Content-Security-Policy: default-src 'self' https: wss:; font-src 'self' https: data: fonts.gstatic.com client.crisp.chat; img-src 'self' https: data: blob: assets.braintreegateway.com checkout.paypal.com img.fullcontact.com *.gravatar.com www.googletagmanager.com image.crisp.chat client.crisp.chat d33v4339jhl8k0.cloudfront.net chatapi-prod.s3.amazonaws.com/; object-src client.crisp.chat; script-src 'self' https: 'unsafe-inline' 'strict-dynamic' 'nonce-FQxdc/d34jR/3i67zXfpFQ=='; style-src 'self' https: 'unsafe-inline' client.crisp.chat fonts.googleapis.com maps.googleapis.com; child-src 'self' blob: assets.braintreegateway.com c.paypal.com; frame-src 'self' assets.braintreegateway.com c.paypal.com *.cardinalcommerce.com ssl.kaptcha.com tst.kaptcha.com client.crisp.chat game.crisp.chat www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ www.recaptcha.net d.agkn.com/iframe/; connect-src 'self' https: wss: api.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.sandbox.braintreegateway.com *.braintreegateway.com client-analytics.braintreegateway.com *.braintree-api.com http://localhost:3000 http://0.0.0.0:3000 ws://localhost:3000 http://localhost:3035 http://0.0.0.0:3035 ws://localhost:3035 *.heypoplar.com *.sharelocalmedia.com wss://*.crisp.chat *.leapmail.com wss://*.pusher.com *.sumologic.com www.googletagmanager.com; media-src client.crisp.chat; base-uri docs.heypoplar.com; frame-ancestors 'self'; worker-src 'self' data: blob:; form-action 'self' accounts.google.com login.microsoftonline.com api.workos.com *.workos.com *.cloudflareaccess.com https://www.klaviyo.com; report-uri https://sentry.io/api/1303347/security/?sentry_key=81e92d71f8c34a9085294053e18e7e2d