Content-Security-Policy: upgrade-insecure-requests; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.snitcher.com static.cloudflareinsights.com cdn.bolddesk.com cdn-cookieyes.com *.stripe.com *.bing.com *.capterra.com *.ads-twitter.com *.clarity.ms *.tawk.to *.crisp.chat cdn-cookieyes.com *.jsdelivr.net *.xing-share.com *.xing.com *.hotjar.com *.hotjar.io *.ads.linkedin.com cdn.svgator.com *.licdn.com *.opmnstr.com *.omappapi.com *.alexametrics.com *.yandex.ru *.youtube.com *.redditstatic.com s.ytimg.com *.syncfusion.com *.syncfusion.de *.google.com maps.googleapis.com storage.googleapis.com ajax.googleapis.com www.gstatic.com *.googletagmanager.com cdnjs.cloudflare.com www.googleadservices.com connect.facebook.net use.typekit.net *.google-analytics.com googleads.g.doubleclick.net *.ytimg.com cdn.swaychat.com serve.albacross.com api.swayio.com *.firebaseio.com verify.authorize.net seal.digicert.com cdn.rawgit.com *.addthis.com m.addthisedge.com *.visualwebsiteoptimizer.com app.vwo.com *.paypal.com; worker-src 'self' blob:; style-src  'self' 'unsafe-inline' cdn-cookieyes.com cdn.bolddesk.com *.xing-share.com *.xing.com *.jsdelivr.net *.crisp.chat fonts.googleapis cdn-cookieyes.com *.omappapi.com *.bootstrapcdn.com *.syncfusion.com *.syncfusion.de *.redditstatic.com cdn.swaychat.com *.google.com *.googleapis.com cdn.jsdelivr.net cdnjs.cloudflare.com cdn.rawgit.com *.paypal.com; frame-src cdn.swaychat.com *.stripe.com https://calendly.com/ *.amazonaws.com *.facebook.com  *.xing-share.com *.xing.com *.hotjar.com *.hotjar.io *.opmnstr.com *.firebaseio.com *.syncfusion.com *.syncfusion.de bid.g.doubleclick.net td.doubleclick.net *.addthis.com www.youtube.com api.swayio.com *.google.com *.googletagmanager.com www.gstatic.com https://player.vimeo.com/ *.paypal.com; object-src 'self' *.syncfusion.com; base-uri 'none'; frame-ancestors 'self' *.syncfusion.com ej2.syncfusion.com