Content-Security-Policy: default-src 'self' *.pressidium.com https://cdn.logrocket.io https://www.google-analytics.com https://stats.pusher.com/ https://*.braintree-api.com/ https://api.braintreegateway.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.pressidium.com https://*.hotjar.io https://*.hotjar.com https://script.hotjar.com https://cdn.logrocket.io https://www.google-analytics.com https://stats.pusher.com https://*.braintree-api.com/ https://*.braintreegateway.com https://songbird.cardinalcommerce.com/ https://*.lr-ingest.io/ https://*.googletagmanager.com/ https://*.posthog.com https://static.client.cardinaltrusted.com/; img-src 'self' *.pressidium.com https://*.google-analytics.com https://*.googletagmanager.com  https://stats.g.doubleclick.net data: www.gravatar.com https://*.hotjar.io https://*.hotjar.com https://*.googletagmanager.com; connect-src 'self' *.pressidium.com https://*.pusher.com/ wss://*.pusher.com/ https://*.logrocket.io https://*.braintree-api.com/ https://*.braintreegateway.com https://api.wordpress.org/ https://*.cardinalcommerce.com https://*.lr-ingest.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://stats.g.doubleclick.net https://*.posthog.com https://*.cardinaltrusted.com; font-src 'self' data: https://*.hotjar.io https://*.hotjar.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://*.hotjar.com; object-src 'self'; frame-src * *; child-src https://*.hotjar.io https://vars.hotjar.com; report-uri https://sentry.pressidium.com/*