/*
  X-Frame-Options: DENY
  X-Content-Type-Options: nosniff
  Permissions-Policy: document-domain=()
  Content-Security-Policy: script-src 'self' 'static.cloudflareinsights.com'; frame-ancestors 'none';