Content-Security-Policy-Report-Only | default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://*.newrelic.com/ https://*.nr-data.net/ https://tags.tiqcdn.com/; connect-src 'self'; img-src 'self' data: https://*.rackcdn.com/ https://rackspace.112.2o7.net/ https://www.google.com/ https://www.google-analytics.com/ https://googleads.g.doubleclick.net/; style-src 'self' 'unsafe-inline' https://*.rackcdn.com/ https://fonts.googleapis.com/; font-src 'self' https://*.rackcdn.com/ https://fonts.googleapis.com/ https://fonts.gstatic.com/; child-src 'self' https://*.doubleclick.net/ https://*.qualtrics.com/ https://www.youtube.com/; report-uri /csp-reports |