X-Content-Security-Policy | media-src 'self' *.amazonaws.com https://js.intercomcdn.com; font-src 'self' themes.googleusercontent.com *.gstatic.com maxcdn.bootstrapcdn.com use.fontawesome.com https://js.intercomcdn.com; img-src 'self' *.amazonaws.com *.google.com *.google-analytics.com stats.g.doubleclick.net data: https://static.intercomassets.com https://js.intercomcdn.com https://static.intercomassets.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com ; connect-src 'self' https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com; child-src https://share.intercom.io https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; script-src 'self' *.googleanalytics.com *.google-analytics.com *.github.io ajax.googleapis.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com use.fontawesome.com sdk.amazonaws.com unpkg.com use.fontawesome.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com nonce-tmp; style-src 'self' ajax.googleapis.com fonts.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com use.fontawesome.com *.github.io 'unsafe-inline'; default-src 'self' *.gstatic.com *.intercom.io *.intercomcdn.com; report-uri https://www.ensodata.com/api/csp_report |