Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js-eu1.hubspot.com/ cdn.jsdelivr.net *.thghosting.local *.gb1-li-thghostinguat-001.io.thehut.local *.gb4-li-thghostinguat-001.io.thehut.local *.ingenuitycloudservices.com *.hs-scripts.com *.hs-banner.com *.hscollectedforms.net *.hs-analytics.net *.usemessages.com cdn.cookielaw.org t.contentsquare.net track.gaconnector.com tracker.gaconnector.com app.contentsquare.com ma.zoho.eu maillist-manage.eu pagesense-proxy.eu js.stripe.com scout-cdn.salesloft.com secure.seat6worn.com googleads.g.doubleclick.net bat.bing.com connect.facebook.net player.vimeo.com chat.puzzel.com *.google.com t.gatorleads.co.uk www.gstatic.com snap.licdn.com js.driftt.com js.driftqa.com www.googletagmanager.com static.hotjar.com script.hotjar.com www.google-analytics.com www.googleadservices.com connect.facebook.net pi.pardot.com; default-src 'self' 'unsafe-inline' ma.zoho.eu maillist-manage.eu idx.liadm.com cdn.linkedin.oribi.io ws://127.0.0.1:35729 *.thghosting.local *.gb1-li-thghostinguat-001.io.thehut.local *.gb4-li-thghostinguat-001.io.thehut.local *.ingenuitycloudservices.com bat.bing.com scout.salesloft.com js.driftqa.com js.driftt.com chat.puzzel.com www.google-analytics.com script.hotjar.com stats.g.doubleclick.net in.hotjar.com; frame-src 'self' *.thghosting.local *.gb1-li-thghostinguat-001.io.thehut.local *.gb4-li-thghostinguat-001.io.thehut.local *.ingenuitycloudservices.com *.hubspot.com td.doubleclick.net https://www.googletagmanager.com https://td.doubleclick.net js.stripe.com https://player.vimeo.com https://youtu.be https://www.youtube.com/ *.google.com www.googletagmanager.com js.driftt.com vars.hotjar.com www.facebook.com; style-src-elem 'self' 'unsafe-inline' blob: *.thghosting.local *.gb1-li-thghostinguat-001.io.thehut.local *.gb4-li-thghostinguat-001.io.thehut.local *.ingenuitycloudservices.com fonts.googleapis.com; img-src 'self' blob: data: https://bat.bing.net/ do.oncdn.uk *.hsforms.com *.hubspot.com cdn.cookielaw.org *.contentsquare.net i.vimeocdn.com *.thghosting.local *.gb1-li-thghostinguat-001.io.thehut.local *.gb4-li-thghostinguat-001.io.thehut.local *.ingenuitycloudservices.com scout.eu1.salesloft.com bat.bing.com chat.puzzel.com *.linkedin.com p.adsymptotic.com popup.communigator.co.uk www.facebook.com www.google-analytics.com www.google.com www.google.co.uk googleads.g.doubleclick.net script.hotjar.com; font-src data: 'self' *.thghosting.local *.gb1-li-thghostinguat-001.io.thehut.local *.gb4-li-thghostinguat-001.io.thehut.local *.ingenuitycloudservices.com script.hotjar.com fonts.gstatic.com; child-src blob:; worker-src blob:; connect-src thghosting.local *.thghosting.local gb1-li-thghostinguat-001.io.thehut.local *.gb1-li-thghostinguat-001.io.thehut.local gb4-li-thghostinguat-001.io.thehut.local *.gb4-li-thghostinguat-001.io.thehut.local ingenuitycloudservices.com *.ingenuitycloudservices.com *.hubspot.com *.hs-banner.com *.hscollectedforms.net cdn.cookielaw.org track.gaconnector.com www.google.com *.contentsquare.net ma.zoho.eu cdn.linkedin.oribi.io idx.liadm.com *.google-analytics.com ma.zoho.eu maillist-manage.eu scout.salesloft.com js.stripe.com px.ads.linkedin.com idx.liadm.com;