Content-Security-Policy: default-src     'self'     http:;   worker-src     blob:;   script-src     blob:     https://www.google-analytics.com     https://www.googletagmanager.com     https://static.zdassets.com     https://dev-castro.oie.unitq.com     https://dev.id.unitq.com     https://qa.id.unitq.com     https://id.unitq.com     https://*.atlassian.net     'self'     'unsafe-inline'     'unsafe-eval'     app.pendo.io     pendo-io-static.storage.googleapis.com     cdn.pendo.io     pendo-static-6613479039303680.storage.googleapis.com     data.pendo.io;   style-src     https:     'unsafe-inline'     'self'     app.pendo.io     cdn.pendo.io     pendo-static-6613479039303680.storage.googleapis.com     http://localhost:8080;   img-src     https://www.google-analytics.com     https://www.googletagmanager.com     https://*.atlassian.net     cdn.pendo.io     app.pendo.io     pendo-static-6613479039303680.storage.googleapis.com     data.pendo.io     'self'     'unsafe-inline'     data:;