Content-Security-Policy: base-uri 'none'; font-src 'self' https: data:; form-action 'self'; frame-ancestors self http://localhost:3000/ http://*.storyblok.com/ https://*.storyblok.com/ https://prod-www-blackline-com.s3.amazonaws.com/; img-src 'self' data: https://*.blackline.com/ https://qa.blackline.com/ https://*.storyblok.com/ https://*.bizible.com/ https://*.visualwebsiteoptimizer.com/ https://*.blob.core.windows.net/ https://*.vidyard.com/ https://*.google.com/ https://*.google.ro/ https://*.google-analytics.com https://pagead2.googlesyndication.com https://www.googletagmanager.com https://fonts.gstatic.com https://*.facebook.com/ https://*.clarity.ms/ https://*.google-analytics.com/ https://*.6sc.co/ https://*.rlcdn.com/ https://*.cookielaw.org/ https://*.linkedin.com/ https://snap.licdn.com https://*.bizibly.com/ https://*.bing.com/ https://*.bing.net/ https://*.pendo.io/ https://*.ytimg.com/ https://img.youtube.com/; object-src 'self' http://localhost:3000/ http://localhost:3001/ http://*.storyblok.com/ https://*.storyblok.com/ https://*.blackline.com/ https://qa.blackline.com/; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'strict-dynamic' 'nonce-jdjDoLmlDZtIy6+XHzc6+A==' https://*.blackline.com/ https://qa.blackline.com/ https://*.company-target.com/ https://snap.licdn.com https://www.linkedin.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googletagmanager.com https://pagead2.googlesyndication.com; upgrade-insecure-requests;