Content-Security-Policy: default-src 'self'; font-src 'self' https://*.zohocdn.com; script-src 'self' 'unsafe-inline' *.zohopublic.eu *.zohocdn.com connect.facebook.net bat.bing.com bat.bing.net static.ads-twitter.com *.googletagmanager.com *.doubleclick.net *.google-analytics.com *.redditstatic.com analytics.tiktok.com pixel.byspotify.com *.googlesyndication.com; style-src 'self' 'unsafe-inline' *.zohopublic.eu *.zohocdn.com *.doubleclick.net; object-src 'none'; base-uri 'self'; connect-src 'self' *.zohopublic.eu *.facebook.com bat.bing.com bat.bing.net *.google-analytics.com *.google.com *.google.es *.doubleclick.net *.trackingplan.com *.googlesyndication.com *.reddit.com *.redditstatic.com analytics.tiktok.com *.tiktokw.us *.googleadservices.com pixels.spotify.com; frame-src 'self' salesiq.zohopublic.eu *.facebook.com *.youtube.com *.youtube-nocookie.com *.doubleclick.net *.googletagmanager.com; img-src 'self' data: hostwordpress.es *.hostwordpress.es *.zohopublic.eu *.zohocdn.com analytics.twitter.com t.co *.facebook.com google.com google.es *.ytimg.com bat.bing.com bat.bing.net *.google.com *.google.es *.googletagmanager.com secure.gravatar.com *.reddit.com analytics.tiktok.com *.tiktokw.us googleads.g.doubleclick.net *.googleadservices.com desk.zoho.com helpdesk.cdmon.com; manifest-src 'self'; media-src 'self' https://*.zohocdn.com; worker-src 'none';