Refused to apply style from 'https://med-fit.hu/media/porto/web/css/animate.optimized.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/web/css/header/type1.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/web/bootstrap/css/bootstrap.optimized.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/web/css/custom.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/configed_css/settings_hu.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/configed_css/design_hu.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/web/css/header/type1.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/web/css/custom.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/web/bootstrap/css/bootstrap.optimized.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/configed_css/settings_hu.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/web/css/animate.optimized.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://med-fit.hu/
Description
Refused to apply style from 'https://med-fit.hu/media/porto/configed_css/design_hu.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
Strict MIME checking
Ensures the resource is of the correct type before being interpreted by the browser.
Resource
https://www.googletagmanager.com/
Description
[Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src 'self' fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com https://www.google.com/recaptcha/ *.braintreegateway.com *.paypal.com google.com *.google.com".
[Report Only] Refused to load the script 'https://static.hotjar.com/c/hotjar-3129066.js?sv=7' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the script 'https://assets.anytrack.io/QLabt8WU7Nrr.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the script 'https://static.zdassets.com/ekr/snippet.js?key=7e650655-8d74-4658-bb40-ec93147c42ec' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the script 'https://assets.anytrack.io/QLabt8WU7Nrr.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the script 'https://script.hotjar.com/modules.1f3821f9cafd68374ab2.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the script 'https://static.zdassets.com/web_widget/classic/latest/web-widget-main-c88ad82.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the script 'https://script.hotjar.com/survey-v2.0b1795a12a9371db684b.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the font 'https://script.hotjar.com/font-hotjar_5.65042d.woff2' because it violates the following Content Security Policy directive: "font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'".
[Report Only] Refused to load the font 'https://script.hotjar.com/font-hotjar_5.0ddfe2.ttf' because it violates the following Content Security Policy directive: "font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'".
[Report Only] Refused to load the font 'https://script.hotjar.com/font-hotjar_5.17b429.woff' because it violates the following Content Security Policy directive: "font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'".
[Report Only] Refused to load the font 'https://script.hotjar.com/Roboto-Regular.422781.woff2' because it violates the following Content Security Policy directive: "font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'".
[Report Only] Refused to load the font 'https://script.hotjar.com/Roboto-Regular.376ea5.woff' because it violates the following Content Security Policy directive: "font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'".
[Report Only] Refused to load the font 'https://script.hotjar.com/Roboto-Medium.ef8bb0.woff2' because it violates the following Content Security Policy directive: "font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'".
[Report Only] Refused to load the font 'https://script.hotjar.com/Roboto-Medium.52cb73.woff' because it violates the following Content Security Policy directive: "font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'".
[Report Only] Refused to load the script 'https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-c88ad82.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the script 'https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-c88ad82.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load the script 'https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-c88ad82.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
[Report Only] Refused to load media from 'https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3' because it violates the following Content Security Policy directive: "media-src *.adobe.com 'self' 'unsafe-inline'".
[Report Only] Refused to load media from 'https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3' because it violates the following Content Security Policy directive: "media-src *.adobe.com 'self' 'unsafe-inline'".