Content-Security-Policy-Report-Only: default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.highnote.com highnote.com www.googletagmanager.com googleads.g.doubleclick.net *.sentry.io *.posthog.com unpkg.com; script-src-elem 'self' 'unsafe-inline' *.highnote.com highnote.com www.googletagmanager.com googleads.g.doubleclick.net *.posthog.com unpkg.com; style-src 'self' 'unsafe-inline' *.highnote.com highnote.com; img-src 'self' data: *.highnote.com highnote.com www.google.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com www.linkedin.com *.ads.linkedin.com media.graphassets.com storage.googleapis.com checkbook-checks.s3.amazonaws.com checkbook-checks-sandbox.s3.amazonaws.com; font-src 'self' data: *.highnote.com highnote.com; frame-src 'self' *.highnote.com highnote.com www.googletagmanager.com storage.googleapis.com; connect-src 'self' *.highnote.com highnote.com *.sentry.io www.google-analytics.com storage.googleapis.com region1.google-analytics.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net browser-intake-us5-datadoghq.com *.algolia.net *.algolianet.com *.posthog.com; media-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; worker-src blob:; form-action 'self' *.highnote.com; report-uri https://o492040.ingest.us.sentry.io/api/4510921137455104/security/?sentry_key=5afce4b9364792aaf1292c9ffa7de913