;","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: *.cloudinary.com https:\/\/staticw2.yotpo.com https:\/\/fonts.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com cloudinary.com *.cloudinary.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com cloudinary.com *.cloudinary.com cdnjs.cloudflare.com *.dotdigital-pages.com *.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.hotjar.com *.google.com *.vimeo.com *.livechatinc.com https:\/\/cloudinary.com shell.davidsonsinc.com https:\/\/www.youtube.com\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com cloudinary.com *.cloudinary.com *.trackedlink.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.cloudfront.net *.cloudflare.com https:\/\/p.yotpo.com https:\/\/cdn-yotpo-images-production.yotpo.com *.facebook.com *.pinterest.com *.google.com https:\/\/bat.bing.com https:\/\/cdn.livechat-files.com https:\/\/online.flippingbook.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ cloudinary.com *.cloudinary.com cdnjs.cloudflare.com *.vimeo.com unpkg.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/chimpstatic.com https:\/\/assets.pinterest.com https:\/\/ct.pinterest.com https:\/\/staticw2.yotpo.com https:\/\/static.hotjar.com https:\/\/connect.facebook.net https:\/\/static-tracking.klaviyo.com https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/s.pinimg.com https:\/\/bat.bing.com https:\/\/r2-t.trackedlink.net https:\/\/script.hotjar.com https:\/\/cdn.livechatinc.com https:\/\/api.livechatinc.com https:\/\/davcc.disqus.com https:\/\/vc.hotjar.io\/ https:\/\/in.hotjar.com https:\/\/online.flippingbook.com https:\/\/d33i2vgywgme2s.cloudfront.net *.hsforms.net *.hsforms.com *.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com cloudinary.com *.cloudinary.com *.googleapis.com unpkg.com unsafe-inline assets.braintreegateway.com https:\/\/staticw2.yotpo.com https:\/\/static.klaviyo.com https:\/\/fonts.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com cloudinary.com *.cloudinary.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com cloudinary.com *.cloudinary.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com https:\/\/staticw2.yotpo.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/telemetrics.klaviyo.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net https:\/\/stats.g.doubleclick.net https:\/\/ct.pinterest.com https:\/\/api.livechatinc.com *.hotjar.com *.hotjar.io *.google-analytics.com https:\/\/fbo-b.flippingbook.com\/ t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/www.davidsonsinc.com; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" style-src-elem 'unsafe-inline' cdn.listrakbi.com *.googleapis.com *.livehelpnow.net *.shipperhq.com tcc.test cary.test *.userway.org thecarycompany.com *.thecarycompany.com; font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com data: *.hawksearch.com *.hawksearch.net *.userway.org *.livehelpnow.net *.shipperhq.com *.gstatic.com *.googleapis.com tcc.test cary.test *.thecarycompany.com thecarycompany.com fonts.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.youtube.com *.youtube-nocookie.com bid.g.doubleclick.net www.googletagmanager.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com *.certcapture.com data: *.avis-verifies.com *.livechatinc.com *.shipperhq.com *.userway.org *.trustpilot.com guarantee-cdn.com *.pinterest.com *.google.com services.listrak.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com https:\/\/www.googletagmanager.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.googleapis.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com validator.swagger.io *.certcapture.com tcc.test cary.test *.thecarycompany.com www.thecarycompany.com *.adobedtm.com *.wistia.com *.wistia.net *.akamaihd.net seal-chicago.bbb.org *.listrakbi.com maps.gstatic.com *.bing.com *.linkedin.com *.google.com nsg.symantec.com tcs-analytics-tracker.now.sh tcs-analytics-tracker.vercel.app guarantee-cdn.com www.facebook.com hn.inspectlet.com thecarycompany.com *.livehelpnow.net googleadservices.com *.cookielaw.org *.userway.org http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ connect.facebook.net graph.facebook.com business.facebook.com *.googleapis.com maps.googleapis.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io assets.adobedtm.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.certcapture.com 'unsafe-inline' data: *.wistia.com *.wistia.net seal-chicago.bbb.org *.listrakbi.com nsg.symantec.com *.online-metrix.net *.shipperhq.com *.authorize.net secure.authorize.net test.authorize.net *.licdn.com *.chatservice.co *.inspectlet.com www.facebook.com *.msecnd.net *.bing.com *.doubleclick.net *.google.com *.googleadservices.com *.google-analytics.com *.googlecommerce.com *.googletagmanager.com *.googleapis.com *.gstatic.com guarantee-cdn.com *.cardinalcommerce.com.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.trustpilot.com *.cookielaw.org *.userway.org *.livehelpnow.net *.sentry-cdn.com *.thomasnet.com ip.convirza.com tcc.test cary.test thecarycompany.com *.thecarycompany.com cdn.jsdelivr.net *.pinimg.com *.fontawesome.com *.pinterest.com services.listrak.com testflex.cybersource.com flex.cybersource.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ x.klarnacdn.net connect.facebook.net graph.facebook.com business.facebook.com assets.shipperhq.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.certcapture.com data: *.listrakbi.com *.shipperhq.com *.userway.org *.livehelpnow.net tcc.test cary.test *.googleapis.com *.thecarycompany.com thecarycompany.com assets.shipperhq.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com data: *.wistia.com *.wistia.net *.akamaihd.net *.userway.org tcc.test cary.test *.thecarycompany.com thecarycompany.com *.livehelpnow.net http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com vimeo.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.magento-datasolutions.com *.magento-ds.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.certcapture.com data: *.wistia.com *.litix.io *.shipperhq.com wss:\/\/rms.shipperhq.com *.doubleclick.net *.chatservice.co *.inspectlet.com ws.inspectlet.com tcs-analytics-tracker.now.sh tcs-analytics-tracker.vercel.app *.google.com *.googleapis.com *.bing.com *.trustpilot.com *.cookielaw.org developer.livehelpnow.net *.userway.org *.livehelpnow.net wss:\/\/app.livehelpnow.net ip.convirza.com dni.logmycalls.com tcc.test cary.test *.thecarycompany.com thecarycompany.com geolocation.onetrust.com *.linkedin.com *.pinterest.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com rms.shipperhq.com https:\/\/rms.shipperhq.com ovs.shipperhq.com 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src *.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/5502b8453f99696234832a80aaf978ec.report-uri.com\/r\/d\/csp\/reportOnly; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/*.gstatic.com *.klarnacdn.net *.stackla.com *.googleapis.com cdn.honey.io account.affilitizer.com at.alicdn.com https:\/\/vax.co.uk\/ https:\/\/applepay.cdn-apple.com data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com api.bazaarvoice.com stg.api.bazaarvoice.com unpkg.com *.unpkg.com imagekit.io *.imagekit.io *.securesuite.co.uk *.facebook.com *.arcot.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com *.monzo.com *.wlp-acs.com *.rsa3dsauth.co.uk *.rsa3dsauth.com *.lloydsbankinggroup.com *.salesforce.com 3dsecure.starlingbank.com 'self' 'unsafe-inline'; frame-ancestors *.google.com *.facebook.net *.vax.co.uk 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.adyen.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com unpkg.com *.unpkg.com cdnjs.cloudflare.com imagekit.io *.imagekit.io *.klarna.com *.stackla.com *.authorize.net *.pinterest.com *.doubleclick.net *.snapchat.com *.trustpilot.com *.securesuite.co.uk *.arcot.com *.salesforceliveagent.com tti-fc.my.salesforce-sites.com *.vax.co.uk *.googletagmanager.com *.awin1.com\/ *.awinblackfriday.com\/ spay.samsung.com *.google.it *.rsa3dsauth.co.uk *.rsa3dsauth.com *.klarnaservices.com *.lloydsbankinggroup.com *.googleusercontent.com *.salesforce.com *.wepowerconnections.com *.monzo.com 3dsecure.starlingbank.com *.cardinalcommerce.com *.site.com *.techsee.me www.facebook.com https:\/\/service.force.com https:\/\/tti-fc-emea.force.com https:\/\/d.la1-c1cs-cdg.salesforceliveagent.com https:\/\/cdn.cookielaw.org 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * https:\/\/*.gstatic.com *.adyen.com https:\/\/images.unsplash.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com unpkg.com *.unpkg.com imagekit.io *.imagekit.io *.klarna.com *.klarnaevt.com *.klarnacdn.net *.simpli.fi *.google.com *.google.co.uk *.bazaarvoice.com *.adscience.com *.rackcdn.com *.magentocommerce.com *.pinimg.com *.snapchat.com *.bing.com *.trustpilot.com *.vaxstaffsale.co.uk *.roeye.com www.awin1.com *.awinblackfriday.com\/ *.clarity.ms *.doubleclick.net *.googlesyndication.com *.vax.co.uk https:\/\/vax.co.uk\/ https:\/\/vax.co.uk:443\/ *.wepowerconnections.com spay.samsung.com *.googleapis.com *.tiktok.com *.google.ie *.google.je *.google.gg *.zenaps.com *.googleusercontent.com *.facebook.com *.cloudinary.com *.facebook.net *.cloudflareinsights.com *.force.com *.techsee.me edge.curalate.com bat.bing.net res.cloudinary.com www.facebook.com vax.co.uk *.abtasty.com *.googleadservices.com *.postcodeanywhere.co.uk https:\/\/service.force.com https:\/\/tti-fc-emea.force.com https:\/\/d.la1-c1cs-cdg.salesforceliveagent.com https:\/\/cdn.cookielaw.org data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/maps.googleapis.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com unpkg.com *.unpkg.com cdnjs.cloudflare.com imagekit.io *.imagekit.io *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.stackla.com *.authorize.net *.zencdn.net *.googleoptimize.com *.postcodeanywhere.co.uk *.force.com d.la1-c1cs-cdg.salesforceliveagent.com cdn.cookielaw.org *.googletagmanager.com *.google.it *.google.ie *.google.je sc-static.net *.bing.com *.pinterest.com *.pinimg.com *.snapchat.com *.tiktok.com *.abtasty.com *.trustpilot.com *.dwin1.com *.salesforceliveagent.com *.clarity.ms *.roeyecdn.com *.securesuite.co.uk *.vaxstaffsale.co.uk tti-fc--dtn.sandbox.my.site.com *.site.com *.vax.co.uk *.stapecdn.com stapecdn.com *.awin1.com *.awinblackfriday.com\/ *.sciencebehindecommerce.com *.cloudflareinsights.com spay.samsung.com *.googleapis.com *.zenaps.com cdn.honey.io *.googleusercontent.com *.doubleclick.net *.salesforce.com *.facebook.net *.cookielaw.org cdn.evgnet.com edge.curalate.com connect.facebook.net tti-fc.my.site.com *.adalyser.com *.bazaarvoice.com *.gstatic.com https:\/\/service.force.com https:\/\/tti-fc-emea.force.com https:\/\/d.la1-c1cs-cdg.salesforceliveagent.com https:\/\/cdn.cookielaw.org 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.cash.app https:\/\/fonts.googleapis.com\/ display.ugc.bazaarvoice.com unpkg.com *.unpkg.com imagekit.io *.imagekit.io *.klarnacdn.net *.googleapis.com *.stackla.com *.zencdn.net *.force.com *.postcodeanywhere.co.uk crm.vax.co.uk cdn.honey.io *.doubleclick.net *.site.com https:\/\/service.force.com https:\/\/tti-fc-emea.force.com https:\/\/d.la1-c1cs-cdg.salesforceliveagent.com https:\/\/cdn.cookielaw.org 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src imagekit.io *.imagekit.io *.techsee.me *.vax.co.uk edge.curalate.com connect.facebook.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.adyen.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com unpkg.com *.unpkg.com imagekit.io *.imagekit.io *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com *.onetrust.com *.cardinalcommerce.com *.pinterest.com *.snapchat.com *.tiktok.com *.doubleclick.net *.postcodeanywhere.co.uk *.abtasty.com *.googlesyndication.com *.vaxstaffsale.co.uk *.securesuite.co.uk *.clarity.ms *.dynatrace.com *.vax.co.uk https:\/\/google.com\/pay *.sciencebehindecommerce.com spay.samsung.com *.googleapis.com *.google.ie *.google.je *.google.gg cdn.honey.io account.affilitizer.com *.googleusercontent.com *.bing.com https:\/\/www.wepowerconnections.com:443 *.facebook.com edge.curalate.com bat.bing.net tti-fc.my.salesforce-scrt.com tti-fc--devdigital.sandbox.my.salesforce-scrt.com n55685555553z63h3bc3n3n3a2759464.germany-2.evergage.com www.gstatic.com https:\/\/service.force.com https:\/\/tti-fc-emea.force.com https:\/\/d.la1-c1cs-cdg.salesforceliveagent.com https:\/\/cdn.cookielaw.org 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri pay.google.com 'self' 'unsafe-inline'; report-uri https:\/\/csp.vax.co.uk\/csp-report; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" child-src 'self' https:\/\/*.qualified.com; default-src 'self'; frame-src 'self' https:\/\/9628652.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/ct.pinterest.com https:\/\/tealium-f.squarecdn.com; worker-src 'self' blob:; connect-src 'self' https:\/\/assets.ctfassets.net https:\/\/api.broadway.squareup.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/api.squareup.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com\/v1\/cdp\/batch https:\/\/api.squarestagingexternal.com https:\/\/api.squareup.com https:\/\/api.squareupstaging.com *.contentsquare.net https:\/\/capi.squareup.com https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/stats.g.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/google.com https:\/\/www.google.com https:\/\/us-central1-sq-sgtm-prod.cloudfunctions.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net http:\/\/424-iab-218.mktoresp.com https:\/\/424-iab-218.mktoresp.com https:\/\/xms2-marketo.beta.stage.sqprod.co https:\/\/424-iab-218.mktoutil.com https:\/\/cdn.cookielaw.org https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/logx.optimizely.com https:\/\/ct.pinterest.com https:\/\/conversions-config.reddit.com https:\/\/pixel-config.reddit.com https:\/\/www.redditstatic.com *.ingest.us.sentry.io *.6sc.co https:\/\/api.sprig.com https:\/\/squareupstaging.com https:\/\/visitor-scoring-new.marketlinc.com https:\/\/api.chilipiper.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com wss:\/\/*.qualified.com https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com localhost:*; font-src 'self' https:\/\/cash-f.squarecdn.com https:\/\/square-fonts-production-f.squarecdn.com; img-src 'self' data: blob: https:\/\/ib.adnxs.com https:\/\/assets.ctfassets.net https:\/\/cdn.blisspointmedia.com https:\/\/campaign-hub-production-f.squarecdn.com *.contentsquare.net https:\/\/ad.doubleclick.net https:\/\/facebook.com https:\/\/www.facebook.com https:\/\/google.com https:\/\/www.google.com https:\/\/adservice.google.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/*.g.doubleclick.net https:\/\/www.googletagmanager.com http:\/\/images.ctfassets.net https:\/\/images.ctfassets.net https:\/\/px.ads.linkedin.com https:\/\/cdn.cookielaw.org https:\/\/pixel.pointmediatracker.com https:\/\/alb.reddit.com *.6sc.co https:\/\/api.squareup.com https:\/\/api.squareupstaging.com https:\/\/insight.adsrvr.org https:\/\/match.adsrvr.org https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; manifest-src 'self' https:\/\/pw-renderer-production-c.squarecdn.com; media-src 'self' mediastream: https:\/\/assets.ctfassets.net https:\/\/js.driftt.com http:\/\/videos.ctfassets.net https:\/\/videos.ctfassets.net https:\/\/*.qualified.com; script-src 'self' *.contentsquare.net https:\/\/www.datadoghq-browser-agent.com https:\/\/js.driftt.com https:\/\/*.qualified.com https:\/\/connect.facebook.net https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net http:\/\/www.google-analytics.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/campaign-hub-production-f.squarecdn.com https:\/\/lift-ai-js.marketlinc.com https:\/\/martech-development-c.squarecdn.com https:\/\/martech-production-c.squarecdn.com https:\/\/martech-staging-c.squarecdn.com http:\/\/munchkin.marketo.net https:\/\/munchkin.marketo.net https:\/\/cdn.cookielaw.org https:\/\/a8447815042.cdn-pci.optimizely.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/pw-renderer-production-c.squarecdn.com https:\/\/pw-renderer-staging-c.squarecdn.com https:\/\/pwt-production-c.squarecdn.com https:\/\/pwt-staging-c.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com https:\/\/squareinc-sandbox.chilipiper.com https:\/\/squareinc.chilipiper.com https:\/\/www.workwithsquare.com https:\/\/www.redditstatic.com *.6sc.co https:\/\/cdn.sprig.com https:\/\/xms-production-f.squarecdn.com https:\/\/www.youtube.com https:\/\/pw-renderer-production-c.squarecdn.com 'nonce-k3lwKhJnlqlk2ftKXT+PrA=='; style-src 'self' https:\/\/square-fonts-production-f.squarecdn.com https:\/\/sales-bridge-production-c.squarecdn.com https:\/\/sales-bridge-staging-c.squarecdn.com 'unsafe-inline' https:\/\/*.qualified.com https:\/\/pw-renderer-production-c.squarecdn.com; frame-ancestors 'self' https:\/\/app.contentful.com; report-uri https:\/\/browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin=content-security-policy&ddsource=csp-report; report-to browser-intake-datadoghq","count":1},{"content-security-policy-report-only":" script-src 'self' https:\/\/static.apisearch.cloud","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' data: https:\/\/fonts.gstatic.com; img-src 'self' data: blob: https:\/\/*.nastykinkpigs.com https:\/\/*.nkpsmedia.com https:\/\/imagedelivery.net; connect-src 'self' wss:\/\/*.nastykinkpigs.com wss:\/\/nastykinkpigs.com https:\/\/*.nastykinkpigs.com; media-src 'self' blob:; object-src 'none'; frame-ancestors 'self'; base-uri 'self'; form-action 'self'; report-uri \/mobile\/oink\/csp-report.php","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com static.harveynorman.si static.prod.harveynorman.hr static.mage.harvey.optiweb.serv.si media.flixfacts.com media.flixcar.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/lapp.leanpay.hr https:\/\/app.leanpay.hr https:\/\/stage-app.leanpay.si https:\/\/app.leanpay.si https:\/\/stage-app.leanpay.ro https:\/\/vendor.leanpay.ro https:\/\/stage-checkout.leanpay.si *.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io *.paypal.com *.typekit.net *.gstatic.com https:\/\/firebasestorage.googleapis.com *.harveynorman.si *.prod.harveynorman.hr *.harvey.optiweb.serv.si *.cookiebot.com *.doubleclick.net *.criteo.com *.criteo.net www.google.si *.creativecdn.com blob: *.facebook.com *.reddit.com static.youreko.com *.cloudfront.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com media.flixcar.com media.flixfacts.com rt.flix360.com logo.flix360.io data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.commerce-payment-services.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com s7.addthis.com *.avada.io *.segmentify.com cdn.sgmntfy.com api.squalomail.com *.criteo.com *.criteo.net *.googleapis.com cdnjs.cloudflare.com *.hotjar.com *.cookiebot.com *.harveynorman.si *.prod.harveynorman.hr *.livechatinc.com *.creativecdn.com www.gstatic.com static.harveynorman.si static.prod.harveynorman.hr static.mage.harvey.optiweb.serv.si https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com maps.googleapis.com static.youreko.com api.youreko.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.loadbee.com media.flixcar.com media.flixfacts.com prod.flixgvid.flix360.io 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com *.segmentify.com cdnjs.cloudflare.com www.googletagmanager.com static.harveynorman.si static.prod.harveynorman.hr static.mage.harvey.optiweb.serv.si tagmanager.google.com static.youreko.com assets.braintreegateway.com media.flixcar.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com ekr.zdassets.com\/ https:\/\/get.geojs.io *.avada.io *.segmentify.com *.criteo.com *.cookiebot.com pagead2.googlesyndication.com *.hotjar.io *.doubleclick.net *.creativecdn.com *.harveynorman.si *.prod.harveynorman.hr capig.stape.host static.mage.harvey.optiweb.serv.si *.google-analytics.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.run.app maps.googleapis.com api.youreko.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com media.flixcar.com pk.takoleasy.si *.loadbee.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" base-uri *.wein.plus;connect-src *.wein.plus *.googleapis.com *.googletagmanager.com;child-src *.wein.plus;default-src 'none';media-src *.wein.plus;form-action *.wein.plus;img-src *.wein.plus data:;font-src *.wein.plus data: *.gstatic.com;manifest-src *.wein.plus;style-src *.wein.plus 'self' 'unsafe-inline';style-src-elem *.wein.plus 'unsafe-inline' *.google.com;script-src *.wein.plus 'self' 'unsafe-inline' *.etracker.com;script-src-elem *.wein.plus 'unsafe-inline' *.googletagmanager.com *.google.com *.etracker.com","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com cash-f.squarecdn.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com 'self' 'self' data: https:\/\/*.tawk.to data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com * 'self' https:\/\/*.adyen.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com * https:\/\/www.googletagmanager.com\/ https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com 'self' https:\/\/consentcdn.cookiebot.com 'self' 'unsafe-inline'; img-src cdn.zitmaxx.nl https:\/\/pim.zitmaxx.nl assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com data: widgets.magentocommerce.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com * https:\/\/images.unsplash.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ www.googletagmanager.com magefan.com cm.magefan.com *.disqus.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com 'self' data: https: http: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/cdn.ablyft.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.disqus.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com https:\/\/cdn.jsdelivr.net 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.googleoptimize.com https:\/\/*.tawk.to https:\/\/secure.adnxs.com d5yoctgpv4cpx.cloudfront.net https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/sst.zitmaxx.nl 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cash.app https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/cdn.jsdelivr.net 'self' 'unsafe-inline' https:\/\/*.tawk.to 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src https:\/\/pim.zitmaxx.nl dpm.demdex.net amcglobal.sc.omtrdc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com * https:\/\/maps.googleapis.com https:\/\/player.vimeo.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com 'self' https:\/\/*.google-analytics.com wss:\/\/*.tawk.to rkkck31tec.execute-api.eu-central-1.amazonaws.com https: 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https: data: blob:; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; frame-src 'self' https:\/\/vkvideo.ru https:\/\/forms.yandex.ru https:\/\/new-acc-space-1353.ispring.ru https:\/\/lit.bgpu.ru https:\/\/rtsp.cam; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss:; form-action 'self' https:; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.checkout-api.avarda.com *.checkout-cdn.avarda.com checkout-cdn.avarda.com payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com *.klevu.com *.ksearchnet.com *.fontawesome.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.facebook.com *.googlesyndication.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.checkout-cdn.avarda.com checkout-cdn.avarda.com card-payment-frame.production.avarda.com *.stage.avarda.com pay.google.com www.paypal.com www.sandbox.paypal.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com *.paypal.com * s7.addthis.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com *.core.windows.net *.checkout-api.avarda.com checkout-api.avarda.com *.checkout-cdn.avarda.com checkout-cdn.avarda.com openbanking-logos.production.avarda.com payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com *.klevu.com *.ksearchnet.com www.paypal.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com halonen.fi www.halonen.fi google.fi www.google.fi data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.core.windows.net *.checkout-cdn.avarda.com checkout-cdn.avarda.com *.stage.avarda.com pay.google.com payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com js.klevu.com *.ksearchnet.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com s7.addthis.com m.addthis.com v1.addthisedge.com z.moatads.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.klevu.com *.ksearchnet.com *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com api.halonen.fi api.carlson.fi *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com *.checkout-api.avarda.com checkout-api.avarda.com google.com www.google.com pay.google.com payment-widget.avarda.com *.payment-widget.avarda.com payment-widget.stage.avarda.com *.payment-widget.stage.avarda.com *.klevu.com *.ksearchnet.com www.paypal.com www.sandbox.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com s7.addthis.com m.addthis.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-pwBHsCamyOFEM3fPi5085g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.yelp.com\/csp_report_only?id=0ec4db66c049fc3d&page=csp_report_frame_directives%2Cfull_site_ssl_csp_report_directives&policy_hash=41d0c45536d2a082f11d1cd0e00fde7f&site=www&timestamp=1778725413; frame-ancestors 'self' https:\/\/*.yelp.com; default-src https:; img-src https: data: blob:; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; font-src data: https:; child-src https: yelp-webview:\/\/* yelp:\/\/* data:; object-src 'none'; worker-src blob: https:; base-uri 'self'; form-action https:","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/static.cloudflareinsights.com https:\/\/challenges.cloudflare.com https:\/\/eu-assets.i.posthog.com; style-src 'self' 'unsafe-inline'; img-src 'self' https:\/\/assets.deadlock-api.com data:; connect-src 'self' https:\/\/api.deadlock-api.com https:\/\/assets.deadlock-api.com https:\/\/eu.i.posthog.com https:\/\/eu-assets.i.posthog.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/stats.g.doubleclick.net; font-src 'self'; frame-src https:\/\/challenges.cloudflare.com;","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.clarity.ms https:\/\/c.bing.com; block-all-mixed-content; child-src https:\/\/intercom-sheets.com https:\/\/www.intercom-reporting.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.net; connect-src 'self' data: *.intercom.io *.sentry.io wss:\/\/nexus-websocket-a.intercom.io https:\/\/stats.g.doubleclick.net *.clarity.ms track.hubspot.com  static.cloudflareinsights.com vimeo.com; font-src 'self' data: https:\/\/js.intercomcdn.com https:\/\/fonts.intercomcdn.com; frame-ancestors 'self'; frame-src 'self' youtube.com www.youtube-nocookie.com challenges.cloudflare.com player.vimeo.com; img-src 'self' data: image-cdn.bankoflamps.com i.ytimg.com c.bing.com *.clarity.ms  i.vimeocdn.com; media-src 'self' blob-cdn.bankoflamps.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' youtube.com 'nonce-22QRy0YvC1qJXgeqZyd8TCL4l0et6AaGLTbnMaSNxyk=' static.cloudflareinsights.com challenges.cloudflare.com https:\/\/js.intercomcdn.com https:\/\/widget.intercom.io *.clarity.ms track.hubspot.com 'nonce-oLChKbKvPhYaR59cPv8T7g=='; style-src 'self' 'unsafe-inline'; report-uri \/csp\/report; worker-src 'self' blob:","count":1},{"content-security-policy-report-only":" script-src 'unsafe-eval' blob: 'self' 'unsafe-inline'; default-src * data: blob:; style-src * data: blob: 'unsafe-inline'; object-src 'none'; report-uri \/w\/api.php?action=cspreport&format=json&reportonly=1","count":1},{"content-security-policy-report-only":" font-src https:\/\/*.gstatic.com https:\/\/fonts.gstatic.com *.googleapis.com *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com *.yotpo.com *.klevu.com *.ksearchnet.com fonts.gstatic.com use.fontawesome.com app.christies.test static.klaviyo.com *.typekit.net https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com *.googlesyndication.com *.tiktok.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.adyen.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * js.stripe.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com https:\/\/*.dpdconnect.nl *.yotpo.com *.multisafepay.com https:\/\/pay.google.com www.googletagmanager.com widget.trustpilot.com d.la1-core1.sfdc-cehfhs.salesforceliveagent.com service.force.com insight.adsrvr.org 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.adyen.com https:\/\/images.unsplash.com https:\/\/*.gstatic.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.googleapis.com *.gstatic.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com www.feedoptimise.com cdn.feedoptimise.com *.yotpo.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.multisafepay.com app.christies.test cdn-ukwest.onetrust.com cdn.christiesdirect.com x.klarnacdn.net apple-resources.s3.amazonaws.com play.google.com www.facebook.com js.klevu.com bat.bing.com maps.gstatic.com bat.bing.net www.google.co.uk static.klaviyo.com static-forms.klaviyo.com fast.a.klaviyo.com static-tracking.klaviyo.com a.klaviyo.com telemetrics.klaviyo.com *.christiesdirect.com *.etrusted.com christiesdirect.com d3k81ch9hvuctc.cloudfront.net www.google.be www.google.fr www.google.nl https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com https:\/\/maps.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js js.stripe.com *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com https:\/\/*.dpdconnect.nl www.feedoptimise.com cdn.feedoptimise.com *.yotpo.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com *.multisafepay.com https:\/\/pay.google.com app.christies.test widget.trustpilot.com js.klarna.com integrations.etrusted.com www.dwin1.com connect.facebook.net lantern.roeyecdn.com cdn-ukwest.onetrust.com bat.bing.com static.hotjar.com cdn.attn.tv service.force.com js.adsrvr.org analytics.tiktok.com www.clarity.ms d.la2-c2-cdg.salesforceliveagent.com d.la1-core1.sfdc-cehfhs.salesforceliveagent.com christiesdirect-dev.my.salesforce-sites.com tag.mention-me.com static.mention-me.com maps.googleapis.com static.klaviyo.com static-forms.klaviyo.com fast.a.klaviyo.com static-tracking.klaviyo.com a.klaviyo.com telemetrics.klaviyo.com *.clarity.ms *.cookielaw.org *.hotjar.com *.rawgit.com *.salesforce.com *.salesforceliveagent.com *.thoughtmetric.io *.zdassets.com christiesdirect.com d2yyd1h5u9mauk.cloudfront.net https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/fonts.googleapis.com\/ https:\/\/fonts.googleapis.com unsafe-inline assets.braintreegateway.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com *.fontawesome.com *.yotpo.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.multisafepay.com app.christies.test use.fontawesome.com x.klarnacdn.net js.klevu.com service.force.com pay.multisafepay.com *.etrusted.com *.klaviyo.com *.salesforce.com *.typekit.net https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adyen.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.googleapis.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com *.yotpo.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.multisafepay.com region1.google-analytics.com s.clarity.ms js.klarna.com app.christies.test widget.trustpilot.com cdn-ukwest.onetrust.com geolocation.onetrust.com pay.google.com play.google.com maps.googleapis.com bat.bing.net static.klaviyo.com static-forms.klaviyo.com fast.a.klaviyo.com static-tracking.klaviyo.com a.klaviyo.com telemetrics.klaviyo.com *.adsrvr.org *.attentivemobile.com *.attn.tv *.bing.com *.clarity.ms *.cookielaw.org *.delighted.com *.hotjar.com *.hotjar.io *.onetrust.com *.thoughtmetric.io *.tiktokw.us *.zdassets.com *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src app.christies.test bat.bing.com s.clarity.ms pagead2.googlesyndication.com analytics.tiktok.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/12b2c380-a74f-4dc1-8591-4e44eb3933d3.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com maxcdn.bootstrapcdn.com 'unsafe-inline' data: *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com pinterest.com www.pinterest.com ct.pinterest.com *.authorize.net *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.certcapture.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com pinterest.com www.pinterest.com ct.pinterest.com *.certcapture.com https:\/\/www.googletagmanager.com\/ *.authorize.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * https:\/\/www.youtube.com https:\/\/c.paypal.com\/ *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com pinterest.com www.pinterest.com ct.pinterest.com *.certcapture.com store.paradoxlabs.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/b.stats.paypal.com\/ https:\/\/slc.stats.paypal.com\/ https:\/\/c.paypal.com\/ 'self' data: blog.designsbyjuju.com www.designsbyjuju.com *.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com pinterest.com www.pinterest.com s.pinimg.com *.attn.tv events.attentivemobile.com *.certcapture.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ player.vimeo.com *.authorize.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.fontawesome.com *.google-analytics.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net https:\/\/c.paypal.com *.google.com *.gstatic.com embedsocial.com sec.webeyez.com https:\/\/www.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.certcapture.com *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com *.googleapis.com *.gstatic.com embedsocial.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com pinterest.com www.pinterest.com ct.pinterest.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com pinterest.com www.pinterest.com ct.pinterest.com *.attn.tv events.attentivemobile.com *.certcapture.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ *.authorize.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.google-analytics.com https:\/\/bam.nr-data.net https:\/\/bam-cell.nr-data.net https:\/\/payments.sandbox.braintree-api.com\/ https:\/\/origin-analytics-sand.sandbox.braintree-api.com\/ send.webeyez.com sec.webeyez.com cognito-identity.eu-west-1.amazonaws.com firehose.eu-west-1.amazonaws.com https:\/\/www.google-analytics.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/smartsolutions.report-uri.com\/r\/d\/csp\/reportOnly; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.dk https:\/\/www.myheritage.dk  'unsafe-eval' 'nonce-53abbf0cd7f96ae5f7dbf1b6243e6582' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.dk https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" font-src https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com *.rab.equipment magento2.docker *.intervieweb.it *.algolia.com *.cloudflare.com *.twitter.com *.typekit.net *.fontawesome.com *.bootstrapcdn.com *.klarnaservices.com *.klarna.com *.klarnacdn.net *.rentle.io *.wisepops.net wisepops.net *.wisepops.com wisepops.com feather.rab.equipment *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.storyblok.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.adyen.com pay.google.com *.paypal.com *.dotdigital-pages.com *.dotdigital.com magento2.docker *.intervieweb.it *.rentle.io *.twitter.com *.google.com *.wisepops.net wisepops.net *.wisepops.com wisepops.com feather.rab.equipment www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com account.fetchify.com *.hub-box.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com * www.youtube.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com *.gstatic.com https:\/\/images.unsplash.com magento2.docker *.clarity.ms *.rab.equipment *.intervieweb.it *.rentle.io *.klarnaservices.com *.klarna.com *.klarnacdn.net *.algolia.com *.iesnare.com *.locally.com *.cloudflare.com *.googleadservices.com *.google-analytics.com *.google.co.uk *.paypal.com *.twitter.com *.wisepops.net wisepops.net *.wisepops.com wisepops.com feather.rab.equipment *.storyblok.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/cc-cdn.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com www.google.com.ua *.adobedtm.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal tagmanager.google.com https:\/\/www.googletagmanager.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js https:\/\/*.avln.me\/t.js https:\/\/developer.adobe.com https:\/\/magento.com https:\/\/cdn.avmws.com\/ http:\/\/cdn.avmws.com\/ magento2.docker *.rab.equipment *.rentle.io *.intervieweb.it *.klarnaservices.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.trustpilot.com *.algolia.com *.algolia.io *.locally.com *.outtra.com *.cookiefirst.com *.iesnare.com *.cloudflare.com *.twitter.com *.google-analytics.com *.googlesyndication.com googletagmanager.com *.google.com *.gstatic.com *.trustedshops.com *.fontawesome.com apis.google.com feather.rab.equipment gtm.rab.equipment gtm.mcstaging.rab.equipment *.polyfill-fastly.io polyfill-fastly.io *.clarity.ms *.wisepops.net wisepops.net *.wisepops.com wisepops.com *.storyblok.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/cc-cdn.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com www.youtube.com player.vimeo.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com *.rab.equipment magento2.docker *.intervieweb.it *.rentle.io *.algolia.com *.outtra.com *.locally.com *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.fontawesome.com *.bootstrapcdn.com *.klarnaservices.com *.klarna.com *.klarnacdn.net *.cookiefirst.com *.wisepops.net wisepops.net *.wisepops.com wisepops.com feather.rab.equipment *.storyblok.com cc-cdn.com unsafe-inline assets.braintreegateway.com *.yotpo.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.intervieweb.it magento2.docker *.klarnaservices.com *.klarna.com *.klarnacdn.net *.algolia.com *.iesnare.com *.locally.com 'self' data: *.rab.equipment *.rentle.io *.wisepops.net wisepops.net *.wisepops.com wisepops.com feather.rab.equipment *.amazonaws.com *.googleapis.com *.google.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adyen.com *.google.com google.com payments-eu.amazon.com *.paypal.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/developer.adobe.com https:\/\/cdn.avmws.com\/ http:\/\/cdn.avmws.com\/ magento2.docker *.intervieweb.it *.rentle.io *.klarnaevt.com *.klarnaservices.com *.klarna.com *.klarnacdn.net *.algolia.io *.locally.com *.outtra.com wss:\/\/mpsnare.iesnare.com *.iesnare.com *.cloudflare.com *.twitter.com *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.cookiefirst.com *.clarity.ms *.wisepops.net wisepops.net *.wisepops.com wisepops.com feather.rab.equipment www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk *.hub-box.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com cdn.plyr.io noembed.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' www.resellerratings.com www.paypal.com cdn.attn.tv s.yimg.com static.klaviyo.com cdn-tp4.mozu.com\/27977-44902\/ t.contentsquare.net ajax.googleapis.com www.googleadservices.com bat.bing.com www.google.com www.googletagmanager.com live-chat.chatbotize.com d2gh7vqn9p1ieu.cloudfront.net www.res-x.com resources.xg4ken.com polaris.truevaultcdn.com pay.google.com www.paypalobjects.com challenges.cloudflare.com googleads.g.doubleclick.net cdn.sift.com www.google-analytics.com www.mczbf.com acsbapp.com s3-us-west-2.amazonaws.com maps.googleapis.com www.clarity.ms static-tracking.klaviyo.com b-code.liadm.com sv.calendars.com edge1.certona.net services.xg4ken.com connect.facebook.net se.monetate.net cdn-tp4.mozu.com cdn.equalweb.com access.equalweb.com; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=fnLcV_bP13cAS44NTBpWI1MTgpXmF0RanhJr4XKM.iQ-1778722507.964692-1.0.1.1-Ze_OU9_7DUUvt4_2sHYZIQCz1s31xo9ntFPCG34E8lbt4NsWmJeZBKQtBiXIeCb6cmKXXnNIK3MfquKtDH6RvSt_ogGW3FdM7Xs_TysX7UZIwLKuIyoi2DoNRrqltP7F8x0CeLUjOqE6dJ.1XO15_UoI2RAEqjKt9YI2Tmsde351FGtJRrvuADZzXSNfze65wuYpqZcYux_k8LKynEooZw; report-to cf-lxlzfvfymugwurvu","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https:; connect-src 'self' https:; media-src 'self' https:; object-src 'none'; frame-src 'self' https:; report-uri \/csp-report-endpoint","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-lDTbYZds7N+V\/W\/sp3PYUw==' 'strict-dynamic' 'unsafe-eval' blob: *.googlesyndication.com *.googletagservices.com *.rubiconproject.com ads.pubmatic.com *.ampproject.org adsdkprod.azureedge.net adsdk.microsoft.com *.adform.net; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' *.czno.com; style-src-attr 'unsafe-inline'; img-src 'self' data: *.mtch.com blob: https:; font-src 'self' *.match.com *.cookielaw.org *.onetrust.com *.optanon.com *.gstatic.com *.googleapis.com *.czno.com cdnjs.cloudflare.com; connect-src 'self' https: blob: data: ; frame-src 'self' *.zweisam.de *.googletagmanager.com *.doubleclick.net *.googlesyndication.com *.adtrafficquality.google *.google.com *.googleadservices.com *.2mdn.net *.adnxs.com *.criteo.com *.criteo.net *.rubiconproject.com *.pubmatic.com js-sec.indexww.com *.casalemedia.com *.flashtalking.com *.pinterest.com *.snapchat.com *.facebook.com *.match.com *.mtch.com *.arkoselabs.com *.nift.me; media-src 'self' data:; object-src 'none'; base-uri 'self'; form-action 'self' *.facebook.com; frame-ancestors 'self' *.zweisam.de; manifest-src 'self'; worker-src 'self' blob:; report-uri \/csp-violation-report;","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/quickquack.com https:\/\/*.quickquack.com https:\/\/dontdrivedirty.com https:\/\/*.dontdrivedirty.com *.qqcw.us; connect-src 'self' https:\/\/*.ads.linkedin.com https:\/\/www.googleadservices.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/analytics.tiktok.com https:\/\/sdk.iad-07.braze.com https:\/\/js.appboycdn.com https:\/\/quickquack.com https:\/\/*.quickquack.com https:\/\/dontdrivedirty.com https:\/\/*.dontdrivedirty.com https:\/\/*.qqcw.us https:\/\/js.stripe.com https:\/\/m.stripe.network https:\/\/m.stripe.com https:\/\/api.stripe.com https:\/\/*.googleapis.com https:\/\/cdn.sanity.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/unpkg.com https:\/\/*.mouseflow.com https:\/\/api.segment.io\/v1\/m https:\/\/connect.facebook.net\/en_US\/fbevents.js https:\/\/*.facebook.net https:\/\/*.facebook.com https:\/\/qqcw.report-uri.com\/r\/t\/csp\/reportOnly https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com https:\/\/*.fbot.me https:\/\/cdn.feathery.io https:\/\/api.feathery.io https:\/\/cdn.jsdelivr.net https:\/\/www.google-analytics.com https:\/\/google.com https:\/\/*.doubleclick.net https:\/\/*.adroll.com https:\/\/*.adsrvr.org data: blob:; font-src 'self' https:\/\/use.fontawesome.com https:\/\/fonts.gstatic.com https:\/\/js.stripe.com https:\/\/m.stripe.network https:\/\/m.stripe.com https:\/\/*.fbot.me; img-src 'self' https: data: blob:; media-src 'self' https:\/\/quickquack.com https:\/\/*.quickquack.com https:\/\/dontdrivedirty.com https:\/\/*.dontdrivedirty.com https:\/\/*.qqcw.us https:\/\/*.fbot.me; script-src 'nonce-5f58bb9745a5ce89d672807785565e53' 'strict-dynamic' https: 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline' https:\/\/*.googletagmanager.com https:\/\/quickquack.com https:\/\/*.quickquack.com https:\/\/dontdrivedirty.com https:\/\/*.dontdrivedirty.com https:\/\/use.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/tagmanager.google.com\/ https:\/\/fonts.googleapis.com\/ https:\/\/*.fbot.me data: blob:; frame-src 'self' https:\/\/www.facebook.com https:\/\/js.stripe.com https:\/\/m.stripe.network https:\/\/m.stripe.com *.google.com https:\/\/www.googletagmanager.com https:\/\/tagmanager.google.com\/ https:\/\/*.fbot.me https:\/\/cdn.feathery.io https:\/\/cdn.jsdelivr.net https:\/\/*.doubleclick.net https:\/\/www.youtube-nocookie.com\/ https:\/\/keycloak.dev.qqcw.us https:\/\/auth.dontdrivedirty.com https:\/\/adsrvr.org https:\/\/*.adsrvr.org https:\/\/*.insight.adsrvr.org; frame-ancestors 'self' https:\/\/keycloak.dev.qqcw.us https:\/\/auth.dontdrivedirty.com; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/www.facebook.com; worker-src 'self' blob:; report-uri https:\/\/qqcwstg.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.vercel.app https:\/\/vercel.live; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:\/\/*.wistia.com https:\/\/*.vercel.app https:\/\/vercel.live https:\/\/*.googletagmanager.com https:\/\/*.hsforms.net https:\/\/*.hubspot.com https:\/\/*.hs-scripts.com https:\/\/*.hs-analytics.net https:\/\/*.hscollectedforms.net https:\/\/*.usemessages.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google.com https:\/\/www.google.com https:\/\/www.recaptcha.net https:\/\/*.recaptcha.net https:\/\/*.hs-banner.com https:\/\/*.linkedin.com https:\/\/snap.licdn.com https:\/\/*.doubleclick.net https:\/\/*.hsleadflows.net https:\/\/*.zi-scripts.com https:\/\/*.zoominfo.com https:\/\/ws-assets.zoominfo.com https:\/\/www.youtube.com https:\/\/*.qualified.com https:\/\/*.usercentrics.eu https:\/\/*.cookiebot.com https:\/\/*.cookiebot.eu https:\/\/www.redditstatic.com https:\/\/static.claydar.com https:\/\/cdn.claydar.com https:\/\/tracking-api.g2.com https:\/\/tags.clickagy.com https:\/\/js.hsadspixel.net http:\/\/js.hs-scripts.com https:\/\/www.clarity.ms https:\/\/*.clarity.ms https:\/\/*.bing.com https:\/\/bat.bing.com; style-src 'self' 'unsafe-inline' https:\/\/*.wistia.com https:\/\/*.vercel.app https:\/\/vercel.live https:\/\/fonts.googleapis.com https:\/\/*.hubspot.com https:\/\/*.hubspotusercontent.com; img-src 'self' https:\/\/*.wistia.com https:\/\/*.vercel.app https:\/\/vercel.live https:\/\/cdn.sanity.io https:\/\/*.hsforms.com https:\/\/*.hubspot.com https:\/\/*.hubspotusercontent.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/*.gstatic.com https:\/\/*.google.com https:\/\/www.google.com https:\/\/*.doubleclick.net https:\/\/*.googleapis.com https:\/\/www.gstatic.com https:\/\/*.usercentrics.eu https:\/\/*.cookiebot.com https:\/\/*.cookiebot.eu https:\/\/alb.reddit.com https:\/\/api.claydar.com https:\/\/pixel-config.reddit.com https:\/\/px.ads.linkedin.com https:\/\/*.ads.linkedin.com https:\/\/*.licdn.com https:\/\/*.googletagmanager.com https:\/\/www.googletagmanager.com https:\/\/www.clarity.ms https:\/\/*.clarity.ms https:\/\/*.bing.com https:\/\/bat.bing.com data: blob:; connect-src 'self' https:\/\/cdn.growthbook.io https:\/\/*.hsappstatic.net https:\/\/*.wistia.com https:\/\/*.vercel.app https:\/\/vercel.live https:\/\/*.hsforms.com https:\/\/*.hubspot.com https:\/\/*.hubapi.com https:\/\/*.hubspotapi.com https:\/\/*.hscollectedforms.net https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.googleapis.com https:\/\/*.doubleclick.net wss:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/*.hotjar.com https:\/\/cdn.sanity.io https:\/\/hubspot-forms-static-embed.s3.amazonaws.com https:\/\/www.google.com https:\/\/*.zi-scripts.com https:\/\/*.zoominfo.com https:\/\/ws-assets.zoominfo.com https:\/\/ws.zoominfo.com https:\/\/*.qualified.com wss:\/\/*.qualified.com https:\/\/*.googlesyndication.com https:\/\/*.usercentrics.eu https:\/\/*.cookiebot.com https:\/\/*.cookiebot.eu https:\/\/alb.reddit.com https:\/\/api.claydar.com https:\/\/pixel-config.reddit.com https:\/\/px.ads.linkedin.com https:\/\/*.ads.linkedin.com https:\/\/*.licdn.com https:\/\/www.clarity.ms https:\/\/*.clarity.ms https:\/\/*.bing.com https:\/\/bat.bing.com; font-src 'self' data: https:\/\/*.vercel.app https:\/\/vercel.live https:\/\/fonts.gstatic.com https:\/\/*.hubspot.com https:\/\/*.hubspotusercontent.com; frame-src 'self' https:\/\/*.wistia.com https:\/\/*.vercel.app https:\/\/vercel.live https:\/\/www.googletagmanager.com https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/www.google.com https:\/\/*.hsforms.com https:\/\/*.hubspot.com https:\/\/www.recaptcha.net https:\/\/*.recaptcha.net https:\/\/www.youtube.com https:\/\/*.qualified.com https:\/\/*.usercentrics.eu https:\/\/*.cookiebot.com https:\/\/*.cookiebot.eu; frame-ancestors 'self' https:\/\/*.vercel.app https:\/\/vercel.live; form-action 'self' https:\/\/*.vercel.app https:\/\/vercel.live https:\/\/*.hsforms.com https:\/\/*.hubspot.com; media-src 'self' 'unsafe-inline' blob: *;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-95ZIF40DDiI65Oh4cyfPMQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com 'self' data: use.fontawesome.com *.antartica.cl data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com webpay3g.transbank.cl webpay3gint.transbank.cl *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * tracking.bciplus.cl www.google.com wchat.freshchat.com *.antartica.cl www.mercadopago.cl www.mercadolibre.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.trackedlink.net *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com 'self' data: www.facebook.com www.google.cl *.antartica.cl www.gstatic.com www.mercadolibre.com www.mercadopago.cl *.google.com.ar antartica.cl data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com *.fw-cdn.com\/ *.freshchat.com\/ *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com *.gstatic.com *.mercadopago.cl *.googletagmanager.com *.facebook.net *.hotjar.com unpkg.com tracking.krip.cl r2-t.trackedlink.net magento-recs-sdk.adobe.net www.clarity.ms static.trackedweb.net js-agent.newrelic.com wchat.freshchat.com static.zdassets.com *.antartica.cl sdk.mercadopago.com http2.mlstatic.com https:\/\/fw-cdn.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/*.freshchat.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com assets.braintreegateway.com *.googleapis.com *.gstatic.com use.fontawesome.com *.antartica.cl www.mercadopago.cl www.gstatic.com *.googletagmanager.com *.cookielaw.org 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com t.elasticsuite.io *.hsforms.net *.hsforms.com analytics.google.com api.bciplus.cl www.google-analytics.com ekr.zdassets.com libreriaantartica.zendesk.com wchat.freshchat.com bam.nr-data.net *.antartica.cl api.mercadopago.com www.mercadolibre.com events.mercadopago.com *.hotjar.com *.hotjar.io *.clarity.ms *.doubleclick.net *.cookielaw.org 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com www.google.com bam.nr-data.net r2.trackedweb.net commerce.adobedc.net *.antartica.cl 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.posthog.com https:\/\/fonts.googleapis.com; script-src 'self' 'nonce-Fxg7HAeqoTE8GMEkTbSDoY' https:\/\/*.posthog.com https:\/\/*.i.posthog.com; font-src 'self' https:\/\/*.posthog.com https:\/\/app-static.eu.posthog.com https:\/\/app-static-prod.posthog.com https:\/\/d1sdjtjk6xzm7.cloudfront.net https:\/\/fonts.gstatic.com https:\/\/cdn.jsdelivr.net https:\/\/assets.faircado.com https:\/\/use.typekit.net; worker-src 'self'; child-src 'none'; object-src 'none'; media-src https:\/\/res.cloudinary.com; img-src 'self' data: https:\/\/*.posthog.com https:\/\/posthog.com https:\/\/www.gravatar.com https:\/\/res.cloudinary.com https:\/\/platform.slack-edge.com https:\/\/raw.githubusercontent.com; frame-ancestors https:\/\/posthog.com https:\/\/preview.posthog.com https:\/\/vercel.com; connect-src 'self' https:\/\/www.posthogstatus.com https:\/\/*.posthog.com  https:\/\/raw.githubusercontent.com https:\/\/api.github.com; frame-src https:; manifest-src 'self'; base-uri 'self'; report-uri https:\/\/us.i.posthog.com\/report\/?token=sTMFPsFhdP1Ssg&sample_rate=0.1&v=2; report-to posthog","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.doubleclick.net *.onetrust.com js.mollie.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com https:\/\/images.unsplash.com *.ctfassets.net *.arvesta.eu *.google.be *.adnxs.com *.bing.com *.gstatic.com *.googleapis.com *.cookielaw.org *.facebook.com *.clarity.ms *.onetrust.com https:\/\/www.mollie.com 'self' data: *.googletagmanager.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com https:\/\/core.helloretail.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com https:\/\/maps.googleapis.com *.hotjar.com *.googleoptimize.com *.bing.com *.facebook.net *.adnxs.com gtmadapter-node-cbjg5cz5hq-ew.a.run.app *.clarity.ms *.googleapis.com *.npmcdn.com *.convertexperiments.com *.cookielaw.org *.onetrust.com *.voyado.com js.mollie.com *.google.com *.gstatic.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com https:\/\/d1pna5l3xsntoj.cloudfront.net https:\/\/helloretailcdn.com *.typekit.net *.npmcdn.com *.googleapis.com *.gstatic.com tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.sentry.io https:\/\/core.helloretail.com https:\/\/helloretailcdn.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.cookielaw.org *.doubleclick.net *.clarity.ms gtmadapter-node-cbjg5cz5hq-ew.a.run.app *.googleapis.com *.npmcdn.com *.hotjar.com *.onetrust.com *.googletagmanager.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.jsdelivr.net https:\/\/cdn.cupio.ro https:\/\/ss.cupio.ro https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/*.googleapis.com https:\/\/www.googleoptimize.com https:\/\/www.googleadservices.com https:\/\/www.google.ro https:\/\/www.google.com https:\/\/connect.facebook.net https:\/\/*.facebook.com https:\/\/*.pinterest.com https:\/\/ct.pinterest.com https:\/\/s.pinimg.com https:\/\/*.cookieyes.com https:\/\/cdn-cookieyes.com https:\/\/*.snapchat.com https:\/\/sc-static.net https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/event.2performant.com https:\/\/attr-2p.com https:\/\/*.klarna.com https:\/\/*.klarnacdn.net https:\/\/*.revolut.com https:\/\/aqurate.ai https:\/\/cdn.channelize.io https:\/\/trusted.ro https:\/\/js.stripe.com cupio.ro https:\/\/*.themarketer.com https:\/\/*.mktr2.com https:\/\/unpkg.com https:\/\/*.mczbf.com https:\/\/www.gstatic.com https:\/\/*.clarity.ms https:\/\/*.tiktok.com https:\/\/stapecdn.com https:\/\/pay.google.com https:\/\/apis.google.com https:\/\/dev.cupio247.local https:\/\/applepay.cdn-apple.com; font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com maxcdn.bootstrapcdn.com *.revolut.com *.google.com google.com *.cdn-apple.com pay.google.com https:\/\/*.gstatic.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com https:\/\/fonts.googleapis.com *.zopim.com *.zopim.io *.klarnacdn.net https:\/\/fonts.bunny.net 'self' data: https:\/\/cdn.cupio.ro https:\/\/*.themarketer.com https:\/\/*.mktr2.com https:\/\/*.mczbf.com https:\/\/*.clarity.ms https:\/\/*.tiktok.com https:\/\/fonts.cdnfonts.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/plumrocket.com *.twitter.com *.cupio.ro https:\/\/www.facebook.com https:\/\/payflowlink.paypal.com https:\/\/sandbox.payu.ro\/ https:\/\/secure.payu.ro\/ https:\/\/cdn.channelize.io https:\/\/*.revolut.com https:\/\/*.themarketer.com https:\/\/*.mktr2.com https:\/\/*.mczbf.com https:\/\/*.gstatic.com https:\/\/*.clarity.ms https:\/\/*.tiktok.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.revolut.com *.google.com *.cdn-apple.com google.com pay.google.com *.gstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/*.facebook.com https:\/\/connect.facebook.net graph.facebook.com business.facebook.com www.google.com *.innoship.ro https:\/\/plumrocket.com https:\/\/*.revolut.com *.cdn-apple.com *.google.com\/ pay.google.com https:\/\/*.gstatic.com https:\/\/accounts.google.com *.weltpixel.com https:\/\/www.youtube.com http:\/\/www.sandbox.paypal.com *.twitter.com https:\/\/*.klarna.com 'self' *.cupio.ro https:\/\/ss.cupio.ro https:\/\/*.pinterest.com https:\/\/s.pinimg.com *.vimeo.com https:\/\/cdn-cookieyes.com https:\/\/*.snapchat.com https:\/\/bat.bing.com https:\/\/event.2performant.com https:\/\/js.stripe.com https:\/\/hooks.stripe.com https:\/\/*.themarketer.com https:\/\/*.mktr2.com https:\/\/*.mczbf.com https:\/\/*.clarity.ms https:\/\/*.tiktok.com https:\/\/*.klarnaservices.com https:\/\/pay.google.com https:\/\/apis.google.com https:\/\/applepay.cdn-apple.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/*.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.tiktok.com https:\/\/www.magezon.com *.tile.openstreetmap.org *.openstreetmap.org *.revolut.com *.google.com *.cdn-apple.com https:\/\/*.google.com pay.google.com https:\/\/*.gstatic.com *.cloudflare.com *.klarna.com *.googleadservices.com https:\/\/www.google-analytics.com *.twitter.com *.twimg.com https:\/\/*.vimeocdn.com *.ytimg.com *.bing.com *.zopim.com *.zopim.io *.doubleclick.net *.google.co.in *.mastercard.com https:\/\/*.klarna.com *.klarnaevt.com *.klarnacdn.net magefan.com cm.magefan.com https:\/\/firebasestorage.googleapis.com 'self' cupio.ro *.cupio.ro https:\/\/*.google.ro https:\/\/www.googleadservices.com https:\/\/trusted.ro https:\/\/*.ytimg.com https:\/\/*.pinterest.com https:\/\/s.pinimg.com https:\/\/*.klarnacdn.net https:\/\/cdn-cookieyes.com https:\/\/*.snapchat.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/event.2performant.com https:\/\/*.themarketer.com https:\/\/*.mktr2.com https:\/\/*.mczbf.com https:\/\/*.clarity.ms https:\/\/*.tiktok.com https:\/\/www.google.com https:\/\/redchamps.com *.facebook.com *.reddit.com *.googletagmanager.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/connect.facebook.net connect.facebook.net graph.facebook.com business.facebook.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.tiktok.com *.channelize.io https:\/\/cdn.jsdelivr.net https:\/\/*.revolut.com *.google.com\/ pay.google.com https:\/\/www.gstatic.com https:\/\/accounts.google.com *.cloudflare.com *.twitter.com https:\/\/www.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com https:\/\/bat.bing.com *.zopim.com *.zdassets.com https:\/\/*.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.avada.io *.shopify.com 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.cupio.ro https:\/\/ss.cupio.ro https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/*.googleapis.com https:\/\/www.googleoptimize.com https:\/\/www.googleadservices.com https:\/\/www.google.ro https:\/\/*.facebook.com https:\/\/*.pinterest.com https:\/\/ct.pinterest.com https:\/\/s.pinimg.com https:\/\/*.cookieyes.com https:\/\/*.snapchat.com https:\/\/sc-static.net https:\/\/bat.bing.net https:\/\/event.2performant.com https:\/\/attr-2p.com https:\/\/*.klarnacdn.net https:\/\/aqurate.ai https:\/\/cdn.channelize.io https:\/\/trusted.ro https:\/\/www.trusted.ro cupio.ro https:\/\/*.themarketer.com https:\/\/*.mktr2.com https:\/\/unpkg.com https:\/\/*.mczbf.com https:\/\/*.clarity.ms https:\/\/*.tiktok.com https:\/\/www.google.com https:\/\/pay.google.com https:\/\/apis.google.com https:\/\/applepay.cdn-apple.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.amazon.com *.link.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com unpkg.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/accounts.google.com https:\/\/www.gstatic.com *.cloudflare.com https:\/\/fonts.googleapis.com *.twitter.com *.twimg.com https:\/\/*.gstatic.com *.typekit.net *.trustedshops.com *.bing.com *.klarnacdn.net https:\/\/fonts.bunny.net 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/cdn.cupio.ro https:\/\/*.klarnacdn.net https:\/\/*.themarketer.com https:\/\/*.mktr2.com https:\/\/*.mczbf.com https:\/\/*.clarity.ms https:\/\/*.tiktok.com https:\/\/unpkg.com *.stripe.network *.stripecdn.com *.amazon.com *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zopim.com *.zopim.io 'self' 'unsafe-inline'; manifest-src https:\/\/pay.google.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.tiktok.com *.channelize.io https:\/\/*.revolut.com *.cdn-apple.com pay.google.com https:\/\/www.gstatic.com https:\/\/accounts.google.com www.google-analytics.com *.cloudflare.com *.twitter.com *.twimg.com *.zdassets.com *.zopim.com *.zopim.io wss:\/\/widget-mediator.zopim.com https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/*.klarna.com https:\/\/get.geojs.io *.avada.io 'self' *.cupio.ro https:\/\/ss.cupio.ro https:\/\/*.googleapis.com https:\/\/www.googletagmanager.com https:\/\/*.cookieyes.com https:\/\/cdn-cookieyes.com https:\/\/*.snapchat.com https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/event.2performant.com https:\/\/attr-2p.com https:\/\/directory.cookieyes.com https:\/\/*.klarnacdn.net https:\/\/*.klarnaservices.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/cdn.channelize.io https:\/\/api.stripe.com https:\/\/*.themarketer.com https:\/\/*.mktr2.com https:\/\/unpkg.com https:\/\/*.mczbf.com https:\/\/*.clarity.ms https:\/\/*.tiktok.com https:\/\/ct.pinterest.com https:\/\/cdn.jsdelivr.net https:\/\/aqurate.ai https:\/\/*.aqurate.ai https:\/\/pay.google.com https:\/\/payments.googleapis.com https:\/\/apis.google.com https:\/\/applepay.cdn-apple.com https:\/\/apple-pay-gateway.apple.com https:\/\/apple-pay-gateway-nc-pod1.apple.com https:\/\/apple-pay-gateway-cert.apple.com *.stripe.com klarna.com *.klarna.com *.link.com *.amazon.com *.facebook.net *.redditstatic.com *.reddit.com *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'","count":1},{"content-security-policy-report-only":" frame-ancestors 'none'; default-src https:\/\/www.czater.pl 'self'; script-src https:\/\/www.googletagmanager.com https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/*.czater.pl 'self' 'unsafe-inline'; img-src https:\/\/static.sprintdatacenter.pl https:\/\/rapiddc.pl https:\/\/www.googletagmanager.com https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.google.pl https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com data: 'self'; style-src https:\/\/www.czater.pl 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' fonts.gstatic.com; form-action 'self'; connect-src https:\/\/*.googletagmanager.com https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com wss:\/\/s2.czater.pl","count":1},{"content-security-policy-report-only":" font-src fonts.googleapis.com fonts.gstatic.com https:\/\/geowidget.easypack24.net *.spotify.com *.cepd.tech *.drogerienatura.pl *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com https:\/\/geowidget-app.inpost.pl\/ secure.payu.com merch-prod.snd.payu.com *.spotify.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com maps.googleapis.com maps.gstatic.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org static.payu.com https:\/\/img.youtube.com *.spotify.com *.cepd.tech *.drogerienatura.pl *.syndigo.cloud trustmate.io cdn.cookiesaur.com google.pl *.google.pl visitor.omnitagjs.com sync.addlv.smt.docomo.ne.jp hbx.media.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.googletagmanager.com tagmanager.google.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org secure.payu.com secure.snd.payu.com pay.google.com applepay.cdn-apple.com https:\/\/scripts.luigisbox.tech https:\/\/cdn.luigisbox.tech https:\/\/live.luigisbox.tech https:\/\/api.luigisbox.tech s7.addthis.com *.spotify.com *.cookiesaur.com *.jsdelivr.net *.cloudflare.com *.syndigo.com *.cepd.tech *.drogerienatura.pl *.newrelic.com *.nr-data.net trustmate.io static.hotjar.com tags.creativecdn.com connect.facebook.net s2.adform.net script.hotjar.com track.adform.net js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.hsforms.net *.hsforms.com *.google.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com tagmanager.google.com fonts.google.com https:\/\/geowidget.easypack24.net https:\/\/geowidget.inpost.pl https:\/\/scripts.luigisbox.tech https:\/\/cdn.luigisbox.tech https:\/\/live.luigisbox.tech https:\/\/api.luigisbox.tech *.spotify.com *.cloudflare.com *.cepd.tech *.drogerienatura.pl trustmate.io unsafe-inline assets.braintreegateway.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/geowidget.easypack24.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.easypack24.net *.inpost.pl *.openstreetmap.org secure.payu.com merch-prod.snd.payu.com https:\/\/scripts.luigisbox.tech https:\/\/cdn.luigisbox.tech https:\/\/live.luigisbox.tech https:\/\/api.luigisbox.tech ekr.zdassets.com\/ *.spotify.com *.cookiesaur.com *.syndigo.com trustmate.io *.newrelic.com *.nr-data.net *.cepd.tech *.drogerienatura.pl ams.creativecdn.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-gc30JYUzJN9hYswEr4cTLQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com *.alothemes.com *.magepow.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.bootstrapcdn.com *.hotjar.com *.audioeye.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com api.bazaarvoice.com stg.api.bazaarvoice.com *.authorize.net *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com *.authorize.net *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.affirm.com *.affirm.ca *.certcapture.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/www.gstatic.com\/ *.authorize.net *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.googletagmanager.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com *.doubleclick.net *.leasestation.com *.kaptcha.com *.google.co.in *.networkmerchants.com *.paypalobjects.com *.cdn-btsg.com *.audioeye.com *.milwaukeetool.com *.ohiopowertool.com *.facebook.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net www.apptrian.com *.affirm.com *.affirm.ca *.certcapture.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com *.trackedlink.net *.ddlnk.net *.alothemes.com *.magepow.com *.googletagmanager.com ssl.gstatic.com www.gstatic.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net *.ohiopowertool.com https:\/\/seal-centralohio.bbb.org *.google.com *.google.co.in *.bing.com *.clarity.ms *.amazonaws.com *.shareasale.com *.nexmart.com *.noibu.com *.cdn-btsg.com *.quickspark.com *.bazaarvoice.com https:\/\/arttrk.com\/ *.hotjar.com *.userway.org *.ojrq.net *.linkedin.com https:\/\/cdn.cookielaw.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page www.apptrian.com *.affirm.com *.affirm.ca *.certcapture.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com *.impactcdn.com *.impct.site *.ssqt.io *.alothemes.com *.magepow.com *.authorize.net sandbox-assets.secure.checkout.visa.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.googletagmanager.com tagmanager.google.com https:\/\/cdn-scripts.signifyd.com https:\/\/cdn-scripts.signifyd.com\/api\/script-tag.js https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net https:\/\/www.dwin1.com https:\/\/seal-centralohio.bbb.org *.bing.com *.quickspark.com *.doubleclick.net *.clarity.ms *.networkmerchants.com *.milwaukeetool.com *.noibu.com *.cdn-btsg.com *.pricespider.com *.hotjar.com *.audioeye.com *.online-metrix.net *.userway.org *.gstatic.com *.licdn.com https:\/\/cdn.cookielaw.org *.roeyecdn.com *.epigraph.cloud https:\/\/www.ohiopowertool.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com display.ugc.bazaarvoice.com webchat.dotdigital.com webchat.staging.dotdigital.com *.fontawesome.com *.alothemes.com *.magepow.com *.stripe.network *.stripecdn.com *.amazon.com tagmanager.google.com fonts.google.com *.mailchimp.com *.bootstrapcdn.com *.quickspark.com *.networkmerchants.com *.gstatic.com *.googleapis.com *.userway.org 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.apptrian.com *.affirm.com *.affirm.ca *.certcapture.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.impct.site *.impactcdn.com *.ssqt.io *.alothemes.com *.magepow.com *.authorize.net *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.googletagmanager.com https:\/\/imgs.signifyd.com *.doubleclick.net *.clarity.ms *.networkmerchants.com *.bing.com *.noibu.com wss:\/\/*.noibu.com *.cdn-btsg.com *.hotjar.com *.hotjar.io wss:\/\/ws.hotjar.com *.audioeye.com *.sjv.io *.userway.org *.linkedin.com https:\/\/cdn.cookielaw.org 'self' 'unsafe-inline'; child-src *.certcapture.com strict-dynamic http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' *.neso.energy *.coveo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.neso.energy *.coveo.com *.google-analytics.com *.hotjar.com *.clarity.ms bing.com *.bing.com *.coveo.com players.brightcove.net www.googletagmanager.com assets.juicer.io js.createsend1.com www.smartsurvey.co.uk assets.smartsurvey.io snap.licdn.com unpkg.com js-agent.newrelic.com *.cookieyes.com cdn-cookieyes.com my.visme.co; style-src 'self' 'unsafe-inline' *.neso.energy *.coveo.com assets.juicer.io unpkg.com fonts.googleapis.com search-assets.neso.energy; img-src 'self' data: *.neso.energy *.coveo.com *.clarity.ms www.googletagmanager.com *.google.co.uk c.bing.com www.juicer.io assets.juicer.io www.smartsurvey.co.uk *.cartocdn.com datanationalgrideso.files.wordpress.com *.tile.openstreetmap.org *.linkedin.com *.cookieyes.com cdn-cookieyes.com; frame-src 'self' *.neso.energy reports.nationalgrideso.com *.coveo.com players.brightcove.net www.youtube.com app.powerbi.com my.visme.co *.arcgis.com fuzzy-project-419729.framer.app; font-src 'self' *.neso.energy *.coveo.com themes.googleusercontent.com static.juicer.io fonts.googleapis.com fonts.gstatic.com; connect-src 'self' *.neso.energy api.neso.energy *.coveo.com *.clarity.ms *.hotjar.io *.hotjar.com *.google-analytics.com *.analytics.google.com fonts.googleapis.com storage.googleapis.com www.googletagmanager.com www.juicer.io *.staging.datopian.com bam.nr-data.net *.cookieyes.com cdn-cookieyes.com","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-zN2GK0BLujGz6WWtlcH2Hw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'none'; connect-src https: wss:; font-src https: data:; form-action 'self' *.bauhaus.cz *.facebook.com *.mail-komplet.cz; frame-ancestors 'self'; frame-src https:; img-src https: data:; media-src 'self' https:\/\/widget.molin.ai; object-src 'none'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https:\/\/kosik.bauhaus.cz\/csp_report; report-to bauhaus-csp;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; script-src assets.adobedtm.com *.adobe.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com *.googleapis.com *.gstatic.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ widget.freshworks.com m2epro.freshdesk.com *.trustedshops.com *.google-analytics.com *.googleadservices.com *.bing.com *.bing.net *.hotjar.com *.hotjar.io *.taboola.com *.facebook.net *.doubleclick.net *.online-metrix.net *.elfsight.com *.cloudflare.com *.visualwebsiteoptimizer.com *.vwo.com *.pushcrew.com *.cookieyes.com cdn-cookieyes.com js.mollie.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/static.unzer.com https:\/\/applepay.cdn-apple.com https:\/\/pay.google.com https:\/\/code.jquery.com https:\/\/h.online-metrix.net https:\/\/h64.online-metrix.net https:\/\/static-v2.unzer.com\/v2\/ui-components\/ 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; default-src *.adobe.com fonts.googleapis.com cash-f.squarecdn.com widget.freshworks.com m2epro.freshdesk.com *.typekit.net *.visualwebsiteoptimizer.com *.vwo.com *.pushcrew.com wingify-assets.s3.amazonaws.com *.googleapis.com *.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/sandbox.src.mastercard.com https:\/\/static-v2.unzer.com\/v2\/ui-components\/ assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net data: widgets.magentocommerce.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com https:\/\/www.youtube.com p.typekit.net *.paypal.com * https:\/\/images.unsplash.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.awin1.com *.zenaps.com *.wepowerconnections.com *.cloudfront.net http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ www.googletagmanager.com *.bing.com *.facebook.com *.google.com *.google.at *.google.de *.google.ch *.google.it *.google.nl *.elfsight.com *.elfsightcdn.com *.cookieyes.com cdn-cookieyes.com https:\/\/www.magezon.com magefan.com cm.magefan.com https:\/\/www.mollie.com 'self' data: https:\/\/static.unzer.com https:\/\/h.online-metrix.net https:\/\/www.gstatic.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.adobe.io use.typekit.net *.sentry.io *.braintreegateway.com *.braintree-api.com vimeo.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de https:\/\/the.sciencebehindecommerce.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ *.analytics.google.com *.appspot.com *.taboola.com *.hotjar.com *.hotjar.io *.google-analytics.com *.trustedshops.com *.etrusted.com https:\/\/api.unzer.com https:\/\/api.heidelpay.com https:\/\/sbx-api.heidelpay.com https:\/\/sbx-api.unzer.com https:\/\/payment.unzer.com https:\/\/payment.heidelpay.com https:\/\/sbx-payment.heidelpay.com https:\/\/sbx-payment.unzer.com https:\/\/h64.online-metrix.net https:\/\/google.com\/pay https:\/\/pay.google.com\/ https:\/\/pay.google.com https:\/\/test-heidelpay.hpcgw.net\/ https:\/\/sbx-api.heidelpay.com\/ https:\/\/static-cc.test.unzer.com fast.amc.demdex.net player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.youtube-nocookie.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.doubleclick.net https:\/\/www.googletagmanager.com\/ *.mollie.com *.google.com\/ js.mollie.com https:\/\/sandbox.clicktopay.auth.visa.com https:\/\/clicktopay.visa.com https:\/\/sandbox.secure.checkout.visa.com https:\/\/secure.checkout.visa.com fonts.gstatic.com https:\/\/applepay.cdn-apple.com *.cleverreach.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" connect-src 'self' https:\/\/*.greenbone.net https:\/\/www.cloud.ccm19.de https:\/\/pagead2.googlesyndication.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.pt https:\/\/www.googleadservices.com https:\/\/bat.bing.com; default-src 'none'; font-src 'self' data:; frame-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.cloud.ccm19.de https:\/\/bid.g.doubleclick.net; img-src 'self' data: blob: https:\/\/mautic.greenbone.net https:\/\/www.cloud.ccm19.de https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.pt https:\/\/bat.bing.com; script-src 'self' 'unsafe-inline' https:\/\/www.cloud.ccm19.de https:\/\/matomo.greenbone.net https:\/\/*.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/*.g.doubleclick.net https:\/\/www.google.com https:\/\/bat.bing.com https:\/\/app.varify.io; style-src 'self' 'unsafe-inline' https:\/\/www.cloud.ccm19.de;","count":1},{"content-security-policy-report-only":" object-src *; script-src 'self' https:\/\/stats.inalco.fr\/matomo.js https:\/\/cdnjs.cloudflare.com; script-src-attr 'self'","count":1},{"content-security-policy-report-only":" default-src 'self';connect-src 'self' marketing.cockroachlabs.cloud https:\/\/autocomplete.clearbit.com https:\/\/status.cockroachlabs.cloud https:\/\/marketing.cockroachlabs.cloud https:\/\/marketing.management-staging.crdb.io 350-qin-827.mktoresp.com https:\/\/eligibility.wootric.com https:\/\/wootric-eligibility.herokuapp.com https:\/\/r3f773swz03t.statuspage.io https:\/\/checkout.stripe.com https:\/\/api.stripe.com https:\/\/fast.appcues.com wss:\/\/api.appcues.net https:\/\/api.segment.io https:\/\/cdn.segment.com https:\/\/session-replay.browser-intake-datadoghq.com https:\/\/rum.browser-intake-datadoghq.com https:\/\/logs.browser-intake-datadoghq.com https:\/\/session-replay.browser-intake-us5-datadoghq.com https:\/\/rum.browser-intake-us5-datadoghq.com https:\/\/logs.browser-intake-us5-datadoghq.com https:\/\/browser-intake-us5-datadoghq.com https:\/\/kapa-widget-proxy-la7dkmplpq-uc.a.run.app https:\/\/fast.chameleon.io https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.ad https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.al https:\/\/*.google.am https:\/\/*.google.co.ao https:\/\/*.google.com.ar https:\/\/*.google.as https:\/\/*.google.at https:\/\/*.google.com.au https:\/\/*.google.az https:\/\/*.google.ba https:\/\/*.google.com.bd https:\/\/*.google.be https:\/\/*.google.bf https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.bi https:\/\/*.google.bj https:\/\/*.google.com.bn https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.bs https:\/\/*.google.bt https:\/\/*.google.co.bw https:\/\/*.google.by https:\/\/*.google.com.bz https:\/\/*.google.ca https:\/\/*.google.cd https:\/\/*.google.cf https:\/\/*.google.cg https:\/\/*.google.ch https:\/\/*.google.ci https:\/\/*.google.co.ck https:\/\/*.google.cl https:\/\/*.google.cm https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.cr https:\/\/*.google.com.cu https:\/\/*.google.cv https:\/\/*.google.com.cy https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.dj https:\/\/*.google.dk https:\/\/*.google.dm https:\/\/*.google.com.do https:\/\/*.google.dz https:\/\/*.google.com.ec https:\/\/*.google.ee https:\/\/*.google.com.eg https:\/\/*.google.es https:\/\/*.google.com.et https:\/\/*.google.fi https:\/\/*.google.com.fj https:\/\/*.google.fm https:\/\/*.google.fr https:\/\/*.google.ga https:\/\/*.google.ge https:\/\/*.google.gg https:\/\/*.google.com.gh https:\/\/*.google.com.gi https:\/\/*.google.gl https:\/\/*.google.gm https:\/\/*.google.gr https:\/\/*.google.com.gt https:\/\/*.google.gy https:\/\/*.google.com.hk https:\/\/*.google.hn https:\/\/*.google.hr https:\/\/*.google.ht https:\/\/*.google.hu https:\/\/*.google.co.id https:\/\/*.google.ie https:\/\/*.google.co.il https:\/\/*.google.im https:\/\/*.google.co.in https:\/\/*.google.iq https:\/\/*.google.is https:\/\/*.google.it https:\/\/*.google.je https:\/\/*.google.com.jm https:\/\/*.google.jo https:\/\/*.google.co.jp https:\/\/*.google.co.ke https:\/\/*.google.com.kh https:\/\/*.google.ki https:\/\/*.google.kg https:\/\/*.google.co.kr https:\/\/*.google.com.kw https:\/\/*.google.kz https:\/\/*.google.la https:\/\/*.google.com.lb https:\/\/*.google.li https:\/\/*.google.lk https:\/\/*.google.co.ls https:\/\/*.google.lt https:\/\/*.google.lu https:\/\/*.google.lv https:\/\/*.google.com.ly https:\/\/*.google.co.ma https:\/\/*.google.md https:\/\/*.google.me https:\/\/*.google.mg https:\/\/*.google.mk https:\/\/*.google.ml https:\/\/*.google.com.mm https:\/\/*.google.mn https:\/\/*.google.com.mt https:\/\/*.google.mu https:\/\/*.google.mv https:\/\/*.google.mw https:\/\/*.google.com.mx https:\/\/*.google.com.my https:\/\/*.google.co.mz https:\/\/*.google.com.na https:\/\/*.google.com.ng https:\/\/*.google.com.ni https:\/\/*.google.ne https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.com.np https:\/\/*.google.nr https:\/\/*.google.nu https:\/\/*.google.co.nz https:\/\/*.google.com.om https:\/\/*.google.com.pa https:\/\/*.google.com.pe https:\/\/*.google.com.pg https:\/\/*.google.com.ph https:\/\/*.google.com.pk https:\/\/*.google.pl https:\/\/*.google.pn https:\/\/*.google.com.pr https:\/\/*.google.ps https:\/\/*.google.pt https:\/\/*.google.com.py https:\/\/*.google.com.qa https:\/\/*.google.ro https:\/\/*.google.ru https:\/\/*.google.rw https:\/\/*.google.com.sa https:\/\/*.google.com.sb https:\/\/*.google.sc https:\/\/*.google.se https:\/\/*.google.com.sg https:\/\/*.google.sh https:\/\/*.google.si https:\/\/*.google.sk https:\/\/*.google.com.sl https:\/\/*.google.sn https:\/\/*.google.so https:\/\/*.google.sm https:\/\/*.google.sr https:\/\/*.google.st https:\/\/*.google.com.sv https:\/\/*.google.td https:\/\/*.google.tg https:\/\/*.google.co.th https:\/\/*.google.com.tj https:\/\/*.google.tl https:\/\/*.google.tm https:\/\/*.google.tn https:\/\/*.google.to https:\/\/*.google.com.tr https:\/\/*.google.tt https:\/\/*.google.com.tw https:\/\/*.google.co.tz https:\/\/*.google.com.ua https:\/\/*.google.co.ug https:\/\/*.google.co.uk https:\/\/*.google.com.uy https:\/\/*.google.co.uz https:\/\/*.google.com.vc https:\/\/*.google.co.ve https:\/\/*.google.co.vi https:\/\/*.google.com.vn https:\/\/*.google.vu https:\/\/*.google.ws https:\/\/*.google.rs https:\/\/*.google.co.za https:\/\/*.google.co.zm https:\/\/*.google.co.zw https:\/\/*.google.cat https:\/\/cdn.cookielaw.org https:\/\/privacyportal.onetrust.com https:\/\/geolocation.onetrust.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' marketing.cockroachlabs.cloud https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com cdn.wootric.com munchkin.marketo.net https:\/\/checkout.stripe.com https:\/\/js.stripe.com cdn.segment.com https:\/\/cdn.madkudu.com fast.appcues.com https:\/\/widget.kapa.ai https:\/\/fast.chameleon.io https:\/\/cdn.cookielaw.org https:\/\/cdn.jsdelivr.net;child-src 'self' marketing.cockroachlabs.cloud blob: https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/ https:\/\/www.cockroachlabs.com https:\/\/td.doubleclick.net https:\/\/checkout.stripe.com https:\/\/js.stripe.com https:\/\/r3f773swz03t.statuspage.io https:\/\/fast.chameleon.io;style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/fast.appcues.com;font-src 'self' https:\/\/fonts.gstatic.com data:;img-src 'self' data: https:\/\/logo.clearbit.com https:\/\/*.stripe.com https:\/\/cdn.cookielaw.org https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.ad https:\/\/*.google.ae https:\/\/*.google.com.af https:\/\/*.google.com.ag https:\/\/*.google.al https:\/\/*.google.am https:\/\/*.google.co.ao https:\/\/*.google.com.ar https:\/\/*.google.as https:\/\/*.google.at https:\/\/*.google.com.au https:\/\/*.google.az https:\/\/*.google.ba https:\/\/*.google.com.bd https:\/\/*.google.be https:\/\/*.google.bf https:\/\/*.google.bg https:\/\/*.google.com.bh https:\/\/*.google.bi https:\/\/*.google.bj https:\/\/*.google.com.bn https:\/\/*.google.com.bo https:\/\/*.google.com.br https:\/\/*.google.bs https:\/\/*.google.bt https:\/\/*.google.co.bw https:\/\/*.google.by https:\/\/*.google.com.bz https:\/\/*.google.ca https:\/\/*.google.cd https:\/\/*.google.cf https:\/\/*.google.cg https:\/\/*.google.ch https:\/\/*.google.ci https:\/\/*.google.co.ck https:\/\/*.google.cl https:\/\/*.google.cm https:\/\/*.google.cn https:\/\/*.google.com.co https:\/\/*.google.co.cr https:\/\/*.google.com.cu https:\/\/*.google.cv https:\/\/*.google.com.cy https:\/\/*.google.cz https:\/\/*.google.de https:\/\/*.google.dj https:\/\/*.google.dk https:\/\/*.google.dm https:\/\/*.google.com.do https:\/\/*.google.dz https:\/\/*.google.com.ec https:\/\/*.google.ee https:\/\/*.google.com.eg https:\/\/*.google.es https:\/\/*.google.com.et https:\/\/*.google.fi https:\/\/*.google.com.fj https:\/\/*.google.fm https:\/\/*.google.fr https:\/\/*.google.ga https:\/\/*.google.ge https:\/\/*.google.gg https:\/\/*.google.com.gh https:\/\/*.google.com.gi https:\/\/*.google.gl https:\/\/*.google.gm https:\/\/*.google.gr https:\/\/*.google.com.gt https:\/\/*.google.gy https:\/\/*.google.com.hk https:\/\/*.google.hn https:\/\/*.google.hr https:\/\/*.google.ht https:\/\/*.google.hu https:\/\/*.google.co.id https:\/\/*.google.ie https:\/\/*.google.co.il https:\/\/*.google.im https:\/\/*.google.co.in https:\/\/*.google.iq https:\/\/*.google.is https:\/\/*.google.it https:\/\/*.google.je https:\/\/*.google.com.jm https:\/\/*.google.jo https:\/\/*.google.co.jp https:\/\/*.google.co.ke https:\/\/*.google.com.kh https:\/\/*.google.ki https:\/\/*.google.kg https:\/\/*.google.co.kr https:\/\/*.google.com.kw https:\/\/*.google.kz https:\/\/*.google.la https:\/\/*.google.com.lb https:\/\/*.google.li https:\/\/*.google.lk https:\/\/*.google.co.ls https:\/\/*.google.lt https:\/\/*.google.lu https:\/\/*.google.lv https:\/\/*.google.com.ly https:\/\/*.google.co.ma https:\/\/*.google.md https:\/\/*.google.me https:\/\/*.google.mg https:\/\/*.google.mk https:\/\/*.google.ml https:\/\/*.google.com.mm https:\/\/*.google.mn https:\/\/*.google.com.mt https:\/\/*.google.mu https:\/\/*.google.mv https:\/\/*.google.mw https:\/\/*.google.com.mx https:\/\/*.google.com.my https:\/\/*.google.co.mz https:\/\/*.google.com.na https:\/\/*.google.com.ng https:\/\/*.google.com.ni https:\/\/*.google.ne https:\/\/*.google.nl https:\/\/*.google.no https:\/\/*.google.com.np https:\/\/*.google.nr https:\/\/*.google.nu https:\/\/*.google.co.nz https:\/\/*.google.com.om https:\/\/*.google.com.pa https:\/\/*.google.com.pe https:\/\/*.google.com.pg https:\/\/*.google.com.ph https:\/\/*.google.com.pk https:\/\/*.google.pl https:\/\/*.google.pn https:\/\/*.google.com.pr https:\/\/*.google.ps https:\/\/*.google.pt https:\/\/*.google.com.py https:\/\/*.google.com.qa https:\/\/*.google.ro https:\/\/*.google.ru https:\/\/*.google.rw https:\/\/*.google.com.sa https:\/\/*.google.com.sb https:\/\/*.google.sc https:\/\/*.google.se https:\/\/*.google.com.sg https:\/\/*.google.sh https:\/\/*.google.si https:\/\/*.google.sk https:\/\/*.google.com.sl https:\/\/*.google.sn https:\/\/*.google.so https:\/\/*.google.sm https:\/\/*.google.sr https:\/\/*.google.st https:\/\/*.google.com.sv https:\/\/*.google.td https:\/\/*.google.tg https:\/\/*.google.co.th https:\/\/*.google.com.tj https:\/\/*.google.tl https:\/\/*.google.tm https:\/\/*.google.tn https:\/\/*.google.to https:\/\/*.google.com.tr https:\/\/*.google.tt https:\/\/*.google.com.tw https:\/\/*.google.co.tz https:\/\/*.google.com.ua https:\/\/*.google.co.ug https:\/\/*.google.co.uk https:\/\/*.google.com.uy https:\/\/*.google.co.uz https:\/\/*.google.com.vc https:\/\/*.google.co.ve https:\/\/*.google.co.vi https:\/\/*.google.com.vn https:\/\/*.google.vu https:\/\/*.google.ws https:\/\/*.google.rs https:\/\/*.google.co.za https:\/\/*.google.co.zm https:\/\/*.google.co.zw https:\/\/*.google.cat;report-uri \/csp-reports","count":1},{"content-security-policy-report-only":" object-src  'none'; connect-src 'self' *.adulttime.xxx *.adulttime.com cognito-identity.us-east-1.amazonaws.com backend.getbeamer.com *.comm100.io *.algolia.net insights.algolia.io *.algolianet.com *.gammaapis.com *.gammacdn.com analytics.google.com *.google-analytics.com adservice.google.com *.analytics.google.com *.doubleclick.net *.pubnub.com *.lovense.com *.handyfeeling.com www.gammaentertainment.com *.tiypa.com *.recombee.us dasasoveekepl.cloudfront.net capture.trackjs.com ws: jlduihq7lrcdxgw4vrndhdfcsq.appsync-api.us-east-1.amazonaws.com tcs4u525zrg5hnnoe5kzndxuaq.appsync-api.us-east-1.amazonaws.com xtnzefcqrb.execute-api.us-east-1.amazonaws.com 2aed6ghjsb4436qtebuqk3gfzq0xeauy.lambda-url.us-east-1.on.aws lzzos7clo5.execute-api.us-east-1.amazonaws.com *.izooto.com www.idealgasm.com 3tt0xhv5u7.execute-api.us-east-1.amazonaws.com; form-action 'self' *.adulttime.xxx *.adulttime.com join.gammasecure.com; script-src 'self' *.adulttime.xxx *.adulttime.com app.getbeamer.com static.getbeamer.com blob: vue.comm100.com standby.comm100vue.com *.gammacdn.com www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com code.jquery.com d3a3ewgd1iewwz.cloudfront.net cdn.izooto.com 'unsafe-eval' 'unsafe-inline'; frame-src 'self' *.adulttime.xxx *.adulttime.com push.getbeamer.com app.getbeamer.com www.google.com *.doubleclick.net cdn.izooto.com *.banhq.com; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub787d5a6164b329b26f2e4f7956bbed10&dd-evp-origin=content-security-policy&ddsource=csp-prod&ddtags=CSP-Prod;","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-4q3-ab5bd57n8oF0ZQ1zjw' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-B7ClQoBUf_f8Xo9D8OTo_w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-PosWHupr8HuPH4_h7TI38Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com *.checkout.com *.cdn-apple.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.dotdigital-pages.com *.dotdigital.com www.google.com *.checkout.com *.klarna.com www.paypal.com www.sandbox.paypal.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * webchat.dotdigital.com webchat.staging.dotdigital.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.trackedlink.net *.googleapis.com *.checkout.com www.paypal.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/firebasestorage.googleapis.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.googleapis.com *.gstatic.com *.checkout.com *.klarnacdn.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com webchat.dotdigital.com webchat.staging.dotdigital.com *.avada.io *.shopify.com https:\/\/ipinfo.io 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.checkout.com *.fontawesome.com assets.braintreegateway.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.magento.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.googleapis.com *.checkout.com *.klarnaevt.com *.klarnacdn.net *.klarna.com *.browser-intake-datadoghq.com www.paypal.com www.sandbox.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/get.geojs.io *.avada.io 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net https:\/\/fonts.gstatic.com *.gstatic.com *.googleapis.com https:\/\/fonts.googleapis.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com https:\/\/api.systempay.fr\/static\/ *.fontawesome.com https:\/\/cdnjs.cloudflare.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/paiement.systempay.fr\/vads-payment\/ https:\/\/api.systempay.fr\/api-payment\/ https:\/\/api.systempay.fr\/static\/ 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com https:\/\/*.pinterest.com\/ https:\/\/wisepops.net\/ https:\/\/*.wisepops.com\/ https:\/\/*.trustpilot.com\/ https:\/\/*.systempay.fr\/ https:\/\/*.amaymag2.dnd.fr\/ https:\/\/*.atelier-amaya.com\/ https:\/\/cdn.smooch.io\/ https:\/\/tss.atelier-amaya.com\/ *.weltpixel.com js.mollie.com *.trustpilot.com *.dotdigital-pages.com *.dotdigital.com https:\/\/paiement.systempay.fr\/vads-payment\/ https:\/\/api.systempay.fr\/static\/ www.xtento.com *.sendcloud.sc *.jsdelivr.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/images.unsplash.com https:\/\/*.cdninstagram.com\/ https:\/\/*.instagram.com\/ https:\/\/*.google.com\/ https:\/\/*.google.fr\/ https:\/\/*.zdassets.com\/ https:\/\/*.pinterest.com\/ https:\/\/*.facebook.com\/ https:\/\/tss.atelier-amaya.com\/ https:\/\/cdn.cookielaw.org\/ https:\/\/bat.bing.com\/ https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/www.mollie.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com https:\/\/assets.shipup.co https:\/\/paiement.systempay.fr\/static\/latest\/images\/type-carte\/ https:\/\/api.systempay.fr\/static\/ https:\/\/paiement.systempay.fr\/vads-payment\/ www.xtento.com cdn.xtento.com *.amazonaws.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com assets.adobedtm.com *.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com https:\/\/rum.hlx.page https:\/\/cdn.jsdelivr.net\/npm\/@ryangjchandler\/spruce@2.x.x\/dist\/spruce.umd.js *.nr-data.net *.tiktok.com *.wisepops.net *.wisepops.com *.pinterest.com commerce.adobedc.net cdn.cookielaw.org *.zdassets.com *.zendesk.com *.zopim.com tss.atelier-amaya.com bat.bing.com *.clarity.ms *.adn.cloud *.google.com *.eulerian.net *.kameleoon.eu js-agent.newrelic.com rum.hlx.page https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/unpkg.com\/@googlemaps js.mollie.com *.trustpilot.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com *.googleapis.com *.gstatic.com https:\/\/cdn.shipup.co *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com https:\/\/api.systempay.fr\/api-payment\/ https:\/\/api.systempay.fr\/static\/ https:\/\/www.googletagmanager.com tagmanager.google.com www.xtento.com cdn.xtento.com https:\/\/cdnjs.cloudflare.com *.sendcloud.sc *.jsdelivr.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com https:\/\/fonts.googleapis.com *.gstatic.com *.googleapis.com *.trustpilot.com *.development.scalapay.com *.staging.scalapay.com *.scalapay.com https:\/\/cdn.shipup.co https:\/\/api.systempay.fr\/static\/ *.fontawesome.com tagmanager.google.com https:\/\/cdnjs.cloudflare.com *.sendcloud.sc *.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com https:\/\/*.zdassets.com\/ 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.magento-datasolutions.com *.magento-ds.com *.nr-data.net *.tiktok.com *.wisepops.net *.wisepops.com *.pinterest.com cdn.cookielaw.org *.zdassets.com *.zendesk.com *.zopim.com tss.atelier-amaya.com bat.bing.com *.clarity.ms *.adn.cloud *.google.com *.eulerian.net *.kameleoon.eu https:\/\/maps.googleapis.com https:\/\/api.shipup.co *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com https:\/\/paiement.systempay.fr\/vads-payment\/ https:\/\/api.systempay.fr\/api-payment\/ https:\/\/www.google-analytics.com *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com https:\/\/paiement.systempay.fr\/vads-payment\/ https:\/\/api.systempay.fr\/api-payment\/ https:\/\/api.systempay.fr\/static\/ 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/*.gstatic.com https:\/\/*.typekit.net *.klevu.com *.ksearchnet.com *.fontawesome.com applepay.cdn-apple.com *.salesfire.co.uk *.klarnacdn.net *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.securetrading.net *.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.sharethis.com www.google.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.hotjar.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com * *.rvvuptech.com *.rvvup.com *.afterpay.com *.clearpay.co.uk *.sandbox.paypal.com cdn.eu.trustpayments.com *.trustpayments.com *.securetrading.net *.secure.checkout.visa.com thm.visa.com *.mastercard.com *.salesfire.co.uk *.googletagmanager.com *.doubleclick.net *.typeform.com *.yotpo.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.sharethis.com www.gstatic.com https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.google.co.uk https:\/\/*.cloudfront.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.afterpay.com assets.dev.rvvuptech.com assets.rvvup.com *.sandbox.paypal.com *.stats.paypal.com *.vims.visa.com *.secure.checkout.visa.com *.mastercard.com widgets.dividebuy.co.uk widgets.dividebuysandbox.co.uk *.salesfire.co.uk *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.sharethis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.plugins.emarsys.net *.scarabresearch.com https:\/\/*.pcapredict.com\/js\/sensor.js https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/*.hotjar.com https:\/\/*.doubleclick.net https:\/\/secure.leadforensics.com https:\/\/*.googleapis.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.afterpay.com *.sandbox.paypal.com checkout.dev.rvvuptech.com checkout.rvvup.com cdn.eu.trustpayments.com *.securetrading.net *.secure.checkout.visa.com *.cardinalcommerce.com *.mastercard.com applepay.cdn-apple.com widgets.dividebuysandbox.co.uk widgets.dividebuy.co.uk *.salesfire.co.uk *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.sharethis.com https:\/\/*.googleapis.com https:\/\/*.typekit.net https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com assets.braintreegateway.com checkout.dev.rvvuptech.com checkout.rvvup.com widgets.dividebuy.co.uk widgets.dividebuysandbox.co.uk *.salesfire.co.uk *.typekit.net *.tagmanager.google.com *.googletagmanager.com *.typeform.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.sharethis.com *.scarabresearch.com *.eservice.emarsys.net https:\/\/*.hotjar.com https:\/\/*.adobedc.net https:\/\/*.nr-data.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.afterpay.com *.sandbox.paypal.com *.dev.rvvuptech.com *.rvvup.com www.apple.com apple.com browser-intake-datadoghq.com browser-intake-datadoghq.eu api.dividebuysandbox.co.uk api.dividebuy.co.uk *.salesfire.co.uk *.smartmetrics.co.uk *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-g3X8rI3W6XQeVAb67zDIog' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; report-uri https:\/\/www.miteksystems.com\/report-uri\/reportOnly","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/dsa.no\/ https:\/\/dsa.no\/ https:\/\/storymaps.arcgis.com https:\/\/miljostatus.miljodirektoratet.no\/ https:\/\/storymaps.arcgis.com\/stories\/ https:\/\/miljotall.miljodirektoratet.no\/ https:\/\/play.libsyn.com\/ https:\/\/www.miljodirektoratet.no\/ https:\/\/videoforweb.aventia.no;","count":1},{"content-security-policy-report-only":" default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' support.webkeeper.ch wss:\/\/support.webkeeper.ch www.google-analytics.com my.webkeeper.ch stats.g.doubleclick.net; font-src * data:; form-action 'self' www.webkeeper.ch; frame-ancestors 'none'; frame-src support.webkeeper.ch; img-src * data:; manifest-src 'self'; media-src support.webkeeper.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' support.webkeeper.ch www.google-analytics.com maps.googleapis.com developers.google.com treellionaire.com data:; style-src 'self' 'unsafe-inline' support.webkeeper.ch fonts.googleapis.com data:; report-uri \/csp-report.php","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/*.gstatic.com *.bglobale.com *.global-e.com assets.reviews.io applepay.cdn-apple.com *.amazonaws.com *.kustomerapp.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com maxcdn.bootstrapcdn.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com www.apptrian.com pinterest.com www.pinterest.com ct.pinterest.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com https:\/\/plumrocket.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com * *.adyen.com www.apptrian.com pinterest.com www.pinterest.com ct.pinterest.com *.dotdigital-pages.com *.dotdigital.com webchat.dotdigital.com webchat.staging.dotdigital.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com account.fetchify.com *.bglobale.com *.global-e.com www.xtento.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com https:\/\/plumrocket.com https:\/\/t.pepperjamnetwork.com https:\/\/*.dwin1.com https:\/\/*.awin1.com https:\/\/*.zenaps.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * https:\/\/*.gstatic.com *.adyen.com www.apptrian.com pinterest.com www.pinterest.com ct.pinterest.com *.trackedlink.net www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.bglobale.com *.global-e.com www.xtento.com cdn.xtento.com assets.reviews.io www.google.co.uk *.amazonaws.com *.kustomerhostedcontent.com *.postcodeanywhere.co.uk *.adroll.com x.bidswitch.net ml314.com pixel.tapad.com ps.eyeota.net dsum-sec.casalemedia.com pixel.rubiconproject.com us-u.openx.net sync.outbrain.com sync.taboola.com image2.pubmatic.com ib.adnxs.com eb2.3lift.com cdn.ywxi.net https:\/\/*.google.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com *.googleapis.com flagpedia.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/shareasale.com\/sale.cfm https:\/\/track.linksynergy.com https:\/\/www.bizrate.com https:\/\/*.dwin1.com https:\/\/*.awin1.com https:\/\/*.zenaps.com https:\/\/track.webgains.com https:\/\/prf.hn https:\/\/track.flexlinks.com https:\/\/scripts.affiliatefuture.com https:\/\/t.powerreviews.com https:\/\/match.sharethrough.com https:\/\/cm.g.doubleclick.net https:\/\/x.bidswitch.net https:\/\/ib.adnxs.com https:\/\/rtb-csync.smartadserver.com https:\/\/sync-t1.taboola.com https:\/\/visitor.omnitagjs.com https:\/\/r.casalemedia.com https:\/\/gum.criteo.com https:\/\/jadserve.postrelease.com https:\/\/id5-sync.com https:\/\/ad.360yield.com https:\/\/matching.ivitrack.com https:\/\/contextual.media.net https:\/\/exchange.mediavine.com https:\/\/sync.outbrain.com https:\/\/simage2.pubmatic.com https:\/\/pixel.rubiconproject.com https:\/\/criteo-sync.teads.tv https:\/\/criteo-partners.tremorhub.com https:\/\/eb2.3lift.com https:\/\/ad.yieldlab.net https:\/\/sync-criteo.ads.yieldmo.com https:\/\/e1.emxdgt.com https:\/\/sync.1rx.io https:\/\/dis.criteo.com https:\/\/dpm.demdex.net https:\/\/ps.eyeota.net https:\/\/public-prod-dspcookiematching.dmxleo.com *.hsforms.net *.hsforms.com 'self' data: *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com www.apptrian.com pinterest.com ct.pinterest.com www.pinterest.com s.pinimg.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal webchat.dotdigital.com webchat.staging.dotdigital.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com cc-cdn.com *.bglobale.com *.global-e.com www.xtento.com cdn.xtento.com app.termly.io widget.reviews.io js-agent.newrelic.com ajax.cloudflare.com static.cloudflareinsights.com ipinfo.io websdk.appsflyer.com www.dwin1.com *.amazonaws.com data.stats.tools cdn.ywxi.net sw-assets.ekomiapps.de *.adroll.com *.kustomerapp.com static.client.cardinaltrusted.com *.pcapredict.com *.postcodeanywhere.co.uk api.uk.exponea.com tag.mention-me.com c0.adalyser.com https:\/\/cdn.polyfill.io https:\/\/browser.sentry-cdn.com https:\/\/cdn.lr-ingest.io https:\/\/unpkg.com *.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com maps.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com https:\/\/*.dwin1.com https:\/\/intljs.rmtag.com https:\/\/cdn.avmws.com https:\/\/images.bizrate.com https:\/\/*.awin1.com https:\/\/*.zenaps.com https:\/\/the.sciencebehindecommerce.com https:\/\/swrap.tradedoubler.com https:\/\/analytics.optimalpeople.fr https:\/\/www.linkconnector.com https:\/\/d3v27wwd40f0xu.cloudfront.net https:\/\/static.criteo.net https:\/\/sslwidget.criteo.com https:\/\/*.affiliatefuture.com https:\/\/static.powerreviews.com https:\/\/analytics.webgains.io *.hsforms.net *.hsforms.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app https:\/\/fonts.googleapis.com\/ webchat.dotdigital.com webchat.staging.dotdigital.com cc-cdn.com *.bglobale.com *.global-e.com assets.reviews.io data: use.typekit.net p.typekit.net *.amazonaws.com sw-assets.ekomiapps.de *.postcodeanywhere.co.uk https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.gstatic.com *.googleapis.com maxcdn.bootstrapcdn.com assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com pinterest.com www.pinterest.com ct.pinterest.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.adyen.com www.apptrian.com pinterest.com www.pinterest.com ct.pinterest.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk cc-cdn.com app.termly.io *.reviews.io region1.analytics.google.com stats.g.doubleclick.net pagead2.googlesyndication.com *.amazonaws.com sw-assets.ekomiapps.de *.adroll.com *.tiktokw.us *.kustomerapp.com *.cardinaltrusted.com *.postcodeanywhere.co.uk https:\/\/*.ingest.sentry.io https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com maps.googleapis.com www.gstatic.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/shareasale.com\/sale.cfm https:\/\/analytics.optimalpeople.fr https:\/\/measurement-api.criteo.com https:\/\/api.webgains.io https:\/\/the.sciencebehindecommerce.com https:\/\/*.wepowerconnections.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' *.gs.com; script-src 'unsafe-inline' 'unsafe-eval' *.gs.com:* https:\/\/assets.adobedtm.com https:\/\/gsgir.122.2o7.net https:\/\/*.tt.omtrdc.net https:\/\/view.ceros.com ir-vh.akamaihd.net https:\/\/amp.akamaized.net https:\/\/cdn.appdynamics.com; connect-src 'self' wss:\/\/*.gs.com:* *.gs.com:* https:\/\/assets.adobedtm.com https:\/\/gsgir.122.2o7.net https:\/\/*.tt.omtrdc.net https:\/\/view.ceros.com ir-vh.akamaihd.net https:\/\/amp.akamaized.net https:\/\/col.eum-appdynamics.com https:\/\/girprod.akamaized.net https:\/\/irqa.akamaized.net https:\/\/video.goldmansachs.com *.datadoghq.com; img-src *.gs.com:* https:\/\/gsgir.122.2o7.net data: blob: https:\/\/col.eum-appdynamics.com; style-src 'unsafe-inline' *.gs.com:* https:\/\/fast.fonts.net; media-src 'self' *.gs.com ir-vh.akamaihd.net blob: https:\/\/girprod.akamaized.net https:\/\/irqa.akamaized.net https:\/\/video.goldmansachs.com; frame-ancestors 'self' https:\/\/goldmansachs.experiencecloud.adobe.com:*; worker-src blob: *.gs.com:* *.gs.com:*;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.livechatinc.com https:\/\/*.haiku.ai https:\/\/api.hubspot.com https:\/\/api.mixpanel.com https:\/\/cdn.freshmarketer.com https:\/\/cdn.mxpnl.com https:\/\/cdnjs.cloudflare.com https:\/\/code.jquery.com https:\/\/connect.facebook.net https:\/\/forms.hsforms.com https:\/\/googleads.g.doubleclick.net https:\/\/info.proctoru.com https:\/\/ip.freshmarketer.com https:\/\/js.hs-analytics.net https:\/\/js.hs-scripts.com https:\/\/js.hsadspixel.net https:\/\/js.hsforms.net https:\/\/js.usemessages.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/pi.pardot.com https:\/\/px.ads.linkedin.com https:\/\/snap.licdn.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com https:\/\/www.linkedin.com https:\/\/www.youtube.com https:\/\/js.hscta.net https:\/\/cta-service-cms2.hubspot.com https:\/\/hire.withgoogle.com https:\/\/*.adroll.com https:\/\/*.consensu.org https:\/\/*.twitter.com\/ https:\/\/cdn.syndication.twimg.com\/ https:\/\/*.fullstory.com\/ https:\/\/js.hs-banner.com https:\/\/api.hubapi.com https:\/\/sc.lfeeder.com https:\/\/tagmanager.google.com https:\/\/yas.bamboohr.com https:\/\/*.cincopa.com https:\/\/www.meazurelearning.com https:\/\/cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/*.typekit.net https:\/\/maxcdn.bootstrapcdn.com https:\/\/platform.twitter.com\/ https:\/\/tagmanager.google.com https:\/\/*.bamboohr.com https:\/\/*.meazurelearning.com https:\/\/cdn.jsdelivr.net; img-src https: data:; connect-src https:\/\/www.google-analytics.com https:\/\/*.haiku.ai https:\/\/api.mixpanel.com https:\/\/api.hubspot.com https:\/\/api.hubapi.com https:\/\/*.fullstory.com\/ https:\/\/*.bamboohr.com https:\/\/stats.g.doubleclick.net; font-src 'self' data: https:\/\/use.typekit.net https:\/\/fonts.gstatic.com https:\/\/maxcdn.bootstrapcdn.com; media-src https:\/\/*.livechatinc.com; frame-ancestors 'none'; object-src 'none'; frame-src https:\/\/secure.livechatinc.com https:\/\/bid.g.doubleclick.net https:\/\/forms.hsforms.com https:\/\/www.facebook.com https:\/\/www.youtube.com https:\/\/hire.withgoogle.com https:\/\/www.proctoru.com https:\/\/player.vimeo.com https:\/\/platform.twitter.com\/ https:\/\/syndication.twitter.com\/ https:\/\/twitter.com\/; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/www.nominette.com https:\/\/demo.nominette.nl data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com 'self' 'unsafe-inline'; frame-ancestors *.gstatic.com https:\/\/www.nominette.com https:\/\/demo.nominette.nl 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com * www.google.com *.hotjar.com *.hotjar.io *.weltpixel.com https:\/\/www.nominette.com https:\/\/demo.nominette.nl 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io * maps.gstatic.com maps.googleapis.com *.openstreetmap.org https:\/\/maps.googleapis.com *.google.com *.google.be *.googleapis.com *.magentocommerce.com *.trustprofile.io bat.bing.com *.facebook.com https:\/\/www.nominette.com https:\/\/demo.nominette.nl maps.google.com data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/rum.hlx.page cdn.jsdelivr.net www.gstatic.com maps.googleapis.com *.googleapis.com *.hotjar.com *.hotjar.io *.voyado.com https:\/\/www.nominette.com bat.bing.com *.clarity.ms *.realytics.io *.realytics.net connect.facebook.net https:\/\/demo.nominette.nl 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.cash.app *.fontawesome.com cdn.jsdelivr.net maxcdn.bootstrapcdn.com *.googleapis.com https:\/\/www.nominette.com https:\/\/demo.nominette.nl 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com * *.openstreetmap.org https:\/\/maps.googleapis.com *.adyen.com *.google.be *.googleapis.com *.g.doubleclick.net *.hotjar.com *.hotjar.io *.voyado.com *.exatom.io bat.bing.com *.clarity.ms *.realytics.io *.stape.cc 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors *.bolt.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.bolt.com https:\/\/www.google.com\/recaptcha\/ *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.bolt.com *.commerce-quick-checkout.com http:\/\/localhost:8082 https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.fontawesome.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bolt.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.googletagmanager.com *.google.com *.squarecdn.com https:\/\/square-fonts-production-f.squarecdn.com https:\/\/cash-f.squarecdn.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/www.google.com https:\/\/www.gstatic.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com https:\/\/square-fonts-production-f.squarecdn.com\/ https:\/\/d1g145x70srn7h.cloudfront.net\/ https:\/\/cash-f.squarecdn.com\/ https:\/\/fonts.gstatic.com\/ data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.google.com *.googletagmanager.com *.googleapis.com *.facebook.com *.authorize.net *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.twitter.com https:\/\/acs-us-east-1.ndsprod.nds-sandbox-issuer.com\/ 'self' 'unsafe-inline'; frame-ancestors self www.google.com *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.googletagmanager.com *.facebook.com *.squarecdn.com https:\/\/sandbox.web.squarecdn.com www.google.com www.gstatic.com apis.google.com *.authorize.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.twitter.com https:\/\/pci-connect.squareup.com https:\/\/connect.squareup.com https:\/\/pci-connect.squareupsandbox.com https:\/\/connect.squareupsandbox.com https:\/\/web.squarecdn.com https:\/\/sandbox.kit.cash.app\/ https:\/\/kit.cash.app\/ https:\/\/acs-us-east-1.ndsprod.nds-sandbox-issuer.com\/ https:\/\/api.squareupsandbox.com\/ https:\/\/api.squareup.com\/ 'self' 'unsafe-inline'; img-src 'self' data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.apptrian.com maps.gstatic.com *.google.com *.google.co.in *.redditstatic.com *.reddit.com https:\/\/firebasestorage.googleapis.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.facebook.com https:\/\/meetanshi.com\/media\/logo.png www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.cloudflare.com *.klarna.com *.googleadservices.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cloudfront.net https:\/\/www.gstatic.com\/ https:\/\/sandbox.api.cash.app\/ https:\/\/site-assets.afterpay.com\/ https:\/\/sandbox.web.squarecdn.com\/ https:\/\/api.cash.app\/ https:\/\/web.squarecdn.com\/ https:\/\/api.squareupsandbox.com\/ https:\/\/api.squareup.com\/ https:\/\/franklin-assets.s3.amazonaws.com\/ https:\/\/static.sandbox.afterpay.com\/ https:\/\/static.afterpay.com\/ https:\/\/static.sandbox.afterpay.com\/logo\/ data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com www.apptrian.com maps.googleapis.com *.authorize.net *.paypal.com *.mouseflow.com localmenu.katzsdelicatessen.com *.addthis.com *.noibu.com *.redditstatic.com *.reddit.com *.tiktok.com *.tiktokw.us *.facebook.com *.vibe.co *.squarecdn.com *.avada.io *.shopify.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.googleapis.com *.gstatic.com *.googletagmanager.com *.facebook.net www.termsfeed.com *.fontawesome.com player.vimeo.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.trustedshops.com *.usercentrics.eu https:\/\/js-sandbox.squarecdn.com https:\/\/js.squareup.com https:\/\/js.afterpay.com\/ https:\/\/nd.squarecdn.com https:\/\/js.squareupsandbox.com https:\/\/sandbox.web.squarecdn.com https:\/\/web.squarecdn.com https:\/\/portal.sandbox.afterpay.com\/ https:\/\/portal.afterpay.com\/ https:\/\/cdn.plaid.com\/ https:\/\/sandbox.kit.cash.app\/ https:\/\/kit.cash.app\/ https:\/\/js-sandbox.squarecdn.com\/ https:\/\/js.squarecdn.com\/ 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.googletagmanager.com *.google.com *.klaviyo.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/static.klaviyo.com *.gstatic.com assets.braintreegateway.com *.cloudflare.com *.twitter.com *.twimg.com *.typekit.net *.trustedshops.com *.usercentrics.eu https:\/\/sandbox.web.squarecdn.com https:\/\/web.squarecdn.com https:\/\/sandbox.kit.cash.app\/ https:\/\/kit.cash.app\/ https:\/\/fonts.googleapis.com\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com www.apptrian.com maps.googleapis.com  *.google-analytics.com *.googletagmanager.com *.googleapis.com *.doubleclick.net *.klaviyo.com *.report-uri.com *.noibu.com wss:\/\/*.noibu.com *.redditstatic.com *.reddit.com *.facebook.com *.tiktok.com *.tiktokw.us *.vibe.co *.squarecdn.com https:\/\/get.geojs.io *.avada.io https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com *.authorize.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.cloudflare.com *.twitter.com *.twimg.com https:\/\/pci-connect.squareup.com https:\/\/pci-connect.squareupsandbox.com https:\/\/api.amplitude.com\/ https:\/\/api.squareupsandbox.com\/ https:\/\/api.squareup.com\/ https:\/\/o160250.ingest.sentry.io\/ https:\/\/api.lab.amplitude.com\/sdk\/vardata https:\/\/sandbox.plaid.com\/ https:\/\/production.plaid.com\/ 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.report-uri.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/katzsdelicatessen.report-uri.com\/r\/d\/csp\/enforce; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com data: *.globalpay.com https:\/\/fonts.gstatic.com *.klarnacdn.net maxcdn.bootstrapcdn.com *.yotpo.com www.bedstar.co.uk data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.gpwebpay.com *.gpe.cz *.globalpay-ecommerce.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.yotpo.com www.bedstar.co.uk 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com www.bedstar.co.uk 'self'; frame-src fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com https:\/\/js.mollie.com account.fetchify.com *.americanexpress.com *.globalpay.com *.mastercard.com *.visa.com *.gpwebpay.com *.gpe.cz *.globalpay-ecommerce.com *.klarna.com https:\/\/www.googletagmanager.com\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * www.xtento.com *.yotpo.com www.bedstar.co.uk 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com https:\/\/s3.amazonaws.com https:\/\/aggregate-imgs.s3.eu-north-1.amazonaws.com https:\/\/fsc-images.s3.eu-north-1.amazonaws.com *.globalpay.com https:\/\/www.magezon.com *.klarna.com *.klarnaevt.com *.klarnacdn.net http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ www.googletagmanager.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.google.com www.google.com.ua maps.gstatic.com www.xtento.com cdn.xtento.com *.yotpo.com www.bedstar.co.uk data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/js.mollie.com https:\/\/*.ngrok.app *.aexp-static.com https:\/\/ajax.aspnetcdn.com *.globalpay.com *.gpapiservices.com https:\/\/pay.google.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com maps.googleapis.com www.gstatic.com www.xtento.com cdn.xtento.com *.yotpo.com www.bedstar.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com cc-cdn.com https:\/\/fonts.googleapis.com *.klarnacdn.net unsafe-inline assets.braintreegateway.com www.gstatic.com maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com www.bedstar.co.uk 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ www.bedstar.co.uk 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.googleapis.com https:\/\/*.fero.com https:\/\/*.ngrok.app wss:\/\/*.ngrok.app wss:\/\/fero.ngrok.app:3000\/ws api.craftyclicks.co.uk pcls1.craftyclicks.co.uk https:\/\/google.com\/pay *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com www.googleapis.com *.yotpo.com www.bedstar.co.uk 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com www.bedstar.co.uk http: https: blob: 'self' 'unsafe-inline'; default-src www.bedstar.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src https:\/\/www.google.com\/recaptcha\/ *.multisafepay.com https:\/\/pay.google.com www.googletagmanager.com isst.dewitschijndel.nl tpc.googlesyndication.com 'self' 'unsafe-inline'; img-src data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.multisafepay.com pagead2.googlesyndication.com ad.doubleclick.net c.clarity.ms bat.bing.com bat.bing.net www.google.rs www.google.ie www.google.it www.google.be www.facebook.com data: 'self' 'unsafe-inline'; script-src www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.multisafepay.com https:\/\/pay.google.com 'self' data: robincontentdesktop.blob.core.windows.net az416426.vo.msecnd.net selfservice.robinhq.com tpc.googlesyndication.com dewitschijndel.nl connect.facebook.net bat.bing.com scripts.clarity.ms www.clarity.ms d5yoctgpv4cpx.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.multisafepay.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.multisafepay.com profiles-staging.2factors.nl dewitschijndel.nl maps.googleapis.com bat.bing.com bat.bing.net www.google.it www.google.be www.google.rs www.google.nl ad.doubleclick.net dc.services.visualstudio.com az416426.vo.msecnd.net p2iqhncxyh.execute-api.eu-central-1.amazonaws.com pagead2.googlesyndication.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/monitor.bigbridgedev.nl\/csp; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' *.alkompis.se;\n\t\t\t\t\t\t\t\tscript-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagservices.com *.alkompis.se *.google.com *.twitter.com *.cloudflarestream.com *.vimeo.com *.youtube.com *.googleadservices.com *.googlesyndication.com *.doubleclick.net *.youtube.com *.termly.io *.googletagmanager.com *.facebook.net *.google *.ampproject.org *.cookiebot.com *.holid.io;\n\t\t\t\t\t\t\t\tstyle-src 'self' 'unsafe-inline' *.alkompis.se *.googleapis.com;\n\t\t\t\t\t\t\t\tconnect-src 'self' *.facebook.com *.googleadservices.com *.google.se *.facebook.net *.alkompis.se *.termly.io *.cookiebot.com *.google-analytics.com *.googlesyndication.com *.google.com *.doubleclick.net *.google *.adform.net *.holid.io;\n\t\t\t\t\t\t\t\tfont-src 'self' data: *.alkompis.se *.gstatic.com;\n\t\t\t\t\t\t\t\tmedia-src 'self' data: *.alkompis.se;\n\t\t\t\t\t\t\t\tframe-src 'self' *.googletagservices.com *.twitter.com *.soundcloud.com *.youtube.com *.googletagmanager.com *.facebook.com *.adtrafficquality.google *.cloudflarestream.com *.vimeo.com *.zendesk.com *.googlesyndication.com *.doubleclick.net *.google.com *.holid.io *.rubiconproject.com *.cookiebot.com;\n\t\t\t\t\t\t\t\timg-src 'self' data: *.alkompis.se *.vimeocdn.com *.adtrafficquality.google *.ytimg.com *.facebook.com *.googlesyndication.com *.google.com *.google.se *.doubleclick.net *.googletagmanager.com *.cookiebot.com;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com https:\/\/fonts.bunny.net *.userway.org maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.paypal.com *.typekit.net *.gstatic.com https:\/\/images.unsplash.com https:\/\/firebasestorage.googleapis.com *.google.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com magefan.com cm.magefan.com *.userway.org *.automann.com *.pixriot.com *.storeimaging.com data: 'self' 'unsafe-inline'; style-src *.adobe.com fonts.googleapis.com *.fontawesome.com https:\/\/fonts.bunny.net *.userway.org maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; connect-src *.clarity.ms dpm.demdex.net amcglobal.sc.omtrdc.net *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.amazonaws.com wss:\/\/transcribestreaming.us-east-1.amazonaws.com:8443 https:\/\/get.geojs.io *.avada.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com stats.g.doubleclick.net *.userway.org webservices.purolator.com devwebservices.purolator.com *.pixriot.com *.storeimaging.com 'self' 'unsafe-inline'; frame-src automann-scanner.global.ssl.fastly.net fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ bid.g.doubleclick.net *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.livechatinc.com *.userway.org webservices.purolator.com devwebservices.purolator.com 'self' 'unsafe-inline'; script-src *.clarity.ms *.cloudfront.net assets.adobedtm.com *.adobe.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/cdn.jsdelivr.net\/ https:\/\/maps.googleapis.com *.avada.io *.shopify.com connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com browser-update.org *.userway.org *.livechatinc.com 'self' 'unsafe-inline' 'unsafe-eval';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-pVNO6cB5J0XICwscLHSMMw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com fonts.googleapis.com *.googleapis.com https:\/\/*.gstatic.com data: *.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/*.typekit.net *.klarnacdn.net *.klevu.com *.ksearchnet.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.reviews.io *.reviews.co.uk *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com https:\/\/static.addtoany.com\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com *.clearpay.co.uk *.reviews.io *.reviews.co.uk *.iubenda.com https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.hotjar.com *.klarna.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.stripe.com klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/images.unsplash.com maps.googleapis.com maps.gstatic.com *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.afterpay.com *.clearpay.co.uk ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/*.cloudfront.net *.reviews.io *.reviews.co.uk *.iubenda.com https:\/\/*.doubleclick.net https:\/\/*.google.com https:\/\/*.google.co.uk *.klarna.com *.klarnaevt.com *.klarnacdn.net *.klevu.com *.ksearchnet.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/static.addtoany.com\/ https:\/\/maps.googleapis.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https:\/\/www.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.afterpay.com *.clearpay.co.uk *.squarecdn.com https:\/\/hbiq.net chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.reviews.io *.reviews.co.uk *.iubenda.com https:\/\/*.pcapredict.com\/js\/sensor.js https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/*.hotjar.com https:\/\/*.doubleclick.net https:\/\/secure.leadforensics.com https:\/\/*.googleapis.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klevu.com *.ksearchnet.com js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarnaevt.com *.amazon.com *.link.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms unpkg.com *.doubleclick.net https:\/\/js.klevu.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.afterpay.com\/ *.squarecdn.com downloads.mailchimp.com https:\/\/static.klaviyo.com *.cloudfront.net *.reviews.io *.reviews.co.uk https:\/\/*.googleapis.com https:\/\/*.typekit.net *.klarnacdn.net *.klevu.com *.ksearchnet.com assets.braintreegateway.com *.stripe.network *.stripecdn.com *.amazon.com *.tagmanager.google.com *.googletagmanager.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/stats.addtoany.com\/menu https:\/\/maps.googleapis.com https:\/\/player.vimeo.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.clearpay.co.uk *.squarecdn.com https:\/\/hbiq.net https:\/\/iq.afterpay-beta.com https:\/\/iq.afterpay.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.cloudfront.net *.reviews.io *.reviews.co.uk *.iubenda.com https:\/\/*.hotjar.com https:\/\/*.adobedc.net https:\/\/*.nr-data.net *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com *.klevu.com *.ksearchnet.com api.addressy.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.stripe.com klarna.com *.link.com *.amazon.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.clarity.ms *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' *.nscc.ca; img-src 'self' *.nscc.ca *.gstatic.com *.fontawesome.com *.google.ca *.google.com www.google-analytics.com app.careerbeacon.com s3.amazonaws.com syndication.twitter.com www.facebook.com *.monsido.com data: www.googletagmanager.com maps.googleapis.com https:\/\/ad.doubleclick.net https:\/\/px.ads.linkedin.com\/ https:\/\/www.linkedin.com\/px\/ https:\/\/i.ytimg.com\/vi_webp\/ https:\/\/syndicatedsearch.goog https:\/\/ep1.adtrafficquality.google https:\/\/alb.reddit.com; font-src 'self' *.nscc.ca *.fontawesome.com *.googleapis.com *.gstatic.com cdn.kendostatic.com data:; style-src 'self' *.nscc.ca *.fontawesome.com *.googleapis.com *.google.com app.simplycast.ca widget.alongside.com cdn.kendostatic.com kendo.cdn.telerik.com tags.srv.stackadapt.com www.googletagmanager.com static-assets-ca.libanswers.com https:\/\/kendo.cdn.telerik.com 'unsafe-inline'; script-src 'self' *.nscc.ca *.google.com *.googleapis.com *.gstatic.com https:\/\/googleads.g.doubleclick.net *.fontawesome.com *.google-analytics.com *.googletagmanager.com app.simplycast.ca *.youtube.com widget.alongside.com platform.twitter.com lgapi-ca.libapps.com https:\/\/ep2.adtrafficquality.google islpronto.islonline.net ca.libraryh3lp.com api3-ca.libcal.com cdn.kendostatic.com *.monsido.com *.crazyegg.com connect.facebook.net tags.srv.stackadapt.com js.adsrvr.org blob: static-assets-ca.libanswers.com https:\/\/jsonip.com https:\/\/server402.islonline.net\/live\/islpronto https:\/\/code.jquery.com https:\/\/unpkg.com https:\/\/cdn.kendostatic.com\/2023.3.1010\/js\/* https:\/\/kendo.cdn.telerik.com https:\/\/qvdt3feo.com\/events.js https:\/\/snap.licdn.com\/li.lms-analytics\/insight.min.js https:\/\/analytics.tiktok.com\/i18n\/pixel\/events.js https:\/\/analytics.tiktok.com\/i18n\/pixel\/static\/ https:\/\/www.redditstatic.com 'unsafe-inline'; connect-src 'self' *.nscc.ca www.google-analytics.com https:\/\/www.google.com https:\/\/ad.doubleclick.net csp.withgoogle.com ka-p.fontawesome.com kit.fontawesome.com api3-ca.libcal.com *.crazyegg.com tags.srv.stackadapt.com *.monsido.com analytics.google.com stats.g.doubleclick.net maps.googleapis.com https:\/\/px.ads.linkedin.com\/ https:\/\/px.ads.linkedin.com\/wa\/ https:\/\/analytics.tiktok.com\/api\/v2\/pixel https:\/\/analytics.tiktok.com\/api\/v2\/pixel\/act https:\/\/ep1.adtrafficquality.google https:\/\/www.google.ca https:\/\/analytics.tiktok.com https:\/\/analytics-ipv6.tiktokw.us https:\/\/mpc-prod-27-s6uit34pua-uk.a.run.app https:\/\/pixel-config.reddit.com https:\/\/app.simplycast.ca; frame-src 'self' *.youtube.com *.google.com https:\/\/www.googletagmanager.com syndication.twitter.com platform.twitter.com ca.libraryh3lp.com *.fls.doubleclick.net insight.adsrvr.org cckc.airtime.pro www.facebook.com https:\/\/player.vimeo.com https:\/\/td.doubleclick.net https:\/\/app.simplycast.ca https:\/\/match.adsrvr.org\/track\/upb\/* https:\/\/ep2.adtrafficquality.google; frame-ancestors 'self' *.nscc.ca:*;","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' https:; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self'; report-to wizard","count":1},{"content-security-policy-report-only":" default-src 'none'; form-action 'none'; frame-ancestors 'none'; report-uri; report-uri https:\/\/cybersmart.report-uri.com\/r\/d\/csp\/wizard","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-El85kO6O3xghg3NsrfJRTw' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app *.audioeye.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.brightcove.net *.brightcove.com *.weltpixel.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.wesupply.xyz https:\/\/wesupplylabs.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net annies-livesearch.s3.amazonaws.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.brightcove.net *.brightcove.com *.boltdns.net *.googlesyndication.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/prf.hn maps.gstatic.com *.facebook.com *.reddit.com *.adtrafficquality.google *.cookielaw.org *.lightboxcdn.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com annies-livesearch.s3.amazonaws.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.afterpay.com *.afterpaycdn.com *.squarecdn.com *.cash.app js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.brightcove.net *.brightcove.com *.ordergroove.com *.attn.tv events.attentivemobile.com *.googlesyndication.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/prf.hn https:\/\/pzapi-nb.com https:\/\/pzapi-kg.com https:\/\/pzapi-ij.com\/ maps.googleapis.com *.cloudflare.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.adtrafficquality.google *.audioeye.com *.clarity.ms *.cookielaw.org *.gstatic.com *.lightboxcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net annies-livesearch.s3.amazonaws.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.afterpay.com\/ *.afterpaycdn.com *.squarecdn.com *.cash.app assets.braintreegateway.com *.typekit.net *.googlesyndication.com tagmanager.google.com *.audioeye.com *.lightboxcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net annies-livesearch.s3.amazonaws.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.typekit.net *.googlesyndication.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com annies-livesearch.s3.amazonaws.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.typekit.net *.googlesyndication.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com annies-livesearch.s3.amazonaws.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com *.afterpay.com *.afterpay-beta.com *.afterpaycdn.com *.squarecdn.com *.cash.app api.lab.amplitude.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.brightcove.net *.brightcove.com *.boltdns.net *.brightcovecdn.com maps.googleapis.com *.ordergroove.com *.attn.tv events.attentivemobile.com *.googlesyndication.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.google-analytics.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app *.adtrafficquality.google *.audioeye.com *.clarity.ms *.cookielaw.org *.onetrust.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net annies-livesearch.s3.amazonaws.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.brightcovecdn.com *.typekit.net *.googlesyndication.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' assets.talentio.com cdn.ravenjs.com widget.intercom.io js.intercomcdn.com www.google-analytics.com analytics.google.com translate.googleapis.com www.googletagmanager.com ; img-src 'self' data: blob: https: http:; child-src 'self' blob:; form-action 'self' www.facebook.com id.talentio.com api-iam.intercom.io ; font-src 'self' data: assets.talentio.com fonts.gstatic.com use.fontawesome.com use.typekit.net fonts.intercomcdn.com ; frame-ancestors 'self'; frame-src 'self' blob: youtube.com *.youtube.com speakerdeck.com *.speakerdeck.com slideshare.net *.slideshare.net twitter.com *.twitter.com note.com *.note.com google.com *.google.com google.co.jp *.google.co.jp facebook.com *.facebook.com backcheck.jp *.backcheck.jp s3.ap-northeast-1.amazonaws.com intercom-sheets.com; manifest-src 'none'; object-src 'self' blob: s3.ap-northeast-1.amazonaws.com; style-src 'self' 'unsafe-inline' assets.talentio.com fonts.googleapis.com use.typekit.net p.typekit.net use.fontawesome.com translate.googleapis.com ; media-src 'none'; worker-src 'self' blob:; connect-src 'self' assets.talentio.com *.sentry.io sentry.io api-iam.intercom.io uploads.intercomcdn.com wss:\/\/nexus-websocket-a.intercom.io www.google-analytics.com analytics.google.com s3.ap-northeast-1.amazonaws.com translate.googleapis.com","count":1},{"content-security-policy-report-only":" img-src https:\/\/higherlogicdownload.s3.amazonaws.com\/ACCA\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/ACCA\/ https:\/\/img.youtube.com\/vi\/ https:\/\/static.filestackapi.com\/picker\/ https:\/\/d2x5ku95bkycr3.cloudfront.net https:\/\/higherlogiclongterm.s3.amazonaws.com\/ACCA\/ blob: https:\/\/d132x6oi8ychic.cloudfront.net 'self'; style-src https:\/\/d132x6oi8ychic.cloudfront.net 'unsafe-inline' https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/ajax.googleapis.com\/ajax\/libs\/jqueryui\/ https:\/\/use.fortawesome.com\/ https:\/\/cdn.higherlogic.com\/ai-assistant https:\/\/static.filestackapi.com\/picker\/ https:\/\/fonts.googleapis.com\/ https:\/\/d3uf7shreuzboy.cloudfront.net\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/ACCA\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/ACCA\/ https:\/\/higherlogiclongterm.s3.amazonaws.com\/ACCA\/ 'self'; font-src https:\/\/fonts.googleapis.com\/ https:\/\/fonts.gstatic.com\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/higherlogicdownload.s3.amazonaws.com\/ACCA\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/ACCA\/ 'self' https:\/\/higherlogiclongterm.s3.amazonaws.com\/ACCA\/ https:\/\/maxcdn.bootstrapcdn.com\/font-awesome\/ https:\/\/d2x5ku95bkycr3.cloudfront.net https:\/\/d132x6oi8ychic.cloudfront.net data:; script-src-elem https:\/\/www.google.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-ui-1.13.3.min.js https:\/\/d3uf7shreuzboy.cloudfront.net\/ https:\/\/static.filestackapi.com\/picker\/ https:\/\/cdn.higherlogic.com\/ai-assistant https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-3.7.1.min.js https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/static.filestackapi.com\/filestack-js\/ 'self' https:\/\/ajax.aspnetcdn.com\/ajax\/ 'unsafe-eval' 'unsafe-inline'; media-src https:\/\/higherlogiclongterm.s3.amazonaws.com\/ACCA\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/ACCA\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/ACCA\/ https:\/\/higherlogicstream.s3.amazonaws.com\/ACCA\/ 'self' https:\/\/d132x6oi8ychic.cloudfront.net; script-src https:\/\/higherlogiclongterm.s3.amazonaws.com\/ACCA\/ https:\/\/higherlogicdownload.s3.amazonaws.com\/ACCA\/ https:\/\/ajax.aspnetcdn.com\/ajax\/ https:\/\/cdn.jsdelivr.net\/jquery.slick\/ https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-ui-1.13.3.min.js https:\/\/d132x6oi8ychic.cloudfront.net https:\/\/cdn.informz.net 'unsafe-eval' https:\/\/use.fortawesome.com\/ https:\/\/higherlogic-holdingpen-us-east-1.s3.amazonaws.com\/ACCA\/ https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/prism\/ 'unsafe-inline' https:\/\/d2x5ku95bkycr3.cloudfront.net\/ https:\/\/higherlogiccloudfront.s3.amazonaws.com https:\/\/static.filestackapi.com https:\/\/d2x5ku95bkycr3.cloudfront.net\/HigherLogic\/jquery\/jquery-3.7.1.min.js https:\/\/d3uf7shreuzboy.cloudfront.net\/ 'self'; frame-src https:\/\/www.google.com\/recaptcha\/ https:\/\/www.recaptcha.net\/recaptcha\/ https:\/\/api.connectedcommunity.org\/ 'self' https:\/\/www.youtube.com\/embed\/ https:\/\/10176109.fls.doubleclick.net\/ https:\/\/www.googletagmanager.com\/; connect-src https:\/\/upload.filestackapi.com https:\/\/static.filestackapi.com https:\/\/cloud.filestackapi.com\/folder\/list\/ 'self' https:\/\/hl-managedservices.informz.net https:\/\/d3uf7shreuzboy.cloudfront.net\/ blob:; worker-src 'self'; default-src 'self'; base-uri 'self'; frame-ancestors https:\/\/*.connectedcommunity.org\/ 'self'; object-src 'none'; manifest-src 'self';","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.feedbackcompany.com *.googleapis.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com *.feedbackcompany.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.sharethis.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.newrelic.com www.xtento.com 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.sharethis.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com *.feedbackcompany.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.sharethis.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com *.feedbackcompany.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.sharethis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com *.google-analytics.com *.analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.sharethis.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com *.feedbackcompany.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/d088f4f9-ddea-4faf-b7bc-b7ce45ac64e7.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" report-to https:\/\/r4com.report-uri.io\/r\/default\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.com.br https:\/\/www.myheritage.com.br  'unsafe-eval' 'nonce-45c1c7ff293eeac1de8d873401308abd' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.com.br https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-MoYpPrNqPJu7BpS0OA0IPQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" script-src 'sha256-tPn+rUNgboGPd4u7c99RHUz3mxhlVI6lmQS3QaCl0Ns=' 'self' self unsafe-eval *.criteo.com; style-src self unsafe-eval; report-uri https:\/\/0771da0b-b592-4245-a1e0-f93423ca942b.sansec.watch\/","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.yelp.com\/csp_report_only?id=f50f42c08572bfae&page=csp_report_frame_directives%2Cfull_site_ssl_csp_report_directives&policy_hash=41d0c45536d2a082f11d1cd0e00fde7f&site=www&timestamp=1778726848; frame-ancestors 'self' https:\/\/*.yelp.com; default-src https:; img-src https: data: blob:; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; font-src data: https:; child-src https: yelp-webview:\/\/* yelp:\/\/* data:; object-src 'none'; worker-src blob: https:; base-uri 'self'; form-action https:","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; script-src 'self' 'nonce-vQsSEp4t40Ux6Ba6wP4xuvWcxi0RYqnaKmfFPf1C' https:\/\/www.googletagmanager.com https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/challenges.cloudflare.com; style-src 'self' 'nonce-vQsSEp4t40Ux6Ba6wP4xuvWcxi0RYqnaKmfFPf1C' https:\/\/fonts.bunny.net; font-src 'self' https:\/\/fonts.bunny.net data:; img-src 'self' data: https:\/\/pic.gayfurrycomics.com https:\/\/cdn.gayfurrycomics.com https:\/\/cdn1.gayfurrycomics.com https:\/\/cdnl.gayfurrycomics.com https:\/\/cdne.gayfurrycomics.com https:\/\/gayfurrycomics.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/challenges.cloudflare.com; connect-src 'self' https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/challenges.cloudflare.com; media-src 'self' https:\/\/pic.gayfurrycomics.com https:\/\/cdn.gayfurrycomics.com https:\/\/cdn1.gayfurrycomics.com https:\/\/cdnl.gayfurrycomics.com https:\/\/cdne.gayfurrycomics.com https:\/\/gayfurrycomics.com; frame-src https:\/\/challenges.cloudflare.com; report-uri \/csp-report","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com a.omappapi.com *.google.com *.fontawesome.com *.alothemes.com *.magepow.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.pagar.me *.netsgroup.com *.sibs.pt *.seglan.com *.secureacs.com *.rsa3dsauth.com *.apata.io *.cardinalcommerce.com *.santander.com.br *.bradesco.com.br *.bradesco *.stone.com.br *.nubank.com.br *.itau.com.br *.bb.com.br *.caixa.gov.br *.inter.co *.bancointer.com.br *.c6bank.com.br *.bancobmg.com.br *.safra.com.br *.sicoob.com.br *.banrisul.com.br *.banrisul.b.br *.banorte.com *.xpi.com.br *.btgpactual.com *.btgpactualdigital.com *.mercadopago.com.br *.mercadopago.com *.picpay.com *.amedigital.com *.neon.tech *.neon.com.br *.wise.com *.revolut.com *.sandbox.3dsecure.io *.google.com https:\/\/seo.mageplaza.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mlstatic.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com event.getblue.io static.omni.chat *.criteo.com static.criteo.net td.doubleclick.net *.pagar.me *.netsgroup.com *.sibs.pt *.seglan.com *.secureacs.com *.rsa3dsauth.com *.apata.io *.cardinalcommerce.com *.santander.com.br *.bradesco.com.br *.bradesco *.stone.com.br *.nubank.com.br *.itau.com.br *.bb.com.br *.caixa.gov.br *.inter.co *.bancointer.com.br *.c6bank.com.br *.bancobmg.com.br *.safra.com.br *.sicoob.com.br *.banrisul.com.br *.banrisul.b.br *.banorte.com *.xpi.com.br *.btgpactual.com *.btgpactualdigital.com *.mercadopago.com.br *.mercadopago.com *.picpay.com *.amedigital.com *.neon.tech *.neon.com.br *.wise.com *.revolut.com *.sandbox.3dsecure.io *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mlstatic.com js.mollie.com js.stripe.com hooks.stripe.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com * *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.googletagmanager.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/images.unsplash.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com www.oceandrop.com.br c.clarity.ms *.bing.com www.google.com.br cm.g.doubleclick.net collect.vendavalida.com.br *.criteo.com *.omappapi.com a.mgid.com trackings.nemu.com.br openfpcdn.io ipinfo.io api.ipify.org api.bigdatacloud.net cdn.mundipagg.com api.pagar.me *.alothemes.com *.magepow.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com event.getblue.io widget.getblue.io static.omni.chat a.omappapi.com oceandrop-br.mais.social js-agent.newrelic.com www.clarity.ms *.hotjar.com bat.bing.com www.googleoptimize.com collect.vendavalida.com.br *.criteo.com secure.afilio.com.br a.mgid.com *.ubembed.com rum.hlx.page trackings.nemu.com.br openfpcdn.io ipinfo.io api.ipify.org api.bigdatacloud.net 3ds2.pagar.me 3ds2-sdx.pagar.me widget.freshworks.com m2epro.freshdesk.com *.alothemes.com *.magepow.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com js.mollie.com js.stripe.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com oceandrop-br.mais.social a.omappapi.com *.googleapis.com *.google.com widget.freshworks.com m2epro.freshdesk.com *.fontawesome.com *.alothemes.com *.magepow.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com assets.braintreegateway.com *.stripe.network *.stripecdn.com *.amazon.com tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com oceandrop-br.mais.social omnichat-web-chat.omni.chat webchat-adapter.omni.chat *.omappapi.com *.clarity.ms bam.nr-data.net ws.hotjar.com *.hotjar.io *.criteo.com stats.g.doubleclick.net collect.vendavalida.com.br bat.bing.com trackings.nemu.com.br openfpcdn.io ipinfo.io api.ipify.org api.bigdatacloud.net api.mundipagg.com api.pagar.me brasilapi.com.br viacep.com.br servicodados.ibge.gov.br pay.sandbox.google.com widget.freshworks.com m2epro.freshdesk.com *.alothemes.com *.magepow.com *.mercadopago.com *.mercadolivre.com *.mercadolibre.com *.mercadolibre.com.br https:\/\/mercadopago.com.br *.mercadopago.com.br *.mlstatic.com *.stripe.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.klarnacdn.net *.klevu.com *.ksearchnet.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.nosto.com *.nos.to 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.awin1.com *.zenaps.com *.fls.doubleclick.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.nosto.com *.nos.to *.klarna.com js.mollie.com https:\/\/www.google.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.awin1.com *.zenaps.com *.wepowerconnections.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.nosto.com *.nos.to *.klarna.com *.klarnaevt.com *.klarnacdn.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/www.mollie.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.nosto.com *.nos.to *.klarna.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com widget.freshworks.com m2epro.freshdesk.com js.mollie.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/js.klevu.com https:\/\/www.bakerross.co.uk 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com assets.braintreegateway.com *.nosto.com *.nos.to *.klarnacdn.net https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com widget.freshworks.com m2epro.freshdesk.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.nosto.com *.nos.to *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.klarnaservices.com *.klarna.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com widget.freshworks.com m2epro.freshdesk.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/20a27546-5165-4716-8e1c-c91dee6f68ae.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" img-src 'self' data: https:\/\/*.siteimproveanalytics.io; script-src 'self' https:\/\/siteimproveanalytics.com cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/www.google.com; script-src-attr 'self'; script-src-elem 'self' https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.gstatic.com\/recaptcha\/releases\/V6_85qpc2Xf2sbe3xTnRte7m\/recaptcha__en.js cdn.jsdelivr.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/www.google.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.fontawesome.com maxcdn.bootstrapcdn.com *.gstatic.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.multisafepay.com https:\/\/pay.google.com *.sendcloud.sc *.jsdelivr.net consentcdn.cookiebot.com metrics.azerty.nl www.googletagmanager.com td.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com https:\/\/images.unsplash.com magefan.com cm.magefan.com *.multisafepay.com *.amazonaws.com *.hsforms.net *.hsforms.com 'self' data: bat.bing.com www.facebook.com www.google.nl imgsct.cookiebot.com metrics.azerty.nl azerty.nl bat.bing.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net commerce.adobe.net use.typekit.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com https:\/\/maps.googleapis.com *.avada.io *.multisafepay.com https:\/\/pay.google.com *.sendcloud.sc *.jsdelivr.net *.hsforms.net *.hsforms.com *.google.com *.gstatic.com app.aiden.cx consent.cookiebot.com sgtm.azerty.nl bat.bing.com d5yoctgpv4cpx.cloudfront.net consentcdn.cookiebot.com metrics.azerty.nl connect.facebook.net www.clarity.ms js-agent.newrelic.com cdn.ablyft.com ocean.kieskeurig.nl sgtm.azertyzakelijk.nl script.clarity.ms 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com *.fontawesome.com *.multisafepay.com maxcdn.bootstrapcdn.com *.sendcloud.sc *.jsdelivr.net *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com commerce.adobe.io *.sentry.io *.magento-datasolutions.com *.magento-ds.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com https:\/\/get.geojs.io *.avada.io *.multisafepay.com *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com p2iqhncxyh.execute-api.eu-central-1.amazonaws.com metrics.azerty.nl l.clarity.ms q.clarity.ms consentcdn.cookiebot.com bam.nr-data.net pro.ip-api.com bat.bing.com www.google.com google.com www.facebook.com get.geojs.io pagead2.googlesyndication.com bat.bing.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com bat.bing.com l.clarity.ms bam.nr-data.net www.google.com bat.bing.net pagead2.googlesyndication.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/tanga.zendesk.com https:\/\/app.optimizely.com;","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src 'self' epichttp: https:\/\/cdnapisec.kaltura.com\/ https:\/\/kelseyseyboldepiciframe-pp-prtl.spectrumretailnet.com https:\/\/kelseyseyboldepiciframe-pp-prtltsttest.spectrumretailnet.com https:\/\/play.vidyard.com;script-src 'nonce-d492034a0c924b928694207be4de1973' https:\/\/mykelseyonline.com 'self' 'unsafe-eval' https:\/\/play.vidyard.com\/ repo-stg.rakanto.com repo.rakanto.com;img-src https:\/\/* 'self' blob: data:;connect-src 'self' cse.rakanto.com epichttp: https:\/\/stage-cse.rakanto.com www.google.com;style-src https:\/\/mykelseyonline.com 'self' 'unsafe-inline' www.gstatic.com;worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;report-uri \/MkoApi\/api\/CspReport;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com kit.fontawesome.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net www.garp.org *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com; style-src 'self' 'unsafe-inline' *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net www.garp.org static.hsappstatic.net; img-src https: 'self' 'unsafe-eval' js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com s3-us-west-2.amazonaws.com; font-src 'self' ka-p.fontawesome.com; connect-src 'self' *.google.com *.googletagmanager.com www.google-analytics.com googleads.g.doubleclick.net *.vidyard.com *.fontawesome.com content.hotjar.io *.hotjar.com wss:\/\/wsp14.hotjar.com wss:\/\/wsp43.hotjar.com\/api\/v2\/client\/ws stats.g.doubleclick.net static.libsyn.com cdn.linkedin.oribi.io *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com bat.bing.com hm.baidu.com; object-src 'none'; media-src 'self'; frame-src html5-player.libsyn.com forms.hsforms.com *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com www.garp.org *.hsforms.net *.hsforms.com *.googletagmanager.com *.twitter.com *.facebook.com fast.wistia.net *.youtube.com; base-uri 'self'; report-to \/csp-violation-report-endpoint\/;","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.it https:\/\/www.myheritage.it  'unsafe-eval' 'nonce-b57b414def05a7e9f098cea193f17eff' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.it https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/kundecrm.my.site.com https:\/\/kundecrm.my.salesforce.com; script-src-elem 'self' 'unsafe-inline' https:\/\/kundecrm.my.site.com https:\/\/kundecrm.my.salesforce.com https:\/\/service.force.com https:\/\/operationsmessengerservices.azurewebsites.net https:\/\/nexus.ensighten.com https:\/\/www.googletagmanager.com https:\/\/*.salesforceliveagent.com https:\/\/bs.serving-sys.com https:\/\/img.en25.com https:\/\/files.cdn.leadfamly.com https:\/\/*.snapchat.com https:\/\/app.varify.io https:\/\/*.clarity.ms https:\/\/*.hotjar.com https:\/\/sc-static.net https:\/\/connect.facebook.net https:\/\/collect.danskespil.dk https:\/\/tags.danskespil.dk; style-src * 'unsafe-inline'; style-src-elem * 'unsafe-inline'; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/operationsmessengerservices.azurewebsites.net; img-src 'self' data: https:\/\/track.adform.net https:\/\/www.facebook.com https:\/\/s166423343.t.eloqua.com https:\/\/ad.doubleclick.net https:\/\/*.clarity.ms https:\/\/tc-static.dk https:\/\/*.tc-static.dk; connect-src 'self' https:\/\/kundecrm.my.site.com https:\/\/kundecrm.my.salesforce-scrt.com https:\/\/kundecrm.secure.force.com https:\/\/operationsmessengerservices.azurewebsites.net https:\/\/dsoperationsmessenger.blob.core.windows.net https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/tivoli-casino-be.dsservice.eu https:\/\/dawa.aws.dk https:\/\/*.snapchat.com https:\/\/app.varify.io https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/*.hotjar.io https:\/\/*.clarity.ms https:\/\/doh.cq0.co https:\/\/collect.danskespil.dk https:\/\/tags.danskespil.dk https:\/\/tracking.danskespil.dk wss:\/\/ws.hotjar.com; frame-src * intent:; report-uri \/api\/tivolicasino\/security\/csp\/testreport; block-all-mixed-content;","count":1},{"content-security-policy-report-only":" script-src 'nonce-gBni-MDyLuKqzQ6ZAstCpg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https:\/\/csp.withgoogle.com\/csp\/static-on-bigtable; base-uri 'none'","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.bootstrapcdn.com *.edrone.me *.googleapis.com *.google.com\/recaptcha *.google-analytics.com https:\/\/cdnjs.cloudflare.com *.fontawesome.com *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.payline.com *.gstatic.com *.google.com\/recaptcha *.google.com *.google-analytics.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.payline.com *.criteo.com *.facebook.net *.gstatic.com *.edrone.me *.cloudfront.net *.googleapis.com *.trustedshops.com *.google.com\/recaptcha *.hotjar.com *.google-analytics.com *.cookiebot.com *.addthis.com *.twitter.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.dhl.pl *.dhl24.com.pl *.packeta.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.cookiebot.com https:\/\/img.youtube.com https:\/\/i.ytimg.com *.google-analytics.com *.googleadservices.com *.google.pl *.ssl.gstatic.com *.edrone.me *.cloudfront.net *.googleapis.com *.trustedshops.com *.google.com\/recaptcha https:\/\/csr.onet.pl *.inistrack.net *.pixel.wp.pl https:\/\/pixel.wp.pl\/api *.clarity.ms https:\/\/t.co *.bing.com *.yahoo.com *.criteo.com https:\/\/x.bidswitch.net https:\/\/ib.adnxs.com https:\/\/secure.adnxs.com https:\/\/contextual.media.net https:\/\/pixel.rubiconproject.com https:\/\/match.sharethrough.com https:\/\/rtb-csync.smartadserver.com https:\/\/sync-t1.taboola.com https:\/\/criteo-sync.teads.tv https:\/\/sync-criteo.ads.yieldmo.com https:\/\/criteo-partners.tremorhub.com https:\/\/eb2.3lift.com https:\/\/cm.adform.net https:\/\/visitor.omnitagjs.com https:\/\/r.casalemedia.com https:\/\/id5-sync.com https:\/\/ad.360yield.com https:\/\/matching.ivitrack.com https:\/\/exchange.mediavine.com https:\/\/sync.outbrain.com https:\/\/simage2.pubmatic.com https:\/\/ad.yieldlab.net https:\/\/dpm.demdex.net https:\/\/beacon.krxd.net https:\/\/a.twiago.com https:\/\/s.thebrighttag.com https:\/\/static.paynow.pl *.disqus.com *.addthisedge.com *.twitter.com *.alothemes.com *.magepow.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.hsforms.net *.hsforms.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com 'self' 'unsafe-inline' *.paynow.pl data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.ssl.google-analytics.com *.googleadservices.com *.criteo.com *.criteo.net *.savecart.pl *.trustedshops.com *.edrone.me *.cloudfront.net *.googleapis.com http:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.google.com\/recaptcha\/api.js *.goadservices.com *.onet.pl *.tagmanager.google.com https:\/\/ocdn.eu *.cardinalcommerce.com *.hotjar.com https:\/\/live-chat.chatbotize.com\/chatbotize-entrypoint.min.js *.pixel.wp.pl https:\/\/pixel.wp.pl\/w\/tr.js https:\/\/pixel.wp.pl *.inistrack.net https:\/\/cdn.jsdelivr.net\/npm\/@finsweet\/cookie-consent@1\/fs-cc.js *.cookiebot.com *.bing.com *.twitter.com *.inis360.com *.cdngazeta.com *.cdngazeta.pl cdngazeta.pl *.googleoptimize.com *.clarity.ms https:\/\/artemis-cdn.ocdn.eu https:\/\/p.gsitrix.com https:\/\/o.gsitrix.com\/sys.php https:\/\/bam.eu01.nr-data.net https:\/\/static.ads-twitter.com https:\/\/analytics.tiktok.com https:\/\/ec.monplat-cdn.com *.luigisbox.com https:\/\/static.paynow.pl https:\/\/cdnjs.cloudflare.com *.disqus.com *.addthis.com *.moatads.com *.addthisedge.com *.alothemes.com *.magepow.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.hsforms.net *.hsforms.com *.easypack24.net *.inpost.pl *.packeta.com https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com 'self' googleadservices.com cdn.luigisbox.com 'unsafe-eval' dwin1.com awin1.com zenaps.com the.sciencebehindecommerce.com *.clickonometrics.pl *.luigisbox.tech *.paynow.pl 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.bootstrapcdn.com *.edrone.me *.trustedshops.com *.google.com\/recaptcha *.tagmanager.google.com *.google-analytics.com *.cookiebot.com *.savecart.pl *.luigisbox.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.fontawesome.com *.alothemes.com *.magepow.com maxcdn.bootstrapcdn.com assets.braintreegateway.com *.easypack24.net *.inpost.pl https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline' cdn.luigisbox.com imgsct.cookiebot.com fonts.googleapis.com  cdnjs.cloudflare.com widgets.trustedshops.com *.luigisbox.tech *.paynow.pl 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src https:\/\/tolpapl.savecart.pl 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.edrone.me *.trustedshops.com *.google.com\/recaptcha http:\/\/d3bo67muzbfgtl.cloudfront.net\/externals *.cardinalcommerce.com *.onet.pl *.hotjar.com https:\/\/www.googleapis.com\/pagespeedonline *.googleapis.com *.savecart.pl *.cookiebot.com *.clarity.ms https:\/\/p.gsitrix.com https:\/\/bam.eu01.nr-data.net https:\/\/clk.leadexpert.pl https:\/\/analytics.tiktok.com *.luigisbox.com *.alothemes.com *.magepow.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.packeta.com *.etrusted.com https:\/\/integrations.etrusted.site 'self' 'unsafe-eval' pixel.wp.pl dwin1.com awin1.com zenaps.com the.sciencebehindecommerce.com *.luigisbox.tech 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com *.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com data: *.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.force.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.googleapis.com 'self' data: blob: 'unsafe-inline' data: www.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com magefan.com cm.magefan.com * *.cloudfront.net *.google.com *.google.com.mx notifications-icommkt.website *.facebook.com *.google.co.in data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com x.klarnacdn.net centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.facebook.net connect.facebook.net graph.facebook.com business.facebook.com * *.cloudfront.net *.wcx.cloud notifications-icommkt.com *.wcentrix.com *.force.com *.salesforceliveagent.com *.demoup.com https:\/\/cdn.jsdelivr.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com assets.braintreegateway.com *.fontawesome.com maxcdn.bootstrapcdn.com *.cloudfront.net *.wcentrix.com *.force.com https:\/\/cdn.jsdelivr.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cloudfront.net track-icommkt.com notifications-icommkt.com *.doubleclick.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/dismac.com.bo\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-2wYllHalEPVL27td_S92gA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src *.gstatic.com data: *.googleapis.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/cdnjs.cloudflare.com applepay.cdn-apple.com *.survicate.com https:\/\/github.com https:\/\/use.typekit.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.facebook.com *.monetico-services.com 'self' connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.google.com *.google.com *.doubleclick.net www.facebook.com *.monetico-services.com connect.facebook.net graph.facebook.com business.facebook.com api.payplug.com secure.payplug.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.gstatic.com *.googleapis.com https:\/\/px.ads.linkedin.com 'self' data: *.google.com *.google.bg www.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/firebasestorage.googleapis.com connect.facebook.net graph.facebook.com business.facebook.com *.cdninstagram.com *.google.fr data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.gstatic.com https:\/\/static.splio.pro https:\/\/analytics.tiktok.com https:\/\/cdn.jsdelivr.net *.google.com *.google.bg *.googletagmanager.com www.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.avada.io *.shopify.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/cdnjs.cloudflare.com api.payplug.com applepay.cdn-apple.com https:\/\/cdn.payplug.com\/js\/integrated-payment\/ survey.survicate.com sdk.privacy-center.org cdn.mouseflow.com *.clarity.ms 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/static.splio.pro https:\/\/analytics.tiktok.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com https:\/\/static.klaviyo.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.survicate.com *.typekit.net *.klaviyo.com *.clarity.ms 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.googleapis.com https:\/\/sdk-sdk-backend.apigw.splio.pro https:\/\/analytics.tiktok.com *.google-analytics.com www.facebook.com *.facebook.net *.google.com *.monetico-services.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ https:\/\/get.geojs.io *.avada.io connect.facebook.net graph.facebook.com business.facebook.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/o2.mouseflow.com *.clarity.ms 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" frame-ancestors 'self'; report-uri https:\/\/www.weeklytimesnow.com.au\/csp-reports","count":1},{"content-security-policy-report-only":" default-src 'self' data: blob: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/connect.facebook.net https:\/\/static.zalo.me https:\/\/sp.zalo.me; style-src 'self' 'unsafe-inline' https: https:\/\/fonts.googleapis.com; img-src 'self' data: https: https:\/\/*.mailchimp.com https:\/\/mcusercontent.com https:\/\/www.google-analytics.com; media-src 'self' https:\/\/www.youtube.com https:\/\/www.youtu.be; font-src 'self' https:\/\/fonts.gstatic.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/*.mailchimp.com https:\/\/zalo.me https:\/\/*.zalo.me; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.youtu.be https:\/\/www.canva.com https:\/\/*.canva.com https:\/\/www.facebook.com https:\/\/*.facebook.com https:\/\/zalo.me https:\/\/*.zalo.me; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" frame-src 'self' https:\/\/15706656.fls.doubleclick.net https:\/\/adlc-exchange.toast.com https:\/\/gum.criteo.com https:\/\/img-amc.tason.com https:\/\/static.criteo.net https:\/\/t1.daumcdn.net https:\/\/www.facebook.com https:\/\/www.googletagmanager.com https:\/\/player.charlla.io https:\/\/www.kmcert.com https:\/\/sa.inicis.com https:\/\/pay.naver.com https:\/\/*.kcp.co.kr https:\/\/*.inicis.com https:\/\/*.tosspayments.com https:\/\/pay.naver.com https:\/\/*.pay.naver.com https:\/\/apis.naver.com https:\/\/postcode.map.kakao.com https:\/\/*.youtube.com https:\/\/sccontents.tason.com:10443 https:\/\/*.kakao.com https:\/\/*.kakaocdn.net; frame-ancestors 'self'; object-src 'none'; report-uri \/analyze\/log;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-RandomString123456' https:\/\/metaswitch.com https:\/\/*.metaswitch.com 'strict-dynamic' 'nonce-TyiOWccOBVuYaBLtQRYGAw=='; style-src 'self' 'nonce-RandomString123456' https:\/\/metaswitch.com https:\/\/*.metaswitch.com; img-src 'self' data: https:\/\/metaswitch.com https:\/\/*.metaswitch.com; font-src 'self' https:\/\/metaswitch.com https:\/\/*.metaswitch.com; connect-src 'self' https:\/\/metaswitch.com https:\/\/*.metaswitch.com; frame-src 'self' https:\/\/metaswitch.com https:\/\/*.metaswitch.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-uri https:\/\/770a769bea45352cd46f7e284097b330.report-uri.com\/r\/d\/csp\/reportOnly","count":1},{"content-security-policy-report-only":" style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebaystatic.com *.ebaystatic.cn *.gstatic.com *.fontawesome.com blob: *.googleapis.com; connect-src 'self' *.ebay.com *.ebaystatic.com *.ebaystatic.cn data: *.google-analytics.com *.doubleclick.net *.avalon.perfdrive.com *.ebayimg.com *.ucweb.com *.akamaihd.net *.ucads.ucweb.com *.analytics.google.com *.g.doubleclick.net *.googletagmanager.com *.pinterest.com *.snapchat.com *.criteo.com *.facebook.com *.googleapis.com *.googleadservices.com blob: analytics.google.com *.us.shoplive.cloud www.facebook.com *.bing.com www.googletagmanager.com google.com *.google.com *.graphitevault.com *.amplitude.com wss:\/\/127.0.0.1:* www.redditstatic.com *.reddit.com *.quantummetric.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:\/\/* blob: data:; frame-ancestors 'self' *.ebay.com *.ebaystatic.com *.ebaystatic.cn; img-src 'self' data: blob: https:\/\/*; default-src 'self' blob: data: wss: mediastream: https:\/\/*;  report-uri https:\/\/monitor.ebay.com\/csp-report\/discoveryplatformweb\/HomePage?id=2939504940913871808&rid=t6gludlscuzujfwciunrce00%3C%3Dgludlscuzujfwciunrce00%2B%3F710a%3Ac%3F05(rbpv75%3A(1erir-19e2438b21f-0x702#pd","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; object-src 'none'; base-uri 'self';","count":1},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' data: blob: http: https:; script-src * 'unsafe-inline' 'unsafe-eval' data: blob:; style-src * 'unsafe-inline' data: blob:; img-src * data: blob: https: android-webview-video-poster:; frame-src * data: blob: about:; connect-src * data: blob: ws: wss: properties:; font-src * data: blob:; media-src * data: blob:; object-src 'none'; report-uri \/csp-report;","count":1},{"content-security-policy-report-only":" default-src 'self' data: mediastream: blob: filesystem: about: ws: wss: unsafe-eval 'wasm-unsafe-eval' 'unsafe-inline'; script-src 'self' 'nonce-t_uwhYCYtDYFSGB3K_Cw8fUeD0cfiRcPSeCxg1N5_uqoIbpRpEPATA' * data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com * blob:; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com * blob: data:; script-src-elem 'self' * data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; connect-src 'self' data: mediastream: blob: filesystem: about: ws: wss: unsafe-eval 'wasm-unsafe-eval' 'unsafe-inline' *; frame-ancestors * blob: data:; media-src 'self' data: mediastream: blob: filesystem: about: ws: wss: unsafe-eval 'wasm-unsafe-eval' 'unsafe-inline' *; style-src 'self' data: mediastream: blob: filesystem: about: ws: wss: unsafe-eval 'wasm-unsafe-eval' 'unsafe-inline' * 'report-sample'; style-src-elem 'self' data: mediastream: blob: filesystem: about: ws: wss: unsafe-eval 'wasm-unsafe-eval' 'unsafe-inline' * https:\/\/cdntrf.com https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com 'report-sample'; font-src 'self' data: mediastream: blob: filesystem: about: ws: wss: unsafe-eval 'wasm-unsafe-eval' 'unsafe-inline' * https:\/\/fonts.gstatic.com; worker-src 'self' 'nonce-t_uwhYCYtDYFSGB3K_Cw8fUeD0cfiRcPSeCxg1N5_uqoIbpRpEPATA' * data: blob: 'report-sample'; script-src-attr 'self' * data: blob: 'unsafe-inline' 'report-sample'; report-uri https:\/\/www.derpatriot.de\/@http-reporting?csp=report&requestTime=1778728150852397&requestHash=a10185690766d082566634e566757dce45eb1532","count":1},{"content-security-policy-report-only":" default-src 'self';                       script-src 'report-sample' 'self' 'unsafe-eval' https:\/\/googleads.g.doubleclick.net\/pagead\/viewthroughconversion\/823935011\/ https:\/\/js.monitor.azure.com\/scripts\/b\/ai.2.min.js https:\/\/player.vimeo.com\/api\/player.js https:\/\/www.clarity.ms https:\/\/www.googletagmanager.com\/gtm.js;                       script-src-elem 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com\/gtm.js https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/player.vimeo.com\/api\/player.js https:\/\/f.vimeocdn.com https:\/\/googleads.g.doubleclick.net https:\/\/snap.licdn.com https:\/\/www.clarity.ms https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.googletagmanager.com\/gtag\/destination https:\/\/www.gstatic.com\/recaptcha\/releases\/ https:\/\/www.youtube.com\/iframe_api https:\/\/www.youtube.com\/s\/player\/;                       style-src 'report-sample' 'self' 'unsafe-inline';                       object-src 'none';                       base-uri 'self';                       connect-src 'self' https:\/\/eastus-0.in.applicationinsights.azure.com https:\/\/*.clarity.ms https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/px.ads.linkedin.com https:\/\/www.googleadservice.com\/pagead;                       font-src 'self';                       frame-src 'self' https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/ai.appraisalinstitute.org\/ https:\/\/embed.podcasts.apple.com\/ https:\/\/player.vimeo.com\/ https:\/\/www.google.com\/ https:\/\/www.youtube.com\/;                       img-src 'self' data: https:\/\/*.appraisalinstitute.org https:\/\/dummyimage.com https:\/\/placedog.net https:\/\/via.placeholder.com https:\/\/*.clarity.ms https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/appraisalinstitute-org-authoring-2023.azurewebsites.net https:\/\/px.ads.linkedin.com https:\/\/*.bing.com;                       manifest-src 'self';                       media-src 'self';                       worker-src 'none';                       frame-ancestors 'self'  https:\/\/appraisal-org-local-2023.bluemod.me\/ https:\/\/appraisal-cms-local-2023.bluemod.me\/                        https:\/\/appraisal-org-dev-2023.bluemod.us\/ https:\/\/appraisal-cms-dev-2023.bluemod.us\/                       https:\/\/appraisal-org-test-2023.bluemod.us\/ https:\/\/appraisal-cms-test-2023.bluemod.us\/                       https:\/\/appraisalinstitute-org-authoring-2023.azurewebsites.net\/ https:\/\/appraisalinstitute-cms-authoring-2023.azurewebsites.net\/                       https:\/\/www.appraisalinstitute.org\/ https:\/\/appraisalinstitute-cms-prod-2023.azurewebsites.net\/;","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https:\/\/fonts.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com *.googleapis.com maxcdn.bootstrapcdn.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com self www.google.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.certcapture.com https:\/\/maps.google.com\/ www.google.com www.gstatic.com apis.google.com accounts.google.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com landofcoder.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.certcapture.com flagpedia.net *.googleapis.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.certcapture.com *.googleapis.com *.gstatic.com accounts.google.com *.fontawesome.com *.sharethis.com maps.googleapis.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.amazon.com *.link.com landofcoder.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com accounts.google.com maxcdn.bootstrapcdn.com *.stripe.network *.stripecdn.com *.amazon.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.certcapture.com http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com accounts.google.com *.sharethis.com www.gstatic.com maps.googleapis.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com landofcoder.com *.googleapis.com 'self' 'unsafe-inline'; child-src *.certcapture.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' 'nonce-IFDn25ln2EVEO++aljpIDQ==' *.google-analytics.com *.googlesyndication.com *.gstatic.com *.youtube.com *.fontawesome.com *.googletagmanager.com *.trustpilot.com; script-src 'strict-dynamic' 'unsafe-eval' 'nonce-IFDn25ln2EVEO++aljpIDQ==' *.unpkg.com *.addtoany.com *.trustpilot.com https:\/\/www.googletagmanager.com https:\/\/www.googleadservices.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com *.jsdelivr.net *.vimeo.com *.godaddy.com *.cloudflare.com *.google-analytics.com; style-src 'unsafe-inline' 'self' *.jsdelivr.net *.cloudflare.com *.typekit.net https:\/\/tagmanager.google.com https:\/\/fonts.googleapis.com; connect-src 'self' https:\/\/lottie.host\/ *.6sense.com *.pingdom.net *.salesloft.com http:\/\/ib.adnxs.com https:\/\/secure.adnxs.com\/ https:\/\/pagead2.googlesyndication.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.co.uk *.cookiebot.com *.linkedin.com *.6sc.co; frame-src 'self' 'nonce-IFDn25ln2EVEO++aljpIDQ==' *.addtoany.com https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net *.youtube.com *.vimeo.com *.google.com *.cookiebot.com *.trustpilot.com *.doubleclick.net; font-src 'self' 'nonce-IFDn25ln2EVEO++aljpIDQ==' data: *.jsdelivr.net *.cloudflare.com *.typekit.net *.fontawesome.com https:\/\/fonts.gstatic.com; img-src 'self' data: https:\/\/www.quartix.com\/ https:\/\/b.sf-syn.com\/ https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/*.googletagmanager.com https:\/\/ssl.gstatic.com https:\/\/www.gstatic.com *.gravatar.com *.google.co.uk *.6sc.co *.facebook.com *.facebook.net *.linkedin.com *.metricool.com *.cookiebot.com; object-src 'nonce-IFDn25ln2EVEO++aljpIDQ==';","count":1},{"content-security-policy-report-only":" default-src 'self' *.ultramusicfestival.com ultramusicfestival.com umfworldwide.com ultrapassport.com *.ultrapassport.net resistancemusic.com *.resistancemusic.com roadtoultra.com *.roadtoultra.com; font-src 'self' *.ultramusicfestival.com ultramusicfestival.com umfworldwide.com ultrapassport.com *.ultrapassport.net resistancemusic.com *.resistancemusic.com roadtoultra.com *.roadtoultra.com data: *.olark.com fonts.gstatic.com; script-src 'self' *.ultramusicfestival.com ultramusicfestival.com umfworldwide.com ultrapassport.com *.ultrapassport.net resistancemusic.com *.resistancemusic.com roadtoultra.com *.roadtoultra.com 'unsafe-inline' 'unsafe-eval' *.turn.com static.cloudflareinsights.com ajax.cloudflare.com *.youtube.com *.ytimg.com *.datadoghq-browser-agent.com *.getclicky.com clicky.com *.twitter.com *.ads-twitter.com *.facebook.net analytics.tiktok.com www.recaptcha.net recaptcha.net www.gstatic.com www.gstatic.cn www.google.com *.olark.com *.adroll.com *.googletagmanager.com tagmanager.google.com analytics.google.com google-analytics.com *.google-analytics.com *.g.doubleclick.net *.doubleclick.net *.googleadservices.com *.google.com *.googlesyndication.com *.googletagservices.com; style-src 'self' *.ultramusicfestival.com ultramusicfestival.com umfworldwide.com ultrapassport.com *.ultrapassport.net resistancemusic.com *.resistancemusic.com roadtoultra.com *.roadtoultra.com 'unsafe-inline' *.getclicky.com clicky.com *.olark.com *.googletagmanager.com tagmanager.google.com *.google.com fonts.googleapis.com; img-src 'self' *.ultramusicfestival.com ultramusicfestival.com umfworldwide.com ultrapassport.com *.ultrapassport.net resistancemusic.com *.resistancemusic.com roadtoultra.com *.roadtoultra.com 'unsafe-inline' data: *.turn.com secure.gravatar.com *.ytimg.com *.youtube.com *.getclicky.com *.twitter.com t.co *.facebook.com www.gstatic.com\/recaptcha *.olark.com *.adroll.com d.adroll.com *.googletagmanager.com analytics.google.com *.analytics.google.com google-analytics.com *.google-analytics.com *.gstatic.com *.google.com *.doubleclick.net *.g.doubleclick.net *.googlesyndication.com www.googleadservices.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat https:\/\/umfworldwide.com https:\/\/ultrapassport.com https:\/\/umfstage.com https:\/\/london.resistancemusic.com https:\/\/poland.resistancemusic.com https:\/\/resistanceibiza.com https:\/\/ultraeurope.com https:\/\/ultrasouthafrica.com https:\/\/ultrabuenosaires.com https:\/\/ultranewzealand.com https:\/\/ultraperu.com https:\/\/ultraaustralia.com https:\/\/resistancemiami.com https:\/\/ultramusicfestival.com https:\/\/medellin.resistancemusic.com https:\/\/santiago.resistancemusic.com https:\/\/lima.resistancemusic.com https:\/\/ultrataiwan.com https:\/\/guatemala.roadtoultra.com https:\/\/ecuador.roadtoultra.com https:\/\/ultrajapan.com https:\/\/ultrahongkong.com https:\/\/ultrakorea.com https:\/\/resistancemusic.com https:\/\/ultrabali.com https:\/\/ultrachile.com https:\/\/thailand.roadtoultra.com https:\/\/india.roadtoultra.com https:\/\/ultraabudhabi.com https:\/\/costadelsol.ultrabeach.com https:\/\/costarica.roadtoultra.com https:\/\/ultrabrasil.com https:\/\/buenosaires.resistancemusic.com https:\/\/guatemala.resistancemusic.com https:\/\/colombia.roadtoultra.com https:\/\/australia.resistancemusic.com https:\/\/mexico.resistancemusic.com https:\/\/santacruz.resistancemusic.com https:\/\/panama.resistancemusic.com https:\/\/sanjose.resistancemusic.com https:\/\/uruguay.resistancemusic.com https:\/\/ultrasingapore.com https:\/\/ultramexico.com https:\/\/quito.resistancemusic.com https:\/\/ultrabeijing.com https:\/\/ultrashanghai.com https:\/\/philippines.roadtoultra.com https:\/\/paraguay.roadtoultra.com https:\/\/roadtoultra.com https:\/\/bolivia.roadtoultra.com https:\/\/*.umfworldwide.com https:\/\/*.ultrapassport.com https:\/\/*.umfstage.com https:\/\/*.london.resistancemusic.com https:\/\/*.poland.resistancemusic.com https:\/\/*.resistanceibiza.com https:\/\/*.ultraeurope.com https:\/\/*.ultrasouthafrica.com https:\/\/*.ultrabuenosaires.com https:\/\/*.ultranewzealand.com https:\/\/*.ultraperu.com https:\/\/*.ultraaustralia.com https:\/\/*.resistancemiami.com https:\/\/*.ultramusicfestival.com https:\/\/*.medellin.resistancemusic.com https:\/\/*.santiago.resistancemusic.com https:\/\/*.lima.resistancemusic.com https:\/\/*.ultrataiwan.com https:\/\/*.guatemala.roadtoultra.com https:\/\/*.ecuador.roadtoultra.com https:\/\/*.ultrajapan.com https:\/\/*.ultrahongkong.com https:\/\/*.ultrakorea.com https:\/\/*.resistancemusic.com https:\/\/*.ultrabali.com https:\/\/*.ultrachile.com https:\/\/*.thailand.roadtoultra.com https:\/\/*.india.roadtoultra.com https:\/\/*.ultraabudhabi.com https:\/\/*.costadelsol.ultrabeach.com https:\/\/*.costarica.roadtoultra.com https:\/\/*.ultrabrasil.com https:\/\/*.buenosaires.resistancemusic.com https:\/\/*.guatemala.resistancemusic.com https:\/\/*.colombia.roadtoultra.com https:\/\/*.australia.resistancemusic.com https:\/\/*.mexico.resistancemusic.com https:\/\/*.santacruz.resistancemusic.com https:\/\/*.panama.resistancemusic.com https:\/\/*.sanjose.resistancemusic.com https:\/\/*.uruguay.resistancemusic.com https:\/\/*.ultrasingapore.com https:\/\/*.ultramexico.com https:\/\/*.quito.resistancemusic.com https:\/\/*.ultrabeijing.com https:\/\/*.ultrashanghai.com https:\/\/*.philippines.roadtoultra.com https:\/\/*.paraguay.roadtoultra.com https:\/\/*.roadtoultra.com https:\/\/*.bolivia.roadtoultra.com; media-src 'self' *.ultramusicfestival.com ultramusicfestival.com umfworldwide.com ultrapassport.com *.ultrapassport.net resistancemusic.com *.resistancemusic.com roadtoultra.com *.roadtoultra.com *.olark.com; connect-src 'self' *.ultramusicfestival.com ultramusicfestival.com umfworldwide.com ultrapassport.com *.ultrapassport.net resistancemusic.com *.resistancemusic.com roadtoultra.com *.roadtoultra.com cloudflareinsights.com *.datadoghq.com *.browser-intake-datadoghq.com *.getclicky.com *.facebook.com analytics.tiktok.com analytics.pangle-ads.com *.olark.com *.googletagmanager.com *.google-analytics.com analytics.google.com *.analytics.google.com *.g.doubleclick.net *.doubleclick.net *.google.com *.googlesyndication.com www.googletagservices.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; frame-src 'self' *.ultramusicfestival.com ultramusicfestival.com umfworldwide.com ultrapassport.com *.ultrapassport.net resistancemusic.com *.resistancemusic.com roadtoultra.com *.roadtoultra.com *.zohopublic.com *.apple.com open.spotify.com *.soundcloud.com *.youtube.com *.youtube-nocookie.com www.facebook.com *.recaptcha.net recaptcha.net www.google.com recaptcha.google.com *.olark.com *.googletagmanager.com bid.g.doubleclick.net *.google.com *.doubleclick.net *.googlesyndication.com; child-src *.youtube.com *.youtube-nocookie.com *.googletagmanager.com; worker-src www.recaptcha.net; object-src *.googlesyndication.com; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub7c55919a7d54d6386d0f0b19bc82e82f&dd-evp-origin=content-security-policy&ddsource=csp-report;","count":1},{"content-security-policy-report-only":" base-uri 'self' www.google-analytics.com;connect-src 'self';default-src 'self';form-action 'self' murze.be murze.be.test sendy.murze.be platform.twitter.com syndication.twitter.com;img-src 'self' * 'unsafe-inline' data:;media-src 'self';object-src 'none';script-src 'self' 'nonce-nS1DADiilXjgVzvTACIFVDOG1It6Z8Iu' murze.be murze.be.test www.google.com www.gstatic.com cdn.jsdelivr.net avd.innity.net unpkg.com cdnjs.cloudflare.com *.googlesyndication.com 'unsafe-eval' *.bootstrapcdn.com srv.carbonads.net script.carbonads.com cdn.carbonads.com fonts.googleapis.com *.google-analytics.com www.google-analytics.com *.googletagmanager.com platform.twitter.com *.twimg.com;style-src 'self' 'nonce-nS1DADiilXjgVzvTACIFVDOG1It6Z8Iu' murze.be murze.be.test 'unsafe-inline' www.google.com www.gstatic.com cdn.jsdelivr.net use.fontawesome.com cdnjs.cloudflare.com avd.innity.net *.googlesyndication.com *.bootstrapcdn.com fonts.googleapis.com platform.twitter.com;font-src * 'unsafe-inline' *.bootstrapcdn.com fonts.gstatic.com;frame-src platform.twitter.com syndication.twitter.com *.youtube.com www.google.com www.gstatic.com googleads.g.doubleclick.net *.googlesyndication.com","count":1},{"content-security-policy-report-only":" font-src *.googleapis.com *.gstatic.com 'self' data: https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com fonts.gstatic.com *.directplant.nl *.googleusercontent.com data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; form-action www.routexl.com *.facebook.com *.directplant.nl 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.paypal.com *.trustpilot.com *.newrelic.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.aiden.cx *.bing.com *.cookiebot.com *.facebook.com *.google.com google.com *.googlesyndication.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.googleapis.com *.gstatic.com https:\/\/portal.payconiq.com https:\/\/static.buckaroo.nl https:\/\/www.paypalobjects.com bat.bing.com https:\/\/redchamps.com *.hsforms.net *.hsforms.com 'self' data: https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com *.baidu.com *.cookiebot.com directplant.nl *.directplant.nl *.facebook.net *.ggpht.com www.google.ad www.google.ae www.google.al www.google.am www.google.at www.google.az www.google.ba www.google.be www.google.bg www.google.bi www.google.bj www.google.bs www.google.by www.google.ca www.google.cg www.google.ch www.google.ci www.google.cl www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ma www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.gh www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.ph www.google.com.pk www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sg www.google.com.sv www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vn www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.uk www.google.co.uz www.google.co.za www.google.co.zm www.google.cv www.google.cz www.google.de www.google.dk www.google.dz www.google.ee www.google.es www.google.fi www.google.fr www.google.ge www.google.gl www.google.gm www.google.gr www.google.hn www.google.hr www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mk www.google.mu www.google.mv www.google.nl www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.ru www.google.se www.google.si www.google.sk www.google.sn www.google.sr www.google.td www.google.tn google.com *.googlesyndication.com *.googleusercontent.com data: 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.googleapis.com *.gstatic.com https:\/\/static.buckaroo.nl https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/buckaroo.nl https:\/\/www.paypal.com bat.bing.com api.ipify.org *.trustpilot.com *.hsforms.net *.hsforms.com *.google.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net *.aiden.cx *.cookiebot.com *.directplant.nl *.google-analytics.com *.googlesyndication.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src *.adobe.com fonts.googleapis.com https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl *.googleapis.com *.gstatic.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com *.trustpilot.com *.tagmanager.google.com *.googletagmanager.com *.directplant.nl 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.googleapis.com wss:\/\/websocketservice-externalapi.prod.buckaroo.io https:\/\/static.buckaroo.nl wss:\/\/websockets.buckaroo.io\/ https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/applepay.buckaroo.io https:\/\/www.paypal.com bat.bing.com www.feedbackcompany.com www.routexl.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com *.trustedshops.com *.etrusted.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app *.aiden.cx *.cookiebot.com *.directplant.nl *.facebook.com www.google.al www.google.at www.google.be www.google.bg www.google.ca www.google.ch www.google.cl www.google.co.cr www.google.co.in www.google.co.jp www.google.co.ma www.google.com.au www.google.com.br www.google.com.eg www.google.com.lb www.google.com.mt www.google.com.om www.google.com.ph www.google.com.pk www.google.com.py www.google.com.sa www.google.com.tr www.google.com.tw www.google.com.ua www.google.co.nz www.google.co.th www.google.co.uk www.google.co.uz www.google.co.za www.google.cz www.google.de www.google.dk www.google.ee www.google.es www.google.fi www.google.fr www.google.ge www.google.gm www.google.gr www.google.hr www.google.hu www.google.ie www.google.im www.google.it www.google.je www.google.la www.google.lt www.google.lu www.google.lv www.google.md www.google.nl www.google.no www.google.pl www.google.pt www.google.ro www.google.rs www.google.se www.google.si www.google.sk www.google.sr *.google.com google.com *.googlesyndication.com *.trustpilot.com 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.clarity.ms 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; report-uri https:\/\/159deafb-d168-41e7-a7b8-8d8b5d09888c.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.google.com\/ https:\/\/cse.google.com\/ https:\/\/www.eventbrite.com\/ https:\/\/apply.ciis.edu https:\/\/apply-ciis-edu.cdn.technolutions.net\/ https:\/\/slate-technolutions-net.cdn.technolutions.net\/ https:\/\/fw.cdn.technolutions.net\/ https:\/\/bbox.blackbaudhosting.com\/ https:\/\/mx.technolutions.net\/ https:\/\/player.vimeo.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/payments.blackbaud.com\/ https:\/\/www.gstatic.com\/ apply.ciis.edu https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:\/\/www.google.com\/ https:\/\/cse.google.com\/ https:\/\/www.eventbrite.com\/ https:\/\/apply.ciis.edu https:\/\/apply-ciis-edu.cdn.technolutions.net\/ https:\/\/slate-technolutions-net.cdn.technolutions.net\/ https:\/\/fw.cdn.technolutions.net\/ https:\/\/bbox.blackbaudhosting.com\/ https:\/\/mx.technolutions.net\/ https:\/\/player.vimeo.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/payments.blackbaud.com\/ https:\/\/www.gstatic.com\/ apply.ciis.edu https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src 'self' 'unsafe-inline' https:\/\/use.typekit.net\/ https:\/\/p.typekit.net\/ https:\/\/www.google.com\/ https:\/\/www.eventbrite.com\/ https:\/\/apply.ciis.edu https:\/\/apply-ciis-edu.cdn.technolutions.net\/ https:\/\/slate-technolutions-net.cdn.technolutions.net\/ https:\/\/fw.cdn.technolutions.net\/ https:\/\/bbox.blackbaudhosting.com\/ https:\/\/mx.technolutions.net\/ https:\/\/player.vimeo.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/payments.blackbaud.com\/ https:\/\/www.gstatic.com\/ cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/use.typekit.net; style-src-attr 'self' 'unsafe-inline'; frame-ancestors 'self' https:\/\/www.eventbrite.com\/ https:\/\/apply.ciis.edu https:\/\/apply-ciis-edu.cdn.technolutions.net\/ https:\/\/slate-technolutions-net.cdn.technolutions.net\/ https:\/\/fw.cdn.technolutions.net\/ https:\/\/bbox.blackbaudhosting.com\/ https:\/\/mx.technolutions.net\/ https:\/\/player.vimeo.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/payments.blackbaud.com\/ https:\/\/www.gstatic.com\/","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/t.contentsquare.net https:\/\/cdn.heapanalytics.com https:\/\/js.hs-scripts.com https:\/\/js.hs-analytics.net https:\/\/js.hsforms.net https:\/\/js.hscollectedforms.net https:\/\/js.hsadspixel.net; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:\/\/*.furniture.com https:\/\/*.fc-stage.com https:\/\/*.fdc-qa.com https:\/\/*.fdc-dev.com https:\/\/res.cloudinary.com https:\/\/assets.rtg-dev.com https:\/\/assets.rtg-prod.com https:\/\/www.googletagmanager.com; font-src 'self' data:; connect-src 'self' https:\/\/*.furniture.com https:\/\/*.fc-stage.com https:\/\/*.fdc-qa.com https:\/\/*.fdc-dev.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/*.heapanalytics.com https:\/\/*.contentsquare.net https:\/\/*.hubspot.com https:\/\/*.hsforms.com https:\/\/*.launchdarkly.com; frame-src 'self' https:\/\/www.google.com https:\/\/www.gstatic.com; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/*.hsforms.com; report-uri https:\/\/web-core-api.furniture.com\/csp-report","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src https:\/\/* 'self' epichttp:;script-src 'nonce-95c327a437c443ba83cb5bd22fce0fc8' https:\/\/epic-mychartprod.coh.org 'self';img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp:;style-src https:\/\/epic-mychartprod.coh.org 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" base-uri 'none'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http: 'nonce-u\/4RalJ88wq3dP+MfMN1mQ=='","count":1},{"content-security-policy-report-only":" default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn-web.zinio.com https:\/\/js-agent.newrelic.com https:\/\/*.nr-data.net https:\/\/www.googleadservices.com https:\/\/www.google.com https:\/\/googleads.g.doubleclick.net https:\/\/pagead2.googlesyndication.com https:\/\/*.paypal.com https:\/\/www.paypalobjects.com https:\/\/*.braintreegateway.com https:\/\/*.cardinalcommerce.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/d1fc8wv8zag5ca.cloudfront.net\/2.10.2\/sp.js https:\/\/cdn.jsdelivr.net https:\/\/recaptcha.net https:\/\/www.gstatic.com https:\/\/sleeknotecustomerscripts.sleeknote.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/apis.google.com https:\/\/accounts.google.com\/gsi\/client https:\/\/*.kaptcha.com;style-src 'self' 'unsafe-inline' https:\/\/*.audiencemedia.com data: https:\/\/use.fontawesome.com https:\/\/accounts.google.com\/gsi\/style;img-src 'self' data: blob: https:\/\/*.ziniopro.com https:\/\/*.audiencemedia.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/google.com https:\/\/*.paypal.com https:\/\/*.braintreegateway.com https:\/\/discover.zinio.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/analytics.sleeknote.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/www.googletagmanager.com https:\/\/*.kaptcha.com;media-src 'self';connect-src 'self' webpack: https:\/\/*.audiencemedia.com https:\/\/*.ziniopro.com https:\/\/*.nr-data.net https:\/\/googleads.g.doubleclick.net https:\/\/adservice.google.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googleadservices.com https:\/\/google.com https:\/\/cdn.jsdelivr.net https:\/\/*.braintree-api.com https:\/\/*.braintreegateway.com https:\/\/*.cardinalcommerce.com https:\/\/www.paypal.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/analytics.google.com https:\/\/www.google.com https:\/\/*.googletagmanager.com https:\/\/collector.datacloud.zinio.com https:\/\/cdnjs.cloudflare.com https:\/\/analytics.sleeknote.com https:\/\/fonts.googleapis.com https:\/\/images.sleeknote.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/sleeknotecustomerscripts.sleeknote.com https:\/\/sdk.iad-07.braze.com https:\/\/use.fontawesome.com https:\/\/accounts.google.com\/gsi\/ https:\/\/*.kaptcha.com collector.datacloud.zinio.com;font-src 'self' https:\/\/*.audiencemedia.com https:\/\/fonts.gstatic.com https:\/\/sleeknotestaticcontent.sleeknote.com https:\/\/use.fontawesome.com;frame-src 'self' https:\/\/td.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/*.paypal.com https:\/\/*.braintreegateway.com https:\/\/recaptcha.net https:\/\/*.sleeknote.com https:\/\/accounts.google.com\/gsi\/;frame-ancestors 'none';child-src 'self' https:\/\/*.kaptcha.com;base-uri 'self';form-action 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net https:\/\/cdnjs.cloudflare.com applepay.cdn-apple.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com api.payplug.com secure.payplug.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/www.google.fr https:\/\/api.mapbox.com *.tile.openstreetmap.org https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com assets.adobedtm.com *.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com https:\/\/rum.hlx.page cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com api.payplug.com applepay.cdn-apple.com https:\/\/cdn.payplug.com\/js\/integrated-payment\/ *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com cdn.jsdelivr.net https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.magento-datasolutions.com *.magento-ds.com *.getalma.eu https:\/\/nominatim.openstreetmap.org *.google-analytics.com *.analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' https:\/\/fonts.googleapis.com cdn.jsdelivr.net https:\/\/api.mapbox.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/unpkg.com unpkg.com; script-src-attr 'self'; script-src-elem 'self' cdn.jsdelivr.net https:\/\/api.mapbox.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/unpkg.com unpkg.com; style-src 'self' https:\/\/api.mapbox.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src-attr 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ;","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src 'self'; img-src 'self'; script-src self https:\/\/www.google.com https:\/\/www.gstatic.com; style-src 'self';frame-src self https:\/\/www.google.com https:\/\/www.gstatic.com;frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https:\/\/cdn.cookielaw.org https:\/\/www.bnpparibas.de https:\/\/brasil.bnpparibas; script-src 'self' 'unsafe-eval' https:\/\/fast.wistia.com https:\/\/beacon-v2 https:\/\/analyticsgroupcom.bnpparibas.com https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas ajax.googleapis.com www.googletagmanager.com googletagmanager.com tagmanager.google.com 'sha256-F+QMJISS2IIkRUd2a+c+u1owMqMSoidCaHFDAmzUgOo=' 'sha256-iqOPaRlwwgtNy7J3vh\/+LSW9\/QVdN+Fl+YfMS8+GcPo=' 'sha256-yZHeusBmoqYSsqdm5ylf993dfqVyosFaYa5gueKZDsA=' 'sha256-rjfSUjIA2A20p4lATAefLLG7Fy7VJssnkJ+SnJ2TXNo=' 'sha256-tYfO42nmjgLnGFpnKZhoGOgw7wYzBfiiMQiHjx6Nrb8=' 'sha256-RWn1w3BKiDlDNbD6vM1kYLpeWCwwWPkob0LMWJ2gKJk=' 'sha256-JtSI\/Gur2Dxx3QCZ5WY3e+TwRVt2vHx41UymW1wXr7A=' 'sha256-fPXetwWx4258jL256OrNtQQyvFVR4\/BotkeZKtfk54Q=' 'sha256-yElBEKucE35qwHf8qWcAvqD25zOJ7TqTptcHyzGhOxw=' 'sha256-n1mhU8dmPJrwvRiPgHP\/YQB7tK6Kx4rupnPq6FBFios=' 'sha256-qcT\/R0HkWUs2DMxvtvcMobUms6Z5\/fPtfgUe2hN67gE='; style-src 'self' 'unsafe-inline' data: https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas fonts.googleapis.com www.googletagmanager.com tagmanager.google.com; img-src 'self' data: https:\/\/s.w.org https:\/\/wp-rocket.me https:\/\/c.tile.openstreetmap.org https:\/\/a.tile.openstreetmap.org https:\/\/b.tile.openstreetmap.org blob: https:\/\/www.google.com\/pagead\/landing https:\/\/ade.googlesyndication.com https:\/\/pagead2.googlesyndication.com https:\/\/ad.doubleclick.net https:\/\/contrib.territories.bnpparibas https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas secure.gravatar.com www.gravatar.com i.ytimg.com data: www.googletagmanager.com; connect-src 'self' https:\/\/bnp-privacy.my.onetrust.com https:\/\/geolocation.onetrust.com\/cookieconsentpub\/v1\/geo\/location https:\/\/yoast.com https:\/\/cdn.cookielaw.org https:\/\/o173685.ingest.sentry.io https:\/\/analyticsgroupcom.bnpparibas.com https:\/\/contrib.territories.bnpparibas https:\/\/www.google.com\/pagead\/landing https:\/\/pagead2.googlesyndication.com https:\/\/adservice.google.com https:\/\/sourcemap.devowl.io https:\/\/sourcemap.devowl.io\/real-media-library\/4.22.47\/adb9a2f4ef22d5d85978840bd322bf76\/index.js.map www.googletagmanager.com; font-src 'self' data: https:\/\/fonts.gstatic.com https:\/\/fast.wistia.com https:\/\/github.com\/google\/fonts https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas fonts.gstatic.com fonts.googleapis.com data:; media-src 'self' https:\/\/asset.mediahub.bnpparibas https:\/\/upload.wikimedia.org https:\/\/broadcast.mediahub.bnpparibas data: https:\/\/mediahub.group.echonet https:\/\/my.mediahub.bnpparibas https:\/\/my.mediahub.bnpparibas\/AssetLink\/1cwfu8n4ki414p6d240ff18r41ver00j.mp4 https:\/\/cdn-group.bnpparibas.com https:\/\/cdn.cookielaw.org https:\/\/cdn.territories.bnpparibas; frame-src 'self' https:\/\/www.youtube.com https:\/\/wp-rocket.me https:\/\/open.spotify.com https:\/\/www.youtube-nocookie.com https:\/\/centric.bnpparibas.com https:\/\/13179764.fls.doubleclick.net https:\/\/td.doubleclick.net https:\/\/gateway.zscalertwo.net https:\/\/remove.video https:\/\/mozbar.moz.com blob: https:\/\/fxplus.bnpparibas.com www.youtube.com www.googletagmanager.com; child-src 'self' www.youtube.com www.googletagmanager.com; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-p2EPzXoOUPTVPOuupPO7lw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com api.meritpages.com mx.technolutions.net admissions.canisius.edu script.hotjar.com static.hotjar.com www.youvisit.com www.redditstatic.com www.youtube.com pt.wisernotify.com s.adroll.com d.adroll.com tr.snapchat.com lex.33across.com mongoose.botpress.cloud *.vimeo.com vimeo.com googleads.g.doubleclick.net connect.facebook.net cdn.jsdelivr.net start.canisiusinfo.org cbe.capturehighered.net analytics.tiktok.com bat.bing.com collector-48138.us.tvsquared.com fw.cdn.technolutions.net slate-technolutions-net.cdn.technolutions.net stcadencechatprodassets.blob.core.windows.net adp.eab.com cdn.howuku.com client.radiusbycampusmgmtchat.com js.adsrvr.org sc-static.net secure.adnxs.com snap.licdn.com tags.srv.stackadapt.com admissions-canisius-edu.cdn.technolutions.net; style-src 'self' fonts.googleapis.com 'unsafe-inline' cdn.jsdelivr.net pt.wisernotify.com mongoose.botpress.cloud s3.amazonaws.com\/assets-meritpages-com\/ slate-technolutions-net.cdn.technolutions.net\/register\/ fw.cdn.technolutions.net\/framework\/base_safe.css stcadencechatprodassets.blob.core.windows.net ; img-src 'self' *.facebook.com facebook.com data: bat.bing.com px.ads.linkedin.com tags.srv.stackadapt.com collector-48138.us.tvsquared.com *.google-analytics.com google-analytics.com *.d.adroll.com d.adroll.com trck.youvisit.com *.google.com google.com googleads.g.doubleclick.net start.canisiusinfo.org i.vimeocdn.com *.canisius.edu canisius.edu cdn.jsdelivr.net mmedia.capturehighered.net meritpages.com tr.snapchat.com *.googletagmanager.com googletagmanager.com pixel.locker2.com tags.w55c.net connect.facebook.net stcadencechatprodassets.blob.core.windows.net alb.reddit.com i.ytimg.com blob: s3.amazonaws.com ad.doubleclick.net bat.bing.net; frame-src 'self' *.vimeo.com vimeo.com api.meritpages.com canisius.aidcalculator.com docs.google.com outlook.office365.com facebook.com googletagmanager.com youtube.com *.youtube.com tr.snapchat.com 10259437.fls.doubleclick.net *.youvisit.com *.adsrvr.org mongoose.botpress.cloud w.soundcloud.com www.tours.vividmediany.com scribehow.com *.facebook.com facebook.com; frame-ancestors 'none'; font-src 'self' fonts.gstatic.com data:; connect-src 'self' *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.google.com google.com vc.hotjar.io ws.hotjar.com *.facebook.com facebook.com stats.g.doubleclick.net tr.snapchat.com tr6.snapchat.com px.ads.linkedin.com ts-wn-log-bmggb9bcacbsd6df.westus-01.azurewebsites.net start.canisiusinfo.org ns.wisermapp.com mongoose.botpress.cloud metrics.hotjar.io mx.technolutions.net d.adroll.com cbe.capturehighered.net cdn-graphql.youvisit.com content.hotjar.io bat.bing.com bat.bing.net ad.doubleclick.net dmissions-canisius-edu.cdn.technolutions.net analytics.tiktok.com insight.adsrvr.org pixel-config.reddit.com pro.ip-api.com stats.g.doubleclick.net analytics.tiktok.com; report-uri \/report-csp-violation","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.klarnacdn.net *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/geowidget.easypack24.net *.easypack24.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.klarna.com secure.payu.com merch-prod.snd.payu.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/geowidget-app.inpost.pl\/ https:\/\/lilou-configurator.netlify.app exchange.mediavine.com ams.creativecdn.com tags.creativecdn.com *.criteo.com *.criteo.net facebook.com 'unsafe-inline' data: 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com *.klarna.com *.klarnaevt.com *.klarnacdn.net static.payu.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org *.hsforms.net *.hsforms.com *.cdninstagram.com *.google.pl google.com google.pl *.criteo.com *.criteo.net https: data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com *.klarna.com *.klarnacdn.net x.klarnacdn.net secure.payu.com secure.snd.payu.com *.klarnaservices.com https:\/\/d3bo67muzbfgtl.cloudfront.net https:\/\/sentry.lilou.pl *.avada.io *.shopify.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org *.hsforms.net *.hsforms.com *.sentry-cdn.com exchange.mediavine.com unpkg.com *.mapbox.com furgonetka.pl *.hotjar.com *.criteo.com *.criteo.net *.cloudflareinsights.com *.wp.pl *.clickonometrics.pl bat.bing.com tags.creativecdn.com ams.creativecdn.com lib.onet.pl sgqcvfjvr.onet.pl events.onet.pl events.ocdn.eu clarity.ms *.clarity.ms 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com cdngazeta.pl 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com *.klarnacdn.net *.fontawesome.com https:\/\/d3bo67muzbfgtl.cloudfront.net https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com assets.braintreegateway.com https:\/\/geowidget.easypack24.net https:\/\/geowidget.inpost.pl *.easypack24.net *.openstreetmap.org lilouparis.test lilou.test *.lilouparis.com *.lilou.pl 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com https:\/\/geowidget.easypack24.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net secure.payu.com merch-prod.snd.payu.com *.klarnaservices.com *.klarna.com https:\/\/api.edrone.me https:\/\/sentry.lilou.pl https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.easypack24.net *.inpost.pl *.openstreetmap.org t.elasticsuite.io *.hsforms.net *.hsforms.com *.sentry-cdn.com *.wp.pl exchange.mediavine.com bat.bing.com bat.bing.net ams.creativecdn.com tags.creativecdn.com measurement-api.criteo.com api-s.edrone.me events.ocdn.eu *.googleadservices.com *.google.pl *.googletagmanager.com health.ems.onet.pl content.hotjar.io hotjar.com wss:\/\/ws.hotjar.com *.onet.pl analytics-ipv6.tiktokw.us *.gazeta.pl clk.leadexpert.pl 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com bat.bing.com google.com exchange.mediavine.com www.googletagmanager.com tags.creativecdn.com ams.creativecdn.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com https:\/\/static.klaviyo.com *.klaviyo.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.demdex.net www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.google.com *.doubleclick.net *.facebook.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * js.stripe.com *.hotjar.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.ftcdn.net *.behance.net 'self' data: *.google.com *.google.bg www.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com bat.bing.com *.google.co.uk *.googleadservices.com *.google-analytics.com *.magentocommerce.com *.widgets.magentocommerce.com *.paypalobjects.com *.postcodeanywhere.co.uk www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.magento-datasolutions.com *.magento-ds.com https:\/\/rum.hlx.page *.google.com *.google.bg *.googletagmanager.com connect.facebook.net *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com js-agent.newrelic.com bam.nr-data.net *.pcapredict.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com https:\/\/static.klaviyo.com unsafe-inline assets.braintreegateway.com services.postcodeanywhere.co.uk *.typekit.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.magento-datasolutions.com *.magento-ds.com *.google-analytics.com *.facebook.com *.facebook.net *.google.co.uk https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.googlesyndication.com *.doubleclick.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src *.klevu.com *.ksearchnet.com *.fontawesome.com *.typekit.net https:\/\/widgets.trustedshops.com integrations.etrusted.com *.cloudflare.com *.twitter.com *.gstatic.com *.twimg.com *.trustedshops.com *.googleapis.com maxcdn.bootstrapcdn.com 'self' data: *.yotpo.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/seo.mageplaza.com www.facebook.com *.copernica.com *.twitter.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com player.vimeo.com https:\/\/www.paypal.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com https:\/\/*.dpdconnect.nl *.dpdconnect.nl service2.loyaltyinabox.com *.pinterest.com www.facebook.com www.youtube.com view.publitas.com www.google.com www.google.nl www.google.de *.google.com maps.google.com chat.babypark.nl *.doubleclick.net td.doubleclick.net googleads.g.doubleclick.net widget.trustpilot.com *.cookiebot.com *.cookiebot.eu chatwidget-prod.web.app www.googletagmanager.com sst.babypark.nl sst.babypark.de sst.babydeals.be sst.baby-dump.nl folders.baby-dump.nl *.twitter.com platform.twitter.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net data: www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com https:\/\/portal.payconiq.com https:\/\/static.buckaroo.nl https:\/\/www.paypalobjects.com *.klevu.com *.ksearchnet.com www.babypark.nl www.babypark.de www.babydeals.be dehoevebuitenleven.nl m2.babypark.mavendev.com m2.babypark-de.mavendev.com www.ikenik.nl m2.ikenik.mavendev.com m2.babydump.mavendev.com m2.babydump-de.mavendev.com www.google.com www.google.nl www.google.de www.google.com.ua www.facebook.com ct.pinterest.com www.googletagmanager.com www.zenaps.com www.awin1.com static.zdassets.com *.bing.com *.bing.net www.thuiswinkel.org i.ytimg.com img.youtube.com blob: lantern.roeye.com *.clarity.ms *.cookiebot.com *.cookiebot.eu integrations.etrusted.com stats.g.doubleclick.net sst.babypark.nl sst.babypark.de sst.babydeals.be sst.baby-dump.nl *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.google.com *.paypal.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu pinterest.com assets.pinterest.com syndication.twitter.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com maps.gstatic.com https:\/\/widgets.trustedshops.com *.yotpo.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com www.youtube.com https:\/\/static.buckaroo.nl https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/buckaroo.nl https:\/\/www.paypal.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co api.comapi.com webchat.dotdigital.com https:\/\/*.dpdconnect.nl js.klevu.com *.ksearchnet.com *.avada.io www.googletagmanager.com checkout.buckaroo.nl *.clarity.ms lantern.roeyecdn.com widgets.trustedshops.com web-sdk.smartlook.com www.dwin1.com s.pinimg.com connect.facebook.net static.buckaroo.nl view.publitas.com api.360productviewer.com googleads.g.doubleclick.net bat.bing.com bat.bing.net static.zdassets.com js-agent.newrelic.com *.livechatinc.com bam.eu01.nr-data.net chat.babypark.nl widget.trustpilot.com *.pinterest.com *.hotjar.com *.hotjar.io *.cookiebot.com *.cookiebot.eu integrations.etrusted.com chatwidget-prod.web.app *.cloudflare.com *.google.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com twitter.com platform.twitter.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com maps.googleapis.com https:\/\/widgets.trustedshops.com *.yotpo.com sst.babypark.nl https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl cdn.dnky.co webchat.dotdigital.com *.klevu.com *.ksearchnet.com *.fontawesome.com *.typekit.net checkout.buckaroo.nl integrations.etrusted.com chatwidget-css.web.app *.cloudflare.com *.googleapis.com *.google.com *.twitter.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu maxcdn.bootstrapcdn.com unsafe-inline https:\/\/widgets.trustedshops.com *.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src static.zdassets.com integrations.etrusted.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com wss:\/\/websocketservice-externalapi.prod.buckaroo.io https:\/\/static.buckaroo.nl wss:\/\/websockets.buckaroo.io\/ https:\/\/checkout.buckaroo.nl https:\/\/testcheckout.buckaroo.nl https:\/\/applepay.buckaroo.io *.paypal.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.comapi.com webchat.dotdigital.com *.klevu.com *.ksearchnet.com *.clarity.ms *.pinterest.com *.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net manager.eu.smartlook.cloud ekr.zdassets.com wss:\/\/widget-mediator.zopim.com api.360productviewer.com www.facebook.com livechat.fabulor.eu bam.eu01.nr-data.net region1.analytics.google.com *.google.com *.hotjar.com *.hotjar.io analytics.google.com bat.bing.com bat.bing.net *.cookiebot.com *.cookiebot.eu *.copernica.com integrations.etrusted.com api.ipify.org *.cloudflare.com *.twitter.com *.twimg.com www.paypal.com www.sandbox.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.google-analytics.com *.trustedshops.com *.etrusted.com *.yotpo.com sst.babypark.nl https: 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.google.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/report-uri.com\/r\/d\/csp\/reportOnly; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" font-src https:\/\/www.googletagmanager.com *.googleapis.com *.gstatic.com fonts.gstatic.com *.nagich.co.il *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.bolt.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.bolt.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * gateway20.pelecard.biz 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'unsafe-inline' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.gstatic.com *.google.com *.facebook.com *.googleapis.com  *.cloudfront.net paypal.com paypalobjects.com *.paypal.com s.ytimg.com  *.ssl-images-amazon.com  *.ssl-images-amazon.co.uk  *.ssl-images-amazon.jp  *.ssl-images-amazon.co.jp  *.ssl-images-amazon.it  *.ssl-images-amazon.fr  *.ssl-images-amazon.es  *.media-amazon.com  *.media-amazon.co.uk  *.media-amazon.co.jp  *.media-amazon.jp  *.media-amazon.it  *.media-amazon.fr  *.media-amazon.es *.nagich.co.il www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com gateway20.pelecard.biz data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com youtube.com *.bolt.com *.commerce-quick-checkout.com http:\/\/localhost:8082 https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ tagmanager.google.com https:\/\/www.googletagmanager.com *.googleapis.com  *.cloudfront.net paypal.com paypalobjects.com widgets.magentocommerce.com *.paypal.com fpdbs.sandbox.paypal.com  *.ssl-images-amazon.com  *.ssl-images-amazon.co.uk  *.ssl-images-amazon.jp  *.ssl-images-amazon.co.jp  *.ssl-images-amazon.it  *.ssl-images-amazon.fr  *.ssl-images-amazon.es  *.media-amazon.com  *.media-amazon.co.uk  *.media-amazon.co.jp  *.media-amazon.jp  *.media-amazon.it  *.media-amazon.fr  *.media-amazon.es *.gstatic.com jquery.sellxed.com *.vimeo.com video.google.com js.braintreegateway.com *.nagich.co.il *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es www.google.com 'unsafe-eval' data: connect.facebook.net *.doubleclick.net system.user-a.co.il assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com gateway20.pelecard.biz 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/www.googletagmanager.com tagmanager.google.com *.googleapis.com fonts.googleapis.com\/ *.nagich.co.il *.fontawesome.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bolt.com https:\/\/www.google-analytics.com *.doubleclick.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-zWHpcNA1uilwkzEwYJDv3A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'self' cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/unpkg.com https:\/\/www.recaptcha.net unpkg.com; style-src 'self' cdnjs.cloudflare.com fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com unpkg.com; worker-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" font-src maxcdn.bootstrapcdn.com fonts.gstatic.com fonts.bunny.net cdn.jsdelivr.net cdnjs.cloudflare.com https:\/\/widgets.trustedshops.com *.yotpo.com *.googleapis.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/plumrocket.com www.facebook.com interface.mailcampaigns.nl *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https:\/\/pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ js.mollie.com *.multisafepay.com https:\/\/pay.google.com https:\/\/plumrocket.com www.googletagmanager.com *.doubleclick.net tagging.proforto.nl www.facebook.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com *.prism.app-us1.com *.prismic.io *.faslet.net magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com https:\/\/www.mollie.com maps.googleapis.com *.multisafepay.com *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com px.ads.linkedin.com bat.bing.com www.google.nl t.squeezely.tech www.facebook.com region1.analytics.google.com www.google.fr trengo.s3.eu-central-1.amazonaws.com *.mailcampaigns.nl *.doubleclick.net https:\/\/cdn.proforto.nl tagging.proforto.nl images.prismic.io proforto-cdn.imgix.net https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com *.yotpo.com data: 'self' 'unsafe-inline'; style-src *.adobe.com https:\/\/cdn.jsdelivr.net maxcdn.bootstrapcdn.com *.multisafepay.com tagmanager.google.com fonts.google.com fonts.bunny.net *.faslet.net https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.trengo.eu player.vimeo.com *.vimeocdn.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; connect-src https:\/\/tagging.proforto.nl dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.prism.app-us1.com *.prismic.io *.faslet.net *.multisafepay.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com www.google.com b.billypx.com px.ads.linkedin.com analytics.tiktok.com *.doubleclick.net rkkck31tec.execute-api.eu-central-1.amazonaws.com api.faslet.net cdn.api.prod.faslet.net bat.bing.com bat.bing.net p2iqhncxyh.execute-api.eu-central-1.amazonaws.com pagead2.googlesyndication.com metrics.hotjar.io *.trengo.eu *.convertexperiments.com tagging.proforto.nl *.tiktokw.us wss:\/\/*.hotjar.com interface.mailcampaigns.nl *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.yotpo.com https: 'self' 'unsafe-inline'; script-src https:\/\/tagging.proforto.nl assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.prism.app-us1.com *.prismic.io *.faslet.net *.disqus.com https:\/\/cdn.jsdelivr.net js.mollie.com *.multisafepay.com https:\/\/pay.google.com *.googletagmanager.com tagmanager.google.com cdn-4.convertexperiments.com connect.facebook.net static.hotjar.com script.hotjar.com analytics.tiktok.com bat.bing.com squeezely.tech snap.licdn.com bgmin.cdn.billygrace.com d5yoctgpv4cpx.cloudfront.net widget.prod.faslet.net player.vimeo.com *.trengo.eu localhost:5174 *.proforto.nl blob: https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.yotpo.com https: 'self' 'unsafe-inline' 'unsafe-eval';","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; img-src 'self' https: data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; script-src 'self' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com; object-src 'none'; report-uri \/api\/csp-report.php","count":1},{"content-security-policy-report-only":" default-src 'none'; script-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/static.cloudflareinsights.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/login.microsoftonline.com https:\/\/secure.aadcdn.microsoftonline-p.com; style-src 'self' 'unsafe-inline' https:\/\/cdnjs.cloudflare.com https:\/\/fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https:\/\/cdnjs.cloudflare.com https:\/\/fonts.gstatic.com; connect-src 'self' https:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self' https:\/\/planetaryscienceinstitute.kindful.com; frame-ancestors 'self';","count":1},{"content-security-policy-report-only":" default-src 'self';  script-src 'self' 'unsafe-inline' 'unsafe-eval'   plausible.io   *.bing.com   *.boomtrain.com   *.callrail.com   *.cdn.digitaloceanspaces.com   *.cloudflare.com   *.cloudflareinsights.com   *.cookielaw.org   *.crazyegg.com   *.derbysoftsec.com   *.doubleclick.net   *.facebook.net   *.gstatic.com   *.google-analytics.com   *.google.com   *.googleadservices.com   *.googleapis.com   *.googletagmanager.com   *.quantcount.com   *.quantserve.com   *.rezync.com   *.rfihub.net   *.sojern.com   *.stackadapt.com   *.stripe.com   *.tiqcdn.com   *.azds.com   *.qvdt3feo.com   *.pendry.com;  script-src-elem 'self' 'unsafe-inline'   plausible.io   *.bing.com   *.boomtrain.com   *.callrail.com   *.cdn.digitaloceanspaces.com   *.cloudflare.com   *.cloudflareinsights.com   *.cookielaw.org   *.crazyegg.com   *.derbysoftsec.com   *.doubleclick.net   *.facebook.net   *.gstatic.com   *.google-analytics.com   *.google.com   *.googleadservices.com   *.googleapis.com   *.googletagmanager.com   *.quantcount.com   *.quantserve.com   *.rezync.com   *.rfihub.net   *.sojern.com   *.stackadapt.com   *.stripe.com   *.storage.googleapis.com   *.tiqcdn.com   *.azds.com   *.acumbamail.com   *.threatspike.com   *.acumbamail.com   *.tms-plugins.com   *.sc-static.net   *.googlesyndication.com   *.infird.com   *.pendry.com   blob:;  connect-src 'self'   *.azds.com   *.boomtrain.com   *.callrail.com   *.cookielaw.org   *.crazyegg.com   *.doubleclick.net   *.facebook.com   *.g.doubleclick.net   *.google-analytics.com   google.com   *.google.com   *.googleadservices.com   *.googletagmanager.com   *.googleapis.com   *.google.com.mx   *.google.pl   *.google.ca   *.onetrust.com   *.sojern.com   *.stackadapt.com   *.tiqcdn.com   *.myhotelshop.de   *.awsapprunner.com   *.run.app   *.letsway.com   *.bing.com   *.bing.net   *.googlesyndication.com   *.quantcount.com   *.quantserve.com   plausible.io   *.emlsend.com   *.yoast.com   *.cloudfront.net   *.launchdarkly.com   *.overbridgenet.com   *.geoedge.com   *.dreamsadnetwork.com   *.pendry.com;  frame-src 'self'   *.doubleclick.net   *.facebook.com   *.googletagmanager.com   *.google.com   *.pcibooking.net   *.rfihub.net   *.rfihub.com   *.sojern.com   *.stripe.com   *.azds.com   *.techloq.com   *.ibosscloud.com   *.wikimedia.org   *.zscalerthree.net   *.zscaler.net   visitingmedia.com   *.vimeo.com   *.formcrafts.com   *.menlosecurity.com   *.dadco.com   *..dpisd.org   *.linewize.net   *.pendry.com   blob:;  img-src * data: blob:; font-src * data:; media-src * 'self' data:; manifest-src * 'self'; style-src * 'unsafe-inline' data:; worker-src 'self' blob:;  report-uri https:\/\/cfe87652b26de6b69f71ed43bef9cf37.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" default-src 'self' https: wss:; img-src * data: blob:; media-src * data:; style-src 'self' 'unsafe-inline' https:\/\/hsbgot.humany.net https:\/\/wds.ace.teliacompany.com https:\/\/fonts.googleapis.com https:\/\/www.gstatic.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/mata.hsb.se https:\/\/tracker.hsb.open-analytics.se https:\/\/*.hotjar.com https:\/\/www.googletagmanager.com https:\/\/googleads.g.doubleclick.net https:\/\/maps.googleapis.com https:\/\/*.imbox.io https:\/\/js.monitor.azure.com https:\/\/*.cookiebot.com https:\/\/cdn.jsdelivr.net\/npm\/slick-carousel@1.8.1\/slick\/slick.min.js https:\/\/dl.episerver.net wss:\/\/*.hotjar.com https:\/\/userlike-cdn-widgets.s3-eu-west-1.amazonaws.com https:\/\/userlike-cdn-umm.b-cdn.net https:\/\/connect.facebook.net https:\/\/fonts.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/wds.ace.teliacompany.com https:\/\/*.superoffice.com https:\/\/www.youtube.com ; frame-src 'self' https: ; report-uri \/api\/ContentSecurityPolicy\/ReportViolation","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.braintreegateway.com https:\/\/*.google.com https:\/\/*.cdn-apple.com https:\/\/*.reviews.io https:\/\/*.reviews.co.uk https:\/\/grwapi.net https:\/\/*.cloudflare.com https:\/\/*.jquery.com https:\/\/*.jsdelivr.net https:\/\/*.termly.io https:\/\/*.gstatic.com https:\/\/*.facebook.net https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.gumlet.com https:\/\/*.cardinalcommerce.com https:\/\/*.doubleclick.net https:\/\/*.googleadservices.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/*.pcapredict.com https:\/\/*.postcodeanywhere.co.uk https:\/\/where-to-buy.co https:\/\/*.where-to-buy.co https:\/\/*.pricespider.com; style-src 'self' 'unsafe-inline' data: https:\/\/grwapi.net https:\/\/*.reviews.io https:\/\/*.braintreegateway.com https:\/\/*.cloudflare.com https:\/\/*.jsdelivr.net https:\/\/*.googleapis.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.tooled-up.com https:\/\/*.postcodeanywhere.co.uk; img-src 'self' data: blob: https:\/\/grwapi.net https:\/\/*.tooled-up.com https:\/\/*.gumlet.com https:\/\/*.paypal.com https:\/\/*.paypalobjects.com https:\/\/*.facebook.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.google.com https:\/\/*.google.co.uk https:\/\/*.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/*.googleadservices.com https:\/\/*.reviews.io https:\/\/*.gstatic.com https:\/\/*.postcodeanywhere.co.uk https:\/\/*.ytimg.com https:\/\/*.where-to-buy.co https:\/\/where-to-buy.co; frame-src 'self' https:\/\/*.reviews.io https:\/\/*.youtube.com https:\/\/*.braintreegateway.com https:\/\/*.googletagmanager.com https:\/\/*.google.co.uk https:\/\/*.google.com https:\/\/*.termly.io https:\/\/*.doubleclick.net https:\/\/*.facebook.com https:\/\/*.cardinalcommerce.com https:\/\/*.paypal.com https:\/\/*.reviews.co.uk https:\/\/*.youtube-nocookie.com https:\/\/*.americanexpress.com https:\/\/*.rsa3dsauth.co.uk https:\/\/*.pricespider.com https:\/\/*.channelsight.com https:\/\/challenges.cloudflare.com; connect-src 'self' https: wss:; font-src 'self' data: https:\/\/*.reviews.io https:\/\/*.cloudflare.com https:\/\/*.jsdelivr.net https:\/\/*.gstatic.com; report-uri https:\/\/www.tooled-up.com\/api\/csp-report; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src *.typekit.net fonts.gstatic.com use.typekit.net www.paypalobjects.com *.gstatic.com *.googleapis.com data: *.fontawesome.com *.bootstrapcdn.com self *.google.com.sv *.google.com.co maps.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * self *.google.com.sv *.google.com.co maps.googleapis.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.google.com *.googleadservices.com https:\/\/www.google.com https:\/\/www.google.com.co maps.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com self *.super99.com *.scene7.com *.facebook.com cm.everesttech.net *.doubleclick.net *.swagger.io *.braintreegateway.com *.clarity.ms https:\/\/analytics.tiktok.com https:\/\/c.bing.com *.google.com.sv *.google.com.co data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com beacon-qa.magento-datasolutions.com beacon-stage.magento-ds.com beacon.magento-ds.com beacon-audiences.magento-ds.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io assets.adobedtm.com *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.online-metrix.net testflex.cybersource.com flex.cybersource.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com maps.googleapis.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com self unsafe-inline *.facebook.com *.facebook.net *.connect.facebook.net https:\/\/smetrics.super99.com *.super99.com *.cardinalcommerce.com unpkg.com cdn.jsdelivr.net *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.paypalobjects.com *.vimeo.com *.bolt.com *.commerce-quick-checkout.com *.cybersource.com *.clarity.ms analytics.tiktok.com *.doubleclick.net *.google.com.sv *.google.com.co 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com beacon-audiences.magento-ds.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.fontawesome.com *.google.com *.googleapis.com *.gstatic.com *.bootstrapcdn.com assets.braintreegateway.com self unsafe-inline *.google.com.sv *.google.com.co maps.googleapis.com 'self' 'unsafe-inline'; object-src none *.google.com.sv *.google.com.co maps.googleapis.com 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com self *.google.com.sv *.google.com.co maps.googleapis.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.snplow.net commerce.adobedc.net p13n.adobe.io *.adobedc.net *.demdex.net beacon-audiences.magento-ds.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.magento.com *.magento-datasolutions.com *.magento-ds.com *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com maps.googleapis.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com self *.super99.com https:\/\/smetrics.super99.com *.facebook.com *.pingdom.net *.woorank.com *.youtube.com *.vimeo.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com *.bolt.com *.clarity.ms https:\/\/analytics.tiktok.com *.doubleclick.net *.google.com.sv *.google.com.co 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.klevu.com *.ksearchnet.com *.cloudflare.com *.googleapis.com *.zopim.com *.tawk.to *.jsdelivr.net media.flixfacts.com 'unsafe-inline' data: data: 'self' 'unsafe-inline'; frame-ancestors *.hana.ondemand.com 'self'; img-src widgets.magentocommerce.com 'unsafe-inline' data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.paypal.com *.typekit.net *.gstatic.com *.klevu.com *.ksearchnet.com oppwa.com *.oppwa.com *.peachpayments.com *.eu-west-1.amazonaws.com *.cloudflare.com *.google.com *.google.lv *.google.co.za *.google.com.na *.google.na *.zopim.com *.nosto.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.zopim.io *.sfdr.co sfdr.co *.tawk.to tawk.link *.tawk.link *.addthis.com *.jsdelivr.net *.facebook.com *.azurewebsites.net maps.googleapis.com app.mobicredwidget.co.za amcglobal.sc.omtrdc.net media.flixcar.com rt.flix360.com assets.secure.checkout.visa.com data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io s.ytimg.com www.googleapis.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/browser.sentry-cdn.com js.klevu.com *.ksearchnet.com landofcoder.com maps.googleapis.com chart.googleapis.com *.oppwa.com oppwa.com *.peachpayments.com *.zopim.com *.videoly.co sfdr.co *.cnetcontent.com *.cloudfront.net *.newrelic.com *.klevu.com *.google.lv *.google.co.za *.google.com.na *.google.na *.cloudflare.com *.cloudflareinsights.com *.nosto.com *.hotjar.com *.googletagmanager.com *.criteo.net *.criteo.com *.sfdr.co *.tawk.to *.tawk.link *.jsdelivr.net *.addthis.com *.addthisedge.com *.moatads.com *.mouseflow.com *.nr-data.net *.facebook.com *.what3words.com commerce.adobedtm.com magento-recs-sdk.adobe.net static.zdassets.com app.mobicredwidget.co.za www.gstatic.com connect.facebook.net bam.nr-data.net js.testfreaks.com media.flixfacts.com media.flixcar.com security-hub.vaimo.network 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com *.klevu.com *.ksearchnet.com oppwa.com *.oppwa.com *.peachpayments.com *.cloudflare.com *.googleapis.com *.jsdelivr.net www.gstatic.com media.flixcar.com 'unsafe-inline' data: https:\/\/js.klevu.com https:\/\/www.adendorff.co.za 'self' 'unsafe-inline'; object-src landofcoder.com maps.googleapis.com chart.googleapis.com 'self' 'unsafe-inline'; media-src *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/*.ingest.sentry.io *.klevu.com *.ksearchnet.com landofcoder.com maps.googleapis.com chart.googleapis.com oppwa.com *.oppwa.com *.peachpayments.com *.testfreaks.com *.nosto.com *.hotjar.io *.hotjar.com *.doubleclick.net *.zendesk.com *.tawk.to wss:\/\/*.tawk.to *.tawk.link *.addthis.com *.addthisedge.com *.nr-data.net *.what3words.com *.googleapis.com vsb111.tawk.to ekr.zdassets.com api.magento.com commerce.adobedc.net app.mobicredwidget.co.za wss:\/\/widget-mediator.zopim.com bam.nr-data.net *.googletagmanager.com security-hub.vaimo.network 'unsafe-eval' data: 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; form-action *.cognitoforms.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/secure.paygate.co.za\/payweb3\/process.trans oppwa.com *.oppwa.com peachpayments.com *.peachpayments.com *.facebook.com webchat.jdg.co.za *.jdg.co.za 'self' 'unsafe-inline'; frame-src *.cognitoforms.com *.peachpayments.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.braintreegateway.com *.paypal.com google.com *.google.com landofcoder.com maps.googleapis.com chart.googleapis.com oppwa.com *.oppwa.com peachpayments.com *.nosto.com *.issuu.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.criteo.net *.criteo.com *.addthis.com *.facebook.com webchat.jdg.co.za *.jdg.co.za 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com https:\/\/fonts.bunny.net *.musette.ro data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com *.googlesyndication.com *.tiktok.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.doubleclick.net *.facebook.com\/ *.googlesyndication.com *.tiktok.com *.innoship.ro landofcoder.com https:\/\/www.google.com\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.googleapis.com 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.roeye.com *.tiktok.com *.tile.openstreetmap.org *.openstreetmap.org https:\/\/firebasestorage.googleapis.com *.musette.ro *.google.com\/ads\/ *.google.ro *.google.ro\/ads\/ *.trusted.ro\/ trusted.ro\/ *.profitshare.ro *.omtrdc.net musette.ro maps.googleapis.com maps.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googleapis.com *.gstatic.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com landofcoder.com www.termsfeed.com *.avada.io *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.jivosite.com *.profitshare.ro profitshare.ro *.7w.ro *.aptrinsic.com *.musette.ro maps.googleapis.com chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.aptrinsic.com fonts.googleapis.com assets.braintreegateway.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com *.fontawesome.com https:\/\/fonts.bunny.net *.jivosite.com *.musette.ro *.salofarm.ro *.stormers.ro 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com *.jivosite.com *.musette.ro 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.googleapis.com *.google-analytics.com *.facebook.com *.facebook.net *.doubleclick.net *.googlesyndication.com *.tiktok.com landofcoder.com https:\/\/get.geojs.io *.avada.io https:\/\/stats.g.doubleclick.net\/ *.jivosite.com *.7w.ro *.aptrinsic.com maps.googleapis.com socialplugin.facebook.net region1.analytics.google.com wss:\/\/chat-eu1-4.jivosite.com *.musette.ro 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com maxcdn.bootstrapcdn.com https:\/\/maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/www.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com https:\/\/accounts.google.com https:\/\/*.google.com https:\/\/*.hotjar.com https:\/\/vars.hotjar.com https:\/\/www.facebook.com https:\/\/*.criteo.com https:\/\/gum.criteo.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net p.typekit.net *.paypal.com *.typekit.net *.gstatic.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com public.montonio.com https:\/\/www.facebook.com https:\/\/www.google.com https:\/\/www.google.ee https:\/\/www.google-analytics.com rx.apotheka.ee data: http: https: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com public.montonio.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net rx.apotheka.ee http: https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com maxcdn.bootstrapcdn.com https:\/\/maxcdn.bootstrapcdn.com rx.apotheka.ee http: https: 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net rx.apotheka.ee http: https: wss: 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/www.sescpr.com.br https:\/\/vlibras.gov.br https:\/\/www.google.com\/ https:\/\/selos-site-defender.s3.amazonaws.com\/ https:\/\/cdn.jsdelivr.net\/ https:\/\/www.googletagmanager.com\/ https:\/\/www.gstatic.com\/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/vlibras.gov.br https:\/\/www.googletagmanager.com\/ https:\/\/www.google.com\/ https:\/\/cdn.jsdelivr.net\/ https:\/\/www.gstatic.com\/ https:\/\/www.google-analytics.com\/ https:\/\/connect.facebook.net https:\/\/challenges.cloudflare.com https:\/\/viacep.com.br; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com https:\/\/cdn.jsdelivr.net; img-src 'self' data: https: https:\/\/www.sescpr.com.br; font-src 'self' https:\/\/fonts.gstatic.com data:; frame-src 'self' https:\/\/www.google.com https:\/\/vlibras.gov.br https:\/\/challenges.cloudflare.com; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/www.google.com https:\/\/vlibras.gov.br;frame-ancestors 'self' https:\/\/googleads.g.doubleclick.net https:\/\/static.doubleclick.net https:\/\/ff.kes.v2.scr.kaspersky-labs.com ","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/*.vntsm.com https:\/\/*.rubiconproject.com https:\/\/*.pubmatic.com https:\/\/*.googlesyndication.com https:\/\/*.googletagmanager.com https:\/\/*.google-analytics.com https:\/\/*.jwplayer.com https:\/\/*.jwpcdn.com https:\/\/platform.twitter.com https:\/\/www.youtube.com https:\/\/*.chartbeat.com https:\/\/*.sentry.io https:\/\/*.amazon-adsystem.com https:\/\/cadmus.script.ac https:\/\/*.viously.com https:\/\/*.aniview.com https:\/\/imasdk.googleapis.com https:\/\/*.fastclick.net https:\/\/*.liadm.com https:\/\/*.fundingchoicesmessages.google.com https:\/\/*.doubleclick.net; img-src 'self' data: https:; frame-src https:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; connect-src 'self' https:; media-src 'self' https:","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.yelp.com\/csp_report_only?id=3ba3f84d358530b2&page=csp_report_frame_directives%2Cfull_site_ssl_csp_report_directives&policy_hash=41d0c45536d2a082f11d1cd0e00fde7f&site=www&timestamp=1778723367; frame-ancestors 'self' https:\/\/*.yelp.com; default-src https:; img-src https: data: blob:; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; font-src data: https:; child-src https: yelp-webview:\/\/* yelp:\/\/* data:; object-src 'none'; worker-src blob: https:; base-uri 'self'; form-action https:","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-b1o65rBAtZDLVT6Sgjm0dQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'nonce-74e22cb92e6d901e528e48e98298f487' 'self'; object-src 'self'; frame-ancestors 'none'; base-uri 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data https:\/\/images.ctfassets.net; script-src 'self' 'self' 'unsafe-inline' https:\/\/browser.sentry-cdn.com\/ https:\/\/europcar.adding-sst.dev\/ https:\/\/sdk.privacy-center.org\/ https:\/\/*.europcar.com https:\/\/*.goldcar.com; connect-src 'self' sentry.io *.sentry.io https:\/\/*.europcar.com https:\/\/*.goldcar.com; report-uri https:\/\/f7b20c2f87f95d7d60d819766c53e983@o274321.ingest.us.sentry.io\/1887943; report-to https:\/\/f7b20c2f87f95d7d60d819766c53e983@o274321.ingest.us.sentry.io\/1887943","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self' www.columbiadoctors.org www.nyp.org;frame-src https:\/\/* 'self' epichttp: https:\/\/premier.trustcommerce.com;script-src 'nonce-035cf17764484fe789e329b484f4313a' https:\/\/www.myconnectnyc.org 'self';img-src https:\/\/* 'self' blob: data:;connect-src 'self' epichttp:;style-src https:\/\/www.myconnectnyc.org 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self';media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline'; script-src 'self' https:\/\/www.google-analytics.com\/analytics.js https:\/\/www.googletagmanager.com\/ 'unsafe-inline'; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net; font-src 'self' data: https:\/\/fonts.gstatic.com\/; style-src-elem 'self' https:\/\/fonts.googleapis.com\/ 'unsafe-inline'; report-to csp-reports; report-uri https:\/\/www.transact-online.co.uk\/csp_reporting","count":1},{"content-security-policy-report-only":" base-uri *.google.com *.gstatic.com 'self' 'unsafe-inline'; default-src *.google.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; media-src *.google.com *.gstatic.com *.storyblok.com *.zdassets.com *.doofinder.com 'self' 'unsafe-inline'; manifest-src *.google.com *.gstatic.com 'self' 'unsafe-inline'; child-src *.google.com *.gstatic.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; object-src *.google.com *.gstatic.com 'self' 'unsafe-inline'; style-src *.google.com *.gstatic.com *.doofinder.com assets.braintreegateway.com *.storyblok.com *.photoslurp.com *.nosto.com *.klaviyo.com *.typekit.net 'self' 'unsafe-inline'; img-src *.google.com *.gstatic.com https:\/\/alehop.smartie.io widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.adyen.com *.doofinder.com https:\/\/images.unsplash.com *.oct8ne.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.storyblok.com *.facebook.com *.google.es widgets.trustedshops.com *.twitter.com t.co *.azureedge.net *.pinterest.com *.bing.com www.googletagmanager.com data: 'self' 'unsafe-inline'; form-action *.google.com *.gstatic.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; font-src *.google.com *.oct8ne.com fonts.gstatic.com *.azureedge.net *.doofinder.com *.typekit.net *.googleapis.com data: 'self' 'unsafe-inline'; frame-ancestors *.google.com *.gstatic.com *.storyblok.com 'self'; frame-src td.doubleclick.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ *.adyen.com *.oct8ne.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.hotjar.com *.pinterest.com *.doofinder.com *.empathybroker.com *.empathy.co *.criteo.com www.googletagmanager.com 'self' 'unsafe-inline'; connect-src *.google.com *.googlesyndication.com analytics.tiktok.com *.analytics.google.com *.gstatic.com www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adyen.com *.doofinder.com wss:\/\/*.doofinder.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.oct8ne.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com *.zendesk.com *.zopim.com *.doubleclick.net *.hotjar.com *.hotjar.io *.clarity.ms *.smartsuppcdn.com *.googleapis.com *.google-analytics.com *.google.es *.connectif.cloud *.klaviyo.com *.photoslurp.com *.zdassets.com *.pinterest.com *.nosto.com *.empathybroker.com *.empathy.co www.googletagmanager.com 'self' 'unsafe-inline'; script-src https:\/\/analytics.tiktok.com *.google.com *.gstatic.com www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.adyen.com *.doofinder.com https:\/\/maps.googleapis.com *.oct8ne.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com *.storyblok.com www.googletagmanager.com *.googleoptimize.com widgets.trustedshops.com static-eu.oct8ne.com static.zdassets.com *.facebook.net *.tradedoubler.com *.doubleclick.net *.hotjar.com *.ads-twitter.com smct.co *.bsmartdata.com *.retargeted.co *.bing.com *.clarity.ms *.smartsuppcdn.com *.smartsuppchat.com *.smartsupp.com *.connectif.cloud *.klaviyo.com *.photoslurp.com *.pinimg.com *.nosto.com *.empathybroker.com *.unpkg.com 'self' 'unsafe-inline' 'unsafe-eval';","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/*.alltuu.live https:\/\/alltuu-frontend-log-tracking.cn-hangzhou.log.aliyuncs.com https:\/\/alltuu-frontend-log.cn-hangzhou.log.aliyuncs.com https:\/\/www.gstatic.com https:\/\/alltuu-help-video.oss-cn-shanghai.aliyuncs.com https:\/\/open.work.weixin.qq.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloundflare.com https:\/\/gw.alipayobjects.com https:\/\/lf1-cdn-tos.bytegoofy.com https:\/\/alltuu.cc https:\/\/alltuu.pw https:\/\/alltuu.co https:\/\/alltuu.tv https:\/\/s9.cnzz.com https:\/\/zz.bdstatic.com https:\/\/v1.cnzz.com https:\/\/g.alicdn.com https:\/\/mp.weixin.qq.com https:\/\/res.wx.qq.com https:\/\/open.weixin.qq.com https:\/\/turing.captcha.qcloud.com https:\/\/sp0.baidu.com\/ https:\/\/turing.captcha.gtimg.com https:\/\/at.alicdn.com https:\/\/wx.gtimg.com\/ https:\/\/cdn.yiban.io https:\/\/lf-flow-web-cdn.doubao.com data: blob: https:\/\/*.alltuu.ren https:\/\/*.alltuu.com 'unsafe-eval' 'unsafe-inline'; report-uri https:\/\/csp-page.alltuu.com;connect-src 'self' https:\/\/*.alltuu.live https:\/\/*.captcha-open-southeast.aliyuncs.com\/ https:\/\/mcs.snssdk.com https:\/\/alltuu-storage.oss-accelerate.aliyuncs.com https:\/\/alltuu-prsoon-private.oss-cn-hangzhou.aliyuncs.com https:\/\/aegis.qq.com https:\/\/mp.weixin.qq.com\/ https:\/\/alltuu-msg.cn-hangzhou.log.aliyuncs.com\/ https:\/\/alltuu-flashapp.cn-hangzhou.log.aliyuncs.com https:\/\/ai-platform-data-analysis.cn-hangzhou.log.aliyuncs.com https:\/\/ai-data-analysis.cn-hangzhou.log.aliyuncs.com https:\/\/*.alltuu.com wss:\/\/*.alltuu.com https:\/\/alltuu-frontend-log.cn-hangzhou.log.aliyuncs.com https:\/\/videocloud.cn-hangzhou.log.aliyuncs.com https:\/\/alltuu-storage.oss-cn-hangzhou.aliyuncs.com https:\/\/alltuu-frontend-log-tracking.cn-hangzhou.log.aliyuncs.com data: blob:;frame-src 'self' https:\/\/* blob: data: ;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com *.kueskipay.com *.gstatic.com *.zotabox.com https:\/\/*.tawk.to *.fontawesome.com https:\/\/fonts.gstatic.com maxcdn.bootstrapcdn.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com *.kueskipay.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.kueskipay.com https:\/\/hotjar.com https:\/\/fast.amc.demdex.net https:\/\/secure.authorize.net https:\/\/static.addtoany.com https:\/\/www.googletagmanager.com https:\/\/td.doubleclick.net https:\/\/*.creativecdn.com https:\/\/*.mercadopago.com https:\/\/*.mercadopago.com.mx *.mercadolibre.com *.google.com\/ *.sandbox.paypal.com *.paypalobjects.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/www.magezon.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.feedoptimise.com cdn.feedoptimise.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.kueskipay.com *.google.com *.google.com.mx *.facebook.com *.zotabox.com *.mercadolibre.com *.mercadolivre.com *.swagger.io *.akamai.net *.dico.com.mx https:\/\/bat.bing.com https:\/\/*.tawk.to https:\/\/www.googletagmanager.com https:\/\/*.mercadopago.com.mx *.mlstatic.com *.mercadopago.com *.mercadolivre.com.br *.mercadolibre.com.mx *.mercadolibre.com.ar *.sandbox.paypal.com *.paypalobjects.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/cdn.ampproject.org raw.githubusercontent.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com https:\/\/chimpstatic.com downloads.mailchimp.com *.list-manage.com *.facebook.com https:\/\/connect.facebook.net graph.facebook.com https:\/\/business.facebook.com www.feedoptimise.com cdn.feedoptimise.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.kueskipay.com *.googletagmanager.com *.mxpnl.com *.addtoany.com https:\/\/*.hotjar.com https:\/\/*.zotabox.com *.facebook.net *.tawk.to *.mailchimp.com *.pinterest.com *.tumblr.com *.tumblr.cb1 *.doubleclick.net https:\/\/dpm.demdex.net https:\/\/amcglobal.sc.omtrdc.net https:\/\/geostag.cardinalcommerce.com https:\/\/geo.cardinalcommerce.com https:\/\/1eafstag.cardinalcommerce.com https:\/\/1eaf.cardinalcommerce.com https:\/\/centinelapistag.cardinalcommerce.com https:\/\/centinelapi.cardinalcommerce.com https:\/\/pilot-payflowlink.paypal.com https:\/\/api.braintreegateway.com https:\/\/api.sandbox.braintreegateway.com https:\/\/client-analytics.braintreegateway.com https:\/\/client-analytics.sandbox.braintreegateway.com https:\/\/*.braintree-api.com https:\/\/*.paypal.com https:\/\/graph.facebook.com https:\/\/*.kueskipay.com https:\/\/*.doubleclick.net https:\/\/*.tawk.to https:\/\/*.hotjar.io https:\/\/*.mercadolibre.com https:\/\/*.google-analytics.com https:\/\/*.hsforms.com https:\/\/*.dico.com.mx *.google.com https:\/\/*.mercadopago.com https:\/\/*.sandbox.paypal.com *.paypalobjects.com https:\/\/t.elasticsuite.io https:\/\/*.hsforms.net https:\/\/*.creativecdn.com https:\/\/bat.bing.com https:\/\/analytics.tiktok.com https:\/\/www.googleoptimize.com *.mlstatic.com *.mercadopago.com *.sandbox.paypal.com *.hsforms.net *.hsforms.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com unsafe-inline downloads.mailchimp.com https:\/\/static.klaviyo.com *.kueskipay.com *.googletagmanager.com *.mxpnl.com *.googleapis.com *.tawk.to *.fontawesome.com *.addtoany.com maxcdn.bootstrapcdn.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net https:\/\/amcglobal.sc.omtrdc.net www.google-analytics.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/cdn.ampproject.org api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com www.facebook.com https:\/\/connect.facebook.net graph.facebook.com https:\/\/business.facebook.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.kueskipay.com *.doubleclick.net https:\/\/dpm.demdex.net https:\/\/geostag.cardinalcommerce.com https:\/\/geo.cardinalcommerce.com https:\/\/1eafstag.cardinalcommerce.com https:\/\/1eaf.cardinalcommerce.com https:\/\/centinelapistag.cardinalcommerce.com https:\/\/centinelapi.cardinalcommerce.com https:\/\/pilot-payflowlink.paypal.com https:\/\/api.braintreegateway.com https:\/\/api.sandbox.braintreegateway.com https:\/\/client-analytics.braintreegateway.com https:\/\/client-analytics.sandbox.braintreegateway.com https:\/\/*.braintree-api.com https:\/\/*.paypal.com https:\/\/graph.facebook.com https:\/\/*.kueskipay.com https:\/\/*.doubleclick.net https:\/\/*.tawk.to https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/*.zotabox.com https:\/\/*.mercadolibre.com *.google-analytics.com https:\/\/*.hsforms.com https:\/\/*.dico.com.mx https:\/\/*.google.com https:\/\/*.mercadopago.com https:\/\/*.sandbox.paypal.com *.paypalobjects.com t.elasticsuite.io https:\/\/*.hsforms.net wss:\/\/*.tawk.to https:\/\/*.creativecdn.com https:\/\/analytics.tiktok.com https:\/\/google.com *.mercadopago.com *.mercadolibre.com http:\/\/dpm.demdex.net *.sandbox.paypal.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https:\/\/*.googleapis.com https:\/\/www.google-analytics.com https:\/\/www.googleanalytics.com https:\/\/www.googleoptimize.com https:\/\/optimize.google.com *.google.com https:\/\/*.google.com https:\/\/*.googleusercontent.com https:\/\/*.ggpht.com https:\/\/googleads.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/*.gstatic.com https:\/\/*.googleadservices.com http:\/\/s3.amazonaws.com https:\/\/snap.licdn.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com http:\/\/*.tiqcdn.com https:\/\/pageimprove.io https:\/\/*.linkedin.com https:\/\/partenamut.activehosted.com https:\/\/*.tealiumiq.com https:\/\/*.youtube.com https:\/\/*.decibelinsight.net https:\/\/wurfl.io https:\/\/bat.bing.com https:\/\/*.googlesyndication.com https:\/\/*.teads.tv https:\/\/*.clarity.ms\/ https:\/\/dev.visualwebsiteoptimizer.com https:\/\/tags.partenamut.be\/partenamut-site\/prod\/utag.sync.js https:\/\/tags.partenamut.be\/partenamut-site\/prod\/utag.js https:\/\/tags.partenamut.be https:\/\/analytics.tiktok.com https:\/\/analytics.tiktok.com\/i18n\/pixel\/events.js https:\/\/collect.partenamut.be; style-src 'unsafe-inline' 'self' https:\/\/*.googleapis.com https:\/\/fonts.googleapis.com https:\/\/optimize.google.com https:\/\/unpkg.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/*.gstatic.com https:\/\/fonts.bunny.net; img-src 'self' https:\/\/*.googleapis.com https:\/\/*.gstatic.com https:\/\/*.google.com *.googleusercontent.com https:\/\/*.google.be https:\/\/*.google-analytics.com https:\/\/googleads.g.doubleclick.net https:\/\/*.linkedin.com https:\/\/*.partenamut.be https:\/\/*.facebook.com https:\/\/dummyimage.com https:\/\/placehold.co https:\/\/www.googletagmanager.com http:\/\/www.w3.org\/2000\/svg https:\/\/*.tealiumiq.com https:\/\/s535jira.mutworld.be https:\/\/flagcdn.com https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/bat.bing.com https:\/\/ad.doubleclick.net https:\/\/*.teads.tv https:\/\/dev.visualwebsiteoptimizer.com https:\/\/tags.partenamut.be\/partenamut-site\/prod\/utag.js https:\/\/*.clarity.ms https:\/\/c.bing.com https:\/\/www.google.com\/pagead\/form-data https:\/\/survey-images.hotjar.com data:; frame-src 'self' https:\/\/*.google.com https:\/\/optimize.google.com https:\/\/vars.hotjar.com\/ https:\/\/*.youtube.com https:\/\/*.partenamut.be https:\/\/cloud.cavai.com\/ www.facebook.com https:\/\/idp.iamfas.belgium.be\/ https:\/\/td.doubleclick.net\/ https:\/\/*.teads.tv\/ https:\/\/td.doubleclick.net.x.ccf80dde0e0820444b0b8f9038e392127391.d045232a.id.opendns.com https:\/\/10649093.fls.doubleclick.net https:\/\/maternity-leave---partena.bubbleapps.io; font-src 'self' https:\/\/fonts.gstatic.com https:\/\/script.hotjar.com https:\/\/fonts.bunny.net; object-src 'self' data: 'unsafe-eval'; media-src 'self'; child-src 'self'; form-action 'self'; frame-ancestors 'self'; base-uri 'self'; navigate-to *; connect-src 'self' https:\/\/*.cloud.es.io https:\/\/*.googleapis.com *.google.com https:\/\/*.google.com https:\/\/*.google.com https:\/\/*.gstatic.com  https:\/\/*.google-analytics.com https:\/\/*.facebook.com https:\/\/*.linkedin.oribi.io https:\/\/*.hotjar.io https:\/\/*.hotjar.com https:\/\/pageimprove.io https:\/\/*.tealiumiq.com https:\/\/*.decibelinsight.net wss:\/\/*.hotjar.com https:\/\/*.cloud.es.io https:\/\/bat.bing.com https:\/\/*.linkedin.com https:\/\/*.googlesyndication.com wss:\/\/*.decibelinsight.net https:\/\/wurfl.io https:\/\/*.g.doubleclick.net https:\/\/*.teads.tv https:\/\/*.clarity.ms\/ https:\/\/dev.visualwebsiteoptimizer.com https:\/\/adservice.google.com https:\/\/www.google.com\/pagead\/form-data https:\/\/google.com\/ccm\/form-data\/1035243604 https:\/\/google.com:433\/ccm\/form-data\/1035243604 https:\/\/*.adservice.google.com https:\/\/adservice.google.com https:\/\/analytics.tiktok.com https:\/\/*.partenamut.be data: blob:; worker-src 'self' blob:; https:\/\/t.contentsquare.net\/uxa\/b8b4149d47658.js;report-uri https:\/\/mutualit.uriports.com\/reports; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: code.jquery.com *.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com *.google.com www.google.cz unpkg.com api.mapy.cz api.mapy.com; block-all-mixed-content; report-uri https:\/\/www.mudrc.net\/report.php?csp ","count":1},{"content-security-policy-report-only":" default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'","count":1},{"content-security-policy-report-only":" font-src *.fontawesome.com https:\/\/fonts.bunny.net *.cloudflare.com *.gstatic.com *.googleapis.com *.typekit.net 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https:\/\/secure-test.worldpay.com\/shopper\/3ds\/ddc.html *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.clearpay.co.uk https:\/\/pay.google.com https:\/\/secure-test.worldpay.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.google.com 5900250.fls.doubleclick.net *.payments-amazon.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.afterpay.com *.clearpay.co.uk *.cloudflare.com *.gstatic.com *.google-analytics.com *.hsforms.net *.hsforms.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com ewm.imgix.net *.klarna.com *.googleadservices.com *.google.com *.google.co.uk *.run4it.com *.fbcdn.net d23yuld0pofhhw.cloudfront.net ut.ra.linksynergy.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.afterpay.com *.clearpay.co.uk *.squarecdn.com https:\/\/hbiq.net https:\/\/www.google.com\/recaptcha\/api.js *.gstatic.com *.cloudflare.com https:\/\/pay.google.com\/gp\/p\/js\/pay.js https:\/\/applepay.cdn-apple.com\/jsapi\/v1\/apple-pay-sdk.js *.google-analytics.com https:\/\/payments.worldpay.com\/resources\/cse\/js\/worldpay-cse-1.0.2.min.js *.hsforms.net *.hsforms.com *.avada.io *.shopify.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googletagmanager.com *.googleapis.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.feefo.com *.run4it.com *.klevu.com *.payments-amazon.com connect.facebook.net tag.rmp.rakuten.com *.typekit.net *.google.com theed11117.pcapredict.com cdn.mida.so 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.afterpay.com\/ *.squarecdn.com *.cloudflare.com *.fontawesome.com https:\/\/fonts.bunny.net unsafe-inline assets.braintreegateway.com *.googleapis.com *.gstatic.com *.klevu.com *.run4it.com *.postcodeanywhere.co.uk unpkg.cm 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.clearpay.co.uk *.squarecdn.com https:\/\/hbiq.net https:\/\/iq.afterpay-beta.com https:\/\/iq.afterpay.com t.elasticsuite.io *.hsforms.net *.hsforms.com api.addressy.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.cloudflare.com *.feefo.com *.instagram.com *.amazon.com *.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-LLdKeKHJUhWtM2R26Jy8EA' 'unsafe-inline' 'unsafe-eval' https:\/\/*.msauth.net https:\/\/*.msftauth.net https:\/\/*.msftauthimages.net https:\/\/*.msauthimages.net https:\/\/*.msidentity.com https:\/\/*.microsoftonline-p.com https:\/\/*.microsoftazuread-sso.com https:\/\/*.azureedge.net https:\/\/*.outlook.com https:\/\/*.office.com https:\/\/*.office365.com https:\/\/*.microsoft.com https:\/\/*.bing.com 'report-sample'; report-uri https:\/\/csp.microsoft.com\/report\/ESTS-UX-All","count":1},{"content-security-policy-report-only":" frame-src 'self'; report-uri http:\/\/events.convio.com\/site\/XFrameViolation","count":1},{"content-security-policy-report-only":" script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: mercadolibre.com.ar *.mercadolibre.com.ar mercadolibre.com.mx *.mercadolibre.com.mx mercadolivre.com.br *.mercadolivre.com.br mercadolibre.cl *.mercadolibre.cl mercadolibre.com.co *.mercadolibre.com.co credithub.com.br *.credithub.com.br gstatic.com *.gstatic.com js-agent.newrelic.com *.js-agent.newrelic.com http2.mlstatic.com *.http2.mlstatic.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net googletagmanager.com *.googletagmanager.com googleapis.com *.googleapis.com cloudflare.com *.cloudflare.com mercadolibre.com.ve *.mercadolibre.com.ve mercadolibre.com.pe *.mercadolibre.com.pe mercadolibre.com.uy *.mercadolibre.com.uy jsdelivr.net *.jsdelivr.net tiktok.com *.tiktok.com mercadopago.com *.mercadopago.com recaptcha.net *.recaptcha.net googlesyndication.com *.googlesyndication.com gstatic.cn *.gstatic.cn mercadolibre.com *.mercadolibre.com google.com *.google.com doubleclick.net *.doubleclick.net hotjar.com *.hotjar.com newrelic.com *.newrelic.com mercadolivre.com *.mercadolivre.com; report-uri https:\/\/events.mercadolibre.com\/csp\/reports?identifier=VLzYRkQq_c9JDN0rgeqNBHWXLdiZqw2_qxFsrcXEy-kqgH10y4emFIu-FQ3FzhnRLz2EdQyXLw0A&policy_id=29443&user_id=&request_id=0e38a34b-0127-48d8-b0eb-b822e5e297c4; report-to csp-endpoint-vlzyrkqqcjdnrgeqnbhwxldizqwqxfsrcxeykqghyemfiufqfzhnrlzedqyxlwa","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com data: *.fontawesome.com *.bootstrapcdn.com *.hotjar.com fonts.googleapis.com cdn.cookiehub.eu https:\/\/fonts.bunny.net *.paypal.com *.paypalobjects.com *.cdn-apple.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.certcapture.com https:\/\/www.youtube.com https:\/\/www.google.com\/maps https:\/\/www.google.com\/ https:\/\/insight.adsrvr.org\/ https:\/\/analytics.google.com https:\/\/vimeo.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.networkmerchants.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.certcapture.com googleads.g.doubleclick.net secure.livechatinc.com https:\/\/songbird.cardinalcommerce.com https:\/\/centinelapi.cardinalcommerce.com https:\/\/*.cardinalcommerce.com https:\/\/*.centinelapi.cardinalcommerce.com https:\/\/insight.adsrvr.org\/ https:\/\/analytics.google.com https:\/\/vimeo.com *.weltpixel.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.sandbox.paypal.com *.googletagmanager.com *.doubleclick.net www.xtento.com https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: *.networkmerchants.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.certcapture.com magefan.com cm.magefan.com *.amazonaws.com bat.bing.com cdn.ywxi.net blob *.instantsearchplus.com *.bbb.org cdn.livechat-files.com *.facebook.com *.hotjar.com *.clarity.ms *.bing.com *.google.com.ar www.doubleclick.net cdn.cookiehub.eu p.brsrvr.com *.trackedlink.net *.disqus.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.sandbox.paypal.com *.reddit.com *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com www.xtento.com cdn.xtento.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com https:\/\/vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/rum.hlx.page *.networkmerchants.com *.googleapis.com *.gstatic.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com acp-magento.appspot.com *.akamaized.net *.instantsearchplus.com *.fastsimon.com fastsimon-grid.akamaized.net *.certcapture.com *.fontawesome.com *.livechatinc.com bat.bing.com *.clarity.ms 199001.tctm.co *.facebook.net *.facebook.com *.cokertirecompany.com *.hotjar.com e.zip-corvette.com www.googletagservices.com www.doubleclick.net cdn.cookiehub.eu cdn.brcdn.com https:\/\/cdn1.ebizcharge.net https:\/\/songbird.cardinalcommerce.com https:\/\/centinelapi.cardinalcommerce.com https:\/\/cdnjs.cloudflare.com https:\/\/insight.adsrvr.org\/ https:\/\/dpm.demdex.net https:\/\/amcglobal.sc.omtrdc.net https:\/\/geostag.cardinalcommerce.com https:\/\/geo.cardinalcommerce.com https:\/\/centinelapistag.cardinalcommerce.com https:\/\/analytics.google.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.disqus.com *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.sandbox.paypal.com *.paypalobjects.com *.googletagmanager.com *.googleadservices.com *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net www.xtento.com cdn.xtento.com https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com https:\/\/h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.networkmerchants.com *.certcapture.com *.bootstrapcdn.com static-autocomplete.fastsimon.com ping.fastsimon.com settings.fastsimon.com static-grid.fastsimon.com *.typekit.net cdn.cookiehub.eu cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.fontawesome.com https:\/\/fonts.bunny.net assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net https:\/\/vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.networkmerchants.com *.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.certcapture.com *.clarity.ms api.livechatinc.com bat.bing.com api.fastsimon.com suggest.instantsearchplus.com suggest.fastsimon.com static-autocomplete.fastsimon.com static-grid.fastsimon.com ping.fastsimon.com settings.fastsimon.com stats.g.doubleclick.net bam.nr-data.net 199001.tctm.co *.facebook.com *.hotjar.com *.hotjar.io wss:\/\/ws.hotjar.com googleads.g.doubleclick.net cdn.cookiehub.eu c.ba.contentsquare.net 3dsapi.ebizcharge.net kg668dbov0.execute-api.us-east-1.amazonaws.com ebizcharge3ds-staging1.azurewebsites.net *.ebizcharge.net https:\/\/songbird.cardinalcommerce.com https:\/\/centinelapi.cardinalcommerce.com https:\/\/cdnjs.cloudflare.com https:\/\/insight.adsrvr.org\/ https:\/\/dpm.demdex.net https:\/\/amcglobal.sc.omtrdc.net https:\/\/geostag.cardinalcommerce.com https:\/\/geo.cardinalcommerce.com https:\/\/centinelapistag.cardinalcommerce.com https:\/\/analytics.google.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com https:\/\/get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.sandbox.paypal.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app https:\/\/imgs.signifyd.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/*.publitas.com *.fontawesome.com *.kohlerbycochez.com https:\/\/script.hotjar.com *.algolia.com *.googleapis.com *.bootstrapcdn.com https:\/\/*.bazaarvoice.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com 0merchantacsstag.cardinalcommerce.com merchantacs.cardinalcommerce.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com testsecureacceptance.cybersource.com secureacceptance.cybersource.com pay.google.com merchantacs.cardinalcommerce.com 0merchantacsstag.cardinalcommerce.com https:\/\/*.publitas.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.commercepartnerhub.com *.weltpixel.com c.paypal.com checkout.paypal.com assets.braintreegateway.com *.cardinalcommerce.com * c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net www.gstatic.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.kohlerbycochez.com network-a.bazaarvoice.com maps.gstatic.com *.algolia.com media.flixcar.com rt.flix360.com *.google.com *.google-analytics.com *.googleadservices.com https:\/\/www.google.com https:\/\/www.google.com.co maps.googleapis.com *.facebook.com *.reddit.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/*.bazaarvoice.com https:\/\/*.google.com.pa c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.online-metrix.net testflex.cybersource.com flex.cybersource.com pay.google.com x.klarnacdn.net centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https:\/\/*.publitas.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/apps.bazaarvoice.com *.kohlerbycochez.com apps.bazaarvoice.com static.hotjar.com script.hotjar.com h.online-metrix.net js-agent.newrelic.com www.google.com www.gstatic.com maps.googleapis.com *.algolia.com media.flixfacts.com media.flixcar.com https:\/\/www.googletagmanager.com tagmanager.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/cdn.jsdelivr.net c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net https:\/\/view.publitas.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/*.publitas.com *.fontawesome.com *.kohlerbycochez.com *.algolia.com *.google.com *.googleapis.com *.gstatic.com *.bootstrapcdn.com tagmanager.google.com assets.braintreegateway.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com videos.pexels.com *.algolia.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.kohlerbycochez.com bam.nr-data.net maps.googleapis.com https:\/\/surveystats.hotjar.io media.flixcar.com *.google-analytics.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com https:\/\/*.bazaarvoice.com https:\/\/*.hotjar.io c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net http: https: blob: 'self' 'unsafe-inline'; default-src bam.nr-data.net *.kohlerbycochez.com ws.hotjar.com c42eu1doj8gpxa9sp-1.a1.typesense.net,c42eu1doj8gpxa9sp-2.a1.typesense.net,c42eu1doj8gpxa9sp-3.a1.typesense.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com cash-f.squarecdn.com https:\/\/*.gstatic.com *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es *.googleapis.com https:\/\/script.hotjar.com *.landbot.io applepay.cdn-apple.com\/ data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es api.paycomet.com *.ogone.com *.v-psp.com https:\/\/www.facebook.com *.redsys.es 'self' 'unsafe-inline'; frame-ancestors *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es *.adobe.com https:\/\/bid.g.doubleclick.net https:\/\/www.linkbux.com\/ 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com * *.adyen.com *.dotdigital-pages.com *.dotdigital.com *.awin1.com *.zenaps.com *.fls.doubleclick.net *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es www.google.com api.paycomet.com *.doubleclick.net pay.google.com service.force.com hal9000.redintelligence.net https:\/\/pikolinrecommend.botslovers.com https:\/\/*.soreto.com https:\/\/ams.creativecdn.com\/ https:\/\/www.facebook.com\/ https:\/\/www.awin1.com\/ *.redsys.es https:\/\/www.googletagmanager.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com live.cdn.sequra.svea.com next-live.sequra.svea.com live.sequra.svea.com sandbox.cdn.sequra.svea.com next-sandbox.sequra.svea.com sandbox.sequra.svea.com *.trustpilot.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net * https:\/\/*.gstatic.com *.adyen.com *.trackedlink.net *.ddlnk.net *.awin1.com *.zenaps.com *.wepowerconnections.com *.pikolin.com https:\/\/pikolin.com *.magentosite.cloud *.beds.es *.adotmob.com *.facebook.com *.facebook.net *.google.com *.google.es *.googleapis.com *.omtrdc.net https:\/\/*.g.doubleclick.net\/ *.doubleclick.net https:\/\/*.googletagmanager.com *.media-amazon.com https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com https:\/\/ade.googlesyndication.com https:\/\/lantern.roeyecdn.com https:\/\/lantern.roeye.com https:\/\/pikolinrecommend.botslovers.com https:\/\/*.tagmanager.google.com https:\/\/pikolin.botslovers.com https:\/\/cdn.botslovers.com https:\/\/t.teads.tv\/ https:\/\/c.clarity.ms\/ https:\/\/*.bing.com\/ https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/survey-images.hotjar.com https:\/\/rt.udmserve.net\/ https:\/\/pixel.rubiconproject.com https:\/\/www.awin1.com\/ https:\/\/eb2.3lift.com\/ https:\/\/secure.adnxs.com\/ https:\/\/ih.adscale.de\/ https:\/\/sync.outbrain.com\/ https:\/\/ssp-csync.smartadserver.com\/ https:\/\/ads.stickyadstv.com https:\/\/ads.yieldmo.com\/ https:\/\/api.soreto.com\/ https:\/\/cdn.doofinder.com\/ https:\/\/ib.adnxs.com\/ eu1-doofinderuser.s3.amazonaws.com https:\/\/*.collect.igodigital.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com live.cdn.sequra.svea.com next-live.sequra.svea.com live.sequra.svea.com sandbox.cdn.sequra.svea.com next-sandbox.sequra.svea.com sandbox.sequra.svea.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https:\/\/rum.hlx.page *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal *.awin1.com *.dwin1.com *.zenaps.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com lantern.roeyecdn.com *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es www.google.com https:\/\/maps.googleapis.com *.gstatic.com *.zdassets.com js-agent.newrelic.com *.serving-sys.com *.facebook.net *.doubleclick.net *.zopim.com *.cstatic.weborama.fr https:\/\/cdn.cookielaw.org https:\/\/pikolin.botslovers.com.co https:\/\/pikolin.botslovers.com https:\/\/pikolinrecommend.botslovers.com https:\/\/cdn.landbot.io https:\/\/service.force.com https:\/\/cdn.doofinder.com *.clarity.ms *.hotjar.com https:\/\/www.dwin1.com https:\/\/www.wepowerconnections.com https:\/\/lantern.roeyecdn.com https:\/\/espadesa.my.salesforce.com\/ https:\/\/*.googletagmanager.com https:\/\/*.tagmanager.google.com https:\/\/*.google-analytics.com https:\/\/www.googleadservices.com https:\/\/p.teads.tv\/ https:\/\/*.soreto.com https:\/\/cdn.frizbit.com\/ https:\/\/js.cookieless-data.com\/ https:\/\/*.adform.net\/ https:\/\/js.sddan.com\/ https:\/\/tags.creativecdn.com\/ https:\/\/*.bing.com https:\/\/www.awin1.com\/ https:\/\/the.sciencebehindecommerce.com\/ https:\/\/*.datnova.com\/ https:\/\/static.lightning.force.com https:\/\/espadesa.secure.force.com https:\/\/d.la11-core1.sfdc-cehfhs.salesforceliveagent.com\/ https:\/\/d.la2-c1-cdg.salesforceliveagent.com\/ *.redsys.es https:\/\/sslwidget.criteo.com\/ https:\/\/dynamic.criteo.com\/ https:\/\/pikolin--presandbox.sandbox.my.site.com\/ https:\/\/pikolin.my.site.com\/ https:\/\/*.collect.igodigital.com sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com live.cdn.sequra.svea.com next-live.sequra.svea.com live.sequra.svea.com sandbox.cdn.sequra.svea.com next-sandbox.sequra.svea.com sandbox.sequra.svea.com *.trustpilot.com https:\/\/assets.adobedtm.com https:\/\/510004498.collect.igodigital.com https:\/\/www.pikolin.com https:\/\/pikolin.my.site.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.cash.app https:\/\/fonts.googleapis.com\/ *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es *.googleapis.com service.force.com *.clarity.ms https:\/\/cdn.doofinder.com https:\/\/*.googletagmanager.com https:\/\/*.tagmanager.google.com https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/cdn.frizbit.com\/ https:\/\/espadesa.secure.force.com\/ https:\/\/pikolin--presandbox.sandbox.my.site.com\/ https:\/\/pikolin.my.site.com\/ *.trustpilot.com 'self' 'unsafe-inline'; object-src *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.pikolin.com https:\/\/pikolin.com *.magentosite.cloud *.beds.es *.zdassets.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * *.adyen.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.wepowerconnections.com https:\/\/the.sciencebehindecommerce.com *.pikolin.com\/es *.pikolin.com\/pt pikolin.tt.omtrdc.net *.magentosite.cloud *.beds.es *.zdassets.com *.zendesk.com *.zopim.com wss:\/\/widget-mediator.zopim.com *.serving-sys.com *.analytics.analytics.com *.googletagmanager.com *.g.doubleclick.net *.demdex.net *.doubleclick.net https:\/\/cdn.cookielaw.org https:\/\/cookie-cdn.cookiepro.com https:\/\/maps.googleapis.com https:\/\/google.com https:\/\/www.google.es https:\/\/www.google.com https:\/\/pagead2.googlesyndication.com pay.google.com https:\/\/payments-eu.amazon.com *.amazon.com eu1-layer.doofinder.com wss:\/\/eu1-layer.doofinder.com\/ *.clarity.ms https:\/\/*.hotjar.io https:\/\/*.hotjar.com wss:\/\/*.hotjar.com https:\/\/pikolinrecommend.botslovers.com *.tt.omtrdc.net https:\/\/pikolin.botslovers.com https:\/\/cdn.botslovers.com\/ https:\/\/www.facebook.com\/ https:\/\/cm.teads.tv\/ https:\/\/t.teads.tv\/ https:\/\/www.wepowerconnections.com https:\/\/*.soreto.com https:\/\/*.frizbit.com\/ https:\/\/ams.creativecdn.com\/ https:\/\/the.sciencebehindecommerce.com\/ https:\/\/geolocation.onetrust.com https:\/\/privacyportal.onetrust.com https:\/\/privacyportal-eu.onetrust.com https:\/\/*.bing.com\/ https:\/\/espadesa.secure.force.com\/ *.googleapis.com *.landbot.io sandbox.sequracdn.com live.sequracdn.com sandbox.sequrapi.com live.sequrapi.com live.cdn.sequra.svea.com next-live.sequra.svea.com live.sequra.svea.com sandbox.cdn.sequra.svea.com next-sandbox.sequra.svea.com sandbox.sequra.svea.com https:\/\/*.trustpilot.com\/ 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es https:\/\/*.soreto.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri *.pikolin.com\/es *.pikolin.com\/pt *.magentosite.cloud *.beds.es 'self' 'unsafe-inline'; report-uri https:\/\/pikolin.report-uri.com\/r\/d\/csp\/reportOnly; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' blob: data: https:\/\/*.dzengi.com https:\/\/dzengi.com https:\/\/ekr.zdassets.com https:\/\/currencysupport1713960465.zendesk.com https:\/\/id.zopim.com https:\/\/img.youtube.com https:\/\/i.ytimg.com https:\/\/syndication.twitter.com https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/dzengi.bamboohr.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com https:\/\/*.analytics.google.com https:\/\/*.google-analytics.com https:\/\/analytics.google.com https:\/\/accounts.google.com https:\/\/apis.google.com https:\/\/stats.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/translate-pa.googleapis.com https:\/\/translate.google.com https:\/\/translate.googleapis.com https:\/\/translate.googleapis.com https:\/\/www.google.ae https:\/\/www.google.am https:\/\/www.google.az https:\/\/www.google.bg https:\/\/www.google.by https:\/\/www.google.ca https:\/\/www.google.cz https:\/\/www.google.de https:\/\/www.google.dk https:\/\/www.google.ee https:\/\/www.google.es https:\/\/www.google.fi https:\/\/www.google.fr https:\/\/www.google.ge https:\/\/www.google.ie https:\/\/www.google.it https:\/\/www.google.kg https:\/\/www.google.kz https:\/\/www.google.lt https:\/\/www.google.lv https:\/\/www.google.md https:\/\/www.google.nl https:\/\/www.google.no https:\/\/www.google.pl https:\/\/www.google.ro https:\/\/www.google.rs https:\/\/www.google.ru https:\/\/www.google.sk https:\/\/www.google.co.id https:\/\/www.google.co.il https:\/\/www.google.co.in https:\/\/www.google.co.th https:\/\/www.google.co.uk https:\/\/www.google.co.uz https:\/\/www.google.co.za https:\/\/www.google.com.ar https:\/\/www.google.com.cy https:\/\/www.google.com.ng https:\/\/www.google.com.np https:\/\/www.google.com.tr https:\/\/www.google.com.ua https:\/\/test-website-files.idzengi.xyz https:\/\/test-website-static.idzengi.xyz https:\/\/*.backend-capital.com wss:\/\/*.backend-capital.com wss:\/\/*.dzengi.com wss:\/\/widget-mediator.zopim.com https:\/\/mc.yandex.az https:\/\/mc.yandex.by https:\/\/mc.yandex.com https:\/\/mc.yandex.com.am https:\/\/mc.yandex.com.ge https:\/\/mc.yandex.kz https:\/\/mc.yandex.lt https:\/\/mc.yandex.lv https:\/\/mc.yandex.md https:\/\/mc.yandex.ru https:\/\/mc.yandex.tj https:\/\/mc.yandex.tm https:\/\/mc.yandex.uz https:\/\/yandex.ru https:\/\/yastatic.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/test-website-static.idzengi.xyz https:\/\/prod-static.dzengi.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/www.google.com https:\/\/accounts.google.com https:\/\/apis.google.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/connect.facebook.net https:\/\/appleid.cdn-apple.com https:\/\/platform.twitter.com https:\/\/static.zdassets.com https:\/\/translate-pa.googleapis.com https:\/\/translate.google.com https:\/\/translate.googleapis.com https:\/\/mc.yandex.ru https:\/\/mc.yandex.by https:\/\/mc.yandex.lt https:\/\/mc.yandex.lv https:\/\/mc.yandex.tj https:\/\/mc.yandex.tm https:\/\/mc.yandex.uz https:\/\/mc.yandex.com.am https:\/\/mc.yandex.az https:\/\/mc.yandex.md https:\/\/yandex.ru https:\/\/yastatic.net https:\/\/mc.yandex.kz https:\/\/mc.yandex.com https:\/\/mc.yandex.com.ge; style-src 'self' 'unsafe-inline' https:\/\/test-website-static.idzengi.xyz https:\/\/prod-static.dzengi.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/accounts.google.com https:\/\/fonts.googleapis.com; media-src 'self' data: blob: https:\/\/static.zdassets.com; font-src 'self' data: https:\/\/test-website-static.idzengi.xyz https:\/\/prod-static.dzengi.com https:\/\/fonts.gstatic.com; frame-src 'self' https:\/\/www.youtube.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/accounts.google.com https:\/\/support.google.com https:\/\/td.doubleclick.net https:\/\/platform.twitter.com https:\/\/mc.yandex.ru https:\/\/mc.yandex.by https:\/\/mc.yandex.lt https:\/\/mc.yandex.lv https:\/\/mc.yandex.tj https:\/\/mc.yandex.tm https:\/\/mc.yandex.uz https:\/\/mc.yandex.com.am https:\/\/mc.yandex.az https:\/\/mc.yandex.md https:\/\/yandex.ru https:\/\/yastatic.net https:\/\/mc.yandex.kz https:\/\/mc.yandex.com https:\/\/mc.yandex.com.ge; report-uri https:\/\/test-api.dzengi.com\/csp","count":1},{"content-security-policy-report-only":" require-trusted-types-for 'script'; report-uri https:\/\/csp.withgoogle.com\/csp\/uxe-owners-acl\/passwords_google","count":1},{"content-security-policy-report-only":" default-src 'self' cumulusmedia.com www.cumulusmedia.com 'report-sample'; base-uri 'self'; script-src 'nonce-Jpe5wB2GyMbI0I25iTg7HR\/5' 'self' 'inline-speculation-rules' cumulusmedia.com www.cumulusmedia.com 'sha256-MhtPZXr7+LpJUY5qtMutB+qWfQtMaPccfe7QXtCcEYc=' *.googletagmanager.com 'sha256-GyUsdBtdHKlqtQSzGDSvNCHPdK8s1GO2S2y9jj4oYog=' *.google-analytics.com stats.wp.com 'sha256-+zMjo4vywISTRiN+RDp+W665czd5i8MOxiovBqr69F0=' 'sha256-X7SYke\/fTbXP5LTn1g56zfcWCiSzQpGhzSLHvvNm0jo=' form.jotform.com cdn.jotfor.ms *.cookielaw.org 'sha256-iqOPaRlwwgtNy7J3vh\/+LSW9\/QVdN+Fl+YfMS8+GcPo=' *.onetrust.com connect.facebook.net s3.tradingview.com https:\/\/www.google.com\/recaptcha\/ https:\/\/challenges.cloudflare.com\/turnstile\/ 'sha256-riitXBKGtl5y5ccA7GF6ccqJuwEVP5tm8j0ff\/fbw9U=' 'sha256-k8zlbQ8Yw3tO1mzGrtP0m5BxCIEa+iH8LXA4dctSEMI=' 'sha256-wBhUGm\/Lzl4TA4tJsiguA\/vnV9LaNE6plmk4Xn\/6\/Mw=' 'sha256-6wRdeNJzEHNIsDAMAdKbdVLWIqu8b6+Bs+xVNZqplQw=' 'sha256-5oZoxPs07HkLGv2K\/yyNWiLlCvxwJuQdhXLKg2AXhT0=' 'sha256-U6RUMq5+odqSjfOrLU4UryQNhktP4MuDKOApor+55jo=' 'unsafe-inline' 'unsafe-eval' 'report-sample'; style-src 'self' 'unsafe-inline' cumulusmedia.com www.cumulusmedia.com fonts.googleapis.com cdn.jotfor.ms 'report-sample'; img-src 'self' data: cumulusmedia.com www.cumulusmedia.com player.cumulusmedia.com *.wp.com *.googletagmanager.com *.google-analytics.com *.cookielaw.org *.jotform.com; font-src 'self' data: cumulusmedia.com www.cumulusmedia.com fonts.gstatic.com https:\/\/www.google.com\/recaptcha\/; connect-src 'self' cumulusmedia.com www.cumulusmedia.com player.cumulusmedia.com *.google-analytics.com https:\/\/www.google.com\/g\/collect www.googletagmanager.com *.doubleclick.net submit.jotform.com *.cookielaw.org *.onetrust.com; object-src 'none'; frame-src 'self' cumulusmedia.com www.cumulusmedia.com *.jotform.com *.youtube.com s.tradingview.com www.tradingview-widget.com challenges.cloudflare.com; report-uri https:\/\/www.cumulusmedia.com\/wp-admin\/admin-ajax.php?action=wpshr","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-gU0k9BAEXxvhzRSVUD7yxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https:\/\/fonts.gstatic.com https:\/\/ws.colissimo.fr https:\/\/use.fontawesome.com https:\/\/fonts.bunny.net https:\/\/cdnjs.cloudflare.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/plumrocket.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/www.youtube.com https:\/\/form.typeform.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/plumrocket.com *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.typeform.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com form-assets.mailchimp.com https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/ws.colissimo.fr https:\/\/*.tile.openstreetmap.fr https:\/\/*.onyourmap.com https:\/\/google.fr magefan.com cm.magefan.com *.disqus.com https:\/\/firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.facebook.com *.reddit.com *.googletagmanager.com *.doubleclick.net *.google.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com chimpstatic.com downloads.mailchimp.com *.list-manage.com form-assets.mailchimp.com https:\/\/maps.googleapis.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com *.disqus.com *.avada.io *.shopify.com https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com unpkg.com *.doubleclick.net *.typeform.com https:\/\/chimpstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com downloads.mailchimp.com https:\/\/fonts.googleapis.com https:\/\/ws.colissimo.fr https:\/\/api.mapbox.com https:\/\/*.typeform.com https:\/\/use.fontawesome.com https:\/\/fonts.bunny.net https:\/\/cdnjs.cloudflare.com assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com form-assets.mailchimp.com *.intuit.com *.amazonaws.com https:\/\/ws.colissimo.fr https:\/\/maps.googleapis.com https:\/\/nominatim.openstreetmap.org https:\/\/*.onyourmap.com https:\/\/*.mapbox.com https:\/\/get.geojs.io *.avada.io https:\/\/olegnax.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.doubleclick.net *.run.app *.typeform.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" report-uri \/api\/csp","count":1},{"content-security-policy-report-only":" base-uri 'self'; form-action 'self'; frame-ancestors 'self'; frame-src https:\/\/www.googletagmanager.com;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.wolterskluwer.io http:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/maxcdn.bootstrapcdn.com https:\/\/cdn3.devexpress.com https:\/\/cdn.pubnub.com https:\/\/*.pndsn.com https:\/\/www.googletagmanager.com","count":1},{"content-security-policy-report-only":" font-src fonts.googleapis.com fonts.gstatic.com *.gstatic.com data: maxcdn.bootstrapcdn.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com https:\/\/www.googletagmanager.com\/ *.google.com\/ 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/d1pna5l3xsntoj.cloudfront.net maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com https:\/\/images.unsplash.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/www.magezon.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/core.helloretail.com https:\/\/d1pna5l3xsntoj.cloudfront.net maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ chimpstatic.com downloads.mailchimp.com *.list-manage.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.google.com\/ *.avada.io 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/d1pna5l3xsntoj.cloudfront.net fonts.googleapis.com downloads.mailchimp.com maxcdn.bootstrapcdn.com *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/core.helloretail.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/get.geojs.io *.avada.io 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'nonce-UZkRowVq5LLW0wz79d9r4Q==' 'strict-dynamic' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/apis.google.com https:\/\/js.sentry-cdn.com https:\/\/browser.sentry-cdn.com https:\/\/*.googleapis.com https:\/\/connect.facebook.net https:\/\/analytics.tiktok.com https:\/\/ticketdive.firebaseapp.com https:\/\/static-content.payment.global.rakuten.com https:\/\/mpc-prod-27-s6uit34pua-uk.a.run.app; style-src 'self' 'unsafe-inline' https:\/\/www.gstatic.com https:\/\/fonts.googleapis.com; font-src 'self' data: https:\/\/fonts.gstatic.com; img-src 'self' data: blob: https:; media-src 'self' https:\/\/actions.google.com; connect-src 'self' data: https:\/\/*.googleapis.com https:\/\/apis.google.com https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/region1.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/ssl.gstatic.com https:\/\/fonts.gstatic.com https:\/\/api64.ipify.org https:\/\/api.ipify.org https:\/\/sentry.io https:\/\/*.ingest.sentry.io https:\/\/*.ingest.us.sentry.io https:\/\/firestore.googleapis.com https:\/\/identitytoolkit.googleapis.com https:\/\/securetoken.googleapis.com https:\/\/bank.teraren.com https:\/\/analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/www.googleadservices.com https:\/\/www.google.ca https:\/\/www.google.ch https:\/\/www.google.co.id https:\/\/www.google.co.in https:\/\/www.google.co.jp https:\/\/www.google.co.kr https:\/\/www.google.co.th https:\/\/www.google.co.za https:\/\/www.google.com.au https:\/\/www.google.com.bd https:\/\/www.google.com.hk https:\/\/www.google.com.mt https:\/\/www.google.com.mx https:\/\/www.google.com.my https:\/\/www.google.com.ph https:\/\/www.google.com.sg https:\/\/www.google.com.tr https:\/\/www.google.com.tw https:\/\/www.google.com.vn https:\/\/www.google.es https:\/\/www.google.fr https:\/\/www.google.hu https:\/\/www.google.ie https:\/\/www.google.it https:\/\/www.google.nl https:\/\/www.google.pl https:\/\/www.google.ru https:\/\/www.google.se https:\/\/connect.facebook.net https:\/\/www.facebook.com https:\/\/analytics.tiktok.com https:\/\/*.tiktokw.us https:\/\/analytics.twitter.com https:\/\/static.ads-twitter.com https:\/\/t.co\/i\/adsct https:\/\/t.co\/1\/i\/adsct https:\/\/t.co\/i\/adsctp https:\/\/t.co\/1\/i\/adsctp https:\/\/fonts.gstatic.com:443 https:\/\/www.google.com:443 https:\/\/www.google.ca:443 https:\/\/www.google.ch:443 https:\/\/www.google.co.id:443 https:\/\/www.google.co.in:443 https:\/\/www.google.co.jp:443 https:\/\/www.google.co.kr:443 https:\/\/www.google.co.th:443 https:\/\/www.google.co.za:443 https:\/\/www.google.com.au:443 https:\/\/www.google.com.bd:443 https:\/\/www.google.com.hk:443 https:\/\/www.google.com.mt:443 https:\/\/www.google.com.mx:443 https:\/\/www.google.com.my:443 https:\/\/www.google.com.ph:443 https:\/\/www.google.com.sg:443 https:\/\/www.google.com.tr:443 https:\/\/www.google.com.tw:443 https:\/\/www.google.com.vn:443 https:\/\/www.google.es:443 https:\/\/www.google.fr:443 https:\/\/www.google.hu:443 https:\/\/www.google.ie:443 https:\/\/www.google.it:443 https:\/\/www.google.nl:443 https:\/\/www.google.pl:443 https:\/\/www.google.ru:443 https:\/\/www.google.se:443 https:\/\/*.tiktokw.us:443 https:\/\/analytics.twitter.com:443 https:\/\/static.ads-twitter.com:443 https:\/\/payment.global.rakuten.com https:\/\/static-content.payment.global.rakuten.com https:\/\/payvault.global.rakuten.com https:\/\/ticketdive.com https:\/\/www.ticketdive.com https:\/\/ticketdive.com:443 https:\/\/www.ticketdive.com:443 https:\/\/asia-northeast1-playyte-ticket-prod.cloudfunctions.net https:\/\/playyte-ticket-prod.firebaseapp.com https:\/\/mpc-prod-27-s6uit34pua-uk.a.run.app; frame-src https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com https:\/\/www.facebook.com https:\/\/ticketdive.firebaseapp.com https:\/\/static-content.payment.global.rakuten.com https:\/\/ticketdive.com https:\/\/www.ticketdive.com https:\/\/playyte-ticket-prod.firebaseapp.com; child-src 'self' blob:; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; form-action 'self' https:\/\/payment.global.rakuten.com https:\/\/www.facebook.com; upgrade-insecure-requests; report-uri https:\/\/o1057948.ingest.us.sentry.io\/api\/4508323278159872\/security\/?sentry_key=7a516df40f9edada722a09357c338cc9; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-U82obBJlHW3KbXt8o9aXeA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" font-src *.cloudflare.com *.twitter.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com fonts.gstatic.com https:\/\/script.hotjar.com *.fonts.googleapis.com data: https:\/\/b2c-static.staging.popolini.com https:\/\/static.popolini.com https:\/\/static.popolini.ch https:\/\/static.popolini.hu https:\/\/static-b2c.popolini.dev 'self' data: data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.twitter.com test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline'; frame-ancestors https:\/\/*.etracker.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https:\/\/www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https:\/\/www.google.com\/recaptcha\/ landofcoder.com *.youtube.com\/ www.facebook.com platform.twitter.com https:\/\/challenges.cloudflare.com *.google.com *.addthis.com *.sharethis.com *.pinterest.com https:\/\/www.youtube-nocookie.com test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/maps.gstatic.com https:\/\/maps.googleapis.com https:\/\/*.etracker.com https:\/\/*.etracker.de *.cloudflare.com *.cdn.klarna.com *.googleadservices.com *.google-analytics.com *.paypal.com *.twitter.com *.twimg.com *.s.ytimg.com *.lightemporium.com *.usercentrics.eu www.facebook.com *.pinterest.com assets.pinterest.com syndication.twitter.com https:\/\/www.facebook.com https:\/\/c.clarity.ms https:\/\/c.bing.com *.widgets.magentocommerce.com *.fpdbs.paypal.com *.t.paypal.com *.fpdbs.sandbox.paypal.com *.googleapis.com *.gstatic.com *.addthis.com *.sharethis.com *.cdninstagram.com https:\/\/b2c-media.staging.popolini.com https:\/\/media.popolini.com https:\/\/media.popolini.ch https:\/\/media.popolini.hu https:\/\/media-b2c.popolini.dev https:\/\/b2c-static.staging.popolini.com https:\/\/static.popolini.com https:\/\/static.popolini.ch https:\/\/static.popolini.hu https:\/\/static-b2c.popolini.dev test.saferpay.com www.saferpay.com saferpay.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/*.etracker.com https:\/\/*.etracker.de landofcoder.com *.cloudflare.com *.twitter.com *.google-analytics.com *.twimg.com *.gstatic.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.trackedlink.net *.facebook.com twitter.com platform.twitter.com static.addtoany.com https:\/\/challenges.cloudflare.com https:\/\/connect.facebook.net https:\/\/script.hotjar.com https:\/\/static.hotjar.com https:\/\/www.clarity.ms *.googleapis.com *.addthis.com *.sharethis.com *.moatads.com *.addthisedge.com *.pinterest.com *.instagram.com https:\/\/devdocs.magento.com https:\/\/magento.com https:\/\/b2c-static.staging.popolini.com https:\/\/static.popolini.com https:\/\/static.popolini.ch https:\/\/static.popolini.hu https:\/\/static-b2c.popolini.dev test.saferpay.com www.saferpay.com saferpay.com *.hsforms.net *.hsforms.com *.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/b2c-media.staging.popolini.com https:\/\/media.popolini.com https:\/\/media.popolini.ch https:\/\/media.popolini.hu https:\/\/media-b2c.popolini.dev https:\/\/b2c-static.staging.popolini.com https:\/\/static.popolini.com https:\/\/static.popolini.ch https:\/\/static.popolini.hu https:\/\/static-b2c.popolini.dev 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/maps.googleapis.com https:\/\/*.etracker.de landofcoder.com *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com *.googleadservices.com *.google-analytics.com *.sandbox.paypal.com *.paypalobjects.com *.trackedlink.net *.ampproject.org stats.addtoany.com https:\/\/challenges.cloudflare.com wss:\/\/ws.hotjar.com https:\/\/content.hotjar.io https:\/\/h.clarity.ms https:\/\/in.hotjar.com *.googleapis.com *.addthis.com *.sharethis.com *.cardinalcommerce.com *.graph.instagram.com https:\/\/stats.g.doubleclick.net https:\/\/b2c-static.staging.popolini.com https:\/\/static.popolini.com https:\/\/static.popolini.ch https:\/\/static.popolini.hu https:\/\/static-b2c.popolini.dev test.saferpay.com www.saferpay.com saferpay.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src test.saferpay.com www.saferpay.com saferpay.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-5ts8IvLjqGQeLIO1bFiHLg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" object-src 'none'; script-src 'nonce-ytsVpIG1qzjgBHl19DEaLQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:; base-uri 'none'; report-uri https:\/\/o463592.ingest.sentry.io\/api\/5471479\/security\/?sentry_key=ab531d6dca0d488898493ccc9706f202&sentry_environment=prod","count":1},{"content-security-policy-report-only":" default-src *; img-src https:; frame-src 'none'","count":1},{"content-security-policy-report-only":" font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.bootstrapcdn.com *.cloudflare.com *.cloudfront.net *.fontawesome.com *.hotjar.com *.sfdcstatic.com *.shopify.com *.trustedshops.com *.twimg.com *.twitter.com *.checkout.vficloud.net *.vficloud.net *.amazonaws.com *.checkout.verifone.cloud *.verifone.cloud https:\/\/fonts.gstatic.com *.klevu.com *.ksearchnet.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.facebook.com *.swellrewards.com *.twitter.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.checkout.vficloud.net *.vficloud.net *.checkout.verifone.cloud *.verifone.cloud 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.boyslife.org *.chasepaymentechhostedpay.com *.chasepaymentechhostedpay-var.com *.doubleclick.net *.facebook.com *.force.com *.hotjar.com *.kaptcha.com *.scouting.org *.swellrewards.com *.twitter.com *.weltpixel.com *.checkout.vficloud.net *.vficloud.net *.checkout.verifone.cloud *.verifone.cloud js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * www.xtento.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com *.googleapis.com *.cookiebot.com *.amazonaws.com *.bing.com *.clarity.ms *.cloudflare.com *.cloudfront.net *.facebook.com *.facebook.net *.google.com *.google.co.in *.google.lv *.googleadservices.com *.googletagmanager.com *.hotjar.com *.klarna.com *.lightemporium.com *.magentocommerce.com *.scoutshop.org *.scoutstuff.org *.shopify.com *.siteimproveanalytics.io *.smsbump.com *.swellrewards.com *.twimg.com *.twitter.com *.usercentrics.eu *.ytimg.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.reddit.com https:\/\/www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com player.vimeo.com www.vimeo.com *.vimeocdn.com www.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/maps.googleapis.com *.googleapis.com *.gstatic.com *.cookiebot.com *.verifone.cloud *.clarity.ms *.cloudflare.com *.crazyegg.com *.doubleclick.net *.ecomm-nav.com *.facebook.net *.fontawesome.com *.force.com *.google-analytics.com *.googleoptimize.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.jquery.com *.klaviyo.com *.nextopia.net *.nextopiasoftware.com *.paypal.com *.salesforceliveagent.com siteimproveanalytics.com *.stape.io *.swellrewards.com *.trustedshops.com *.twimg.com *.twitter.com *.usercentrics.eu *.vficloud.net *.chasepaymentechhostedpay-var.com *.chasepaymentechhostedpay.com *.my.salesforce-sites.com *.lightning.force.com *.secure.force.com *.checkout.vficloud.net *.checkout.verifone.cloud widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/www.googletagmanager.com tagmanager.google.com *.redditstatic.com *.reddit.com unpkg.com *.kaptcha.com js.mollie.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com youtu.be www.xtento.com cdn.xtento.com https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.bootstrapcdn.com *.cloudflare.com *.fontawesome.com *.force.com *.google.com *.googleapis.com *.gstatic.com *.klaviyo.com *.nextopia.net *.swellrewards.com *.trustedshops.com *.twimg.com *.twitter.com *.typekit.net *.usercentrics.eu *.secure.force.com widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/fonts.googleapis.com *.klevu.com *.ksearchnet.com tagmanager.google.com assets.braintreegateway.com https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.scoutshop.org player.vimeo.com www.youtube.com youtu.be 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com *.googleapis.com *.cookiebot.com *.clarity.ms *.cloudflare.com *.crazyegg.com *.doubleclick.net *.facebook.com *.google.lv *.hotjar.com *.hotjar.io *.klaviyo.com *.scoutshop.org *.socialannex.com *.swellrewards.com *.twimg.com *.twitter.com wss: *.secure.force.com *.checkout.vficloud.net *.vficloud.net *.checkout.verifone.cloud *.verifone.cloud widget.freshworks.com m2epro.freshdesk.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.kaptcha.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.klaviyo.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/f0e6bfef-e270-42d2-8f01-c8e72656172d.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" object-src  'none'; connect-src 'self' *.21sextury.com *.21members.com cognito-identity.us-east-1.amazonaws.com backend.getbeamer.com *.comm100.io *.algolia.net insights.algolia.io *.algolianet.com *.gammaapis.com *.gammacdn.com analytics.google.com *.google-analytics.com adservice.google.com *.analytics.google.com *.doubleclick.net *.pubnub.com *.lovense.com *.handyfeeling.com www.gammaentertainment.com *.tiypa.com *.recombee.us dasasoveekepl.cloudfront.net capture.trackjs.com ws: jlduihq7lrcdxgw4vrndhdfcsq.appsync-api.us-east-1.amazonaws.com tcs4u525zrg5hnnoe5kzndxuaq.appsync-api.us-east-1.amazonaws.com xtnzefcqrb.execute-api.us-east-1.amazonaws.com 2aed6ghjsb4436qtebuqk3gfzq0xeauy.lambda-url.us-east-1.on.aws lzzos7clo5.execute-api.us-east-1.amazonaws.com *.izooto.com www.idealgasm.com 3tt0xhv5u7.execute-api.us-east-1.amazonaws.com; form-action 'self' *.21sextury.com *.21members.com join.gammasecure.com; script-src 'self' *.21sextury.com *.21members.com app.getbeamer.com static.getbeamer.com blob: vue.comm100.com standby.comm100vue.com *.gammacdn.com www.google-analytics.com www.googletagmanager.com www.gstatic.com www.google.com code.jquery.com d3a3ewgd1iewwz.cloudfront.net cdn.izooto.com 'unsafe-eval' 'unsafe-inline'; frame-src 'self' *.21sextury.com *.21members.com push.getbeamer.com app.getbeamer.com www.google.com *.doubleclick.net cdn.izooto.com *.banhq.com; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-api-key=pub787d5a6164b329b26f2e4f7956bbed10&dd-evp-origin=content-security-policy&ddsource=csp-prod&ddtags=CSP-Prod;","count":1},{"content-security-policy-report-only":" report-uri https:\/\/www.yelp.com\/csp_report_only?id=6582b0f0b5ff57c6&page=csp_report_frame_directives%2Cfull_site_ssl_csp_report_directives&policy_hash=41d0c45536d2a082f11d1cd0e00fde7f&site=www&timestamp=1778729224; frame-ancestors 'self' https:\/\/*.yelp.com; default-src https:; img-src https: data: blob:; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; font-src data: https:; child-src https: yelp-webview:\/\/* yelp:\/\/* data:; object-src 'none'; worker-src blob: https:; base-uri 'self'; form-action https:","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.klevu.com *.ksearchnet.com https:\/\/www.gstatic.com https:\/\/fonts.gstatic.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com https:\/\/*.google.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.paytrace.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.weltpixel.com *.googletagmanager.com *.doubleclick.net *.typeform.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.googleusercontent.com magefan.com cm.magefan.com *.disqus.com https:\/\/img.youtube.com https:\/\/meetanshi.com\/media\/logo.png fmgaggi.com images.simpletire.com rs.fullstory.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/bat.bing.com https:\/\/t.co https:\/\/analytics.twitter.com https:\/\/www.facebook.com https:\/\/px.ads.linkedin.com https:\/\/analytics.tiktok.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.pinterest.com *.pinimg.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com *.yotpo.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.magento-ds.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/*.ggpht.com https:\/\/*.googleusercontent.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com https:\/\/challenges.cloudflare.com *.disqus.com *.paytrace.com hotjar.com fmgaggi.com simpletire.com edge.fullstory.com rs.fullstory.com cdn.rudderlabs.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/bat.bing.com https:\/\/static.ads-twitter.com https:\/\/connect.facebook.net https:\/\/snap.licdn.com https:\/\/analytics.tiktok.com https:\/\/us-assets.i.posthog.com https:\/\/eu-assets.i.posthog.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.googletagmanager.com *.googleadservices.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com unpkg.com *.doubleclick.net *.typeform.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net https:\/\/js.klevu.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com https:\/\/fonts.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com simpletire.com assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com *.typeform.com *.yotpo.com *.googleapis.com dhv2ziothpgrr.cloudfront.net https:\/\/statsjs.klevu.com https:\/\/js.klevu.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.magento.com *.adobe.io performance.typekit.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com api.addressy.com https:\/\/ipinfo.io https:\/\/*.google.com https:\/\/*.gstatic.com https:\/\/*.googleapis.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com fmgaggi.com static.hotjar.com simpletire.com affiliate.simpletire.com edge.fullstory.com rs.fullstory.com api.rudderstack.com https:\/\/www.google-analytics.com https:\/\/region1.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/bat.bing.com https:\/\/analytics.twitter.com https:\/\/www.facebook.com https:\/\/px.ads.linkedin.com https:\/\/analytics.tiktok.com https:\/\/us.i.posthog.com https:\/\/eu.i.posthog.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.pinterest.com *.pinimg.com sc-static.net *.snapchat.com *.doubleclick.net *.run.app *.typeform.com *.yotpo.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'none' ; img-src 'self' data: https:\/\/blob.userflow.com https:\/\/cdn.userflow.com https:\/\/js.userflow.com https:\/\/storage.googleapis.com\/studio1-prod-blob\/ * ; connect-src 'self' https:\/\/browser-intake-datadoghq.eu https:\/\/rum.browser-intake-datadoghq.eu https:\/\/logs.browser-intake-datadoghq.eu https:\/\/session-replay.browser-intake-datadoghq.eu https:\/\/api.analytics.pigment.app https:\/\/cdn.analytics.pigment.app https:\/\/auth.pigment.app https:\/\/staging-login.pigment.app wss:\/\/pigment.app wss:\/\/e.userflow.com https:\/\/cdn.userflow.com https:\/\/e.userflow.com https:\/\/js.userflow.com https:\/\/rs.fullstory.com wss:\/\/rs.fullstory.com https:\/\/edge.fullstory.com https:\/\/global.oktacdn.com https:\/\/api.segment.io https:\/\/cdn.segment.com https:\/\/api.maptiler.com https:\/\/api.vitally-eu.io https:\/\/app.vitally-eu.io https:\/\/use.typekit.net https:\/\/fonts.googleapis.com https:\/\/fonts.gstatic.com cdn.vitally-eu.io ; script-src 'self' cdn.analytics.pigment.app edge.fullstory.com rs.fullstory.com js.userflow.com cdn.userflow.com cdn.announcekit.app cdn.segment.com cdn.vitally-eu.io *.front-tools.pigment.app ; frame-src announcekit.co auth.pigment.app staging-login.pigment.app https:\/\/fast.wistia.net pigmentforms.typeform.com ; style-src 'self' 'unsafe-inline' js.userflow.com cdn.userflow.com fonts.googleapis.com cdn.announcekit.co https:\/\/use.typekit.net https:\/\/p.typekit.net ; worker-src blob: ; font-src 'self' https:\/\/use.typekit.net fonts.gstatic.com data: ; manifest-src 'self' ; object-src 'none' ; media-src https:\/\/blob.userflow.com https:\/\/cdn.userflow.com https:\/\/storage.googleapis.com\/studio1-prod-blob\/ ; frame-ancestors https:\/\/pigment7-dev-ed.develop.lightning.force.com\/ https:\/\/pigment7-dev-ed--c.develop.vf.force.com\/ https:\/\/wiki.klarna.net\/ ; base-uri 'self' ; form-action https:\/\/announcekit.co ; report-uri https:\/\/csp-report.browser-intake-datadoghq.eu\/api\/v2\/logs?dd-api-key=pub64383535b37d7304649259d5e5c3e089&dd-evp-origin=content-security-policy&ddsource=csp-report ; report-to report ;","count":1},{"content-security-policy-report-only":" font-src https:\/\/fonts.gstatic.com *.klevu.com *.ksearchnet.com fonts.gstatic.com blog.vintageking.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.syfpos.com *.facebook.com blog.vintageking.com 'self' 'unsafe-inline'; frame-ancestors blog.vintageking.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com *.affirm.com *.affirm.ca c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * syf.demdex.net *.syfpos.com *.syf.com *.weltpixel.com www.xtento.com *.wesupply.xyz https:\/\/wesupplylabs.com *.googletagmanager.com *.doubleclick.net https:\/\/*.online-metrix.net https:\/\/imgs.signifyd.com blog.vintageking.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https:\/\/images.unsplash.com *.affirm.com *.affirm.ca https:\/\/helloextend-static-assets.s3.amazonaws.com validate.fishpig.co.uk www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.syfpos.com *.syf.com analytics.synchrony.com *.d1.sc.omtrdc.net www.xtento.com cdn.xtento.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.gstatic.com *.facebook.com *.reddit.com *.ads-twitter.com t.co *.twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.google-analytics.com *.googletagmanager.com *.doubleclick.net *.google.com https:\/\/imgs.signifyd.com https:\/\/*.online-metrix.net blog.vintageking.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.affirm.com *.affirm.ca https:\/\/*.helloextend.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com https:\/\/*.leadmanagerfx.com https:\/\/*.marketingcloudfx.com www.xtento.com cdn.xtento.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.cloudflare.com *.googletagmanager.com *.googleadservices.com *.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.ads-twitter.com *.bing.com *.clarity.ms *.klaviyo.com unpkg.com *.doubleclick.net https:\/\/cdn-scripts.signifyd.com https:\/\/imgs.signifyd.com blog.vintageking.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https:\/\/fonts.googleapis.com unsafe-inline assets.braintreegateway.com *.syfpos.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.tagmanager.google.com *.googletagmanager.com fonts.googleapis.com blog.vintageking.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com blog.vintageking.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.affirm.com *.affirm.ca https:\/\/*.helloextend.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net https:\/\/*.leadmanagerfx.com https:\/\/*.marketingcloudfx.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.twitter.com *.ads-twitter.com *.bing.com *.bing.net *.klaviyo.com *.clarity.ms *.doubleclick.net *.run.app https:\/\/imgs.signifyd.com blog.vintageking.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com blog.vintageking.com http: https: blob: 'self' 'unsafe-inline'; default-src blog.vintageking.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' *.cvent.com *.cvent.org *.cvent-assets.com *.cvent.cloud; font-src 'self' *.cvent.com *.cvent.org *.cvent-assets.com *.cvent.cloud; style-src 'self' 'nonce-f29e700aaa0d1fc2ff283ddd8b620d9cc3a47738' *.cvent.com *.cvent.org *.cvent-assets.com *.cvent.cloud; script-src 'self' 'nonce-f29e700aaa0d1fc2ff283ddd8b620d9cc3a47738' *.cvent.com *.cvent.org *.cvent-assets.com *.twitter.com *.youtube.com; connect-src 'self' *.cvent.com *.cvent.org *.cvent-assets.com *.cvent.cloud *.rudderstack.com *.google-analytics.com https:\/\/browser-intake-datadoghq.com; img-src 'self' data: *.cvent.com *.cvent.org *.cvent-assets.com *.cloudflare.com maps.googleapis.com *.twitter.com; frame-src 'self' *.cvent.cloud *.cvent.com *.cvent.org *.twitter.com *.youtube.com player.vimeo.com; form-action 'self' *.cvent.com *.cvent.org *.concursolutions.com; media-src 'self'; worker-src 'self'; manifest-src 'self' *.cvent.com *.cvent.org *.cvent-assets.com *.cvent.cloud; base-uri 'self'; frame-ancestors 'self' *.cvent.com *.cvent.org; report-uri https:\/\/csp-report.browser-intake-datadoghq.com\/api\/v2\/logs?dd-evp-origin=content-security-policy&ddsource=csp-report&dd-api-key=pub2e2906d0f0a159d6677236241e47cf74&ddtags=service%3Aevent-guestside-site%2Cenv%3Apr53","count":1},{"content-security-policy-report-only":" default-src 'self'; base-uri 'self'; child-src 'self' *.youtube-nocookie.com *.twitter.com *.gstatic.com *.googleapis.com *.googletagmanager.com 3f5l8ze0o4j2m.cloudfront.net *.youtube.com *.youtube-no-cookie.com *.ytimg.com *.google.com www.google.com https:\/\/player.vimeo.com https:\/\/www.facebook.com https:\/\/staticxx.facebook.com; connect-src 'self' *.twimg.com *.twitter.com *.gstatic.com *.googleapis.com *.google-analytics.com https:\/\/www.facebook.com\/tr http:\/\/*.hotjar.com:* https:\/\/*.hotjar.com:* http:\/\/*.hotjar.io https:\/\/*.hotjar.io wss:\/\/*.hotjar.com https:\/\/heatmaps.monsido.com https:\/\/stats.g.doubleclick.net\/ https:\/\/analytics.tiktok.com\/ https:\/\/px.ads.linkedin.com https:\/\/region1.analytics.google.com https:\/\/www.google.com https:\/\/analytics.google.com a.eu.silktide.com a.us.silktide.com https:\/\/js-ap1.hscollectedforms.net https:\/\/forms-ap1.hscollectedforms.net; frame-src 'self' https:\/\/staticcdn.co.nz https:\/\/*.hotjar.com http:\/\/*.hotjar.io https:\/\/*.hotjar.io *.youtube-nocookie.com *.twitter.com *.gstatic.com *.googleapis.com *.googletagmanager.com 3f5l8ze0o4j2m.cloudfront.net *.youtube.com *.youtube-no-cookie.com *.ytimg.com *.google.com www.google.com https:\/\/player.vimeo.com https:\/\/www.facebook.com https:\/\/staticxx.facebook.com https:\/\/optimize.google.com https:\/\/tr.snapchat.com https:\/\/bid.g.doubleclick.net\/ https:\/\/td.doubleclick.net; frame-ancestors 'self'; font-src 'self' *.twimg.com *.twitter.com *.gstatic.com *.googleapis.com fonts.gstatic.com fonts.googleapis.com http:\/\/*.hotjar.com https:\/\/*.hotjar.com http:\/\/*.hotjar.io https:\/\/*.hotjar.io https:\/\/use.typekit.net data: 'self'; form-action 'self' *.twitter.com https:\/\/www.facebook.com\/tr\/ https:\/\/connect.facebook.com https:\/\/tr.snapchat.com\/; img-src 'self' *.twimg.com *.twitter.com *.gstatic.com *.googleapis.com *.google-analytics.com *.googletagmanager.com d3f5l8ze0o4j2m.cloudfront.net *.ytimg.com http:\/\/*.hotjar.com https:\/\/*.hotjar.com http:\/\/*.hotjar.io https:\/\/*.hotjar.io https:\/\/staticcdn.co.nz\/embed\/close.png https:\/\/optimize.google.com https:\/\/p.typekit.net https:\/\/px.ads.linkedin.com https:\/\/bat.bing.com\/ https:\/\/p.adsymptotic.com\/ https:\/\/www.google.com\/ https:\/\/www.google.co.nz\/ https:\/\/www.google.co.uk\/ https:\/\/tracking.monsido.com\/ https:\/\/cdn.monsido.com\/ https:\/\/www.linkedin.com\/ https:\/\/dc.ads.linkedin.com\/ data: https:\/\/www.facebook.com https:\/\/www.xn--tepkenga-szb.ac.nz https:\/\/px4.ads.linkedin.com https:\/\/i.vimeocdn.com https:\/\/forms-ap1.hsforms.com https:\/\/track-ap1.hubspot.com https:\/\/www.google.com.au\/; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.jquery.com *.staticcdn.co.nz https:\/\/use.typekit.net https:\/\/cdnjs.cloudflare.com http:\/\/*.hotjar.com https:\/\/*.hotjar.com http:\/\/*.hotjar.io https:\/\/*.hotjar.io https:\/\/static.hotjar.com\/* d3f5l8ze0o4j2m.cloudfront.net https:\/\/connect.facebook.net https:\/\/staticcdn.co.nz https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google-analytics.com\/analytics.js https:\/\/stats.g.doubleclick.net https:\/\/optimize.google.com https:\/\/snap.licdn.com\/li.lms-analytics\/insight.min.js https:\/\/bat.bing.com https:\/\/46e2fa37ca504ebc8217a70ea9c22c81.js.ubembed.com\/ https:\/\/sc-static.net\/ https:\/\/www.nmit.ac.nz\/ https:\/\/app-script.monsido.com\/ https:\/\/assets.ubembed.com\/ https:\/\/vxml4.plavxml.com\/ https:\/\/heatmaps.monsido.com\/ https:\/\/cdn.monsido.com\/ https:\/\/analytics.tiktok.com\/ https:\/\/googleads.g.doubleclick.net\/ https:\/\/www.googleadservices.com\/ https:\/\/tags.tiqcdn.com https:\/\/analytics.silktide.com https:\/\/snap.licdn.com https:\/\/js-ap1.hs-scripts.com https:\/\/js-ap1.hscollectedforms.net https:\/\/js-ap1.hs-banner.com https:\/\/js-ap1.hs-analytics.net; style-src 'self' 'unsafe-inline' *.twimg.com *.twitter.com *.gstatic.com *.googleapis.com fonts.googleapis.com https:\/\/optimize.google.com\/optimize\/editor\/css\/css.css https:\/\/optimize.google.com https:\/\/www.nmit.ac.nz\/themes\/nmit\/css\/cookieconsent.min.css;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com data: https:\/\/api.systempay.fr\/static\/ *.fontawesome.com https:\/\/cdnjs.cloudflare.com *.googleusercontent.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/paiement.systempay.fr\/vads-payment\/ https:\/\/api.systempay.fr\/api-payment\/ https:\/\/api.systempay.fr\/static\/ *.hsforms.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com https:\/\/paiement.systempay.fr\/vads-payment\/ https:\/\/api.systempay.fr\/static\/ https:\/\/www.googletagmanager.com\/ *.hs-sites.com *.hsforms.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.googleapis.com https:\/\/paiement.systempay.fr\/static\/latest\/images\/type-carte\/ https:\/\/api.systempay.fr\/static\/ https:\/\/paiement.systempay.fr\/vads-payment\/ http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ https:\/\/maps.googleapis.com https:\/\/maps.gstatic.com https:\/\/www.google.fr https:\/\/api.mapbox.com *.tile.openstreetmap.org *.axept.io *.google.com *.googletagmanager.com *.googleusercontent.com *.hsforms.com *.hubspot.com *.imgix.net *.openstreetmap.org *.hsforms.net 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ https:\/\/api.systempay.fr\/api-payment\/ https:\/\/api.systempay.fr\/static\/ http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com *.axept.io *.facebook.net *.googletagmanager.com *.hotjar.com *.hs-analytics.net *.hs-banner.com *.hs-scripts.com *.hscollectedforms.net *.hsforms.net *.hubspot.com *.bing.com *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/api.systempay.fr\/static\/ *.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.googletagmanager.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com https:\/\/paiement.systempay.fr\/vads-payment\/ https:\/\/api.systempay.fr\/api-payment\/ http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/maps.googleapis.com https:\/\/nominatim.openstreetmap.org *.axept.io *.axeptio.tech *.google-analytics.com *.hotjar.com *.hotjar.io wss:\/\/ws.hotjar.com *.hsforms.com *.hscollectedforms.net *.hubspot.com t.elasticsuite.io *.hsforms.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src https:\/\/paiement.systempay.fr\/vads-payment\/ https:\/\/api.systempay.fr\/api-payment\/ https:\/\/api.systempay.fr\/static\/ *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/76c33e6e-b3ed-47af-8820-21ea80415831.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src blob: https:\/\/*.mhcache.com;font-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.gstatic.com;frame-src 'self' https:\/\/*.mhcache.com https:\/\/portal.allyable.com https:\/\/mh-site-files-5c53d6a9947c.s3.amazonaws.com https:\/\/myheritage-container.com https:\/\/www.myheritage-partners.com https:\/\/www.myheritage.com https:\/\/*.mk-sense.com https:\/\/player.vimeo.com https:\/\/*.facebook.com https:\/\/*.google.com https:\/\/tpc.googlesyndication.com https:\/\/*.doubleclick.net https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/recaptcha.google.com\/recaptcha\/  https:\/\/widget.trustpilot.com;script-src https:\/\/accounts.google.com\/gsi\/client https:\/\/www.datadoghq-browser-agent.com https:\/\/appleid.cdn-apple.com https:\/\/www.google.com\/recaptcha\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/ajax.googleapis.com\/ajax\/libs\/threejs\/r69\/three.min.js *.myheritage.no https:\/\/www.myheritage.no  'unsafe-eval' 'nonce-4218df3f65065c0fdcef556bf15aa588' 'strict-dynamic' https:\/\/widget.trustpilot.com https:\/\/invitations.trustpilot.com;style-src data: blob: 'unsafe-inline' 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com https:\/\/fonts.googleapis.com https:\/\/accounts.google.com\/gsi\/style  https:\/\/widget.trustpilot.com;connect-src data: 'self' https:\/\/*.myheritage.com https:\/\/portal.allyable.com https:\/\/*.mhcache.com https:\/\/adservice.google.com https:\/\/*.logs.datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/browser-intake-datadoghq.com https:\/\/sentry.io https:\/\/*.bing.com https:\/\/*.facebook.com https:\/\/*.doubleclick.net https:\/\/*.mk-sense.com https:\/\/*.filae.com https:\/\/accounts.google.com\/gsi\/ https:\/\/www.google.com\/pagead\/landing https:\/\/maps.googleapis.com\/maps\/api\/mapsjs\/gen_204 https:\/\/translate.googleapis.com https:\/\/www.google.com\/ccm\/collect https:\/\/cdn.builder.io https:\/\/www.google.com\/recaptcha\/enterprise\/* https:\/\/www.google.com\/recaptcha\/enterprise\/ https:\/\/www.google.com\/recaptcha\/enterprise\/clr https:\/\/www.google.com\/recaptcha\/ https:\/\/maps.googleapis.com https:\/\/people.googleapis.com https:\/\/translate-pa.googleapis.com *.myheritage.no https:\/\/widget.trustpilot.com;media-src 'self' https:\/\/*.myheritage.com https:\/\/*.mhcache.com;frame-ancestors 'self' https:\/\/builder.io;img-src * data:  https:\/\/widget.trustpilot.com https:\/\/*.trustpilot.com;object-src 'none';base-uri 'self' https:\/\/*.mhcache.com;report-uri \/FP\/API\/ContentSecurityPolicy\/report-violation.php?report_mode=report&canonical_page_id=\/company\/home\/","count":1},{"content-security-policy-report-only":" img-src 'self' data: https:\/\/imageservice.asgoodasnew.com https:\/\/sw-assets.ekomiapps.de https:\/\/smart-widget-assets.ekomiapps.de https:\/\/control.wirkaufens.de https:\/\/region1.analytics.google.com https:\/\/wirkaufens.de https:\/\/www.wirkaufens.de https:\/\/asgoodasnew.omq.de https:\/\/i.ytimg.com https:\/\/www.google.de https:\/\/www.google.com https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/gum.criteo.com https:\/\/criteo-sync.teads.tv https:\/\/*.pubmatic.com https:\/\/rtb-csync.smartadserver.com https:\/\/x.bidswitch.net https:\/\/r.casalemedia.com https:\/\/exchange.mediavine.com https:\/\/sync.outbrain.com https:\/\/id5-sync.com https:\/\/criteo-partners.tremorhub.com https:\/\/ad.360yield.com https:\/\/sync-t1.taboola.com https:\/\/cs.media.net https:\/\/ad.yieldlab.net https:\/\/eb2.3lift.com https:\/\/a.twiago.com https:\/\/sync.1rx.io https:\/\/jadserve.postrelease.com https:\/\/rtb-csync.smartadserver.com https:\/\/www.facebook.com; connect-src 'self' https:\/\/sw-assets.ekomiapps.de https:\/\/api.melibo.de https:\/\/www.google.com https:\/\/region1.analytics.google.com https:\/\/stats.g.doubleclick.net https:\/\/asgoodasnew.omq.de https:\/\/*.google-analytics.com https:\/\/*.googletagmanager.com https:\/\/*.g.doubleclick.net https:\/\/*.google.com https:\/\/*.google.de https:\/\/pagead2.googlesyndication.com http:\/\/*.prod.svc.cluster.local email-smtp.eu-central-1.amazonaws.com https:\/\/marketing-tracking-api.asgoodasnew.com https:\/\/consent.cookie-script.com https:\/\/px.ads.linkedin.com https:\/\/*.clarity.ms https:\/\/bat.bing.com https:\/\/*.wirkaufens.de; frame-src 'self' https:\/\/gum.criteo.com https:\/\/www.awin1.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/load.control.asgoodasnew.com https:\/\/www.google.com https:\/\/www.googletagmanager.com https:\/\/control.wirkaufens.de https:\/\/load.control.wirkaufens.de https:\/\/load.control.asgoodasnew.de; script-src 'self' 'unsafe-inline' https:\/\/wirkaufens.de https:\/\/load.control.asgoodasnew.com https:\/\/widgets.ekomi.com https:\/\/sw-assets.ekomiapps.de https:\/\/smart-widget-assets.ekomiapps.de https:\/\/cdn.melibo.de https:\/\/cdn.cookie-script.com https:\/\/cdnjs.cloudflare.com https:\/\/googleads.g.doubleclick.net https:\/\/bat.bing.com https:\/\/asgoodasnew.omq.de https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.youtube.com https:\/\/s.ytimg.com https:\/\/*.googletagmanager.com https:\/\/load.control.wirkaufens.de https:\/\/load.control.asgoodasnew.de; script-src-elem https:\/\/snap.licdn.com https:\/\/wirkaufens.de https:\/\/*.wirkaufens.de https:\/\/*.criteo.com https:\/\/www.dwin1.com; script-src-attr 'unsafe-hashes' 'sha256-0Uy5vBKw53G9\/Do8gNnkyq3xMeHsxUEB3lEAcdC5hfY=' 'sha256-1GpHD8bKgKhA8V5aMEGApTKzX9Hzg1p40SvwgKWVEhE=' 'sha256-f1iyv5FTgUdqb44YRAFA+o0KAatXEpeDEliuQXCh8Do=' 'sha256-OEbd\/fw3yX\/3rcudfghuOrjjEH2r7jIKcyJpCTOSDBU='; frame-ancestors 'self' https:\/\/asgoodasnew.de\/ https:\/\/asgoodasnew.fr\/ https:\/\/asgoodasnew.es\/ https:\/\/asgoodasnew.it\/; report-uri https:\/\/cors-monitoring-test.asgoodasnew.cloud\/csp-violation-report-endpoint\/","count":1},{"content-security-policy-report-only":" default-src 'self' *.doubleclick.net get.geojs.io sgtm.adagio-city.com; child-src 'self' blob:; connect-src 'self' cdn.cookielaw.org maps.googleapis.com *.googletagmanager.com *.cedexis.com *.google-analytics.com *.contentsquare.net connect.facebook.net *.tradelab.fr ib.adnxs.com *.googleadservices.com ad.avtm.fr *.google.com.ua *.cardinalcommerce.com *.online-metrix.net *.fastlylb.net *.facebook.com *.execute-api.us-east-1.amazonaws.com *.google.nl *.metaffiliation.com *.wonderpush.com *.analytics.google.com googleads.g.doubleclick.net *.cedexis-radar.net *.google.com *.doubleclick.net ipinfo.io *.gstatic.com a-cedexis.msedge.net *.onetrust.com *.fastlyb.net swrap.tradedoubler.com sgtm.adagio-city.com *.pinterest.com s.pinimg.com get.geojs.io analytics.tiktok.com *.nr-data.net *.us-east-1.amazonaws.com *.kontorolabs.com *.sojern.com bat.bing.net bat.bing.com *.ip-api.com 2643.userly.net mapsresources-pa.googleapis.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com; font-src *; frame-src 'self' *.cedexis-test.com *.doubleclick.net static.addtoany.com *.google.com *.youtube.com my.matterport.com *.citrix-itm-test.com *.facebook.com *.fbcdn.net *.citm-test.com *.cardinalcommerce.com *.online-metrix.net cedexis-test.gcorelabs.com *.contentsquare.net csxd.all.accor.com csxd.mag-adagio.com ct.pinterest.com s.pinimg.com *.adagio-city.com *.googletagmanager.com sgtm.adagio-city.com *.itm.cloud.com *.by.wonderpush.com data: blob:; img-src * data:; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' adagio.nonce cdn.cookielaw.org maps.googleapis.com *.googletagmanager.com *.cedexis.com *.google-analytics.com ssl.google-analytics.com *.contentsquare.net connect.facebook.net *.tradelab.fr ib.adnxs.com *.googleadservices.com googleads.g.doubleclick.net *.cedexis-radar.net *.google.com *.doubleclick.net ipinfo.io *.gstatic.com a-cedexis.msedge.net *.onetrust.com *.fastlyb.net swrap.tradedoubler.com ad.avtm.fr *.google.com.ua *.google.de *.cardinalcommerce.com *.elitrack.com *.metaffiliation.com *.wonderpush.com ct.pinterest.com s.pinimg.com *.sojern.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/github.com https:\/\/static.addtoany.com https:\/\/try.abtasty.com https:\/\/www.google.com staticaws.fbwebprogram.com; script-src-attr 'self' 'unsafe-hashes' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' cdn.cookielaw.org maps.googleapis.com *.googletagmanager.com *.cedexis.com *.google-analytics.com *.contentsquare.net connect.facebook.net *.tradelab.fr ib.adnxs.com *.googleadservices.com googleads.g.doubleclick.net *.cedexis-radar.net *.google.com *.doubleclick.net ipinfo.io *.gstatic.com a-cedexis.msedge.net *.onetrust.com *.fastlyb.net swrap.tradedoubler.com ad.avtm.fr *.google.com.ua *.cardinalcommerce.com *.online-metrix.net *.elitrack.com *.metaffiliation.com *.wonderpush.com s.pinimg.com cdn.jsdelivr.net *.adagio-city.com analytics.tiktok.com ct.pinterest.com bat.bing.com *.sojern.com surveys-static-prd.survicate-cdn.com survey.survicate.com 2643.userly.net https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/github.com https:\/\/static.addtoany.com https:\/\/try.abtasty.com https:\/\/www.google.com staticaws.fbwebprogram.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com; style-src-attr 'self' 'unsafe-hashes' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" base-uri 'self';  default-src 'self';  connect-src 'self' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googleadservices.com https:\/\/beyondwickedmapping.org https:\/\/*.google-analytics.com https:\/\/*.fra.meilisearch.io https:\/\/*.sanity.io https:\/\/*.snapchat.com https:\/\/*.googlesyndication.com https:\/\/consentcdn.cookiebot.com https:\/\/eu01.rec.mouseflow.com https:\/\/ad.doubleclick.net https:\/\/www.facebook.com https:\/\/vercel.live wss:\/\/ws-us3.pusher.com https:\/\/clerk.cappelendamm.no https:\/\/featuregates.org https:\/\/featureassets.org https:\/\/assetsconfigcdn.org https:\/\/prodregistryv2.org https:\/\/cloudflare-dns.com https:\/\/beyondwickedmapping.org https:\/\/clerk.www.flammeforlag.no\/ https:\/\/clerk.www.norskeserier.no https:\/\/clerk.flammeforlag.no\/ https:\/\/clerk.fontini.no\/ https:\/\/clerk.norskeserier.no https:\/\/browser-intake-datadoghq.eu;  font-src 'self' https:\/\/*.typekit.net https:\/\/cdn.mouseflow.com https:\/\/vercel.live https:\/\/assets.vercel.com;  frame-src 'self' https:\/\/assets-eur.mkt https:\/\/e.issuu.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/consentcdn.cookiebot.com https:\/\/tr.snapchat.com https:\/\/15316350.fls.doubleclick.net https:\/\/www.facebook.com https:\/\/vercel.live https:\/\/challenges.cloudflare.com https:\/\/open.spotify.com https:\/\/www.youtube.com;  img-src 'self' blob: data: https:\/\/cdn.sanity.io https:\/\/media.crystallize.com https:\/\/sr.bokbasen.io https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.google.com https:\/\/google.com https:\/\/tr.snapchat.com https:\/\/www.facebook.com https:\/\/vercel.live https:\/\/vercel.com https:\/\/imgsct.cookiebot.com https:\/\/ade.googlesyndication.com;  media-src 'self' https:\/\/sr.bokbasen.io;  object-src 'none';  script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.gstatic.com https:\/\/vercel.live https:\/\/*.cookiebot.com https:\/\/cdn.mouseflow.com https:\/\/connect.facebook.net https:\/\/sc-static.net https:\/\/static.readpeak.com https:\/\/*.snapchat.com https:\/\/www.youtube.com https:\/\/clerk.cappelendamm.no https:\/\/clerk.flammeforlag.no https:\/\/clerk.www.flammeforlag.no https:\/\/clerk.fontini.no https:\/\/clerk.norskeserier.no https:\/\/clerk.www.norskeserier.no;  style-src 'self' 'unsafe-inline' https:\/\/vercel.live https:\/\/*.typekit.net https:\/\/cdn.jsdelivr.net\/gh\/paulirish\/lite-youtube-embed@master\/src\/lite-yt-embed.css https:\/\/checkout.dibspayment.eu;  worker-src 'self' blob:;  upgrade-insecure-requests;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com cdn.livechatinc.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.paypal.com *.punchout2go.com *.tradecentric.com https:\/\/connect.punchout2go.com 'self' 'unsafe-inline'; frame-ancestors https:\/\/cdn.livechatinc.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.demdex.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com *.punchout2go.com *.tradecentric.com https:\/\/*.adobeio-static.net https:\/\/cdn.chatbot.com https:\/\/*.doubleclick.net https:\/\/*.livechatinc.com https:\/\/vars.hotjar.com https:\/\/*.paymetric.com https:\/\/stementorstg.wpengine.com https:\/\/calendar.time.ly https:\/\/*.worldpay.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net *.files-text.com *.livechatinc.com *.livechat-files.com *.livechat-static.com https:\/\/p.adsymptotic.com https:\/\/hm.baidu.com\/hm.gif https:\/\/bat.bing.com https:\/\/c.bing.com https:\/\/c.clarity.ms https:\/\/*.doubleclick.net https:\/\/d3cgm8py10hi0z.cloudfront.net\/is.gif https:\/\/www.facebook.com\/privacy_sandbox\/ https:\/\/www.facebook.com\/tr\/ https:\/\/maps.googleapis.com\/maps\/ https:\/\/maps.gstatic.com\/mapfiles\/ https:\/\/www.google.ca\/pagead\/ https:\/\/www.google.com\/pagead\/ https:\/\/www.google.ca\/ads\/ https:\/\/www.google.com\/ads\/ https:\/\/www.googletagmanager.com https:\/\/static.kameleoon.com https:\/\/*.ads.linkedin.com https:\/\/cdn.files-text.com\/api\/accounts\/avatars\/ https:\/\/connect.punchout2go.com https:\/\/*.stemcell.com https:\/\/t.co https:\/\/analytics.twitter.com https:\/\/sp.analytics.yahoo.com https:\/\/www.linkedin.com https:\/\/id.rlcdn.com https:\/\/aorta.clickagy.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io assets.adobedtm.com *.magento-ds.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com www.googletagmanager.com *.livechatinc.com *.livechat-static.com *.punchout2go.com *.tradecentric.com https:\/\/cdn.recapture.io https:\/\/*.adobeio-static.net https:\/\/acds-events.adobe.io https:\/\/rum.hlx.page https:\/\/maps.googleapis.com https:\/\/hm.baidu.com\/hm.js https:\/\/bat.bing.com https:\/\/*.clarity.ms https:\/\/cdn.chatbot.com https:\/\/tags.clickagy.com https:\/\/www.clickcease.com https:\/\/img.en25.com https:\/\/*.doubleclick.net https:\/\/connect.facebook.net https:\/\/ajax.googleapis.com\/ajax\/libs\/ https:\/\/seal.geotrust.com\/getgeotrustsslseal geoip-js.com https:\/\/*.hotjar.com https:\/\/*.livechatinc.com https:\/\/snap.licdn.com https:\/\/js-agent.newrelic.com https:\/\/bam.nr-data.net https:\/\/cmp.osano.com https:\/\/connect.punchout2go.com\/jslib\/ https:\/\/*.recapture.io\/beacon\/ https:\/\/cdn.recapture.io\/sdk\/ https:\/\/cdn.searchspring.net\/intellisuggest\/is.min.js https:\/\/*.stemcell.com\/media\/ https:\/\/*.twitter.com https:\/\/static.ads-twitter.com https:\/\/calendar.time.ly https:\/\/unpkg.com\/tabulator-tables@6.2.1\/dist\/js\/tabulator.min.js https:\/\/*.xisecurenet.com https:\/\/s.yimg.com\/wi\/ytc.js https:\/\/ws.zoominfo.com https:\/\/stemc11116.pcapredict.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com *.magento-datasolutions.com *.magento-ds.com *.livechatinc.com *.fontawesome.com *.punchout2go.com *.tradecentric.com https:\/\/*.adobeio-static.net https:\/\/connect.punchout2go.com\/jslib\/ https:\/\/www.googletagmanager.com\/debug\/badge.css 'self' 'unsafe-inline'; object-src *.livechatinc.com 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com *.livechatinc.com *.livechat-static.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com api.magento.com commerce.adobe.io *.magento-datasolutions.com *.magento-ds.com *.livechatinc.com *.text.com https:\/\/app.recapture.io https:\/\/*.adobeio-static.net https:\/\/bat.bing.com https:\/\/cdn.chatbot.com https:\/\/*.clarity.ms https:\/\/*.doubleclick.net https:\/\/geoip-js.com https:\/\/www.googleadservices.com https:\/\/analytics.google.com *.google-analytics.com https:\/\/fonts.googleapis.com https:\/\/www.google.com\/pagead\/ https:\/\/maps.googleapis.com https:\/\/*.googlesyndication.com https:\/\/*.hotjar.com https:\/\/*.hotjar.io https:\/\/api.kameleoon.com https:\/\/na-data.kameleoon.io https:\/\/na-data.kameleoon.eu https:\/\/px.ads.linkedin.com https:\/\/cdn.linkedin.oribi.io https:\/\/*.livechatinc.com https:\/\/bam.nr-data.net https:\/\/cmp.osano.com https:\/\/*.api.osano.com https:\/\/connect.punchout2go.com https:\/\/d3peztlk7w3332.cloudfront.net *.searchspring.io *.searchspring.net https:\/\/s.yimg.com https:\/\/geo-ip.js wss:\/\/*.hotjar.com https:\/\/aorta.clickagy.com https:\/\/vc.hotjar.io 'self' 'unsafe-inline'; child-src *.livechatinc.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" base-uri 'self'; connect-src 'self' translate.googleapis.com google-analytics.com *.google-analytics.com googletagmanager.com *.googletagmanager.com myccpay.com *.myccpay.com paynearme.com *.paynearme.com; default-src 'self'; font-src 'self' data: https:\/\/maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com https:\/\/use.typekit.net https:\/\/croissant-services-data-public-assets-us-east-2-production.s3.us-east-2.amazonaws.com gstatic.com *.gstatic.com; form-action 'self' https:\/\/translate.googleapis.com https:\/\/www.creditviewdashboard.com https:\/\/creditviewsv-test.ctf.tuint.com; frame-src 'self' https:\/\/www.paynearme-sandbox.com https:\/\/www.paynearme.com; img-src 'self' data: https:\/\/analytics.twitter.com https:\/\/bat.bing.com https:\/\/sp.analytics.yahoo.com https:\/\/t.co https:\/\/images.totalcardinc.com https:\/\/images.staging.totalcardinc.com https:\/\/images.dev.totalcardinc.com https:\/\/www.google.com https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/translate.google.com https:\/\/fonts.gstatic.com https:\/\/api.fillr.com; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' google-analytics.com *.google-analytics.com googletagmanager.com *.googletagmanager.com myccpay.com *.myccpay.com paynearme.com *.paynearme.com pure.cloud *.pure.cloud secured-pixel.com *.secured-pixel.com totalcardinc.com *.totalcardinc.com; style-src 'self' https:\/\/maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com https:\/\/www.paynearme-sandbox.com https:\/\/www.paynearme.com https:\/\/fonts.googleapis.com 'sha256-7VXlcg\/uSZugHSa6UtIG2\/44ju460LiO4M0CyQfraX8='; worker-src 'none'; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=HorwWTF3Cjw0Iz.kFVgjiQvPLFi5I_CbPcBFVTGvC1I-1778721879.7295742-1.0.1.1-uUdbMKYGSh1b3mCaWQwBfmz1gVF3GoHaPj36XGg2o.kRcIWaULL5cdpkcOpvl8nhBGazJNo6V1or2IuFLwE4b9VlQuDRcgoH7onCBJNb_Hv5tuKTdoNOGwrQBdn1TIqZbVbAkfP1.x5wy_ijr6hqhTHN9NbV5kSn.iGJrjsVJlDtyqfilNmms3WnatuR_3kc; report-to cf-tkjxacxdgxpzneqy","count":1},{"content-security-policy-report-only":" default-src 'self'; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; connect-src 'self' https: wss:\/\/client.relay.crisp.chat wss:\/\/ws.hotjar.com; frame-src 'self' https:\/\/player.vimeo.com;","count":1},{"content-security-policy-report-only":" default-src 'none'; worker-src 'self' blob:; base-uri 'self'; img-src * data:; frame-ancestors 'self' soderhamnnara.se *.gavlenet.se gavlenet.se gavleenergi.se; form-action 'self'; script-src 'self' 'unsafe-eval' 'nonce-jywHi8bMseKPaQswn4n4Ag' 'nonce-4vXbpQD' api.livechatinc.com cdn.livechatinc.com functions.janjoo.se\/js\/informera-rss\/app.js bankid.lime-technologies.com ajax.googleapis.com code.jquery.com *.gavlenet.se *.gavleenergi.se kit.fontawesome.com googletagmanager.com stats.gavleenergi.se cdn.gavleenergi.se t.adii.se https:\/\/bankid.lime-technologies.com\/api\/v2\/js\/bankid-modal.js; connect-src 'self' code.jquery.com maxcdn.bootstrapcdn.com gavchat.uc.tele2.se functions.janjoo.se *.gavleenergi.se maps.googleapis.com stats.gavleenergi.se simpliform.gavleenergi.se ka-p.fontawesome.com www.gavleenergi.se gavleenergi.se kit.fontawesome.com; style-src 'unsafe-inline' 'self' fonts.googleapis.com kit.fontawesome.com ka-p.fontawesome.com code.jquery.com maxcdn.bootstrapcdn.com cdn.gavleenergi.se; frame-src 'self' secure.livechatinc.com *.youtube.com youtube.com gavleenergi.se *.gavlenet.se *.gavleenergi.se app.bwz.se gavleenergiab.webapp.virtaglobal.com; font-src *.fontawesome.com use.typekit.net fonts.gstatic.com data: *.gavleenergi.se www.gavleenergi.se\/wp-includes\/fonts\/ maxcdn.bootstrapcdn.com; object-src 'none'","count":1},{"content-security-policy-report-only":" default-src 'self';         script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/altinea.fr https:\/\/cdn.astra.com https:\/\/static.elfsight.com https:\/\/core.service.elfsight.com https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.google.com\/recaptcha\/api.js;         style-src 'self' 'unsafe-inline' https:\/\/altinea.fr https:\/\/cdn.astra.com https:\/\/fonts.googleapis.com https:\/\/use.fontawesome.com\/releases\/v6.6.0\/css\/v4-shims.css https:\/\/use.fontawesome.com\/releases\/v6.6.0\/css\/all.css https:\/\/use.typekit.net\/gme6kbk.css https:\/\/p.typekit.net\/gme6kbk.css;         img-src 'self' https:\/\/altinea.fr data: *.webp;         font-src 'self' https:\/\/altinea.fr\/wp-content\/ https:\/\/fonts.gstatic.com https:\/\/use.fontawesome.com\/releases\/v6.6.0\/fonts\/ https:\/\/use.typekit.net\/fonts\/ data:;         connect-src 'self' https:\/\/altinea.fr https:\/\/core.service.elfsight.com https:\/\/www.google.com;         media-src 'self' https:\/\/altinea.fr;         frame-src 'self' https:\/\/altinea.fr https:\/\/www.google.com;         object-src 'none';         base-uri 'self';         form-action 'self';         upgrade-insecure-requests;         report-uri https:\/\/votreservice.report-uri.com\/r\/d\/csp\/reportOnly;","count":1},{"content-security-policy-report-only":" font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com https:\/\/geowidget.easypack24.net *.cloudflare.com *.twitter.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.twitter.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.instagram.com *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.dhl.pl https:\/\/geowidget-app.inpost.pl\/ https:\/\/mapa.ecommerce.poczta-polska.pl secure.payu.com merch-prod.snd.payu.com *.twitter.com *.wesupply.xyz https:\/\/wesupplylabs.com *.weltpixel.com *.googletagmanager.com *.cookiebot.eu *.uniformix.pl *.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.cdninstagram.com *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com *.tiktok.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org *.googleapis.com *.lizardlabs.pl *.trustedshops.com static.payu.com *.cloudflare.com *.klarna.com *.googleadservices.com *.google-analytics.com *.paypal.com *.twitter.com *.twimg.com *.ytimg.com *.lightemporium.com *.usercentrics.eu *.cloudfront.net tile.openstreetmap.org mapa.orlenpaczka.pl ruch-osm.sysadvisors.pl https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com *.etrusted.com www.google.pl *.bing.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.instagram.com *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/geowidget.easypack24.net *.easypack24.net *.inpost.pl *.openstreetmap.org https:\/\/mapa.ecommerce.poczta-polska.pl *.cloudfront.net secure.payu.com secure.snd.payu.com *.cloudflare.com *.twitter.com *.twimg.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.googleapis.com mapa.orlenpaczka.pl https:\/\/widgets.trustedshops.com https:\/\/widgets-qa.trustedshops.com https:\/\/integrations.etrusted.com https:\/\/integrations.etrusted.site https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com *.cookiebot.eu *.bing.com *.hotjar.com s.pinimg.com *.pinterest.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com https:\/\/geowidget.easypack24.net https:\/\/geowidget.inpost.pl *.cloudfront.net *.cloudflare.com *.twitter.com *.twimg.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/widgets.trustedshops.com https:\/\/static-app.connect.trustedshops.com https:\/\/static-app.connect-qa.trustedshops.com *.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.cdninstagram.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/geowidget.easypack24.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com *.tiktok.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.easypack24.net *.inpost.pl *.openstreetmap.org *.googleapis.com secure.payu.com merch-prod.snd.payu.com *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com nominatim.openstreetmap.org *.trustedshops.com *.etrusted.com https:\/\/integrations.etrusted.site *.cookiebot.eu *.uniformix.pl *.pinterest.com *.bing.com *.edrone.me 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/csp-reporting-service.com\/my-project\/endpoint; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self' https:\/\/d6tizftlrpuof.cloudfront.net\/live\/;connect-src 'self' https:\/\/api.cz.nl https:\/\/app.talkjs.com https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com https:\/\/czgroep.piwik.pro https:\/\/dev.visualwebsiteoptimizer.com https:\/\/js.monitor.azure.com https:\/\/westeurope-5.in.applicationinsights.azure.com;font-src 'self' data:;frame-src 'self' https:\/\/consentcdn.cookiebot.com https:\/\/overzicht.cz.nl;frame-ancestors 'self';img-src 'self' https:\/\/6005850.global.siteimproveanalytics.io https:\/\/d6tizftlrpuof.cloudfront.net https:\/\/dev.visualwebsiteoptimizer.com https:\/\/imgsct.cookiebot.com;manifest-src 'self';media-src 'self' https:\/\/cdn.talkjs.com;object-src 'self';script-src 'self' https:\/\/cdn.talkjs.com https:\/\/cdstatic-sc.cz.nl https:\/\/consent.cookiebot.com https:\/\/consentcdn.cookiebot.com\/consentconfig\/ https:\/\/czgroep.containers.piwik.pro\/ppms.js https:\/\/dev.visualwebsiteoptimizer.com https:\/\/inzicht.cz.nl\/containers\/ https:\/\/siteimproveanalytics.com\/js\/ https:\/\/w.usabilla.com https:\/\/www.googletagmanager.com 'unsafe-inline' 'unsafe-eval';style-src 'self' https:\/\/cdstatic-sc.cz.nl 'unsafe-inline';worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.wesupply.xyz https:\/\/wesupplylabs.com *.sandbox.paypal.com *.paypalobjects.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.weltpixel.com *.googletagmanager.com *.doubleclick.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.swagger.io *.ftcdn.net *.behance.net *.googleapis.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com julio.com *.scene7.com *.doubleclick.net *.google.com *.google-analytics.com *.googleadservices.com *.braintreegateway.com mcusercontent.com www.google.com.co *.sharethis.com *.aplazo.mx *.api.useinsider.com *.sandbox.paypal.com *.paypalobjects.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.reddit.com *.bing.com *.clarity.ms *.googletagmanager.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com chimpstatic.com downloads.mailchimp.com *.list-manage.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.facebook.net *.connect.facebook.net https:\/\/smetrics.julio.com *.julio.com *.cardinalcommerce.com unpkg.com cdn.jsdelivr.net *.magento-datasolutions.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.paypal.com *.paypalobjects.com *.bolt.com *.commerce-quick-checkout.com *.online-metrix.net *.cybersource.com *.sharethis.com *.pingdom.net *.hotjar.com *.zdassets.com *.useinsider.com *.usizy.es usizy.com *.cloudflare.com *.sandbox.paypal.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.redditstatic.com *.reddit.com *.tiktok.com *.bing.com *.clarity.ms *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com downloads.mailchimp.com *.fontawesome.com *.paypal.com *.sandbox.paypal.com *.paypalobjects.com assets.braintreegateway.com *.tagmanager.google.com *.googletagmanager.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.amazonaws.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com *.facebook.com connect.facebook.net graph.facebook.com business.facebook.com julio.com https:\/\/smetrics.julio.com *.demdex.net *.cardinalcommerce.com *.snplow.net *.pingdom.net *.woorank.com *.adobedc.net *.youtube.com https:\/\/www.google-analytics.com https:\/\/www.googleadservices.com https:\/\/www.googletagmanager.com *.bolt.com *.magento-ds.com *.sharethis.com *.zdassets.com grupojulio.zendesk.com *.usizy.es usizy.com *.hotjar.io *.api.useinsider.com *.useinsider.com *.g.doubleclick.net *.crwdcntrl.net *.sandbox.paypal.com *.paypalobjects.com www.googleapis.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.google-analytics.com *.analytics.google.com *.facebook.net *.redditstatic.com *.reddit.com *.tiktok.com *.bing.com *.clarity.ms *.doubleclick.net *.run.app 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src julio.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-1Q92gvk3nbAtJyRjDFSPPA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" upgrade-insecure-requests; report-to https:\/\/652d4e11b6167cf8f68c6359.endpoint.csper.io\/?v=0;; report-uri https:\/\/652d4e11b6167cf8f68c6359.endpoint.csper.io\/?v=0;;","count":1},{"content-security-policy-report-only":" connect-src fanatics.live *.fanatics.live stream-io-api.com *.stream-io-api.com 'self' wss: https:\/\/os.fanatics.live https:\/\/*.fanatics.live *.live-video.net https:\/\/websdk.appsflyer.com https:\/\/sdk.split.io https:\/\/streaming.split.io https:\/\/auth.split.io https:\/\/events.split.io https:\/\/sdk.iad-05.braze.com https:\/\/cdn.segment.com https:\/\/api.segment.io https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net https:\/\/*.google-analytics.com https:\/\/td.doubleclick.net\/ https:\/\/browser-intake-datadoghq.com https:\/\/*.browser-intake-datadoghq.com https:\/\/us1.browser-intake-datadoghq.com https:\/\/us3.browser-intake-datadoghq.com https:\/\/us5.browser-intake-datadoghq.com https:\/\/datadoghq.com https:\/\/*.datadoghq.com https:\/\/*.livekit.cloud https:\/\/*.cloudfront.net https:\/\/*.amazonaws.com\/web-prod-assets-0l9t\/ https:\/\/*.amazonaws.com\/web-staging-assets-0l9t\/ https:\/\/*.amazonaws.com\/fl-application-assets\/ https:\/\/*.amazonaws.com\/fl-application-asset\/ https:\/\/d2wpy28tlhnoxg.cloudfront.net\/media_convert https:\/\/google.com https:\/\/www.google.com\/ccm\/collect https:\/\/*.appsflyer.com https:\/\/fanatics.live\/api\/auth\/session https:\/\/*.algolia.net https:\/\/*.algolianet.com https:\/\/*.algolia.io https:\/\/ekr.zdassets.com https:\/\/fanaticslive.zendesk.com https:\/\/unpkg.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.cookielaw.org\/ https:\/\/*.onetrust.com https:\/\/*.rive.app fonts.googleapis.com *.fonts.googleapis.com marker.io *.marker.io sentry.io *.sentry.io fullstory.com *.fullstory.com stripe.com *.stripe.com tiktok.com *.tiktok.com https:\/\/chat-insights.getstream.io; default-src fanatics.live *.fanatics.live fonts.googleapis.com *.fonts.googleapis.com fullstory.com *.fullstory.com google-analytics.com *.google-analytics.com googletagmanager.com *.googletagmanager.com zdassets.com *.zdassets.com stripe.com *.stripe.com stream-io-api.com *.stream-io-api.com sentry.io *.sentry.io marker.io *.marker.io live-video.net *.live-video.net 'self' https:\/\/cdn.jsdelivr.net 'unsafe-inline'; font-src https:\/\/fonts.gstatic.com\/* https:\/\/fonts.gstatic.com fanatics.live *.fanatics.live jsdelivr.net *.jsdelivr.net https:\/\/cdn.jsdelivr.net; frame-src 'self' https:\/\/js.stripe.com\/ https:\/\/td.doubleclick.net https:\/\/www.google.com\/ https:\/\/odyssey.dev.fanatics.live\/ https:\/\/odyssey.staging.fanatics.live\/ https:\/\/odyssey.fanatics.live\/ https:\/\/www.googletagmanager.com https:\/\/use.fontawesome.com https:\/\/fonts.googleapis.com https:\/\/cdn.appsflyer.com\/; frame-ancestors https:\/\/docs.fanatics.live https:\/\/topps.com https:\/\/*.topps.com\/ https:\/\/*.vercel.app\/ https:\/\/*.dacwdev.com\/ https:\/\/*.dacardworld.com\/ https:\/\/*.wweshop.com\/ https:\/\/*.wweshop.com https:\/\/shop.wwe.com https:\/\/*.wwe.com https:\/\/ufcstore.com https:\/\/*.ufcstore.com https:\/\/ufc.com https:\/\/*.ufc.com; img-src * blob: 'self' data:; media-src * blob:; script-src 'self' 'sha256-6EL\/zz29Q8UFwqahdj1cGAxqbH5Xd+he4QVXaoQno44=' https:\/\/cdn.segment.com https:\/\/js.stripe.com https:\/\/js.appboycdn.com https:\/\/sdk.iad-05.braze.com https:\/\/www.googletagmanager.com https:\/\/connect.facebook.net https:\/\/www.google.com\/recaptcha\/ https:\/\/*.datadoghq-browser-agent.com https:\/\/static.zdassets.com https:\/\/pod-29.zendesk.com https:\/\/*.fullstory.com https:\/\/cdn.cookielaw.org\/ https:\/\/*.onetrust.com https:\/\/analytics.tiktok.com 'unsafe-eval' marker.io *.marker.io live-video.net *.live-video.net fanatics.live *.fanatics.live 'unsafe-inline'; worker-src 'self' blob: https:\/\/*.datadoghq.com https:\/\/*.datadoghq-browser-agent.com; report-uri https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=K8iVh1hRbhezfuVPUfQeekEbCiKDv30OW625CGne6bI-1778728633-1.0.1.1-yea0PwVgWs5X3u7NAibzRaGcIt02Ghy8Zv6cBUtmMmywlSHSGj7SKvVMFzRPlQq6dyWga6WhUIwNdLZjmqFrX9lfFsc1cJ64UtSVQGPPwJyOynVQlnsuKDUMpQ6uIUf5kJzAMfRKMin_H8nIKvm9TXC5mBZEHi74V_Bj3JI0M3M3tqZCMeYg2YQepiOdg.RB8IUflU7h0ZViBMm_G_gW6Q; report-to cf-tvuqzuajdeowirbr","count":1},{"content-security-policy-report-only":" object-src 'none'; worker-src 'self'; base-uri 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' crisecia.com.br *.crisecia.com.br wake-components.fbitsstatic.net crisecia.fbitsstatic.net *.wake.tech fbits.net nr-data.net newrelic.com google.com googletagmanager.com google-analytics.com facebook.net facebook.com jquery.com bootstrapcdn.com hertzen.com rdstation.com.br googleadservices.com konduto.com shoptarget.com.br traycheckout.com.br clearsale.com.br shopback.net yapay.com.br doubleclick.net online-metrix.net bing.com hotjar.com linximpulse.net cloudfront.net shopconvert.com.br cloudflare.com hotjar.io k-analytix.com retargeter.com.br jsdelivr.net *.fbits.net *.nr-data.net *.newrelic.com *.google.com *.googletagmanager.com *.google-analytics.com *.facebook.net *.facebook.com *.jquery.com *.bootstrapcdn.com *.online-metrix.net *.doubleclick.net *.bing.com *.hotjar.com *.linximpulse.net *.clearsale.com.br *.shopback.net *.yapay.com.br *.hertzen.com *.rdstation.com.br *.googleadservices.com *.konduto.com *.shoptarget.com.br *.traycheckout.com.br *.cloudfront.net *.shopconvert.com.br *.hotjar.io *.k-analytix.com *.retargeter.com.br *.cloudflare.com *.jsdelivr.net wss:\/\/signalr.fbits.net k-analytix.com *.k-analytix.com i.konduto.com *.yapay.com.br *.traycheckout.com.br h.online-metrix.net *.clearsale.com.br dzpxyxks1bfmb.cloudfront.net *.gstatic.com *.koin.com.br *.soclminer.com.br *.btg360.com.br *.socialminer.com signalrcore.fbits.net wss:\/\/signalrcore.fbits.net *.cloudfront.net *.mlstatic.com *.mercadopago.com *.mercadolibre.com *.mercadopago.com.br *.paypal.com *.paypalobjects.com *.tiktok.com *.fbits.store *.adyen.com *.pagar.me *.mundipagg.com *.getnet.com.br *.bt-wake-connector.com.br *.braintree-api.com *.braintreegateway.com *.pagseguro.com.br *.pagbank.com *.vindi.com.br *.cieloecommerce.cielo.com.br *.braspag.com.br *.pagador.com.br *.online-metrix.net bt-wake-connector.com.br *.pagaleve.com.br *.pagaleve.io wake-api.pagaleve.com.br securegtm.despegar.com api.ipify.org browser-intake-datadoghq.com *.datadoghq-browser-agent.com *.datadoghq.com wake.koin.com.br paypal-wake.s3.us-east-1.amazonaws.com lwg-wake-appmax-custom-payment-dmepgudabbcuaud6.brazilsouth-01.azurewebsites.net *.sandboxappmax.com.br *.cardinalcommerce.com *.secureacs.com api.globalgetnet.com *.globalgetnet.com *.sandbox.3dsecure.io *.3dsecure.io *.visa.com *.wake.tech *.appmax.com.br *.tunagateway.com *.pagoexpress.com.br *.cardinaltrusted.com ; img-src https: data:; style-src https: 'unsafe-inline'; font-src https: data:; frame-ancestors *.crisecia.com.br crisecia.com.br; report-uri https:\/\/pub-csp.fbits.net\/checkout_sem_carrinho; report-to https:\/\/pub-csp.fbits.net\/checkout_sem_carrinho; worker-src 'self' blob:;","count":1},{"content-security-policy-report-only":" font-src https:\/\/cdn.checkout.com *.cdn-apple.com instantcredit.net test.instantcredit.net druni.my.site.com *.salesforce.com *.force.com *.salesforce-sites.com *.lightning.force.com fonts.gstatic.com *.azureedge.net *.doofinder.com *.typekit.net *.googleapis.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.paycomet.com api.paycomet.com 'self' 'unsafe-inline'; frame-ancestors *.storyblok.com 'self'; style-src https:\/\/cdn.checkout.com *.doofinder.com instantcredit.net test.instantcredit.net druni.my.site.com *.salesforce.com *.force.com *.salesforce-sites.com *.lightning.force.com *.photoslurp.com *.nosto.com *.klaviyo.com *.typekit.net *.storyblok.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src druni.my.site.com *.salesforce.com *.force.com *.salesforce-sites.com *.lightning.force.com *.storyblok.com *.zdassets.com *.doofinder.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; img-src https:\/\/www.googletagmanager.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.doofinder.com https:\/\/images.unsplash.com instantcredit.net test.instantcredit.net www.googletagmanager.com www.druni.pt druni.my.site.com *.salesforce.com *.force.com *.salesforce-sites.com *.lightning.force.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.facebook.com *.google.com *.google.es widgets.trustedshops.com *.twitter.com t.co *.azureedge.net *.pinterest.com *.bing.com *.storyblok.com data: 'self' 'unsafe-inline'; frame-src https:\/\/www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ https:\/\/js.checkout.com *.klarna.com www.paycomet.com api.paycomet.com instantcredit.net test.instantcredit.net www.googletagmanager.com druni.my.site.com *.salesforce.com *.force.com *.salesforce-sites.com *.lightning.force.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.hotjar.com *.oct8ne.com *.pinterest.com *.doofinder.com *.empathybroker.com *.empathy.co *.criteo.com 'self' 'unsafe-inline'; script-src https:\/\/analytics.tiktok.com\/ https:\/\/ui.swogo.net\/ https:\/\/www.googletagmanager.com https:\/\/ct.pinterest.com www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/*.checkout.com *.klarnacdn.net *.cdn-apple.com *.doofinder.com https:\/\/maps.googleapis.com www.paycomet.com api.paycomet.com instantcredit.net test.instantcredit.net code.jquery.com www.googletagmanager.com druni.my.site.com druni.my.salesforce-scrt.com *.salesforce.com *.force.com *.salesforce-sites.com *.lightning.force.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.googleoptimize.com widgets.trustedshops.com static-eu.oct8ne.com static.zdassets.com *.facebook.net *.tradedoubler.com *.doubleclick.net *.hotjar.com *.ads-twitter.com smct.co *.bsmartdata.com *.retargeted.co *.bing.com *.clarity.ms *.smartsuppcdn.com *.smartsuppchat.com *.smartsupp.com *.connectif.cloud *.klaviyo.com *.photoslurp.com *.pinimg.com *.nosto.com *.empathybroker.com *.unpkg.com *.storyblok.com 'self' 'unsafe-inline' 'unsafe-eval'; connect-src https:\/\/analytics.tiktok.com\/ https:\/\/tracking.swogo.net\/ https:\/\/api.swogo.net\/ https:\/\/api.trustedshops.com\/ https:\/\/www.googletagmanager.com www.google-analytics.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https:\/\/js.checkout.com *.klarnaevt.com *.klarnacdn.net *.klarna.com *.doofinder.com wss:\/\/*.doofinder.com https:\/\/maps.googleapis.com https:\/\/player.vimeo.com instantcredit.net *.instantcredit.net www.googletagmanager.com druni.my.salesforce-scrt.com druni.my.site.com *.salesforce.com *.force.com *.salesforce-sites.com *.lightning.force.com https:\/\/sandbox.sequracdn.com https:\/\/live.sequracdn.com *.oct8ne.com *.zendesk.com *.zopim.com *.doubleclick.net *.hotjar.com *.hotjar.io *.clarity.ms *.smartsuppcdn.com *.googleapis.com *.gstatic.com *.google-analytics.com *.google.es *.connectif.cloud *.klaviyo.com *.photoslurp.com *.zdassets.com *.pinterest.com *.nosto.com *.empathybroker.com *.empathy.co 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com connect.facebook.net a.clarity.ms *.adobedtm.com *.adobe.com *.facebook.com *.g.doubleclick.net *.clarity.ms scripts.clarity.ms *.google.co.in *.bing.com *.ccavenue.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https:\/\/plumrocket.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com connect.facebook.net a.clarity.ms *.adobedtm.com *.facebook.com *.g.doubleclick.net *.clarity.ms scripts.clarity.ms *.google.co.in *.bing.com *.ccavenue.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * https:\/\/plumrocket.com 'self' 'unsafe-inline'; img-src data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net connect.facebook.net a.clarity.ms *.adobedtm.com *.facebook.com *.g.doubleclick.net *.clarity.ms scripts.clarity.ms *.google.co.in *.bing.com geostag.cardinalcommerce.com *.ccavenue.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com unpkg.com\/@adobe\/ cdn.jsdelivr.net\/npm\/@adobe\/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com https:\/\/rum.hlx.page connect.facebook.net a.clarity.ms *.adobedtm.com *.facebook.com *.g.doubleclick.net *.clarity.ms scripts.clarity.ms *.google.co.in *.bing.com *.ccavenue.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.magento-datasolutions.com *.magento-ds.com assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com commerce.adobe.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com connect.facebook.net a.clarity.ms *.adobedtm.com *.adobe.com *.facebook.com *.g.doubleclick.net *.clarity.ms scripts.clarity.ms *.google.co.in *.bing.com *.ccavenue.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' cdn.globalpay.com.co cdnjs.cloudflare.com https:\/\/cdn.ampproject.org https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/maps.googleapis.com https:\/\/polyfill-fastly.io https:\/\/unpkg.com https:\/\/www.google.com; script-src-attr 'self'; style-src 'self' https:\/\/cdn.jsdelivr.net https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src-attr 'self'; frame-ancestors 'self'","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' https:\/\/app.contentful.com; worker-src blob:; default-src 'self' gap: ws: 'unsafe-inline' 'unsafe-eval' data: api.country.is vercel.live vercel.app *.vercel.live *.vercel.app safevisit.online contentful.com *.contentful.com *.googleapis.com *.youtube.com *.paypal.com *.googletagmanager.com *.google-analytics.com *.google.com *.google.com.ph *.google.ca *.google.ie *.google.co.in *.facebook.com *.amazonaws.com *.cloudfront.net *.googletagservices.com pay.google.com *.s3.amazonaws.com google.com *.sitkagear.com js.narvar.com cdn.searchspring.net js.klarna.com manifest.webmanifest cdn.tailwindcss.com cdn.cookielaw.org api.yotpo.com cdn-widgetsrepository.yotpo.com *.yotpo.com *.searchspring.io *.bigcommerce.com *.locally.com *.ctfassets.net *.onetrust.com *.criteo.com *.avmws.com *.safevisit.online *.gtm-msr.appspot *.dynamic.criteo.com *.facebook.net *.klaviyo.com *.zdassets.com *.vercel-insights.com *.csper.io klarnaservices.com *.klarnaservices.com *.gstatic.com *.bing.com *.typekit.net *.doubleclick.ne *.bidswitch.net *.adnxs.com *.media.net *.rubiconproject.com *.smartadserver.com *.taboola.com *.aralego.com criteo-sync.teads.tv *.3lift.com *.yahoo.net *.socdm.com *.casalemedia.com *.dable.io *.adingo.jp *.stickyadstv.com *.360yield.com *.rlcdn.com *.outbrain.com *.pubmatic.com *.smaato.net *.clmbtech.com *.yieldmo.com *.klarnacdn.net vercel.com assets.vercel.com googleads.g.doubleclick.net *.dotomi.com he.lijit.com envoydev.co track.securedvisit.com bh.contextweb.com stats.g.doubleclick.net public-prod-dspcookiematching.dmxleo.com match.adsrvr.org *.zendesk.com *.zopim.com widget-mediator.zopim.com trends.revcontent.com match.sharethrough.com tapestry.tapad.com criteo-partners.tremorhub.com ad.tpmn.co.kr e1.emxdgt.com cm.g.doubleclick.net partner.mediawallahscript.com visitor.omnitagjs.com i.liadm.com exchange.mediavine.com 1f2e7.v.fwmrm.net tags.bluekai.com dpm.demdex.net ws-us3.pusher.co eu.klarnaevt.com sockjs-us3.pusher.com ws-us3.pusher.com aa.agkn.com jadserve.postrelease.com ad.tpmn.io match.prod.bidr.io i6.liadm.com sync.crwdcntrl.net *.sv.rkdms.com *.simpli.fi *.dlx.addthis.com ws.rqtrk.eu *.youtube-nocookie.com *.klarnaevt.com *.cloudflare.com *.datadome.co *.hotjar.com *.hotjar.io *.narvar.com aorta.clickagy.com *.abtasty.com *.narvar.qa suggest-cache.searchspring.net *.captcha-delivery.com *.usablenet.com *.usablenet.dev *.mountain.com 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 cdn.jsdelivr.net player.vimeo.com cdn.noibu.com input.noibu.com *.gorewear.com *.dev.stagesitkagear.com *.stagesitkagear.com www.sandbox.paypal.com cdn.sand.us.zip.co localhost:*","count":1},{"content-security-policy-report-only":" style-src-elem fonts.googleapis.com tags.srv.stackadapt.com *.dibspayment.eu 'self' 'unsafe-inline'; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.klevu.com *.ksearchnet.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com https:\/\/fonts.gstatic.com static.klaviyo.com api.stripe.com js.stripe.com m.stripe.com x.klarnacdn.net klarna.com na.playground.klarnaevt.com eu.playground.klarnaevt.com klarna-payments-eu.playground.klarna.com klarna-payments-na.playground.klarna.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * *.ingrid.com api.stripe.com js.stripe.com m.stripe.com x.klarnacdn.net klarna.com na.playground.klarnaevt.com eu.playground.klarnaevt.com klarna-payments-eu.playground.klarna.com klarna-payments-na.playground.klarna.com *.mczbf.com *.emjcd.com *.klarna.com *.klarnaevt.com *.dibspayment.eu 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io https:\/\/images.unsplash.com magefan.com cm.magefan.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com *.disqus.com https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com *.google.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https:\/\/cdn-int.safecharge.com https:\/\/cdn.safecharge.com https:\/\/devmobile.sccdev-qa.com https:\/\/secure.safecharge.com\/ *.googleapis.com *.googleusercontent.com cdn.cookielaw.org *.adzerk.net bat.bing.net s.zkcdn.net *.klarnaevt.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ js.klevu.com *.ksearchnet.com *.disqus.com *.avada.io *.shopify.com connect.facebook.net *.googletagmanager.com *.googleadservices.com *.google-analytics.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com  https:\/\/magento.com https:\/\/cdn.safecharge.com https:\/\/devmobile.sccdev-qa.com https:\/\/cdn-int.safecharge.com https:\/\/play.google.com *.spinnaker-js.com cdn.cookielaw.org *.googleapis.com *.gstatic.com widget.trustpilot.com static.fbot.me campaign.fbot.me tags.srv.stackadapt.com acsbapp.com bat.bing.com www.clarity.ms scripts.clarity.ms *.ingrid.com js-agent.newrelic.com www.gstatic.com *.klaviyo.com api.stripe.com js.stripe.com m.stripe.com x.klarnacdn.net klarna.com na.playground.klarnaevt.com eu.playground.klarnaevt.com klarna-payments-eu.playground.klarna.com klarna-payments-na.playground.klarna.com *.mczbf.com *.emjcd.com *.klarna.com *.klarnaevt.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https:\/\/static.klaviyo.com *.klevu.com *.ksearchnet.com *.fontawesome.com https:\/\/fonts.bunny.net maxcdn.bootstrapcdn.com assets.braintreegateway.com https:\/\/cdn.safecharge.com https:\/\/devmobile.sccdev-qa.com  https:\/\/fonts.googleapis.com *.dibspayment.eu 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/static.klaviyo.com https:\/\/static-forms.klaviyo.com https:\/\/fast.a.klaviyo.com https:\/\/static-tracking.klaviyo.com\/ https:\/\/a.klaviyo.com\/ https:\/\/telemetrics.klaviyo.com\/ *.klevu.com *.ksearchnet.com https:\/\/get.geojs.io *.avada.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com stats.g.doubleclick.net api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com  https:\/\/sdkmon.safecharge.com https:\/\/ppp-test.safecharge.com https:\/\/ppp-test.nuvei.com https:\/\/secure.safecharge.com https:\/\/play.google.com cdn.cookielaw.org *.onetrust.com *.googleapis.com *.gstatic.com cdn.acsbapp.com tags.srv.stackadapt.com bat.bing.net l.clarity.ms eu-tracks.trackingplan.com *.ingrid.com api.stripe.com js.stripe.com m.stripe.com x.klarnacdn.net klarna.com na.playground.klarnaevt.com eu.playground.klarnaevt.com klarna-payments-eu.playground.klarna.com klarna-payments-na.playground.klarna.com *.mczbf.com *.emjcd.com *.klarnaevt.com *.dibspayment.eu 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-_WXcxTICRKTFxHtv1m3i9Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self'; child-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.googleadservices.com https:\/\/*.storage.googleapis.com https:\/\/*.vimeo.com https:\/\/vimeo.com https:\/\/octus.chilipiper.com https:\/\/app.pendo.io https:\/\/cookie-cdn.cookiepro.com https:\/\/*.cookiepro.com https:\/\/cdn.cookielaw.org https:\/\/ajax.googleapis.com https:\/\/widget.surveymonkey.com https:\/\/go.octus.com https:\/\/go.reorg-research.com https:\/\/*.pardot.com https:\/\/cdn.pendo.io https:\/\/*.pendo.io https:\/\/*.doubleclick.net https:\/\/js.chilipiper.com https:\/\/cdn.us.heap-api.com https:\/\/cdn.jsdelivr.net https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.google.com https:\/\/rs.fullstory.com https:\/\/edge.fullstory.com https:\/\/px.ads.linkedin.com https:\/\/analytics.google.com https:\/\/snap.licdn.com https:\/\/stats.g.doubleclick.net https:\/\/dev.visualwebsiteoptimizer.com; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:\/\/*.algolia.net https:\/\/*.algolia.io https:\/\/*.algolianet.com https:\/\/www.googleadservices.com https:\/\/*.doubleclick.net https:\/\/app.pendo.io https:\/\/*.pendo.io https:\/\/geolocation.onetrust.com https:\/\/*.cookiepro.com https:\/\/cdn.cookielaw.org https:\/\/go.octus.com https:\/\/c.us.heap-api.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.google.com https:\/\/rs.fullstory.com https:\/\/edge.fullstory.com https:\/\/px.ads.linkedin.com https:\/\/analytics.google.com https:\/\/snap.licdn.com https:\/\/*.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/dev.visualwebsiteoptimizer.com; frame-src 'self' https:\/\/app.vwo.com https:\/\/vimeo.com https:\/\/octus.chilipiper.com https:\/\/player.vimeo.com https:\/\/www.googletagmanager.com https:\/\/www.surveymonkey.com https:\/\/td.doubleclick.net https:\/\/go.octus.com https:\/\/reorg-research.chilipiper.com https:\/\/www.podbean.com https:\/\/*.podbean.com https:\/\/res.cloudinary.com https:\/\/*.cloudinary.com; worker-src 'self' blob:; report-uri https:\/\/octus.com\/wp-json\/csp\/v1\/report\/; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.googleapis.com data: *.fontawesome.com *.bootstrapcdn.com 'self' data: *.threatview.app data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.authorize.net *.threatview.app 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.authorize.net *.threatview.app 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com https:\/\/static.addtoany.com\/ *.dotdigital-pages.com *.dotdigital.com www.google.com *.certcapture.com https:\/\/www.googletagmanager.com\/ *.authorize.net *.doubleclick.net *.weltpixel.com paypalobjects.com *.paypalobjects.com *.adroll.com *.threatview.app 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com *.ftcdn.net *.behance.net *.googleapis.com *.trackedlink.net *.certcapture.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ *.facebook.com *.google.co.in ups.analytics.yahoo.com *.bidswitch.net *.openx.net *.adnxs.com *.bing.com *.listrakbi.com *.clarity.ms 'self' data: *.ads.linkedin.com *.linkedin.com *.adroll.com *.yahoo.com *.analytics.yahoo.com lhasaoms.com listrakbi.com *.tapad.com *.threatview.app data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com https:\/\/static.addtoany.com\/ *.googleapis.com *.gstatic.com *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal www.google.com\/recaptcha\/ www.gstatic.com\/recaptcha\/ *.certcapture.com http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ *.avada.io *.authorize.net *.lhasaoms.com *.facebook.net *.bing.com *.clarity.ms *.listrakbi.com https:\/\/www.googletagmanager.com tagmanager.google.com *.adroll.com *.licdn.com wisepops.net *.wisepops.com lhasaoms.com *.threatview.app *.cloudflareinsights.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.certcapture.com *.fontawesome.com *.bootstrapcdn.com *.listrakbi.com *.trackedweb.net *.googleapis.com *.gstatic.com tagmanager.google.com *.threatview.app 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ *.threatview.app 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com https:\/\/stats.addtoany.com\/menu *.googleapis.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.certcapture.com http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ https:\/\/get.geojs.io *.avada.io *.authorize.net *.clarity.ms *.bing.com *.google-analytics.com https:\/\/www.google-analytics.com *.adroll.com *.linkedin.com *.threatview.app *.listrakbi.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com *.threatview.app 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/connect.facebook.net https:\/\/uvcw.tools https:\/\/ajax.googleapis.com https:\/\/player.vimeo.com https:\/\/stackpath.bootstrapcdn.com https:\/\/cdn.jsdelivr.net https:\/\/plausible.io https:\/\/kit.fontawesome.com https:\/\/client.crisp.chat https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/cdn.by.wonderpush.com https:\/\/code.jquery.com https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com https:\/\/platform.twitter.com; style-src 'self' 'unsafe-inline' https:\/\/unpkg.com https:\/\/cdn.jsdelivr.net https:\/\/client.crisp.chat https:\/\/fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' https:\/\/client.crisp.chat https:\/\/fonts.gstatic.com https:\/\/ka-p.fontawesome.com data:; connect-src 'self' https: wss:; frame-src 'self' https:\/\/www.facebook.com https:\/\/uvcw.tools https:\/\/datawrapper.dwcdn.net https:\/\/platform.twitter.com https:\/\/www.google.com https:\/\/www.youtube.com https:\/\/www.youtube-nocookie.com https:\/\/player.vimeo.com; object-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https:\/\/uvcw.sharepoint.com;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-ip10f_bSjWW5FtFsUtNNhA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-inline' 'unsafe-eval' data: www.google.com www.googletagmanager.com www.youtube.com fonts.googleapis.com fonts.gstatic.com www.googletagmanager.com connect.facebook.net c.imedia.cz c.seznam.cz translate.google.com www.gstatic.com cdn.voiceflow.com translate-pa.googleapis.com hypedigitaly.github.io api.ipify.org general-runtime.voiceflow.com cm4-production-assets.s3.amazonaws.com translate.googleapis.com region1.google-analytics.com h.seznam.cz tim.abirun.eu www.google-analytics.com quickchart.io extranet.kr-vysocina.cz www.vys-edu.cz kalendar.kr-vysocina.cz utils.hypedigitaly.ai www.ksusv.cz i.ytimg.com *.kr-vysocina.cz ci3.googleusercontent.com ajax.googleapis.com translate.google.com  hypedigitaly.github.io c.imedia.cz cdn.voiceflow.com; report-uri \/vismo\/csp-reports.asp","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/plausible.netzwerkfaehig.de https:\/\/chat.netzwerkfaehig.de; style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com; font-src 'self' https:\/\/fonts.gstatic.com data:; img-src 'self' data: https:; connect-src 'self' https:\/\/plausible.netzwerkfaehig.de https:\/\/chat.netzwerkfaehig.de https:\/\/www.google.com; frame-src 'self' https:\/\/www.google.com; frame-ancestors 'self'; form-action 'self'; base-uri 'self';","count":1},{"content-security-policy-report-only":" frame-src 'self' https:\/\/werbung.transgourmet.de https:\/\/www.youtube.com https:\/\/www.google.com www.recaptcha.net *.b2clogin.com *.loadbee.com *.youtube.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com js-agent.newrelic.com www.youtube.com www.google-analytics.com bam.nr-data.net static.dvinci-easy.com maps.googleapis.com bat.bing.com www.gstatic.com connect.facebook.net widget.msgp.pl googleads.g.doubleclick.net blob: cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.kiprotect.com https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com unpkg.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' www.googletagmanager.com static.dvinci-easy.com unpkg.com js-agent.newrelic.com www.google-analytics.com maps.googleapis.com bam.nr-data.net connect.facebook.net bat.bing.com www.gstatic.com www.youtube.com widget.msgp.pl https:\/\/www.xing-events.com\/resources\/js\/amiandoExport.js www.google.com content.syndigo.com www.recaptcha.net js.monitor.azure.com googleads.g.doubleclick.net job.transgourmet.de *.dvinci-easy.com *.clarity.ms *.loadbee.com cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/cdn.kiprotect.com https:\/\/cdnjs.cloudflare.com https:\/\/unpkg.com; style-src 'self' 'unsafe-inline' static.dvinci-easy.com fonts.googleapis.com cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net unpkg.com; style-src-attr 'self' 'unsafe-inline'; base-uri 'self'; frame-ancestors 'self' https:\/\/werbung.transgourmet.de","count":1},{"content-security-policy-report-only":" default-src 'self' *.ctfassets.net;img-src data: blob: *;style-src 'self' 'unsafe-inline' *.gstatic.com;font-src 'self' fonts.gstatic.com;media-src 'self' *.ctfassets.net *.gstatic.com;frame-src 'self' *.ctfassets.net *.youtube.com *.ungpd.com;connect-src 'self' *.ctfassets.net *.contentful.com *.swish.nu;object-src 'none';script-src 'self'; report-uri https:\/\/eo7f9vdutam5kd9.m.pipedream.net; report-to csp-report;","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; report-uri https:\/\/nz14bhs2.uriports.com\/reports\/report; report-to default","count":1},{"content-security-policy-report-only":" default-src 'self'; font-src data: https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; script-src 'self' https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/exc.mm.dm-drogeriemarkt.ba https:\/\/mpsnare.iesnare.com https:\/\/omt.dm-drogeriemarkt.ba https:\/\/tags.tiqcdn.com https:\/\/web.cmp.usercentrics.eu https:\/\/www.dm-drogeriemarkt.ba https:\/\/www.google.com https:\/\/www.gstatic.com; worker-src 'self' blob:; connect-src 'self' https:\/\/*.bazaarvoice.com https:\/\/aggregator.service.usercentrics.eu https:\/\/api.mapbox.com https:\/\/api.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/browser-intake-datadoghq.eu https:\/\/cart-recos.services.dmtech.com https:\/\/cdcs.usercentrics.eu https:\/\/collect.tealiumiq.com https:\/\/consent-api.service.consent.usercentrics.eu https:\/\/consent-rt-ret.service.consent.usercentrics.eu https:\/\/consents.usercentrics.eu https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/direct-collect.dy-api.eu https:\/\/direct.dy-api.eu https:\/\/dmpay-gateway.services.dmtech.com https:\/\/dy-api.eu https:\/\/editorial-content.dm-static.com https:\/\/events.mapbox.com https:\/\/exc.mm.dm-drogeriemarkt.ba https:\/\/frontend-tracking-infra-service.services.dmtech.com https:\/\/graphql.usercentrics.eu https:\/\/insights.algolia.io https:\/\/kuba-prod.services.dmtech.com https:\/\/logs.browser-intake-datadoghq.eu https:\/\/maut-prod.services.dmtech.com https:\/\/maut-rls.nonprod.services.dmtech.com https:\/\/mpsnare.iesnare.com https:\/\/my-products-api.services.dmtech.com https:\/\/omacs.services.dmtech.com https:\/\/omc.dm-drogeriemarkt.ba https:\/\/predictive-shopping-service.services.dmtech.com https:\/\/product-based-recos.services.dmtech.com https:\/\/product-search.services.dmtech.com https:\/\/product-semantic-search.services.dmtech.com https:\/\/rcom-eu.dynamicyield.com https:\/\/recos-as-a-service.services.dmtech.com https:\/\/region1.google-analytics.com https:\/\/retail-media.services.dmtech.com https:\/\/rum.browser-intake-datadoghq.eu https:\/\/s2s.adjust.com https:\/\/signin.dm-drogeriemarkt.ba https:\/\/sos-prod.availability.services.dmtech.com https:\/\/staedtetour.dm-fb2.de https:\/\/stars.services.dmtech.com https:\/\/storage.googleapis.com\/gift-card-builder-emergency-disabled-bucket\/ https:\/\/store-data-service.services.dmtech.com https:\/\/store-order-service.services.dmtech.com https:\/\/v1.api.service.cmp.usercentrics.eu https:\/\/www.google-analytics.com https:\/\/zoe-shop-proxy-prod.services.dmtech.com https:\/\/cartnext.services.dmtech.com https:\/\/content.services.dmtech.com https:\/\/content-search-service-preview.apps.prod.gcp.dmtech.cloud https:\/\/content-search-service.services.dmtech.com https:\/\/products.dm.de https:\/\/pds-api-prod.apps.prod.gcp.dmtech.cloud https:\/\/shopping-list-prod.services.dmtech.com; media-src 'self'; style-src 'self' 'unsafe-inline' https:\/\/*.bazaarvoice.com https:\/\/api.tiles.mapbox.com https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/composer.apps.nonprod.gcp.dmtech.cloud; form-action 'self' https:\/\/*.bazaarvoice.com https:\/\/apps.bazaarvoice.com https:\/\/checkout.dm-drogeriemarkt.ba https:\/\/giftcard-checkout.dm.de\/api\/checkout https:\/\/signin.dm-drogeriemarkt.ba; img-src 'self' blob: data: https:\/\/*.bazaarvoice.com https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn-eu.dynamicyield.com https:\/\/composer.apps.nonprod.gcp.dmtech.cloud https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/d2pqvatijh75rn.cloudfront.net https:\/\/editorial-content.dm-static.com https:\/\/exc.mm.dm-drogeriemarkt.ba https:\/\/i.ytimg.com https:\/\/images.podigee-cdn.net https:\/\/img.usercentrics.eu https:\/\/img.youtube.com\/ https:\/\/media.dm-static.com https:\/\/photos-eu.bazaarvoice.com https:\/\/products.dm-static.com https:\/\/uct.service.usercentrics.eu https:\/\/content.services.dmtech.com; frame-ancestors 'self' https:\/\/account.dm-drogeriemarkt.ba https:\/\/app.datadoghq.eu https:\/\/checkout.dm-drogeriemarkt.ba https:\/\/content-preview.apps.prod.gcp.dmtech.cloud https:\/\/mobileapp.dm-drogeriemarkt.ba https:\/\/studio.dm-drogeriemarkt.com; frame-src 'self' https:\/\/*.bazaarvoice.com https:\/\/account.dm-drogeriemarkt.ba https:\/\/app.usercentrics.eu https:\/\/apps.bazaarvoice.com https:\/\/assets.dm.de https:\/\/cdn.podigee.com https:\/\/checkout.dm-drogeriemarkt.ba https:\/\/configurator.nuk.de https:\/\/gastfamilie.podigee.io https:\/\/geburtskanal-dm.podigee.io https:\/\/hey-familie.podigee.io https:\/\/kinderwunschsprechstunde.podigee.io https:\/\/mobileapp.dm-drogeriemarkt.ba https:\/\/player.podigee-cdn.net https:\/\/sandbox.om.dm-drogeriemarkt.ba https:\/\/signin.dm-drogeriemarkt.ba https:\/\/web.cmp.usercentrics.eu https:\/\/www.google.com https:\/\/www.youtube-nocookie.com; base-uri 'self' https:\/\/exc.mm.dm-drogeriemarkt.ba; child-src 'self' blob:; manifest-src 'self'; report-to csp-endpoint; report-uri \/__csp-reports__","count":1},{"content-security-policy-report-only":" font-src *.klarnacdn.net fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.klarna.com *.consentmanager.net js.mollie.com *.googletagmanager.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.klarna.com *.klarnaevt.com *.klarnacdn.net *.consentmanager.net https:\/\/www.mollie.com ratenkauf.easycredit.de *.googletagmanager.com *.google-analytics.com ssl.gstatic.com www.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de widget.freshworks.com m2epro.freshdesk.com *.klarna.com *.klarnacdn.net x.klarnacdn.net *.consentmanager.net *.klarnaservices.com js.mollie.com ratenkauf.easycredit.de *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com widget.freshworks.com m2epro.freshdesk.com *.klarnacdn.net tagmanager.google.com fonts.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de widget.freshworks.com m2epro.freshdesk.com *.klarnaevt.com *.klarnacdn.net x.klarnacdn.net *.consentmanager.net *.klarnaservices.com *.klarna.com ratenkauf.easycredit.de *.google-analytics.com *.analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net data: *.fontawesome.com https:\/\/fonts.gstatic.com https:\/\/www.google.com https:\/\/www.gstatic.com *.gstatic.com 'self' data: https:\/\/media.flixcar.com\/ https:\/\/media.flixfacts.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com https:\/\/www.facebook.com\/tr\/ https:\/\/content.jwplatform.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ www.googletagmanager.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com cdn.dnky.co amc.demdex.net www.google.com youtube.com *.hotjar.com https:\/\/www.facebook.com\/tr\/ https:\/\/static.addtoany.com\/ https:\/\/static.zdassets.com\/ https:\/\/script.hotjar.com *.googlesyndication.com *.googletagmanager.com *.doubleclick.net *.google 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net *.vimeocdn.com i.ytimg.com *.youtube.com *.ftcdn.net *.behance.net data: www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com maps.gstatic.com maps.googleapis.com accounts.google.com https:\/\/googleads.g.doubleclick.net https:\/\/www.google.com.ar https:\/\/www.google.com.do https:\/\/www.googletagmanager.com https:\/\/www.m.casacuesta.com https:\/\/connect.facebook.net logo.flixfacts.co.uk https:\/\/widgets.magentocommerce.com\/ https:\/\/media.flixcar.com\/ *.flix360.com notifications-icommkt.website *.googlesyndication.com *.zdassets.com\/ekr\/snippet.js *.googletagmanager.com *.simpleanalyticscdn.com *.flixcar.com *.ocularsolution.com *.amazonaws.com *.syndigo.cloud *.baidu.com *.cloudfront.net *.syndigo.com *.google *.bing.com data: 'self' 'unsafe-inline'; script-src https:\/\/assets.adobedtm.com\/ *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net commerce.adobe.net unpkg.com commerce.adobedtm.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com cdn.dnky.co r1-t.trackedlink.net www.gstatic.com js-agent.newrelic.com bam.nr-data.net maps.googleapis.com player.vimeo.com *.googleapis.com *.google.com *.gstatic.com *.avada.io *.hotjar.com *.hotjar.io https:\/\/static.hotjar.com\/c\/hotjar- https:\/\/static.hotjar.com https:\/\/script.hotjar.com https:\/\/www.google-analytics.com https:\/\/www.google-analytics.com\/u\/analytics_debug.js https:\/\/stats.g.doubleclick.net http:\/\/www.google.com\/recaptcha\/api.js https:\/\/static.zdassets.com\/ https:\/\/d12zyq17vm1xwx.cloudfront.net\/v2\/wpn.min.js https:\/\/static.cloudflareinsights.com\/ https:\/\/externalassets.icommarketing.com\/icomMkt_tracking_jquery.min.js intent:\/\/arvr.google.com https:\/\/static.addtoany.com\/menu\/page.js https:\/\/static.addtoany.com\/ https:\/\/static.zdassets.com\/ekr\/snippet.js *.flixfacts.com\/ *.flixcar.com\/ https:\/\/media.flixfacts.com\/js\/loader.js https:\/\/media.flixcar.com\/delivery\/static\/tracking\/tracking.js https:\/\/samsungxr.s3.amazonaws.com\/js\/ar_casacuesta.js https:\/\/cdn.jsdelivr.net\/gh\/Wruczek\/Bootstrap-Cookie-Alert@gh-pages\/cookiealert.js https:\/\/www.google.com\/recaptcha\/api.js https:\/\/www.gstatic.com\/recaptcha\/releases\/1AZgzF1o3OlP73CVr69UmL65\/recaptcha__es.js *.googlesyndication.com *.googletagmanager.com *.singular.net *.icommkt.online *.syndigo.com *.flixfacts.com *.ocularsolution.com *.syndigo.cloud *.zdassets.com *.zopim.com *.flix360.io *.adobedtm.com *.google\/sodar\/sodar2.js *.gbqofs.com *.gbqofs.io *.doubleclick.net *.gbss.io *.ms *.tiktok.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com cdn.dnky.co *.fontawesome.com *.googleapis.com *.google.com *.gstatic.com https:\/\/media.flixfacts.com\/ https:\/\/media.flixcar.com\/ 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.youtube.com https:\/\/static.zdassets.com\/ https:\/\/media.flixcar.com\/ https:\/\/media.flixfacts.com\/ https:\/\/media.flixsyndication.net\/ https:\/\/assets-jpcust.jwpsrv.com\/ https:\/\/ssl.p.jwpcdn.com\/ *.cloudfront.net\/ https:\/\/d3nkfb7815bs43.cloudfront.net\/ https:\/\/d2m3ikv8mpgiy8.cloudfront.net\/ https:\/\/media.pointandplace.com\/ https:\/\/player.pointandplace.com\/ https:\/\/t.pointandplace.com\/ *.pointandplace.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.adobe.io performance.typekit.net vimeo.com api.magento.com commerce.adobedtm.com commerce.adobedc.net commerce.adobe.io www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com api.comapi.com bam.nr-data.net http:\/\/dpm.demdex.net https:\/\/www.google.com https:\/\/www.gstatic.com https:\/\/get.geojs.io *.avada.io t.elasticsuite.io *.google-analytics.com *.hotjar.com *.hotjar.io https:\/\/www.google-analytics.com https:\/\/stats.g.doubleclick.net https:\/\/www.facebook.com\/tr\/ http:\/\/ccnecommerce.com\/ https:\/\/notifications-icommkt.com\/ https:\/\/track-icommkt.com\/ https:\/\/casacuesta.zendesk.com\/ https:\/\/ekr.zdassets.com\/ wss:\/\/widget-mediator.zopim.com\/ *.youtube.com https:\/\/prod.flixgvid.flix360.io https:\/\/t.flix360.com https:\/\/syndication.flix360.com *.flix360.com *.amazonaws.com *.flixcar.com *.googlesyndication.com *.syndigo.com *.ocularsolution.com *.simpleanalitycscdn.com *.casacuesta.com *.simpleanalyticscdn.com *.singular.net *.baidu.com *.google *.gbqofs.io *.gstatic.com *.google.com.do\/ads\/ga-audiences wss:\/\/ws.hotjar.com\/api\/v2\/client\/ws *.g.doubleclick.net *.syndigo.cloud *.googleapis.com *.gbss.io *.gbqofs.com *.clarity.ms 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" connect-src https:\/\/bat.bing.com https:\/\/bat.bing.net https:\/\/snap.licdn.com https:\/\/px.ads.linkedin.com https:\/\/tags.srv.stackadapt.com https:\/\/stats.g.doubleclick.net https:\/\/www.googletagmanager.com https:\/\/*.analytics.google.com https:\/\/www.google-analytics.com https:\/\/*.google-analytics.com https:\/\/www.google.com https:\/\/via.intercom.io https:\/\/api.intercom.io https:\/\/api.au.intercom.io https:\/\/api.eu.intercom.io https:\/\/api-iam.intercom.io https:\/\/api-iam.eu.intercom.io https:\/\/api-iam.au.intercom.io https:\/\/api-ping.intercom.io wss:\/\/primary-realtime.intercom-messenger.com https:\/\/nexus-websocket-a.intercom.io wss:\/\/nexus-websocket-a.intercom.io https:\/\/nexus-websocket-b.intercom.io wss:\/\/nexus-websocket-b.intercom.io https:\/\/nexus-europe-websocket.intercom.io wss:\/\/nexus-europe-websocket.intercom.io https:\/\/nexus-australia-websocket.intercom.io wss:\/\/nexus-australia-websocket.intercom.io https:\/\/internet-up-realtime.intercom-messenger.com wss:\/\/ws-up-realtime.intercom-messenger.com wss:\/\/a-realtime.intercom-messenger.com wss:\/\/b-realtime.intercom-messenger.com wss:\/\/c-realtime.intercom-messenger.com wss:\/\/d-realtime.intercom-messenger.com wss:\/\/e-realtime.intercom-messenger.com https:\/\/uploads.intercomcdn.com https:\/\/uploads.intercomcdn.eu https:\/\/uploads.au.intercomcdn.com https:\/\/uploads.eu.intercomcdn.com https:\/\/uploads.intercomusercontent.com 'self' https:\/\/api.ipstack.com https:\/\/geoip-js.com https:\/\/*.launchdarkly.com https:\/\/*.aptrinsic.com https:\/\/sentry.pub.jamf.build https:\/\/sentry.jamf.com https:\/\/app.jamfnow.com https:\/\/api.services.jamfnow.com https:\/\/services-api.services.jamfnow.com https:\/\/jamfsw.okta.com\/.well-known\/openid-configuration https:\/\/jamfsw.okta.com\/oauth2\/v1\/token; img-src https:\/\/*.ads.linkedin.com https:\/\/*.bing.com https:\/\/bat.bing.net https:\/\/tags.srv.stackadapt.com https:\/\/*.google-analytics.com https:\/\/ssl.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/www.google.com blob: data: https:\/\/js.intercomcdn.com https:\/\/static.intercomassets.com https:\/\/downloads.intercomcdn.com https:\/\/downloads.intercomcdn.eu https:\/\/downloads.au.intercomcdn.com https:\/\/uploads.intercomusercontent.com https:\/\/gifs.intercomcdn.com https:\/\/video-messages.intercomcdn.com https:\/\/messenger-apps.intercom.io https:\/\/messenger-apps.eu.intercom.io https:\/\/messenger-apps.au.intercom.io https:\/\/*.intercom-attachments-1.com https:\/\/*.intercom-attachments.eu https:\/\/*.au.intercom-attachments.com https:\/\/*.intercom-attachments-2.com https:\/\/*.intercom-attachments-3.com https:\/\/*.intercom-attachments-4.com https:\/\/*.intercom-attachments-5.com https:\/\/*.intercom-attachments-6.com https:\/\/*.intercom-attachments-7.com https:\/\/*.intercom-attachments-8.com https:\/\/*.intercom-attachments-9.com https:\/\/static.intercomassets.eu https:\/\/static.au.intercomassets.com https:\/\/appinstallers-packages.services.jamfcloud.com 'self' https:\/\/*.aptrinsic.com https:\/\/storage.googleapis.com https:\/\/*.jamfnow.com https:\/\/*.services.jamfnow.com https:\/\/jamfnow-static-content.s3.amazonaws.com https:\/\/jamfnow-customapps.s3.amazonaws.com; frame-src https:\/\/www.googletagmanager.com; script-src https:\/\/www.google-analytics.com https:\/\/*.analytics.google.com https:\/\/www.googletagmanager.com https:\/\/app.intercom.io https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com 'self' https:\/\/geoip-js.com\/js\/apis\/geoip2\/v2.1\/geoip2.js https:\/\/*.aptrinsic.com https:\/\/www.youtube.com; script-src-elem https:\/\/www.googletagmanager.com https:\/\/bat.bing.com https:\/\/snap.licdn.com https:\/\/tags.srv.stackadapt.com 'sha256-Zp4qhASzVSZkl7fWN6NpSE\/tfWi9z0+FNrvlfR6lB4E=' https:\/\/widget.intercom.io https:\/\/js.intercomcdn.com https:\/\/*.aptrinsic.com https:\/\/*.jamfnow.com 'sha256-QuF44RN0R\/Z+glsCBlozOv2ZOcUCzQmcx0jIpBspKXQ='; style-src-elem https:\/\/tags.srv.stackadapt.com https:\/\/*.aptrinsic.com https:\/\/web-sdk.aptrinsic.com https:\/\/fonts.googleapis.com 'unsafe-inline' https:\/\/*.jamfnow.com; child-src https:\/\/intercom-sheets.com https:\/\/www.intercom-reporting.com https:\/\/www.youtube.com https:\/\/player.vimeo.com https:\/\/fast.wistia.net; font-src https:\/\/js.intercomcdn.com https:\/\/fonts.intercomcdn.com 'self' https:\/\/fonts.gstatic.com data:; form-action https:\/\/intercom.help https:\/\/messenger-apps.intercom.io https:\/\/api-iam.intercom.io https:\/\/api-iam.eu.intercom.io https:\/\/api-iam.au.intercom.io; media-src https:\/\/js.intercomcdn.com https:\/\/downloads.intercomcdn.com https:\/\/downloads.intercomcdn.eu https:\/\/downloads.au.intercomcdn.com https:\/\/app.jamfnow.com; style-src 'unsafe-inline' 'self' https:\/\/*.aptrinsic.com https:\/\/fonts.googleapis.com; base-uri 'self'; default-src 'self' https:; worker-src https:\/\/*.jamfnow.com blob:; report-uri https:\/\/sentry.jamf.com\/api\/11\/security\/?sentry_key=85194cbf03b7401ade1ab2a23567ae71&sentry_environment=production;","count":1},{"content-security-policy-report-only":" object-src 'none';base-uri 'self';script-src 'nonce-eyoc0wDVO8k_ym9XlcsrVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https:\/\/csp.withgoogle.com\/csp\/gws\/other-hp","count":1},{"content-security-policy-report-only":" default-src 'self' https:\/\/s.salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net\/ https:\/\/i.salecycle.com\/ wss:\/\/ws.salecycle.com https:\/\/assets.sc-trc.com\/ https:\/\/mymachine.salecycle.com:8080 https:\/\/media.beaverbrooks.co.uk https:\/\/media.loupe.co.uk https:\/\/*.graphics.amplience.net https:\/\/*.amplience.net https:\/\/amplience.net https:\/\/*.amplience.com https:\/\/amplience.com https:\/\/*.staging.bigcontent.io https:\/\/*.bigcontent.io https:\/\/*.beaverbrooks.co.uk https:\/\/beaverbrooks.co.uk https:\/\/www.beaverbrooks.co.uk https:\/\/*.loupe.co.uk https:\/\/loupe.co.uk https:\/\/www.loupe.co.uk https:\/\/*.cookiebot.com https:\/\/cookiebot.com https:\/\/*.ggpht.com https:\/\/ggpht.com https:\/\/i.vimeocdn.com https:\/\/vimeocdn.com https:\/\/*.salecycle.com https:\/\/salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net https:\/\/i.salecycle.com https:\/\/c.salecycle.com wss:\/\/ws.salecycle.com https:\/\/assets.sc-trc.com https:\/\/mymachine.salecycle.com:8080 https:\/\/*.gstatic.com https:\/\/gstatic.com https:\/\/*.vee24.com https:\/\/vee24.com https:\/\/static.vee24.com https:\/\/vercel.live https:\/\/*.vercel-scripts.com https:\/\/vercel-scripts.com https:\/\/*.pusher.com wss:\/\/*.pusher.com https:\/\/*.vercel.com https:\/\/vercel.com https:\/\/*.vercel.aws.beaverbrooks.co.uk https:\/\/*.aws.beaverbrooks.co.uk https:\/\/*.vercel.aws.loupe.co.uk https:\/\/*.aws.loupe.co.uk; script-src 'self' https:\/\/abtasty.com https:\/\/*.abtasty.com https:\/\/analytics.tiktok.com https:\/\/*.analytics.tiktok.com https:\/\/s.salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net\/ https:\/\/i.salecycle.com\/ wss:\/\/ws.salecycle.com https:\/\/assets.sc-trc.com\/ https:\/\/mymachine.salecycle.com:8080 https:\/\/media.beaverbrooks.co.uk https:\/\/media.loupe.co.uk https:\/\/*.graphics.amplience.net https:\/\/*.amplience.net https:\/\/amplience.net https:\/\/*.amplience.com https:\/\/amplience.com https:\/\/*.staging.bigcontent.io https:\/\/*.bigcontent.io https:\/\/*.beaverbrooks.co.uk https:\/\/beaverbrooks.co.uk https:\/\/www.beaverbrooks.co.uk https:\/\/*.loupe.co.uk https:\/\/loupe.co.uk https:\/\/www.loupe.co.uk https:\/\/*.cookiebot.com https:\/\/cookiebot.com https:\/\/*.ggpht.com https:\/\/ggpht.com https:\/\/i.vimeocdn.com https:\/\/vimeocdn.com https:\/\/vercel.live https:\/\/*.vercel-scripts.com https:\/\/vercel-scripts.com https:\/\/*.pusher.com wss:\/\/*.pusher.com https:\/\/*.vercel.com https:\/\/vercel.com https:\/\/*.vercel.aws.beaverbrooks.co.uk https:\/\/*.aws.beaverbrooks.co.uk https:\/\/*.vercel.aws.loupe.co.uk https:\/\/*.aws.loupe.co.uk https:\/\/*.trustpilot.com https:\/\/trustpilot.com https:\/\/*.appointedd.com https:\/\/appointedd.com https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/*.pixlee.com https:\/\/pixlee.com https:\/\/*.pixlee.co https:\/\/pixlee.co https:\/\/*.pxlecdn.com https:\/\/pxlecdn.com https:\/\/*.google-analytics.com https:\/\/google-analytics.com https:\/\/*.gstatic.com https:\/\/gstatic.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/*.doubleclick.net https:\/\/doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/googlesyndication.com https:\/\/*.awin1.com https:\/\/awin1.com https:\/\/*.dwin1.com https:\/\/dwin1.com https:\/\/*.roeyecdn.com https:\/\/roeyecdn.com https:\/\/*.roeye.com https:\/\/roeye.com https:\/\/*.zenaps.com https:\/\/zenaps.com https:\/\/*.wepowerconnections.com https:\/\/wepowerconnections.com https:\/\/*.tiktok.com https:\/\/tiktok.com https:\/\/*.tiktokw.us https:\/\/tiktokw.us https:\/\/*.pingdom.net https:\/\/pingdom.net https:\/\/*.facebook.net https:\/\/facebook.net https:\/\/*.facebook.com https:\/\/facebook.com https:\/\/*.contentsquare.net https:\/\/contentsquare.net https:\/\/*.criteo.com https:\/\/criteo.com https:\/\/*.criteo.net https:\/\/criteo.net https:\/\/*.criteo.eu https:\/\/criteo.eu https:\/\/*.nl3.eu.criteo.net https:\/\/nl3.eu.criteo.net https:\/\/*.cybersource.com https:\/\/cybersource.com https:\/\/*.digicert.com https:\/\/digicert.com https:\/\/*.vee24.com https:\/\/vee24.com https:\/\/static.vee24.com https:\/\/*.paypal.com https:\/\/paypal.com https:\/\/*.paypalobjects.com https:\/\/paypalobjects.com https:\/\/www.sandbox.paypal.com https:\/\/*.klarnacdn.net https:\/\/klarnacdn.net https:\/\/*.klarna.com https:\/\/klarna.com https:\/\/*.klarnaapi.com https:\/\/klarnaapi.com https:\/\/klarnaevt.com https:\/\/*.klarnaevt.com https:\/\/klarnaservices.com https:\/\/*.klarnaservices.com https:\/\/*.bing.com https:\/\/bat.bing.com https:\/\/*.bat.bing.com https:\/\/flex.atdmt.com https:\/\/*.flex.atdmt.com https:\/\/clarity.ms https:\/\/*.clarity.ms https:\/\/*.rolex.com https:\/\/rolex.com https:\/\/*.recaptcha.net https:\/\/recaptcha.net https:\/\/*.adobedtm.com https:\/\/adobedtm.com https:\/\/*.demdex.net https:\/\/demdex.net https:\/\/*.everesttech.net https:\/\/everesttech.net https:\/\/*.abtasty.com https:\/\/abtasty.com https:\/\/*.naver.com https:\/\/naver.com https:\/\/*.naver.net https:\/\/naver.net https:\/\/*.pstatic.net https:\/\/pstatic.net https:\/\/www.youtube.com https:\/\/*.vimeo.com https:\/\/vimeo.com https:\/\/*.googleapis.com https:\/\/googleapis.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.google.pl https:\/\/google.pl https:\/\/*.google.co.uk https:\/\/google.co.uk https:\/\/*.google.md https:\/\/google.md https:\/\/google.ie https:\/\/*.google.ie https:\/\/google.ae https:\/\/*.google.ae https:\/\/google.se https:\/\/*.google.se https:\/\/google.es https:\/\/*.google.es https:\/\/google.nl https:\/\/*.google.nl https:\/\/google.de https:\/\/*.google.de https:\/\/google.it https:\/\/*.google.it https:\/\/google.com.hk https:\/\/*.google.com.hk https:\/\/google.co.id https:\/\/*.google.co.id https:\/\/google.cz https:\/\/*.google.cz https:\/\/google.fr https:\/\/*.google.fr https:\/\/google.am https:\/\/*.google.am https:\/\/google.at https:\/\/*.google.at https:\/\/google.bg https:\/\/*.google.bg https:\/\/google.ca https:\/\/*.google.ca https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.il https:\/\/*.google.co.il https:\/\/google.co.in https:\/\/*.google.co.in https:\/\/google.co.kr https:\/\/*.google.co.kr https:\/\/google.co.nz https:\/\/*.google.co.nz https:\/\/google.co.th https:\/\/*.google.co.th https:\/\/google.co.uz https:\/\/*.google.co.uz https:\/\/google.co.za https:\/\/*.google.co.za https:\/\/google.com.au https:\/\/*.google.com.au https:\/\/google.com.cy https:\/\/*.google.com.cy https:\/\/google.com.gh https:\/\/*.google.com.gh https:\/\/google.com.kw https:\/\/*.google.com.kw https:\/\/google.com.mt https:\/\/*.google.com.mt https:\/\/google.com.my https:\/\/*.google.com.my https:\/\/google.com.ng https:\/\/*.google.com.ng https:\/\/google.com.np https:\/\/*.google.com.np https:\/\/google.com.ph https:\/\/*.google.com.ph https:\/\/google.com.pk https:\/\/*.google.com.pk https:\/\/google.com.sg https:\/\/*.google.com.sg https:\/\/google.com.tr https:\/\/*.google.com.tr https:\/\/google.com.tw https:\/\/*.google.com.tw https:\/\/google.com.ua https:\/\/*.google.com.ua https:\/\/google.ge https:\/\/*.google.ge https:\/\/google.gg https:\/\/*.google.gg https:\/\/google.gr https:\/\/*.google.gr https:\/\/google.hr https:\/\/*.google.hr https:\/\/google.hu https:\/\/*.google.hu https:\/\/google.iq https:\/\/*.google.iq https:\/\/google.je https:\/\/*.google.je https:\/\/google.lt https:\/\/*.google.lt https:\/\/google.lu https:\/\/*.google.lu https:\/\/google.no https:\/\/*.google.no https:\/\/google.ro https:\/\/*.google.ro https:\/\/google.rs https:\/\/*.google.rs https:\/\/*.jquery.com https:\/\/jquery.com https:\/\/*.givex.com https:\/\/givex.com https:\/\/*.sentry.io https:\/\/sentry.io https:\/\/*.ingest.sentry.io https:\/\/ingest.sentry.io https:\/\/*.sentry-cdn.com https:\/\/sentry-cdn.com https:\/\/*.exponea.com https:\/\/exponea.com https:\/\/*.uk.exponea.com https:\/\/*.pinterest.com https:\/\/pinterest.com https:\/\/*.pinimg.com https:\/\/pinimg.com https:\/\/*.salecycle.com https:\/\/salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net https:\/\/i.salecycle.com https:\/\/c.salecycle.com wss:\/\/ws.salecycle.com https:\/\/mymachine.salecycle.com:8080 https:\/\/unpkg.com\/react-scan\/dist\/auto.global.js 'unsafe-eval' 'unsafe-inline'; style-src 'self' https:\/\/*.googleapis.com https:\/\/googleapis.com https:\/\/vercel.live https:\/\/*.vercel-scripts.com https:\/\/vercel-scripts.com https:\/\/*.pusher.com wss:\/\/*.pusher.com https:\/\/*.vercel.com https:\/\/vercel.com https:\/\/*.vercel.aws.beaverbrooks.co.uk https:\/\/*.aws.beaverbrooks.co.uk https:\/\/*.vercel.aws.loupe.co.uk https:\/\/*.aws.loupe.co.uk https:\/\/*.vee24.com https:\/\/vee24.com https:\/\/static.vee24.com https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/*.abtasty.com https:\/\/abtasty.com 'unsafe-inline'; img-src 'self' https:\/\/ggpht.com https:\/\/*.ggpht.com https:\/\/abtasty.com https:\/\/*.abtasty.com https:\/\/googleads.g.doubleclick.net https:\/\/google.ie https:\/\/*.google.ie https:\/\/google.ae https:\/\/*.google.ae https:\/\/google.se https:\/\/*.google.se https:\/\/google.es https:\/\/*.google.es https:\/\/google.nl https:\/\/*.google.nl https:\/\/google.de https:\/\/*.google.de https:\/\/google.it https:\/\/*.google.it https:\/\/google.com.hk https:\/\/*.google.com.hk https:\/\/media.beaverbrooks.co.uk https:\/\/media.loupe.co.uk https:\/\/*.graphics.amplience.net https:\/\/*.amplience.net https:\/\/amplience.net https:\/\/*.amplience.com https:\/\/amplience.com https:\/\/*.staging.bigcontent.io https:\/\/*.bigcontent.io https:\/\/*.beaverbrooks.co.uk https:\/\/beaverbrooks.co.uk https:\/\/www.beaverbrooks.co.uk https:\/\/*.loupe.co.uk https:\/\/loupe.co.uk https:\/\/www.loupe.co.uk https:\/\/*.cookiebot.com https:\/\/cookiebot.com https:\/\/*.ggpht.com https:\/\/ggpht.com https:\/\/i.vimeocdn.com https:\/\/vimeocdn.com https:\/\/*.facebook.net https:\/\/facebook.net https:\/\/*.facebook.com https:\/\/facebook.com https:\/\/*.googleapis.com https:\/\/googleapis.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.google.pl https:\/\/google.pl https:\/\/*.google.co.uk https:\/\/google.co.uk https:\/\/*.google.md https:\/\/google.md https:\/\/google.ie https:\/\/*.google.ie https:\/\/google.ae https:\/\/*.google.ae https:\/\/google.se https:\/\/*.google.se https:\/\/google.es https:\/\/*.google.es https:\/\/google.nl https:\/\/*.google.nl https:\/\/google.de https:\/\/*.google.de https:\/\/google.it https:\/\/*.google.it https:\/\/google.com.hk https:\/\/*.google.com.hk https:\/\/google.co.id https:\/\/*.google.co.id https:\/\/google.cz https:\/\/*.google.cz https:\/\/google.fr https:\/\/*.google.fr https:\/\/google.am https:\/\/*.google.am https:\/\/google.at https:\/\/*.google.at https:\/\/google.bg https:\/\/*.google.bg https:\/\/google.ca https:\/\/*.google.ca https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.il https:\/\/*.google.co.il https:\/\/google.co.in https:\/\/*.google.co.in https:\/\/google.co.kr https:\/\/*.google.co.kr https:\/\/google.co.nz https:\/\/*.google.co.nz https:\/\/google.co.th https:\/\/*.google.co.th https:\/\/google.co.uz https:\/\/*.google.co.uz https:\/\/google.co.za https:\/\/*.google.co.za https:\/\/google.com.au https:\/\/*.google.com.au https:\/\/google.com.cy https:\/\/*.google.com.cy https:\/\/google.com.gh https:\/\/*.google.com.gh https:\/\/google.com.kw https:\/\/*.google.com.kw https:\/\/google.com.mt https:\/\/*.google.com.mt https:\/\/google.com.my https:\/\/*.google.com.my https:\/\/google.com.ng https:\/\/*.google.com.ng https:\/\/google.com.np https:\/\/*.google.com.np https:\/\/google.com.ph https:\/\/*.google.com.ph https:\/\/google.com.pk https:\/\/*.google.com.pk https:\/\/google.com.sg https:\/\/*.google.com.sg https:\/\/google.com.tr https:\/\/*.google.com.tr https:\/\/google.com.tw https:\/\/*.google.com.tw https:\/\/google.com.ua https:\/\/*.google.com.ua https:\/\/google.ge https:\/\/*.google.ge https:\/\/google.gg https:\/\/*.google.gg https:\/\/google.gr https:\/\/*.google.gr https:\/\/google.hr https:\/\/*.google.hr https:\/\/google.hu https:\/\/*.google.hu https:\/\/google.iq https:\/\/*.google.iq https:\/\/google.je https:\/\/*.google.je https:\/\/google.lt https:\/\/*.google.lt https:\/\/google.lu https:\/\/*.google.lu https:\/\/google.no https:\/\/*.google.no https:\/\/google.ro https:\/\/*.google.ro https:\/\/google.rs https:\/\/*.google.rs https:\/\/*.gstatic.com https:\/\/gstatic.com https:\/\/*.googleusercontent.com https:\/\/googleusercontent.com https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/*.doubleclick.net https:\/\/doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/googlesyndication.com https:\/\/*.google-analytics.com https:\/\/google-analytics.com https:\/\/*.awin1.com https:\/\/awin1.com https:\/\/*.dwin1.com https:\/\/dwin1.com https:\/\/*.roeyecdn.com https:\/\/roeyecdn.com https:\/\/*.roeye.com https:\/\/roeye.com https:\/\/*.zenaps.com https:\/\/zenaps.com https:\/\/*.wepowerconnections.com https:\/\/wepowerconnections.com https:\/\/vercel.live https:\/\/*.vercel-scripts.com https:\/\/vercel-scripts.com https:\/\/*.pusher.com wss:\/\/*.pusher.com https:\/\/*.vercel.com https:\/\/vercel.com https:\/\/*.vercel.aws.beaverbrooks.co.uk https:\/\/*.aws.beaverbrooks.co.uk https:\/\/*.vercel.aws.loupe.co.uk https:\/\/*.aws.loupe.co.uk https:\/\/*.digicert.com https:\/\/digicert.com https:\/\/*.paypal.com https:\/\/paypal.com https:\/\/*.paypalobjects.com https:\/\/paypalobjects.com https:\/\/www.sandbox.paypal.com https:\/\/*.klarnacdn.net https:\/\/klarnacdn.net https:\/\/*.klarna.com https:\/\/klarna.com https:\/\/*.klarnaapi.com https:\/\/klarnaapi.com https:\/\/klarnaevt.com https:\/\/*.klarnaevt.com https:\/\/klarnaservices.com https:\/\/*.klarnaservices.com https:\/\/*.contentsquare.net https:\/\/contentsquare.net https:\/\/*.rolex.com https:\/\/rolex.com https:\/\/*.bing.com https:\/\/bat.bing.com https:\/\/*.bat.bing.com https:\/\/flex.atdmt.com https:\/\/*.flex.atdmt.com https:\/\/clarity.ms https:\/\/*.clarity.ms https:\/\/*.pixlee.com https:\/\/pixlee.com https:\/\/*.pixlee.co https:\/\/pixlee.co https:\/\/*.pxlecdn.com https:\/\/pxlecdn.com https:\/\/*.ytimg.com https:\/\/ytimg.com https:\/\/*.adobedtm.com https:\/\/adobedtm.com https:\/\/*.demdex.net https:\/\/demdex.net https:\/\/*.everesttech.net https:\/\/everesttech.net https:\/\/*.tiktok.com https:\/\/tiktok.com https:\/\/*.tiktokw.us https:\/\/tiktokw.us https:\/\/*.vee24.com https:\/\/vee24.com https:\/\/static.vee24.com https:\/\/assets.sc-trc.com https:\/\/*.abtasty.com https:\/\/abtasty.com https:\/\/*.criteo.com https:\/\/criteo.com https:\/\/*.criteo.net https:\/\/criteo.net https:\/\/*.criteo.eu https:\/\/criteo.eu https:\/\/*.nl3.eu.criteo.net https:\/\/nl3.eu.criteo.net https:\/\/*.360yield.com https:\/\/360yield.com https:\/\/*.yieldlab.net https:\/\/yieldlab.net https:\/\/*.tremorhub.com https:\/\/tremorhub.com https:\/\/*.teads.tv https:\/\/teads.tv https:\/\/*.media.net https:\/\/media.net https:\/\/*.3lift.com https:\/\/3lift.com https:\/\/*.mediavine.com https:\/\/mediavine.com https:\/\/*.adnxs.com https:\/\/adnxs.com https:\/\/*.id5-sync.com https:\/\/id5-sync.com https:\/\/*.postrelease.com https:\/\/postrelease.com https:\/\/*.rubiconproject.com https:\/\/rubiconproject.com https:\/\/*.dmxleo.com https:\/\/dmxleo.com https:\/\/*.casalemedia.com https:\/\/casalemedia.com https:\/\/*.smartadserver.com https:\/\/smartadserver.com https:\/\/*.pubmatic.com https:\/\/pubmatic.com https:\/\/*.taboola.com https:\/\/taboola.com https:\/\/*.1rx.io https:\/\/1rx.io https:\/\/*.outbrain.com https:\/\/outbrain.com https:\/\/*.bidswitch.net https:\/\/bidswitch.net data:; frame-src 'self' https:\/\/pinterest.com https:\/\/*.pinterest.com https:\/\/s.salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net\/ https:\/\/i.salecycle.com\/ wss:\/\/ws.salecycle.com https:\/\/assets.sc-trc.com\/ https:\/\/mymachine.salecycle.com:8080 https:\/\/*.jotform.com\/ https:\/\/jotform.com\/ https:\/\/vercel.live https:\/\/*.vercel-scripts.com https:\/\/vercel-scripts.com https:\/\/*.pusher.com wss:\/\/*.pusher.com https:\/\/*.vercel.com https:\/\/vercel.com https:\/\/*.vercel.aws.beaverbrooks.co.uk https:\/\/*.aws.beaverbrooks.co.uk https:\/\/*.vercel.aws.loupe.co.uk https:\/\/*.aws.loupe.co.uk https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/*.trustpilot.com https:\/\/trustpilot.com https:\/\/*.cookiebot.com https:\/\/cookiebot.com https:\/\/*.pixlee.com https:\/\/pixlee.com https:\/\/*.pixlee.co https:\/\/pixlee.co https:\/\/*.pxlecdn.com https:\/\/pxlecdn.com https:\/\/www.youtube.com https:\/\/*.vimeo.com https:\/\/vimeo.com https:\/\/*.beaverbrooks.co.uk https:\/\/beaverbrooks.co.uk https:\/\/www.beaverbrooks.co.uk https:\/\/*.loupe.co.uk https:\/\/loupe.co.uk https:\/\/www.loupe.co.uk https:\/\/*.graphics.amplience.net https:\/\/*.amplience.net https:\/\/amplience.net https:\/\/*.amplience.com https:\/\/amplience.com https:\/\/*.staging.bigcontent.io https:\/\/*.bigcontent.io https:\/\/*.appointedd.com https:\/\/appointedd.com https:\/\/*.vee24.com https:\/\/vee24.com https:\/\/static.vee24.com https:\/\/*.cybersource.com https:\/\/cybersource.com https:\/\/*.facebook.net https:\/\/facebook.net https:\/\/*.facebook.com https:\/\/facebook.com https:\/\/*.paypal.com https:\/\/paypal.com https:\/\/*.paypalobjects.com https:\/\/paypalobjects.com https:\/\/www.sandbox.paypal.com https:\/\/*.klarnacdn.net https:\/\/klarnacdn.net https:\/\/*.klarna.com https:\/\/klarna.com https:\/\/*.klarnaapi.com https:\/\/klarnaapi.com https:\/\/klarnaevt.com https:\/\/*.klarnaevt.com https:\/\/klarnaservices.com https:\/\/*.klarnaservices.com https:\/\/*.rolex.com https:\/\/rolex.com https:\/\/*.recaptcha.net https:\/\/recaptcha.net https:\/\/*.cardinalcommerce.com https:\/\/cardinalcommerce.com https:\/\/*.cardinaltrusted.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.google.pl https:\/\/google.pl https:\/\/*.google.co.uk https:\/\/google.co.uk https:\/\/*.google.md https:\/\/google.md https:\/\/google.ie https:\/\/*.google.ie https:\/\/*.ggpht.com https:\/\/google.ae https:\/\/*.google.ae https:\/\/google.se https:\/\/*.google.se https:\/\/google.es https:\/\/*.google.es https:\/\/google.nl https:\/\/*.google.nl https:\/\/google.de https:\/\/*.google.de https:\/\/google.it https:\/\/*.google.it https:\/\/google.com.hk https:\/\/*.google.com.hk https:\/\/google.co.id https:\/\/*.google.co.id https:\/\/google.cz https:\/\/*.google.cz https:\/\/google.fr https:\/\/*.google.fr https:\/\/google.am https:\/\/*.google.am https:\/\/google.at https:\/\/*.google.at https:\/\/google.bg https:\/\/*.google.bg https:\/\/google.ca https:\/\/*.google.ca https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.il https:\/\/*.google.co.il https:\/\/google.co.in https:\/\/*.google.co.in https:\/\/google.co.kr https:\/\/*.google.co.kr https:\/\/google.co.nz https:\/\/*.google.co.nz https:\/\/google.co.th https:\/\/*.google.co.th https:\/\/google.co.uz https:\/\/*.google.co.uz https:\/\/google.co.za https:\/\/*.google.co.za https:\/\/google.com.au https:\/\/*.google.com.au https:\/\/google.com.cy https:\/\/*.google.com.cy https:\/\/google.com.gh https:\/\/*.google.com.gh https:\/\/google.com.kw https:\/\/*.google.com.kw https:\/\/google.com.mt https:\/\/*.google.com.mt https:\/\/google.com.my https:\/\/*.google.com.my https:\/\/google.com.ng https:\/\/*.google.com.ng https:\/\/google.com.np https:\/\/*.google.com.np https:\/\/google.com.ph https:\/\/*.google.com.ph https:\/\/google.com.pk https:\/\/*.google.com.pk https:\/\/google.com.sg https:\/\/*.google.com.sg https:\/\/google.com.tr https:\/\/*.google.com.tr https:\/\/google.com.tw https:\/\/*.google.com.tw https:\/\/google.com.ua https:\/\/*.google.com.ua https:\/\/google.ge https:\/\/*.google.ge https:\/\/google.gg https:\/\/*.google.gg https:\/\/google.gr https:\/\/*.google.gr https:\/\/google.hr https:\/\/*.google.hr https:\/\/google.hu https:\/\/*.google.hu https:\/\/google.iq https:\/\/*.google.iq https:\/\/google.je https:\/\/*.google.je https:\/\/google.lt https:\/\/*.google.lt https:\/\/google.lu https:\/\/*.google.lu https:\/\/google.no https:\/\/*.google.no https:\/\/google.ro https:\/\/*.google.ro https:\/\/google.rs https:\/\/*.google.rs https:\/\/*.adobedtm.com https:\/\/adobedtm.com https:\/\/*.demdex.net https:\/\/demdex.net https:\/\/*.everesttech.net https:\/\/everesttech.net https:\/\/*.givex.com https:\/\/givex.com https:\/\/*.pinterest.com https:\/\/pinterest.com https:\/\/*.pinimg.com https:\/\/pinimg.com https:\/\/*.v12finance.com https:\/\/m.v12finance.com https:\/\/v12finance.com https:\/\/v12retailfinance.com\/ https:\/\/*.salecycle.com https:\/\/salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net https:\/\/i.salecycle.com https:\/\/c.salecycle.com wss:\/\/ws.salecycle.com https:\/\/assets.sc-trc.com https:\/\/mymachine.salecycle.com:8080 https:\/\/*.criteo.com https:\/\/criteo.com https:\/\/*.criteo.net https:\/\/criteo.net https:\/\/*.criteo.eu https:\/\/criteo.eu https:\/\/*.nl3.eu.criteo.net https:\/\/nl3.eu.criteo.net https:\/\/gateway.zscaler.net https:\/\/*.zscaler.net https:\/\/zscaler.net https:\/\/*.awin1.com https:\/\/awin1.com; frame-ancestors 'self' https:\/\/*.jotform.com\/ https:\/\/jotform.com\/ https:\/\/vercel.live https:\/\/*.vercel-scripts.com https:\/\/vercel-scripts.com https:\/\/*.pusher.com wss:\/\/*.pusher.com https:\/\/*.vercel.com https:\/\/vercel.com https:\/\/*.vercel.aws.beaverbrooks.co.uk https:\/\/*.aws.beaverbrooks.co.uk https:\/\/*.vercel.aws.loupe.co.uk https:\/\/*.aws.loupe.co.uk https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/*.trustpilot.com https:\/\/trustpilot.com https:\/\/*.cookiebot.com https:\/\/cookiebot.com https:\/\/*.pixlee.com https:\/\/pixlee.com https:\/\/*.pixlee.co https:\/\/pixlee.co https:\/\/*.pxlecdn.com https:\/\/pxlecdn.com https:\/\/www.youtube.com https:\/\/*.vimeo.com https:\/\/vimeo.com https:\/\/*.beaverbrooks.co.uk https:\/\/beaverbrooks.co.uk https:\/\/www.beaverbrooks.co.uk https:\/\/*.loupe.co.uk https:\/\/loupe.co.uk https:\/\/www.loupe.co.uk https:\/\/*.graphics.amplience.net https:\/\/*.amplience.net https:\/\/amplience.net https:\/\/*.amplience.com https:\/\/amplience.com https:\/\/*.staging.bigcontent.io https:\/\/*.bigcontent.io https:\/\/*.appointedd.com https:\/\/appointedd.com https:\/\/*.vee24.com https:\/\/vee24.com https:\/\/static.vee24.com https:\/\/*.cybersource.com https:\/\/cybersource.com https:\/\/*.facebook.net https:\/\/facebook.net https:\/\/*.facebook.com https:\/\/facebook.com https:\/\/*.paypal.com https:\/\/paypal.com https:\/\/*.paypalobjects.com https:\/\/paypalobjects.com https:\/\/www.sandbox.paypal.com https:\/\/*.klarnacdn.net https:\/\/klarnacdn.net https:\/\/*.klarna.com https:\/\/klarna.com https:\/\/*.klarnaapi.com https:\/\/klarnaapi.com https:\/\/klarnaevt.com https:\/\/*.klarnaevt.com https:\/\/klarnaservices.com https:\/\/*.klarnaservices.com https:\/\/*.rolex.com https:\/\/rolex.com https:\/\/*.recaptcha.net https:\/\/recaptcha.net https:\/\/*.cardinalcommerce.com https:\/\/cardinalcommerce.com https:\/\/*.cardinaltrusted.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.google.pl https:\/\/google.pl https:\/\/*.google.co.uk https:\/\/google.co.uk https:\/\/*.google.md https:\/\/google.md https:\/\/google.ie https:\/\/*.google.ie https:\/\/*.ggpht.com https:\/\/google.ae https:\/\/*.google.ae https:\/\/google.se https:\/\/*.google.se https:\/\/google.es https:\/\/*.google.es https:\/\/google.nl https:\/\/*.google.nl https:\/\/google.de https:\/\/*.google.de https:\/\/google.it https:\/\/*.google.it https:\/\/google.com.hk https:\/\/*.google.com.hk https:\/\/google.co.id https:\/\/*.google.co.id https:\/\/google.cz https:\/\/*.google.cz https:\/\/google.fr https:\/\/*.google.fr https:\/\/google.am https:\/\/*.google.am https:\/\/google.at https:\/\/*.google.at https:\/\/google.bg https:\/\/*.google.bg https:\/\/google.ca https:\/\/*.google.ca https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.il https:\/\/*.google.co.il https:\/\/google.co.in https:\/\/*.google.co.in https:\/\/google.co.kr https:\/\/*.google.co.kr https:\/\/google.co.nz https:\/\/*.google.co.nz https:\/\/google.co.th https:\/\/*.google.co.th https:\/\/google.co.uz https:\/\/*.google.co.uz https:\/\/google.co.za https:\/\/*.google.co.za https:\/\/google.com.au https:\/\/*.google.com.au https:\/\/google.com.cy https:\/\/*.google.com.cy https:\/\/google.com.gh https:\/\/*.google.com.gh https:\/\/google.com.kw https:\/\/*.google.com.kw https:\/\/google.com.mt https:\/\/*.google.com.mt https:\/\/google.com.my https:\/\/*.google.com.my https:\/\/google.com.ng https:\/\/*.google.com.ng https:\/\/google.com.np https:\/\/*.google.com.np https:\/\/google.com.ph https:\/\/*.google.com.ph https:\/\/google.com.pk https:\/\/*.google.com.pk https:\/\/google.com.sg https:\/\/*.google.com.sg https:\/\/google.com.tr https:\/\/*.google.com.tr https:\/\/google.com.tw https:\/\/*.google.com.tw https:\/\/google.com.ua https:\/\/*.google.com.ua https:\/\/google.ge https:\/\/*.google.ge https:\/\/google.gg https:\/\/*.google.gg https:\/\/google.gr https:\/\/*.google.gr https:\/\/google.hr https:\/\/*.google.hr https:\/\/google.hu https:\/\/*.google.hu https:\/\/google.iq https:\/\/*.google.iq https:\/\/google.je https:\/\/*.google.je https:\/\/google.lt https:\/\/*.google.lt https:\/\/google.lu https:\/\/*.google.lu https:\/\/google.no https:\/\/*.google.no https:\/\/google.ro https:\/\/*.google.ro https:\/\/google.rs https:\/\/*.google.rs https:\/\/*.adobedtm.com https:\/\/adobedtm.com https:\/\/*.demdex.net https:\/\/demdex.net https:\/\/*.everesttech.net https:\/\/everesttech.net https:\/\/*.givex.com https:\/\/givex.com https:\/\/*.pinterest.com https:\/\/pinterest.com https:\/\/*.pinimg.com https:\/\/pinimg.com https:\/\/*.v12finance.com https:\/\/m.v12finance.com https:\/\/v12finance.com https:\/\/v12retailfinance.com\/ https:\/\/*.salecycle.com https:\/\/salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net https:\/\/i.salecycle.com https:\/\/c.salecycle.com wss:\/\/ws.salecycle.com https:\/\/assets.sc-trc.com https:\/\/mymachine.salecycle.com:8080 https:\/\/*.criteo.com https:\/\/criteo.com https:\/\/*.criteo.net https:\/\/criteo.net https:\/\/*.criteo.eu https:\/\/criteo.eu https:\/\/*.nl3.eu.criteo.net https:\/\/nl3.eu.criteo.net https:\/\/gateway.zscaler.net https:\/\/*.zscaler.net https:\/\/zscaler.net https:\/\/*.awin1.com https:\/\/awin1.com; form-action https:\/\/*.paypal.com https:\/\/paypal.com https:\/\/*.facebook.net https:\/\/facebook.net https:\/\/*.facebook.com https:\/\/facebook.com https:\/\/*.cardinalcommerce.com https:\/\/cardinalcommerce.com https:\/\/*.cardinaltrusted.com https:\/\/*.paypal.com https:\/\/paypal.com https:\/\/*.paypalobjects.com https:\/\/paypalobjects.com https:\/\/www.sandbox.paypal.com 'self'; worker-src 'self' https:\/\/media.beaverbrooks.co.uk https:\/\/media.loupe.co.uk https:\/\/*.graphics.amplience.net https:\/\/*.amplience.net https:\/\/amplience.net https:\/\/*.amplience.com https:\/\/amplience.com https:\/\/*.staging.bigcontent.io https:\/\/*.bigcontent.io https:\/\/*.beaverbrooks.co.uk https:\/\/beaverbrooks.co.uk https:\/\/www.beaverbrooks.co.uk https:\/\/*.loupe.co.uk https:\/\/loupe.co.uk https:\/\/www.loupe.co.uk https:\/\/*.cookiebot.com https:\/\/cookiebot.com https:\/\/*.ggpht.com https:\/\/ggpht.com https:\/\/i.vimeocdn.com https:\/\/vimeocdn.com https:\/\/vercel.live https:\/\/*.vercel-scripts.com https:\/\/vercel-scripts.com https:\/\/*.pusher.com wss:\/\/*.pusher.com https:\/\/*.vercel.com https:\/\/vercel.com https:\/\/*.vercel.aws.beaverbrooks.co.uk https:\/\/*.aws.beaverbrooks.co.uk https:\/\/*.vercel.aws.loupe.co.uk https:\/\/*.aws.loupe.co.uk https:\/\/*.trustpilot.com https:\/\/trustpilot.com https:\/\/*.appointedd.com https:\/\/appointedd.com https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/*.pixlee.com https:\/\/pixlee.com https:\/\/*.pixlee.co https:\/\/pixlee.co https:\/\/*.pxlecdn.com https:\/\/pxlecdn.com https:\/\/*.google-analytics.com https:\/\/google-analytics.com https:\/\/*.gstatic.com https:\/\/gstatic.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/*.doubleclick.net https:\/\/doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/googlesyndication.com https:\/\/*.awin1.com https:\/\/awin1.com https:\/\/*.dwin1.com https:\/\/dwin1.com https:\/\/*.roeyecdn.com https:\/\/roeyecdn.com https:\/\/*.roeye.com https:\/\/roeye.com https:\/\/*.zenaps.com https:\/\/zenaps.com https:\/\/*.wepowerconnections.com https:\/\/wepowerconnections.com https:\/\/*.tiktok.com https:\/\/tiktok.com https:\/\/*.tiktokw.us https:\/\/tiktokw.us https:\/\/*.pingdom.net https:\/\/pingdom.net https:\/\/*.facebook.net https:\/\/facebook.net https:\/\/*.facebook.com https:\/\/facebook.com https:\/\/*.contentsquare.net https:\/\/contentsquare.net https:\/\/*.criteo.com https:\/\/criteo.com https:\/\/*.criteo.net https:\/\/criteo.net https:\/\/*.criteo.eu https:\/\/criteo.eu https:\/\/*.nl3.eu.criteo.net https:\/\/nl3.eu.criteo.net https:\/\/*.cybersource.com https:\/\/cybersource.com https:\/\/*.digicert.com https:\/\/digicert.com https:\/\/*.vee24.com https:\/\/vee24.com https:\/\/static.vee24.com https:\/\/*.paypal.com https:\/\/paypal.com https:\/\/*.paypalobjects.com https:\/\/paypalobjects.com https:\/\/www.sandbox.paypal.com https:\/\/*.klarnacdn.net https:\/\/klarnacdn.net https:\/\/*.klarna.com https:\/\/klarna.com https:\/\/*.klarnaapi.com https:\/\/klarnaapi.com https:\/\/klarnaevt.com https:\/\/*.klarnaevt.com https:\/\/klarnaservices.com https:\/\/*.klarnaservices.com https:\/\/*.bing.com https:\/\/bat.bing.com https:\/\/*.bat.bing.com https:\/\/flex.atdmt.com https:\/\/*.flex.atdmt.com https:\/\/clarity.ms https:\/\/*.clarity.ms https:\/\/*.rolex.com https:\/\/rolex.com https:\/\/*.recaptcha.net https:\/\/recaptcha.net https:\/\/*.adobedtm.com https:\/\/adobedtm.com https:\/\/*.demdex.net https:\/\/demdex.net https:\/\/*.everesttech.net https:\/\/everesttech.net https:\/\/*.abtasty.com https:\/\/abtasty.com https:\/\/*.naver.com https:\/\/naver.com https:\/\/*.naver.net https:\/\/naver.net https:\/\/*.pstatic.net https:\/\/pstatic.net https:\/\/www.youtube.com https:\/\/*.vimeo.com https:\/\/vimeo.com https:\/\/*.googleapis.com https:\/\/googleapis.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.google.pl https:\/\/google.pl https:\/\/*.google.co.uk https:\/\/google.co.uk https:\/\/*.google.md https:\/\/google.md https:\/\/google.ie https:\/\/*.google.ie https:\/\/google.ae https:\/\/*.google.ae https:\/\/google.se https:\/\/*.google.se https:\/\/google.es https:\/\/*.google.es https:\/\/google.nl https:\/\/*.google.nl https:\/\/google.de https:\/\/*.google.de https:\/\/google.it https:\/\/*.google.it https:\/\/google.com.hk https:\/\/*.google.com.hk https:\/\/google.co.id https:\/\/*.google.co.id https:\/\/google.cz https:\/\/*.google.cz https:\/\/google.fr https:\/\/*.google.fr https:\/\/google.am https:\/\/*.google.am https:\/\/google.at https:\/\/*.google.at https:\/\/google.bg https:\/\/*.google.bg https:\/\/google.ca https:\/\/*.google.ca https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.il https:\/\/*.google.co.il https:\/\/google.co.in https:\/\/*.google.co.in https:\/\/google.co.kr https:\/\/*.google.co.kr https:\/\/google.co.nz https:\/\/*.google.co.nz https:\/\/google.co.th https:\/\/*.google.co.th https:\/\/google.co.uz https:\/\/*.google.co.uz https:\/\/google.co.za https:\/\/*.google.co.za https:\/\/google.com.au https:\/\/*.google.com.au https:\/\/google.com.cy https:\/\/*.google.com.cy https:\/\/google.com.gh https:\/\/*.google.com.gh https:\/\/google.com.kw https:\/\/*.google.com.kw https:\/\/google.com.mt https:\/\/*.google.com.mt https:\/\/google.com.my https:\/\/*.google.com.my https:\/\/google.com.ng https:\/\/*.google.com.ng https:\/\/google.com.np https:\/\/*.google.com.np https:\/\/google.com.ph https:\/\/*.google.com.ph https:\/\/google.com.pk https:\/\/*.google.com.pk https:\/\/google.com.sg https:\/\/*.google.com.sg https:\/\/google.com.tr https:\/\/*.google.com.tr https:\/\/google.com.tw https:\/\/*.google.com.tw https:\/\/google.com.ua https:\/\/*.google.com.ua https:\/\/google.ge https:\/\/*.google.ge https:\/\/google.gg https:\/\/*.google.gg https:\/\/google.gr https:\/\/*.google.gr https:\/\/google.hr https:\/\/*.google.hr https:\/\/google.hu https:\/\/*.google.hu https:\/\/google.iq https:\/\/*.google.iq https:\/\/google.je https:\/\/*.google.je https:\/\/google.lt https:\/\/*.google.lt https:\/\/google.lu https:\/\/*.google.lu https:\/\/google.no https:\/\/*.google.no https:\/\/google.ro https:\/\/*.google.ro https:\/\/google.rs https:\/\/*.google.rs https:\/\/*.jquery.com https:\/\/jquery.com https:\/\/*.givex.com https:\/\/givex.com https:\/\/*.sentry.io https:\/\/sentry.io https:\/\/*.ingest.sentry.io https:\/\/ingest.sentry.io https:\/\/*.sentry-cdn.com https:\/\/sentry-cdn.com https:\/\/*.exponea.com https:\/\/exponea.com https:\/\/*.uk.exponea.com https:\/\/*.pinterest.com https:\/\/pinterest.com https:\/\/*.pinimg.com https:\/\/pinimg.com https:\/\/*.salecycle.com https:\/\/salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net https:\/\/i.salecycle.com https:\/\/c.salecycle.com wss:\/\/ws.salecycle.com https:\/\/mymachine.salecycle.com:8080 https:\/\/unpkg.com\/react-scan\/dist\/auto.global.js blob: 'unsafe-eval' 'unsafe-inline'; connect-src 'self' https:\/\/s.salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net\/ https:\/\/i.salecycle.com\/ wss:\/\/ws.salecycle.com https:\/\/assets.sc-trc.com\/ https:\/\/mymachine.salecycle.com:8080 https:\/\/vercel.live https:\/\/*.vercel-scripts.com https:\/\/vercel-scripts.com https:\/\/*.pusher.com wss:\/\/*.pusher.com https:\/\/*.vercel.com https:\/\/vercel.com https:\/\/*.vercel.aws.beaverbrooks.co.uk https:\/\/*.aws.beaverbrooks.co.uk https:\/\/*.vercel.aws.loupe.co.uk https:\/\/*.aws.loupe.co.uk https:\/\/*.trustpilot.com https:\/\/trustpilot.com https:\/\/*.appointedd.com https:\/\/appointedd.com https:\/\/*.googletagmanager.com https:\/\/googletagmanager.com https:\/\/tagmanager.google.com https:\/\/www.googleadservices.com https:\/\/*.pixlee.com https:\/\/pixlee.com https:\/\/*.pixlee.co https:\/\/pixlee.co https:\/\/*.pxlecdn.com https:\/\/pxlecdn.com https:\/\/*.cookiebot.com https:\/\/cookiebot.com https:\/\/*.google-analytics.com https:\/\/google-analytics.com https:\/\/*.gstatic.com https:\/\/gstatic.com https:\/\/cdnjs.cloudflare.com https:\/\/cdn.jsdelivr.net https:\/\/*.doubleclick.net https:\/\/doubleclick.net https:\/\/googleads.g.doubleclick.net https:\/\/*.googlesyndication.com https:\/\/googlesyndication.com https:\/\/*.awin1.com https:\/\/awin1.com https:\/\/*.dwin1.com https:\/\/dwin1.com https:\/\/*.roeyecdn.com https:\/\/roeyecdn.com https:\/\/*.roeye.com https:\/\/roeye.com https:\/\/*.zenaps.com https:\/\/zenaps.com https:\/\/*.wepowerconnections.com https:\/\/wepowerconnections.com https:\/\/*.tiktok.com https:\/\/tiktok.com https:\/\/*.tiktokw.us https:\/\/tiktokw.us https:\/\/*.pingdom.net https:\/\/pingdom.net https:\/\/*.facebook.net https:\/\/facebook.net https:\/\/*.facebook.com https:\/\/facebook.com https:\/\/*.contentsquare.net https:\/\/contentsquare.net https:\/\/*.criteo.com https:\/\/criteo.com https:\/\/*.criteo.net https:\/\/criteo.net https:\/\/*.criteo.eu https:\/\/criteo.eu https:\/\/*.nl3.eu.criteo.net https:\/\/nl3.eu.criteo.net https:\/\/*.cybersource.com https:\/\/cybersource.com https:\/\/*.digicert.com https:\/\/digicert.com https:\/\/*.vee24.com https:\/\/vee24.com https:\/\/static.vee24.com https:\/\/*.paypal.com https:\/\/paypal.com https:\/\/*.paypalobjects.com https:\/\/paypalobjects.com https:\/\/www.sandbox.paypal.com https:\/\/*.klarnacdn.net https:\/\/klarnacdn.net https:\/\/*.klarna.com https:\/\/klarna.com https:\/\/*.klarnaapi.com https:\/\/klarnaapi.com https:\/\/klarnaevt.com https:\/\/*.klarnaevt.com https:\/\/klarnaservices.com https:\/\/*.klarnaservices.com https:\/\/*.bing.com https:\/\/bat.bing.com https:\/\/*.bat.bing.com https:\/\/flex.atdmt.com https:\/\/*.flex.atdmt.com https:\/\/clarity.ms https:\/\/*.clarity.ms https:\/\/*.rolex.com https:\/\/rolex.com https:\/\/*.recaptcha.net https:\/\/recaptcha.net https:\/\/*.adobedtm.com https:\/\/adobedtm.com https:\/\/*.demdex.net https:\/\/demdex.net https:\/\/*.everesttech.net https:\/\/everesttech.net https:\/\/*.abtasty.com https:\/\/abtasty.com https:\/\/*.naver.com https:\/\/naver.com https:\/\/*.naver.net https:\/\/naver.net https:\/\/*.pstatic.net https:\/\/pstatic.net https:\/\/www.youtube.com https:\/\/*.vimeo.com https:\/\/vimeo.com https:\/\/*.googleapis.com https:\/\/googleapis.com https:\/\/*.google.com https:\/\/google.com https:\/\/*.google.pl https:\/\/google.pl https:\/\/*.google.co.uk https:\/\/google.co.uk https:\/\/*.google.md https:\/\/google.md https:\/\/google.ie https:\/\/*.google.ie https:\/\/*.ggpht.com https:\/\/google.ae https:\/\/*.google.ae https:\/\/google.se https:\/\/*.google.se https:\/\/google.es https:\/\/*.google.es https:\/\/google.nl https:\/\/*.google.nl https:\/\/google.de https:\/\/*.google.de https:\/\/google.it https:\/\/*.google.it https:\/\/google.com.hk https:\/\/*.google.com.hk https:\/\/google.co.id https:\/\/*.google.co.id https:\/\/google.cz https:\/\/*.google.cz https:\/\/google.fr https:\/\/*.google.fr https:\/\/google.am https:\/\/*.google.am https:\/\/google.at https:\/\/*.google.at https:\/\/google.bg https:\/\/*.google.bg https:\/\/google.ca https:\/\/*.google.ca https:\/\/google.ch https:\/\/*.google.ch https:\/\/google.co.il https:\/\/*.google.co.il https:\/\/google.co.in https:\/\/*.google.co.in https:\/\/google.co.kr https:\/\/*.google.co.kr https:\/\/google.co.nz https:\/\/*.google.co.nz https:\/\/google.co.th https:\/\/*.google.co.th https:\/\/google.co.uz https:\/\/*.google.co.uz https:\/\/google.co.za https:\/\/*.google.co.za https:\/\/google.com.au https:\/\/*.google.com.au https:\/\/google.com.cy https:\/\/*.google.com.cy https:\/\/google.com.gh https:\/\/*.google.com.gh https:\/\/google.com.kw https:\/\/*.google.com.kw https:\/\/google.com.mt https:\/\/*.google.com.mt https:\/\/google.com.my https:\/\/*.google.com.my https:\/\/google.com.ng https:\/\/*.google.com.ng https:\/\/google.com.np https:\/\/*.google.com.np https:\/\/google.com.ph https:\/\/*.google.com.ph https:\/\/google.com.pk https:\/\/*.google.com.pk https:\/\/google.com.sg https:\/\/*.google.com.sg https:\/\/google.com.tr https:\/\/*.google.com.tr https:\/\/google.com.tw https:\/\/*.google.com.tw https:\/\/google.com.ua https:\/\/*.google.com.ua https:\/\/google.ge https:\/\/*.google.ge https:\/\/google.gg https:\/\/*.google.gg https:\/\/google.gr https:\/\/*.google.gr https:\/\/google.hr https:\/\/*.google.hr https:\/\/google.hu https:\/\/*.google.hu https:\/\/google.iq https:\/\/*.google.iq https:\/\/google.je https:\/\/*.google.je https:\/\/google.lt https:\/\/*.google.lt https:\/\/google.lu https:\/\/*.google.lu https:\/\/google.no https:\/\/*.google.no https:\/\/google.ro https:\/\/*.google.ro https:\/\/google.rs https:\/\/*.google.rs https:\/\/*.jquery.com https:\/\/jquery.com https:\/\/*.givex.com https:\/\/givex.com https:\/\/*.sentry.io https:\/\/sentry.io https:\/\/*.ingest.sentry.io https:\/\/ingest.sentry.io https:\/\/*.sentry-cdn.com https:\/\/sentry-cdn.com https:\/\/*.exponea.com https:\/\/exponea.com https:\/\/*.uk.exponea.com https:\/\/*.pinterest.com https:\/\/pinterest.com https:\/\/*.pinimg.com https:\/\/pinimg.com https:\/\/*.salecycle.com https:\/\/salecycle.com https:\/\/d16fk4ms6rqz1v.cloudfront.net https:\/\/i.salecycle.com https:\/\/c.salecycle.com wss:\/\/ws.salecycle.com https:\/\/mymachine.salecycle.com:8080 https:\/\/unpkg.com\/react-scan\/dist\/auto.global.js https:\/\/media.beaverbrooks.co.uk https:\/\/media.loupe.co.uk https:\/\/*.graphics.amplience.net https:\/\/*.amplience.net https:\/\/amplience.net https:\/\/*.amplience.com https:\/\/amplience.com https:\/\/*.staging.bigcontent.io https:\/\/*.bigcontent.io https:\/\/*.beaverbrooks.co.uk https:\/\/beaverbrooks.co.uk https:\/\/www.beaverbrooks.co.uk https:\/\/*.loupe.co.uk https:\/\/loupe.co.uk https:\/\/www.loupe.co.uk https:\/\/ggpht.com https:\/\/i.vimeocdn.com https:\/\/vimeocdn.com https:\/\/*.attraqt.io https:\/\/attraqt.io https:\/\/*.attraqt.com https:\/\/attraqt.com https:\/\/*.richrelevance.com https:\/\/richrelevance.com; object-src 'none'; base-uri 'self'; report-uri \/api\/csp-report; report-to csp-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' data: https:\/\/cdn.eye-able.com https:\/\/www.eye-able-cdn.com; script-src 'self' 'nonce-3lkaL_P2J_EzCoHH1-xUhk8lhCX4LcXTVvKKj_7pQo2LvER92F8ADQ' data: https:\/\/*.openstreetmap.org https:\/\/piwik.westfaelische-hochschule.org https:\/\/*.b-ite.com https:\/\/www.eye-able-cdn.com 'sha256-kpp7jp1G7DKU2k6CPD6k\/asyeO7+E2xEijdXf6SIVBo=' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https:\/\/*.openstreetmap.org https:\/\/cdn.eye-able.com https:\/\/www.eye-able-cdn.com https:\/\/*.b-ite.com https:\/\/fonts.gstatic.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com; style-src-elem 'self' 'nonce-3lkaL_P2J_EzCoHH1-xUhk8lhCX4LcXTVvKKj_7pQo2LvER92F8ADQ' https:\/\/cdn.eye-able.com https:\/\/www.eye-able-cdn.com https:\/\/*.b-ite.com https:\/\/www.gstatic.com 'sha256-47DEQpj8HBSa+\/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-ON+MdrZ2dq2tx2UE4WU1JvzaQayLhnhp+UdCmcBUXVA=' 'sha256-evlXprP8aYZfWtGuNDGteVp2szOTXZRCzJSjAs6HoQU=' 'sha256-WMm2rxgrdLbPiNOT3khywmfmX3KBQRnomQ+oL369Sik=' 'sha256-ZVjd2zfSTfAVh1y7eCcNk0SPGUQOP\/H8vzrFJIVgg90=' 'sha256-cLU5\/oMMUHS\/N9urTg6WSPUWPuAZ02hayXsYjoUkva4=' 'sha256-iYqob1vCcitIN4aN8bIKm+LqktmCbhq\/FJKYOIMyJI4=' 'sha256-p08VBe6m5i8+qtXWjnH\/AN3klt1l4uoOLsjNn8BjdQo=' 'report-sample'; connect-src 'self' data: https:\/\/*.openstreetmap.org https:\/\/piwik.westfaelische-hochschule.org https:\/\/*.b-ite.com; font-src 'self' data: https:\/\/cdn.eye-able.com https:\/\/www.eye-able-cdn.com https:\/\/fonts.gstatic.com https:\/\/cdn.scite.ai; style-src 'self' data: https:\/\/cdn.eye-able.com https:\/\/www.eye-able-cdn.com https:\/\/*.b-ite.com 'report-sample'; script-src-elem 'self' 'nonce-3lkaL_P2J_EzCoHH1-xUhk8lhCX4LcXTVvKKj_7pQo2LvER92F8ADQ' data: https:\/\/*.openstreetmap.org https:\/\/piwik.westfaelische-hochschule.org https:\/\/*.b-ite.com https:\/\/www.eye-able-cdn.com 'sha256-kpp7jp1G7DKU2k6CPD6k\/asyeO7+E2xEijdXf6SIVBo=' https:\/\/cdn.eye-able.com https:\/\/connect.facebook.net 'sha256-Qv\/VPCnMI30bPS9FCon86d6xCsmIBEeK7FUH2g3DSLA=' 'sha256-DHn6qIXxJ7Goiu9HCn2oUxRIiD5CncdiPGVck5LCmSw=' 'sha256-NNTZOCItJc2lwjmx5YPNr6GxN4IApSMqiyET2r1se98=' 'sha256-L1KTRnCkar390nbS9IVhytBi3LCcvlipxKCUQ5Pwh34=' 'sha256-xalV6Dk0W9vOogZ92sSSJKhCykaV2LYzK6On9AJ322o=' 'sha256-p25tvfrhwmHHQYBjAzut79Nba5GtD0Ddk31vVGWslfs=' 'sha256-rtaVU57dLbRdkXCugTr49x7HJRqjTwe5YoVCy2M4dDE=' 'sha256-ZgQOjhfNErc+jFOCITznCiFox3pQHBhC74pqacwXZ3Q=' 'sha256-ZgQOjhfNErc+jFOCITznCiFox3pQHBhC74pqacwXZ3Q=' 'sha256-+6LzFOOApZCAm6cux\/qCcYofBOE+g5eXU6nFCrc0eyA=' 'sha256-ZIbFciq4U8SN2z6C2F3IsHx9XU+6EjoyS1Va9yDsHP4=' 'report-sample'; script-src-attr 'self' data: 'unsafe-inline' 'report-sample'; object-src 'none'; report-uri https:\/\/www.w-hs.de\/@http-reporting?csp=report&requestTime=1778721925580398&requestHash=716bd177b6f70f49362809438138a6445db7126e","count":1},{"content-security-policy-report-only":" frame-src *.force.com https:\/\/player.vimeo.com https:\/\/mock.dev-coursera.org:9443 https:\/\/d.la1-c1cs-ph2.salesforceliveagent.com 'self' https:\/\/stats.g.doubleclick.net courseraservices--c.cs62.visual.force.com *.youtube.co.uk https:\/\/sfdc-link-preview.hk.salesforce.com https:\/\/checkoutshopper-test.adyen.com\/ https:\/\/pal-test.adyen.com *.cybersource.com *.youtube.es *.adis.ws drive.google.com https:\/\/d.la5-c1-ia4.salesforceliveagent.com *.youtube.ie https:\/\/www.youtube.com https:\/\/business.coursera.help *.cloudinary.com https:\/\/www.google.com https:\/\/pay.google.com https:\/\/analytics.google.com *.vimeo.com *.youtube.jp https:\/\/usa686.sfdc-lywfpd.salesforce.com bcove.video https:\/\/www.getfeedback.com https:\/\/courseraservices.my.salesforce-scrt.com *.youtube.fr https:\/\/d.la1-core2.sfdc-lywfpd.salesforceliveagent.com https:\/\/d.la1-c1cs-iad.salesforceliveagent.com https:\/\/*.a.forceusercontent.com https:\/\/player.cloudinary.com https:\/\/sfdc-link-preview-staging.sfdc.sh https:\/\/s1.adis.ws *.forceusercontent.com *.brightcove.net *.youtube.com https:\/\/courseraservices.lightning.force.com *.youtube.nl https:\/\/service.force.com\/embeddedservice\/ https:\/\/fast.wistia.net *.quip.com *.arkoselabs.com *.youtube-nocookie.com https:\/\/www.paypal.com https:\/\/appiniummastertrial.secure.force.com https:\/\/play.vidyard.com https:\/\/courseraservices--uat--c.cs62.visual.force.com *.youtube.com.br https:\/\/d.la5-c1-ia5.salesforceliveagent.com *.salesforce-experience.com *.salesforceliveagent.com https:\/\/scormanywhere.secure.force.com https:\/\/d.la2-c1-ph2.salesforceliveagent.com https:\/\/checkoutshopper-live.adyen.com\/ https:\/\/*.walkme.com *.sfdcfc.net *.googleusercontent.com courseraservices--c.visualforce.com *.youtube.ca https:\/\/courseraservices.my.salesforce.com https:\/\/courseraservices--c.documentforce.com https:\/\/location.force.com https:\/\/www.coursera.support *.vidyard.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/courseraservices--c.visualforce.com https:\/\/d.la11-core2.sfdc-lywfpd.salesforceliveagent.com https:\/\/players.brightcove.net accounts.google.com https:\/\/d.la13-core2.sfdc-lywfpd.salesforceliveagent.com https:\/\/courseraservices.my.site.com https:\/\/courseraservices--c.na207.visual.force.com https:\/\/www.google.co.in https:\/\/cdn.embedly.com https:\/\/www.google.com\/recaptcha\/ https:\/\/js.stripe.com\/ https:\/\/www.sandbox.paypal.com https:\/\/courseraservices.file.force.com https:\/\/d.la2-c1cs-iad.salesforceliveagent.com https:\/\/*.a.forceusercontent.com\/lightningmaps\/ https:\/\/www.googletagmanager.com *.wistia.net https:\/\/www.google-analytics.com *.salesforce.com *.youtube.pl; report-to sfdc-csp-ep; report-uri https:\/\/courseraservices.lightning.force.com\/_\/ContentDomainCSPNoAuth?tenantId=00D1U000000y4UJ&networkId=0DM1U000000F7e3&type=communities","count":1},{"content-security-policy-report-only":" default-src 'self'; script-src 'self' 'unsafe-inline' https:\/\/www.googletagmanager.com https:\/\/cdn.userway.org https:\/\/static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https:\/\/cdn.userway.org; img-src 'self' https:\/\/www.hamradio.com https:\/\/cdn.userway.org data:; connect-src 'self' https:\/\/www.google-analytics.com https:\/\/www.googletagmanager.com https:\/\/cdn.userway.org https:\/\/static.cloudflareinsights.com; font-src 'self' https:\/\/cdn.userway.org; frame-src 'self' https:\/\/cdn.userway.org https:\/\/www.facebook.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self';","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.oney.io *.staging.oney.io https:\/\/cdn.doofinder.com\/ maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com *.brevo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com https:\/\/www.facebook.com\/ *.e-transactions.fr *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.hipay-tpp.com *.hipay.com *.googleapis.com https:\/\/sibautomation.com\/ https:\/\/www.googletagmanager.com\/ www.facebook.com platform.twitter.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.hipay.com *.googleapis.com *.oney.io *.staging.oney.io http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ https:\/\/www.google.com\/ www.facebook.com pinterest.com assets.pinterest.com syndication.twitter.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.doofinder.com log.pinterest.com cm.g.doubleclick.net *.bing.com *.google.fr bat.bing.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.hipay-tpp.com *.hipay.com mpsnare.iesnare.com *.paypal.com *.googleapis.com *.oney.io *.staging.oney.io https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ https:\/\/js-agent.newrelic.com\/ https:\/\/sdk.privacy-center.org\/ https:\/\/bam.eu01.nr-data.net\/ https:\/\/bat.bing.com\/ https:\/\/sibautomation.com\/ https:\/\/cdn.doofinder.com\/ https:\/\/www.clarity.ms\/ http:\/\/www.googletagmanager.com\/ https:\/\/www.googletagmanager.com\/ connect.facebook.net twitter.com platform.twitter.com https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com songbirdstag.cardinalcommerce.com *.doubleclick.net *.pinterest.com *.pinimg.com *.criteo.net *.criteo.com bat.bing.net sibforms.com *.clarity.ms *.brevo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.hipay.com *.googleapis.com https:\/\/cdn.doofinder.com\/ maxcdn.bootstrapcdn.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com assets.braintreegateway.com sibforms.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com data: mpsnare.iesnare.com *.googleapis.com http:\/\/www.googleadservices.com\/ http:\/\/www.google-analytics.com\/ https:\/\/www.googleadservices.com\/ https:\/\/www.google-analytics.com\/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.hipay-tpp.com *.hipay.com wss:\/\/mpsnare.iesnare.com *.googleapis.com *.oney.io *.staging.oney.io https:\/\/widgets.rr.skeepers.io\/ https:\/\/api-product-reviews.cxr.skeepers.io\/ https:\/\/cl-ppr.rr.skeepers.io\/ https:\/\/cl-pbr.cxr.skeepers.io\/ https:\/\/eu1-layer.doofinder.com\/ https:\/\/in-automate.sendinblue.com\/ https:\/\/j.clarity.ms\/ https:\/\/bam.eu01.nr-data.net\/ http:\/\/stats.g.doubleclick.net\/ https:\/\/stats.g.doubleclick.net\/ http:\/\/www.google-analytics.com\/ https:\/\/www.google-analytics.com\/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.cardinalcommerce.com *.google.fr *.doubleclick.net *.google-analytics.com *.googleadservices.com *.googlesyndication.com *.facebook.com *.brevo.com *.doofinder.com wss:\/\/*.doofinder.com\/ *.clarity.ms *.bing.com *.bing.net *.pinterest.com *.privacy-center.org 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/www.leaderplant.com\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" font-src cdn.jsdelivr.net fonts.gstatic.com cdn.almapay.com *.gstatic.com *.sensefuel.live *.clarity.ms *.cookiebot.com *.facebook.com *.facebook.net *.flockler.com *.flockler.app instant.page babylux.customer.voyado.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/cdnjs.cloudflare.com 'self' data: data: 'self' 'unsafe-inline'; form-action https:\/\/www.baby-lux.com\/ https:\/\/www.babylux.be\/fr\/ https:\/\/www.babylux.nl\/ https:\/\/www.babylux.be\/nl\/ pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src https:\/\/www.baby-lux.com\/ https:\/\/www.babylux.be\/fr\/ https:\/\/www.babylux.nl\/ https:\/\/www.babylux.be\/nl\/ bid.g.doubleclick.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com *.youtube-nocookie.com *.getalma.eu *.almapay.com\/ *.stripe.com\/ *.checkout.com\/ *.adyen.com\/ widget.trustpilot.com maps.google.com *.clarity.ms *.facebook.com *.facebook.net *.cookiebot.com *.pinterest.com *.doubleclick.net *.googletagmanager.com *.flockler.com *.flockler.app instant.page babylux.customer.voyado.com *.sendcloud.sc *.jsdelivr.net challenges.cloudflare.com js.mollie.com www.google.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.doubleclick.net *.lorempixel.com *.google.com *.google.be *.gstatic.com *.googleapis.com *.babylux.nl *.babylux.be *.baby-lux.com *.clarity.ms *.googletagmanager.com *.google-analytics.com *.facebook.com *.facebook.net *.cookiebot.com *.pinterest.com placehold.co *.getsitecontrol.com *.flockler.com *.flockler.app instant.page babylux.customer.voyado.com *.amazonaws.com ssl.gstatic.com www.gstatic.com *.disqus.com https:\/\/img.youtube.com https:\/\/firebasestorage.googleapis.com https:\/\/www.mollie.com *.hsforms.net *.hsforms.com 'self' data: www.google.com.ua data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com cdn.jsdelivr.net *.sensefuel.live *.cloudflare.com *.g.doubleclick.net *.googletagmanager.com widget.trustpilot.com *.googleapis.com *.tpc.googlesyndication.com *.clarity.ms *.google-analytics.com *.googleadservices.com *.google.com *.facebook.com *.facebook.net *.cookiebot.com *.pinimg.com *.getsitecontrol.com *.flockler.com *.flockler.app instant.page babylux.customer.voyado.com *.sendcloud.sc *.jsdelivr.net challenges.cloudflare.com tagmanager.google.com *.disqus.com *.avada.io js.mollie.com https:\/\/cdnjs.cloudflare.com www.gstatic.com *.hsforms.net *.hsforms.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src cdn.jsdelivr.net fonts.googleapis.com *.sensefuel.live *.clarity.ms *.cookiebot.com *.googletagmanager.com *.facebook.com *.facebook.net *.flockler.com *.flockler.app instant.page babylux.customer.voyado.com *.sendcloud.sc *.jsdelivr.net tagmanager.google.com fonts.google.com *.fontawesome.com https:\/\/fonts.bunny.net https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com vimeo.com *.getalma.eu *.almapay.com *.google-analytics.com *.analytics.google.com *.doubleclick.net *.sensefuel.live *.googleapis.com *.clarity.ms *.googletagmanager.com *.cookiebot.com *.google.com *.pinterest.com *.getsitecontrol.com *.getsitectrl.com *.flockler.com *.flockler.app instant.page babylux.customer.voyado.com *.sendcloud.sc *.cdn.jsdelivr.net *.mapbox.com https:\/\/get.geojs.io *.avada.io t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https:\/\/83f99021-b14f-47b7-8ca8-7d59ce24ff4f.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" img-src 'self' data: dev.visualwebsiteoptimizer.com cdn.cookielaw.org www.googletagmanager.com *.siteimproveanalytics.io *.intoxalock.com *.facebook.com *.lpsnmedia.net *.gstatic.com *.googleapis.com i.ytimg.com 'self' data: dev.visualwebsiteoptimizer.com cdn.cookielaw.org www.googletagmanager.com *.siteimproveanalytics.io *.intoxalock.com *.facebook.com *.lpsnmedia.net *.gstatic.com *.googleapis.com i.ytimg.com px.ads.linkedin.com; script-src m555.bluemod.us cdn.cookielaw.org www.googletagmanager.com js.monitor.azure.com *.liveperson.net *.liveperson.com *.lpsnmedia.net unpkg.com getrockerbox.com siteimproveanalytics.com *.infinity-tracking.com *.facebook.com *.intoxalock.com *.facebook.net *.ubembed.com *.googleapis.com https:\/\/www.google.com\/recaptcha\/api.js *.gstatic.com m555.bluemod.us *.googletagmanager.com *.gstatic.com mindrco.blueconic.net dev.visualwebsiteoptimizer.com snap.licdn.com www.youtube.com 'self' 'unsafe-inline' 'nonce-dyUZQcCC6CNGV2mrBZ3s4vv70neWHshIWW8YGmNzcw4='; font-src 'self' data: *.gstatic.com; connect-src dev.visualwebsiteoptimizer.com *.applicationinsights.azure.com cdn.cookielaw.org *.google.com *.infinity-tracking.com *.googleapis.com *.onetrust.com dev.visualwebsiteoptimizer.com *.onetrust.com t081.intoxalock.com r5.visualwebsiteoptimizer.com px.ads.linkedin.com ad.doubleclick.net www.google-analytics.com 'self'; frame-src 'self' *.trustpilot.com www.googletagmanager.com td.doubleclick.net lpcdn.lpsnmedia.net *.liveperson.net *.youtube.com https:\/\/www.google.com https:\/\/locations.intoxalock.com.yext-cdn.com https:\/\/www.zeemaps.com\/ 'self' *.trustpilot.com www.googletagmanager.com td.doubleclick.net lpcdn.lpsnmedia.net *.liveperson.net *.youtube.com https:\/\/www.google.com https:\/\/locations.intoxalock.com.yext-cdn.com https:\/\/www.zeemaps.com https:\/\/13396136.fls.doubleclick.net https:\/\/www.facebook.com; style-src *.googleapis.com 'self' 'unsafe-inline'; worker-src 'self' blob:; default-src 'self';","count":1},{"content-security-policy-report-only":" default-src 'self';base-uri 'self';frame-ancestors 'self';frame-src 'self' epichttp: google.com http:\/\/epicproxy.et1206.epichosted.com https:\/\/affiliates.baptistchart.com https:\/\/apps.healthcare.elsevier.com https:\/\/cdnapisec.kaltura.com\/ pay.instamed.com;script-src 'nonce-a10e0569f725452aa794dad4a05d2920' https:\/\/my.baptistchart.com 'self';img-src https:\/\/* 'self' blob: data: google.com https:\/\/affiliates.baptistchart.com;connect-src 'self' epichttp: google.com https:\/\/affiliates.baptistchart.com https:\/\/www.google.com;style-src https:\/\/my.baptistchart.com 'self' 'unsafe-inline';worker-src 'self' blob:;child-src 'self' blob:;form-action https:\/\/central.mychart.org\/MyChart\/ 'self' google.com https:\/\/affiliates.baptistchart.com;media-src https:\/\/* 'self' blob:;","count":1},{"content-security-policy-report-only":" frame-ancestors 'self' *.liantis.be;","count":1},{"content-security-policy-report-only":" base-uri 'self'; connect-src 'self' data: https:\/\/noembed.com https:\/\/www.chatbase.co https:\/\/bat.bing.com https:\/\/in-automate.brevo.com https:\/\/www.facebook.com https:\/\/www.googleadservices.com https:\/\/maps.googleapis.com https:\/\/pagead2.googlesyndication.com https:\/\/www.googletagmanager.com https:\/\/www.gstatic.com https:\/\/googleads.g.doubleclick.net https:\/\/stats.g.doubleclick.net https:\/\/ad.doubleclick.net https:\/\/twebshop.tomas-travel.com https:\/\/px.ads.linkedin.com https:\/\/analytics.tiktok.com https:\/\/cdn.plyr.io https:\/\/analytics-ipv6.tiktokw.us https:\/\/*.pinterest.com https:\/\/*.geneve.com https:\/\/*.google.com https:\/\/*.google-analytics.com https:\/\/*.google.ch https:\/\/*.axept.io https:\/\/*.clarity.ms https:\/\/*.personizely.net; default-src 'self'; font-src 'self' data: https:\/\/cdn.scite.ai https:\/\/cdn.vev.design https:\/\/fonts.gstatic.com https:\/\/fonts.axept.io https:\/\/assets.personizely.net; frame-src 'self' https:; img-src 'self' data: blob: https:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' inline eval https:\/\/www.googletagmanager.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' inline https:\/\/sibautomation.com https:\/\/www.chatbase.co https:\/\/bat.bing.com https:\/\/cdn.brevo.com https:\/\/maps.googleapis.com https:\/\/www.googletagmanager.com https:\/\/snap.licdn.com https:\/\/pixel.mathtag.com https:\/\/twebshop.tomas-travel.com https:\/\/connect.facebook.net https:\/\/www.youtube.com https:\/\/s.pinimg.com https:\/\/ct.pinterest.com https:\/\/analytics.tiktok.com https:\/\/cdn.vev.design https:\/\/js.vev.design https:\/\/embed.vev.page https:\/\/io1.eulerian.net https:\/\/static.personizely.net https:\/\/*.axept.io https:\/\/*.clarity.ms https:\/\/*.doubleclick.net; script-src-attr 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https:\/\/twebshop.tomas-travel.com https:\/\/fonts.googleapis.com https:\/\/fonts.axept.io https:\/\/www.gstatic.com; worker-src blob:; report-to csp-endpoint","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.fontawesome.com *.indigo.ai mtmc.iltrovatore.it data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.braintreegateway.com *.paypal.com google.com *.google.com *.doubleclick.net\/ *.vimeo.com *.demdex.net *.indigo.ai mtmc.iltrovatore.it 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io ebizmarts-website.s3.amazonaws.com *.mailchimp.com gallery.mailchimp.com magefan.com cm.magefan.com *.google.com *.google.it *.googleapis.com *.google-analytics.com *.analytics.google.com *.googleadservices.com *.vimeo.com *.googletagmanager.com *.paypalobjects.com *.demdex.net *.amazonaws.com *.swagger.io *.ytimg.com *.doubleclick.net *.magentocommerce.com *.adobe.com  *.everesttech.net *.omtrdc.net *.adobedtm.com *.bing.com *.indigo.ai mtmc.iltrovatore.it *.appdomain.cloud data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.youtube.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com chimpstatic.com downloads.mailchimp.com *.list-manage.com s7.addthis.com *.adobedtm.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.paypal.com *.paypalobjects.com *.googleapis.com *.vimeo.com *.chimpstatic.com *.mailchimp.com *.addthis.com *.bing.com *.hotjar.com *.facebook.net *.iubenda.com *.indigo.ai mtmc.iltrovatore.it 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com downloads.mailchimp.com *.fontawesome.com *.googleapis.com *.iubenda.com *.indigo.ai mtmc.iltrovatore.it 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.indigo.ai mtmc.iltrovatore.it 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com ekr.zdassets.com\/ *.demdex.net *.omtrdc.net *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.vimeo.com *.paypalobjects.com *.zdassets.com *.googleapis.com *.youtube.com https:\/\/maps.googleapis.com https:\/\/fonts.googleapis.com *.doubleclick.net *.hotjar.com *.iubenda.com *.indigo.ai mtmc.iltrovatore.it 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" default-src 'self'; connect-src *; font-src data: *; frame-src *; img-src data: *; media-src *; object-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *; style-src 'self' 'unsafe-inline'; report-uri https:\/\/csp-reports.firmseek.com\/hodgsonruss;","count":1},{"content-security-policy-report-only":" default-src 'self' *.aswo.com *.euras.com *.aswo.net ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.aswo.com *.euras.com *.aswo.net ; style-src 'self' 'unsafe-inline' *.aswo.com *.euras.com *.aswo.net ; img-src 'self' 'unsafe-inline' *.aswo.com *.euras.com *.aswo.net data: ; font-src 'self' 'unsafe-inline' *.aswo.com *.euras.com *aswo.net ; connect-src 'self' *.aswo.com *.euras.com *aswo.net ; object-src 'self' 'unsafe-inline' *.aswo.com *.euras.com *.aswo.net ; report-uri \/log881.php;","count":1},{"content-security-policy-report-only":" default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.bettermarks.com stetic.com bettermarks.com; report-uri https:\/\/csp-report-pro00.bettermarks.com\/csp\/report-only","count":1},{"content-security-policy-report-only":" font-src fonts.gstatic.com use.typekit.net *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/cdnjs.cloudflare.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com data: 'self' 'unsafe-inline'; form-action 'self' geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.googlesyndication.com *.tiktok.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com *; frame-ancestors 'self'; frame-src 'self' *.cookiebot.com fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https:\/\/www.google.com\/recaptcha\/ *.google.com *.doubleclick.net *.facebook.com *.googlesyndication.com *.tiktok.com secure.payu.com merch-prod.snd.payu.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com *; img-src 'self' *.cookiebot.com *.openstreetmap.org *.google.pl assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net validator.swagger.io 'self' data: *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com *.googlesyndication.com *.roeye.com *.tiktok.com static.payu.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com; script-src 'self' *.cookiebot.com 'unsafe-eval' 'unsafe-inline' *.openstreetmap.org *.makalu.com.pl *.paynow.pl assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com commerce-payments-sdk.adobe.io www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/www.google.com\/recaptcha\/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com *.googlesyndication.com *.jsdelivr.net *.tiktok.com secure.payu.com secure.snd.payu.com *.snrbox.com https:\/\/cdnjs.cloudflare.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com 'nonce-NnpibDI0eGZyMjhsdG1hZjFsZjlxYWtsNWp1bmdnbHA=' 'nonce-MjM0b2xmbzQ1MHExZ252d243NTNhMWxzNWt4bzlxb2Q=' 'nonce-Z2JybXB5dGxycGs5dHk0dXc0YnJ1YXY2Z2JhdHUwZW4=' 'sha256-W5akSSK6LD5BjIlNICMcXaUObQSRAaj6bs7JHADURBA=' 'sha256-3qVqeAdyxxTdPkkRzqapjGkAUYLahxSrB7Mdup+GPQ0=' 'sha256-2rvfFrggTCtyF5WOiTri1gDS8Boibj4Njn0e+VCBmDI=' 'sha256-p8MCfMHqrovsjRYU9z0bU17dd0z81k\/fVbGrtBBiM9g=' 'sha256-0pk2s4oXwBELlC6IBVb3nNaM2PjfjwI2N6OGIX5lx8Y=' 'sha256-nkEZknO0IxNxY\/CkTMBhjNhwPvglpYumjx31B4fjkY8='; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.makalu.com.pl *.adobe.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com *.googlesyndication.com *.tiktok.com *.snrcdn.net *.fontawesome.com maxcdn.bootstrapcdn.com https:\/\/fonts.googleapis.com https:\/\/cdnjs.cloudflare.com assets.braintreegateway.com https:\/\/widgets.trustedshops.com https:\/\/integrations.etrusted.com; object-src 'self' 'unsafe-eval'; media-src 'self' *.adobe.com; manifest-src 'self' 'unsafe-inline'; connect-src 'self' *.cookiebot.com 'unsafe-inline' *.openstreetmap.org *.makalu.com.pl *.google.pl dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.google-analytics.com *.facebook.com *.facebook.net *.google.com *.doubleclick.net *.googlesyndication.com *.tiktok.com secure.payu.com merch-prod.snd.payu.com *.snrbox.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com *.trustedshops.com *.etrusted.com; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' *.googleapis.com; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" font-src google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com paypal.com *.paypal.com youtube.com *.youtube.com wp.pl *.wp.pl id5-sync.com *.id5-sync.com magezon.com *.magezon.com clickonometrics.pl *.clickonometrics.pl *.fontawesome.com https:\/\/fonts.bunny.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com criteo.com *.criteo.com google.com *.google.com google.pl *.google.pl doubleclick.net *.doubleclick.net googletagmanager.com *.googletagmanager.com facebook.com *.facebook.com paypal.com *.paypal.com youtube.com wp.pl *.wp.pl id5-sync.com *.id5-sync.com magezon.com *.magezon.com clickonometrics.pl *.clickonometrics.pl *.google.com\/ https:\/\/www.youtube.com www.youtube.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io cookieyes.com *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com crazyegg.com *.crazyegg.com bing.com *.bing.com bing.net *.bing.net facebook.net *.facebook.net facebook.com *.facebook.com onet.pl *.onet.pl ocdn.eu *.ocdn.eu ceneo.pl *.ceneo.pl tiktok.com *.tiktok.com cdngazeta.pl *.cdngazeta.pl criteo.com *.criteo.com paypal.com *.paypal.com youtube.com wp.pl *.wp.pl id5-sync.com *.id5-sync.com magezon.com *.magezon.com shopdeputy.com *.shopdeputy.com creativecdn.com *.creativecdn.com kk-resources.com *.kk-resources.com clarity.ms *.clarity.ms cloudfront.net *.cloudfront.net edrone.me *.edrone.me google.com *.google.com google.pl *.google.pl googletagmanager.com *.googletagmanager.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com googleadservices.com *.googleadservices.com doubleclick.net *.doubleclick.net clickonometrics.pl *.clickonometrics.pl https:\/\/www.magezon.com magefan.com cm.magefan.com *.disqus.com https:\/\/firebasestorage.googleapis.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com cookieyes.com *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com crazyegg.com *.crazyegg.com bing.com *.bing.com bing.net *.bing.net facebook.net *.facebook.net facebook.com *.facebook.com onet.pl *.onet.pl ocdn.eu *.ocdn.eu ceneo.pl *.ceneo.pl tiktok.com *.tiktok.com cdngazeta.pl *.cdngazeta.pl criteo.com *.criteo.com paypal.com *.paypal.com youtube.com wp.pl *.wp.pl id5-sync.com *.id5-sync.com magezon.com *.magezon.com shopdeputy.com *.shopdeputy.com creativecdn.com *.creativecdn.com kk-resources.com *.kk-resources.com clarity.ms *.clarity.ms cloudfront.net *.cloudfront.net edrone.me *.edrone.me google.com *.google.com google.pl *.google.pl googletagmanager.com *.googletagmanager.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com googleadservices.com *.googleadservices.com doubleclick.net *.doubleclick.net clickonometrics.pl *.clickonometrics.pl *.disqus.com *.avada.io *.shopify.com *.google.com\/ www.youtube.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com paypal.com *.paypal.com youtube.com *.youtube.com wp.pl *.wp.pl id5-sync.com *.id5-sync.com magezon.com *.magezon.com clickonometrics.pl *.clickonometrics.pl *.fontawesome.com https:\/\/fonts.bunny.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com cookieyes.com *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com crazyegg.com *.crazyegg.com bing.com *.bing.com bing.net *.bing.net facebook.net *.facebook.net facebook.com *.facebook.com onet.pl *.onet.pl ocdn.eu *.ocdn.eu ceneo.pl *.ceneo.pl tiktok.com *.tiktok.com cdngazeta.pl *.cdngazeta.pl criteo.com *.criteo.com paypal.com *.paypal.com youtube.com *.youtube.com wp.pl *.wp.pl id5-sync.com *.id5-sync.com magezon.com *.magezon.com shopdeputy.com *.shopdeputy.com creativecdn.com *.creativecdn.com kk-resources.com *.kk-resources.com clarity.ms *.clarity.ms cloudfront.net *.cloudfront.net edrone.me *.edrone.me google.com *.google.com google.pl *.google.pl googletagmanager.com *.googletagmanager.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com googleadservices.com *.googleadservices.com doubleclick.net *.doubleclick.net clickonometrics.pl *.clickonometrics.pl https:\/\/get.geojs.io *.avada.io cdn.plyr.io noembed.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src cookieyes.com *.cookieyes.com cdn-cookieyes.com *.cdn-cookieyes.com crazyegg.com *.crazyegg.com bing.com *.bing.com bing.net *.bing.net facebook.net *.facebook.net facebook.com *.facebook.com onet.pl *.onet.pl ocdn.eu *.ocdn.eu ceneo.pl *.ceneo.pl tiktok.com *.tiktok.com cdngazeta.pl *.cdngazeta.pl criteo.com *.criteo.com paypal.com *.paypal.com youtube.com *.youtube.com wp.pl *.wp.pl id5-sync.com *.id5-sync-com magezon.com *.magezon.com shopdeputy.com *.shopdeputy.com creativecdn.com *.creativecdn.com kk-resources.com *.kk-resources.com clarity.ms *.clarity.ms cloudfront.net *.cloudfront.net edrone.me *.edrone.me google.com *.google.com google.pl *.google.pl googletagmanager.com *.googletagmanager.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com googleadservices.com *.googleadservices.com doubleclick.net *.doubleclick.net clickonometrics.pl *.clickonometrics.pl 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';","count":1},{"content-security-policy-report-only":" script-src https:\/\/optimize.google.com https:\/\/www.vevromerike.no 'self' https:\/\/stats.g.doubleclick.net https:\/\/vev.my.site.com https:\/\/checkoutshopper-test.adyen.com\/ https:\/\/d.la1-core1.sfdc-urlt2q.salesforceliveagent.com\/chat\/rest\/Visitor\/Settings.jsonp https:\/\/www.facebook.com https:\/\/pal-test.adyen.com https:\/\/vev.my.salesforce.com https:\/\/googleads.g.doubleclick.net\/ https:\/\/d.la3-c2-fra.salesforceliveagent.com\/chat\/rest\/Visitor\/Settings.jsonp https:\/\/www.youtube-nocookie.com https:\/\/www.google.com https:\/\/www.googleoptimize.com https:\/\/pay.google.com https:\/\/vev--c.vf.force.com\/ https:\/\/region1.google-analytics.com blob: https:\/\/d.la3-c2-fra.salesforceliveagent.com\/chat\/rest\/EmbeddedService\/EmbeddedServiceConfig.jsonp https:\/\/connect.facebook.net\/en_US\/fbevents.js https:\/\/www.google.no https:\/\/*.vevromerike.no https:\/\/vev.lightning.force.com https:\/\/*.vev.lightning.force.com https:\/\/monitoringpublic.solaredge.com https:\/\/www.telia.no https:\/\/vev.my.salesforce-scrt.com 'report-sample' https:\/\/d.la1-core1.sfdc-urlt2q.salesforceliveagent.com\/chat\/rest\/EmbeddedService\/EmbeddedServiceMenu.jsonp https:\/\/service.force.com\/embeddedservice\/ 'unsafe-eval' https:\/\/d.la3-c2-cdg.salesforceliveagent.com\/chat\/rest\/EmbeddedService\/EmbeddedServiceConfig.jsonp https:\/\/d.la1-core1.sfdc-urlt2q.salesforceliveagent.com\/chat\/rest\/Visitor\/Availability.jsonp 'unsafe-inline' https:\/\/payments.salesforce.com\/ https:\/\/pagead2.googlesyndication.com https:\/\/d.la1-core1.sfdc-urlt2q.salesforceliveagent.com\/chat\/rest\/EmbeddedService\/EmbeddedServiceConfig.jsonp https:\/\/checkoutshopper-live.adyen.com\/ https:\/\/d.la11-core1.sfdc-urlt2q.salesforceliveagent.com https:\/\/cdn.content.aws-prod1-useast1.aws.sfdc.cl\/ https:\/\/www.googletagmanager.com\/ https:\/\/connect.facebook.net\/ https:\/\/www.gstatic.com\/recaptcha\/ https:\/\/uip.canary.lwc.dev https:\/\/cdn.content.aws-dev2-uswest2.aws.sfdc.cl\/ https:\/\/d.la3-c2-cdg.salesforceliveagent.com\/chat\/rest\/Visitor\/Availability.jsonp https:\/\/www.googletagmanager.com\/gtag\/js https:\/\/www.facebook.com\/tr\/ https:\/\/www.google.com\/recaptcha\/ https:\/\/js.stripe.com\/ import: https:\/\/d.la3-c2-cdg.salesforceliveagent.com\/chat\/rest\/Visitor\/Settings.jsonp https:\/\/www.google-analytics.com *.salesforce.com https:\/\/www.paypal.com\/sdk\/js https:\/\/vev--c.vf.force.com https:\/\/d.la3-c2-fra.salesforceliveagent.com\/chat\/rest\/Visitor\/Availability.jsonp https:\/\/service.force.com https:\/\/vev.live-preview.salesforce-experience.com https:\/\/cdn.c360a.salesforce.com; report-to sfdc-csp-ep; report-uri https:\/\/vev.lightning.force.com\/_\/ContentDomainCSPNoAuth?tenantId=00D24000000Zs0w&networkId=0DM08000000sXzv&type=communities","count":1},{"content-security-policy-report-only":" connect-src 'self' 'unsafe-inline' 'unsafe-eval' backenster.com *.clarity.ms *.cloudflare.com *.cloudflareinsights.com *.doubleclick.net *.facebook.com *.facebook.net *.ggpht.com *.googleadservices.com *.google-analytics.com *.googleapis.com translate.google.com.hk www.google.at www.google.be www.google.com.ph www.google.com.ua www.google.co.uk www.google.de www.google.es www.google.fr www.google.nl www.google.pl *.google.com *.googlesyndication.com *.googletagmanager.com *.googleusercontent.com *.gstatic.com *.klaviyo.com *.rotoviewstudios.com *.storyblok.com *.youtube.com *.zeltrufgam.com api.marker.io ssr.marker.io s3.eu-west-1.amazonaws.com\/marker.sessions.prod; img-src 'self' 'unsafe-inline' 'unsafe-eval' *.clarity.ms *.doubleclick.net *.facebook.com *.facebook.net *.ggpht.com *.googleadservices.com *.googleapis.com www.google.at www.google.be www.google.ch www.google.com.ph www.google.com.tr www.google.com.ua www.google.co.uk www.google.cz www.google.de www.google.es www.google.fr www.google.it www.google.nl www.google.pl *.google.com *.googlesyndication.com *.googletagmanager.com *.googleusercontent.com *.gstatic.com *.rotoviewstudios.com *.storyblok.com blob: data: media.marker.io app.marker.io edge.marker.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.clarity.ms *.cloudflare.com *.cloudflareinsights.com *.doubleclick.net *.facebook.net *.googleapis.com translate.google.com.hk *.googlesyndication.com *.googletagmanager.com *.klaviyo.com *.rotoviewstudios.com *.storyblok.com *.youtube.com *.zeltrufgam.com edge.marker.io app.marker.io; frame-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com div.show *.facebook.com *.youtube.com *.zscalertwo.net app.marker.io; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.facebook.com *.gstatic.com *.klaviyo.com; form-action 'self' 'unsafe-inline' 'unsafe-eval' *.facebook.com app.marker.io api.marker.io; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.klaviyo.com *.rotoviewstudios.com; font-src 'self' 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.klaviyo.com pouch-global-font-assets.s3.eu-central-1.amazonaws.com app.marker.io edge.marker.io; child-src 'self' 'unsafe-inline' 'unsafe-eval'  app.marker.io; media-src 'self' 'unsafe-inline' 'unsafe-eval' media.marker.io app.marker.io edge.marker.io; report-uri https:\/\/b1c3d56e-840e-4cb0-ba39-47d59d063ecc.sansec.watch\/; report-to report-endpoint;","count":1},{"content-security-policy-report-only":" default-src 'self' data: *.facebook.com *.google.com.au *.tpc.googlesyndication.com *.stats.g.doubleclick.net *.google.co.in *.tgtag.io *.youtube.com *.abtasty.com *.gstatic.com *.googleapis.com *.amazonaws.com *.powerfront.com *.exacttarget.com *.adimo.co *.adimouat.co *.amazonaws.com *.formstack.com *.clarity.ms *.bing.com *.adswizz.com *.spotify.com *.googletagmanager.com *.adnxs.com *.aidemsrv.com *.criteo.com *.pinimg.com *.omguk.com *.abtasty.com *.bing.com *.cellardoor.co *.clarity.ms *.cquotient.com *.criteo.com *.criteo.net *.doubleclick.net *.facebook.com *.facebook.net *.force.com *.fouanalytics.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.igodigital.com *.linkedin.com *.omneo.io *.penfolds.cn *.penfolds.com *.salesforce.com *.salesforceliveagent.com *.spotify.com *.subscribepro.com *.tealiumiq.com *.tiqcdn.com *.vimeocdn.com *.wolfblass.com *.pinterest.com *.linkedin.com *.licdn.com *.smartadserver.com analytics.tiktok.com *.tiktok.com analytics-ipv6.tiktokw.us ads.tiktok.com; script-src 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' *.site.com *.flippingbook.com *.criteo.net *.cquotient.com *.adyen.com *.doubleclick.net *.hotjar.com *.google.com *.googleapis.com *.google-analytics.com *.googleadservices.com *.gstatic.com *.paypal.com *.paypalobjects.com *.facebook.net *.googletagmanager.com *.datatoolscloud.net.au *.igodigital.com *.salesforceliveagent.com *.serving-sys.com *.force.com *.tiqcdn.com *.rezdy.com *.polyfill.io *.cloudflare.com *.subscribepro.com *.dwin1.com *.criteo.com *.adnxs.com *.salesforce.com *.wayin.com *.typekit.net *.ooyala.com *.licdn.com *.getwisp.co *.omneo.io *.vimeo.com *.formstack.com *.thefork.com.au *.resy.com *.tealiumiq.com *.yimg.com *.go2cloud.org *.adobe.com *.cloudfront.net *.sc-static.net sc-static.net *.adsrvr.org *.googleoptimize.com *.googleanalytics.com *.bing.com *.facebook.com *.google.com.au *.tpc.googlesyndication.com *.stats.g.doubleclick.net *.google.co.in *.onelink-edge.com *.inside-graph.com *.fouanalytics.com *.tgtag.io *.youtube.com *.byspotify.com *.abtasty.com *.tryzens.com *.powerfront.com *.exacttarget.com blob: *.adimo.co *.adimouat.co *.amazonaws.com *.clarity.ms *.bing.com *.adswizz.com *.spotify.com *.aidemsrv.com *.pinimg.com *.omguk.com commerceops.tryzens-analytics.com *.abtasty.com *.bing.com *.cellardoor.co *.clarity.ms *.cquotient.com *.criteo.com *.criteo.net *.doubleclick.net *.facebook.com *.facebook.net *.force.com *.fouanalytics.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.igodigital.com *.linkedin.com *.omneo.io *.penfolds.cn *.penfolds.com *.salesforce.com *.salesforceliveagent.com *.spotify.com *.subscribepro.com *.tealiumiq.com *.tiqcdn.com *.vimeocdn.com *.wolfblass.com *.pinterest.com *.linkedin.com *.licdn.com *.smartadserver.com *.dyntrk.com unpkg.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.site.com d.ratepay.com *.ratepay.com analytics.tiktok.com *.tiktok.com analytics-ipv6.tiktokw.us ads.tiktok.com *.cloudflareinsights.com; style-src 'self' data: 'unsafe-inline' 'unsafe-hashes' *.site.com *.adyen.com *.googleapis.com *.force.com *.omneo.io *.subscribepro.com *.datatoolscloud.net.au *.salesforceliveagent.com *.ooyala.com *.formstack.com *.thefork.com.au *.go2cloud.org *.sc-static.net *.google.com *.google-analytics.com *.bing.com *.facebook.com *.google.com.au *.tpc.googlesyndication.com *.stats.g.doubleclick.net *.google.co.in *.inside-graph.com *.fouanalytics.com *.tgtag.io *.youtube.com *.byspotify.com *.abtasty.com *.gstatic.com *.powerfront.com *.exacttarget.com *.adimo.co *.adimouat.co *.amazonaws.com *.clarity.ms *.adswizz.com *.spotify.com *.googletagmanager.com *.adnxs.com *.aidemsrv.com *.criteo.com *.pinimg.com *.omguk.com *.abtasty.com *.bing.com *.cellardoor.co *.clarity.ms *.cquotient.com *.criteo.com *.criteo.net *.doubleclick.net *.facebook.com *.facebook.net *.force.com *.fouanalytics.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.igodigital.com *.linkedin.com *.omneo.io *.penfolds.cn *.penfolds.com *.salesforce.com *.salesforceliveagent.com *.spotify.com *.subscribepro.com *.tealiumiq.com *.tiqcdn.com *.vimeocdn.com *.wolfblass.com *.pinterest.com *.linkedin.com *.licdn.com *.smartadserver.com https:\/\/hcaptcha.com https:\/\/*.hcaptcha.com *.site.com analytics.tiktok.com *.tiktok.com analytics-ipv6.tiktokw.us ads.tiktok.com; img-src 'self' data: *.penfolds.com *.site.com *.cloudfront.net *.flippingbook.com *.adyen.com *.doubleclick.net *.facebook.com *.adform.net *.mediavine.com *.postrelease.com *.360yield.com *.twiago.com *.adscale.de *.1rx.io *.meba.kr *.rubiconproject.com *.aralego.com *.daum.net *.adsrvr.org *.dotomi.com *.contextweb.com *.admixer.co.kr *.adsymptotic.com *.smrtb.com *.bnmla.com *.tpmn.co.kr *.zemanta.com *.stackadapt.com *.kakao.com *.toast.com *.outbrain.com *.addthis.com *.gstatic.com *.google-analytics.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.bidswitch.net *.salesforce.com *.googletagmanager.com *.googleapis.com *.paypal.com *.mookie1.com *.igodigital.com *.adnxs.com *.googleadservices.com *.zenaps.com *.placeholder.com *.facebook.net *.3lift.com *.ad-stir.com *.adtdp.com *.advertising.com *.bing.com *.casalemedia.com *.clmbtech.com *.criteo.com *.dmxleo.com *.ivitrack.com *.mgid.com *.omnitagjs.com *.pubmatic.com *.rlcdn.com *.sharethrough.com *.smartadserver.com *.socdm.com *.stickyadstv.com *.taboola.com *.tapad.com *.yahoo.com *.yieldmo.com *.dable.io *.adingo.jp *.gssprt.jp *.microad.jp *.demandware.net *.media.net *.openx.net *.smaato.net *.smartclip.net *.yieldlab.net *.teads.tv *.ants.vn *.adswizz.com *.serving-sys.com *.unsplash.com *.typekit.net *.linkedin.com *.vimeocdn.com *.hotjar.com *.mathtag.com *.tealiumiq.com *.yimg.com *.go2cloud.org *.tpc.googlesyndication.com *.stats.g.doubleclick.net *.inside-graph.com *.fouanalytics.com *.tgtag.io *.youtube.com *.abtasty.com *.amazonaws.com *.powerfront.com *.exacttarget.com blob: *.adimo.co *.adimouat.co *.amazonaws.com *.formstack.com *.clarity.ms *.bing.com *.spotify.com *.aidemsrv.com *.pinimg.com *.omguk.com *.cquotient.com *.abtasty.com *.bing.com *.cellardoor.co *.clarity.ms *.criteo.com *.criteo.net *.doubleclick.net *.facebook.com *.facebook.net *.force.com *.fouanalytics.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.igodigital.com *.linkedin.com *.omneo.io *.penfolds.cn *.penfolds.com *.salesforce.com *.salesforceliveagent.com *.spotify.com *.subscribepro.com *.tealiumiq.com *.tiqcdn.com *.vimeocdn.com *.wolfblass.com *.pinterest.com *.linkedin.com *.licdn.com *.smartadserver.com *.dyntrk.com cdn.n.dynstc.com analytics.tiktok.com *.tiktok.com analytics-ipv6.tiktokw.us ads.tiktok.com; font-src 'self' data: *.site.com *.sfdcstatic.com *.gstatic.com *.typekit.net *.hotjar.com *.ooyala.com *.formstack.com *.go2cloud.org *.inside-graph.com *.fouanalytics.com *.byspotify.com *.abtasty.com *.googleapis.com *.powerfront.com *.exacttarget.com blob: *.adimo.co *.adimouat.co *.amazonaws.com *.clarity.ms *.bing.com *.adswizz.com *.spotify.com *.googletagmanager.com *.adnxs.com *.aidemsrv.com *.facebook.com *.criteo.com *.pinimg.com *.omguk.com *.abtasty.com *.bing.com *.cellardoor.co *.clarity.ms *.cquotient.com *.criteo.com *.criteo.net *.doubleclick.net *.facebook.com *.facebook.net *.force.com *.fouanalytics.com *.google.com *.googletagmanager.com *.hotjar.com *.hotjar.io *.igodigital.com *.linkedin.com *.omneo.io *.penfolds.cn *.penfolds.com *.salesforce.com *.salesforceliveagent.com *.spotify.com *.subscribepro.com *.tealiumiq.com *.tiqcdn.com *.vimeocdn.com *.wolfblass.com; connect-src 'self' *.site.com *.analytics.google.com analytics.google.com *.flippingbook.com *.hotjar.com *.hotjar.io *.serving-sys.com *.paypal.com *.tryzens-analytics.com:12280 *.tryzens-analytics.com:12443 *.google-analytics.com *.googleapis.com *.tealiumiq.com *.facebook.net *.demandware.net *.ooyala.com *.getomneo.com *.force.com wss: *.yimg.com *.adobe.io *.snapchat.com *.onelink-edge.com *.inside-graph.com *.fouanalytics.com *.youtube.com *.byspotify.com *.abta