Header Set Strict-Transport-Security: max-age=10886400; includeSubDomains
Header Set Content-Security-Policy: default-src 'self' https://*.klaviyo.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io ws://ws5.hotjar.com wss://*.hotjar.com www.google.ca www.google.com www.clarity.ms tr.lfeeder.com *.linkedin.com app.balingwiredirect.com static.hotjar.com play.google.com vars.hotjar.com script.hotjar.com bid.g.doubleclick.net *.adsymptotic.com *.hotjar.com www.youtube-nocookie.com maps.googleapis.com nocookie.sandbox.balingwiredirect.com shop.balingwiredirect.com www.google-analytics.com nocookie.balingwiredirect.com www.googleadservices.com webhooks.remarkety.com www.facebook.com analytics.google.com fonts.googleapis.com 'unsafe-inline' maps.googleapis.com h.clarity.ms a.clarity.ms googleads.g.doubleclick.net api.livechatinc.com bat.bing.com connect.facebook.net d3ryumxhbd2uw7.cloudfront.net static-tracking.klaviyo.com www.googleadservices.com www.google-analytics.com snap.licdn.com www.gstatic.com sc.lfeeder.com v4.balingwiredirect.com d.clarity.ms webhooks.remarkety.com cdn.livechatinc.com static.klaviyo.com www.googletagmanager.com nocookie.sandbox.balingwiredirect.com fonts.googleapis.com fonts.gstatic.com webhooks.remarkety.com stats.g.doubleclick.net secure.livechatinc.com f.clarity.ms www.shopperapproved.com j.clarity.ms
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Referrer-Policy "same-origin"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Referrer-Policy "same-origin"
