Content-Security-Policy | default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.bufferapp.com *.cloudfront.net *.doubleclick.net *.facebook.com *.facebook.net *.getdrip.com *.google.com *.gstatic.com *.intercom.io *.kxcdn.com *.linkedin.com *.segment.io *.sendinblue.com *.sumome.com *.userengage.io *.vimeocdn.com api.mailgun.net api.mixpanel.com buttons.reddit.com cdn.mxpnl.com cdn.segment.com facebook.net fonts.googleapis.com fonts.gstatic.com getdrip.com in-automate.sendinblue.com js.intercomcdn.com player.vimeo.com s.sib.im s.w.org secure.gravatar.com segment.io sibautomation.com static.intercomassets.com sumo.com sumome.com vimeo.com widget.intercom.io widgets.pinterest.com wss://*.intercom.io wss://*.userengage.io www.google-analytics.com www.google.co.uk www.googletagmanager.com www.yummly.com; |