Content-Security-Policy-Report-Only | worker-src 'self'; img-src data: 'self' https://*.gravatar.com https://*.intercomassets.com https://*.intercomcdn.com https://*.google-analytics.com; object-src 'self'; default-src 'self'; frame-src https://*.stripe.com https://*.box.com 'self' https://*.vimeo.com; media-src 'self' https://*.intercomcdn.com; child-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_cb71aae4b7974e8dbe9d22b71d958da4; style-src https://*.googleapis.com 'unsafe-inline' 'self' https://*.cdn.telerik.com https://*.cloudflare.com; script-src 'unsafe-inline' 'self' https://*.jquery.com https://*.stripe.com https://*.cdn.telerik.com https://*.google-analytics.com 'unsafe-eval' https://*.intercomcdn.com https://*.intercom.io wss://*.intercom.io https://*.cloudflare.com; font-src https://*.gstatic.com https://*.intercomcdn.com 'self' https://*.cdn.telerik.com https://*.cloudflare.com; manifest-src 'self'; connect-src https://*.intercom.io 'self' wss://*.intercom.io |