<script>tag via CDN, or can be included in your build via NPM.
<head>section of your website.
https://cobrowse.io/proxy/1/assets/<hex encoded asset>. You can check which assets are encoded by pasting the hex code into https://cryptii.com/pipes/hex-decoder.
Refused to connect to https://cobrowse.io/... because it violates the document's Content Security Policy.
connect-src cobrowse.io *.cobrowse.io wss://*.cobrowse.io;
script-src 'unsafe-inline' js.cobrowse.io;