Content-Security-Policy: report-uri /api/report-csp-violation; script-src 'self' 'wasm-unsafe-eval' cdn.eiger.io cdn.dev.eiger.io cmp.osano.com consent.api.osano.com disclosure.api.osano.com tattle.api.osano.com *.google-analytics.com *.googletagmanager.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5533347562455040.storage.googleapis.com data.pendo.io widget.intercom.io app.intercom.io js.intercomcdn.com content.product.eiger.io data.product.eiger.io tagmanager.google.com use.typekit.net performance.typekit.com cdnjs.cloudflare.com js.stripe.com connect-js.stripe.com www.datadoghq-browser-agent.com 'sha256-1eJArrmrWAFkIw+mfskp4IYAwyLTHlG7k2ticca+J/Y=' 'nonce-1e4e9353-6c30-4ca9-a55c-cdc73161df76'; style-src 'self' 'unsafe-inline' cdn.eiger.io cdn.dev.eiger.io tagmanager.google.com *.googletagmanager.com fonts.googleapis.com use.typekit.net app.pendo.io cdn.pendo.io pendo-static-5533347562455040.storage.googleapis.com content.product.eiger.io data.product.eiger.io; font-src 'self' cdn.eiger.io cdn.dev.eiger.io use.typekit.net fonts.gstatic.com data: https://js.intercomcdn.com https://fonts.intercomcdn.com; connect-src 'self' cmp.osano.com consent.api.osano.com disclosure.api.osano.com tattle.api.osano.com stats.g.doubleclick.net/ s3.amazonaws.com/mfmatterhorn/ s3.amazonaws.com/mfvesuvius/ s3.amazonaws.com/mf-k2/ cognito-idp.us-east-1.amazonaws.com cdn.eiger.io/ cdn.dev.eiger.io/ performance.typekit.net app.pendo.io data.pendo.io pendo-static-5533347562455040.storage.googleapis.com https://via.intercom.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://*.intercom-messenger.com wss://*.intercom-messenger.com content.product.eiger.io data.product.eiger.io *.google-analytics.com *.browser-intake-datadoghq.com status.eiger.io js.stripe.com connect-js.stripe.com mfeiger-production.s3.amazonaws.com mf-search-images-production.s3.amazonaws.com mf-smartslice.s3.amazonaws.com performance.typekit.net wss://www.eiger.io; img-src 'self' data: cdn.eiger.io cdn.dev.eiger.io p.typekit.net data.pendo.io cdn.pendo.io app.pendo.io pendo-static-5533347562455040.storage.googleapis.com data.pendo.io content.product.eiger.io data.product.eiger.io blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com *.google-analytics.com *.googletagmanager.com fonts.gstatic.com stats.g.doubleclick.net mfeiger-production.s3.amazonaws.com mf-search-images-production.s3.amazonaws.com cdn.eiger.io; frame-src app.pendo.io *.googletagmanager.com js.stripe.com connect-js.stripe.com cmp.osano.com consent.api.osano.com disclosure.api.osano.com tattle.api.osano.com player.vimeo.com *.youtube.com; child-src https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; frame-ancestors app.pendo.io; form-action 'self' app.pendo.io https://intercom.help https://api-iam.intercom.io *.eiger.io *.markforged.com https://markforged--uat.sandbox.my.site.com http://localhost:3030; media-src 'self' cdn.eiger.io cdn.dev.eiger.io https://js.intercomcdn.com; worker-src 'self' blob: