Content-Security-Policy | child-src 'self' blob:; connect-src *; default-src 'self'; img-src 'self' 'self' data: blob: api.mapbox.com www.google-analytics.com ssl.gstatic.com www.gstatic.com tst.aviondo.com; font-src 'self' fonts.gstatic.com data:; object-src 'self'; media-src 'self'; manifest-src 'self'; script-src 'self' 'nonce-4df06e5a-840e-4cfe-afbf-34d6c8c97976' 'unsafe-inline' blob: www.googletagmanager.com tagmanager.google.com www.google-analytics.com cdn.polyfill.io 'unsafe-eval'; style-src 'self' 'unsafe-inline' blob: fonts.googleapis.com cdn.rawgit.com tagmanager.google.com; report-uri https://aviondo.duckdns.org:9000/api/2/csp-report/?sentry_key=1dc7093c478e48c3a8450525bc2ae47d |