Content-Security-Policy: default-src https://use.typekit.net 'self';script-src 'self' https://use.typekit.net https://*.analytics.google.com https://*.google.be https://*.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://*.getsitecontrol.com https://*.getsitectrl.com https://*.iubenda.com https://*.contentsquare.net https://challenges.cloudflare.com https://*.webhosting.be 'unsafe-eval' 'unsafe-inline';connect-src 'self' https://*.analytics.google.com https://*.google.be https://*.google-analytics.com https://*.getsitecontrol.com https://*.getsitectrl.com https://*.iubenda.com https://*.contentsquare.net https://challenges.cloudflare.com https://*.webhosting.be;img-src 'self' https://ssl.gstatic.com https://www.gravatar.com https://*.google-analytics.com https://*.google.be https://*.google-analytics.com https://*.webhosting.be data: 'unsafe-inline';style-src 'self' https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com 'unsafe-inline';frame-src https://challenges.cloudflare.com;object-src 'none';font-src 'self' https://fonts.gstatic.com data:;frame-ancestors https://*.webhosting.be;sandbox allow-forms allow-same-origin allow-scripts allow-popups;base-uri 'self';upgrade-insecure-requests;