Content-Security-Policy: upgrade-insecure-requests

Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' https://*.funnel.io https://funnel.io https://*.hsadspixel.net https://*.hs-analytics.net https://js.hscta.net https://js-eu1.hscta.net https://*.hubspot.com https://static.hsappstatic.net https://*.usemessages.com https://*.hs-banner.com https://*.hubspotusercontent00.net https://*.hubspotusercontent10.net https://*.hubspotusercontent20.net https://*.hubspotusercontent30.net https://*.hubspotusercontent40.net https://*.hubspot.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.hsforms.net https://*.hsforms.com https://*.hs-scripts.com https://*.hubspotfeedback.com https://feedback.hubapi.com https://feedback-eu1.hubapi.com https://googletagmanager.com https://*.googletagmanager.com https://tagmanager.google.com https://www.googleadservices.com https://www.google.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://tags.fullcontact.com https://bat.bing.com https://*.tiktok.com https://tr.snapchat.com https://tr.capterra.com https://s.pinimg.com https://connect.facebook.net https://snap.licdn.com https://*.claydar.com https://*.fullstory.com https://funnel-io.github.io https://analytics.sayprimer.com 'nonce-i8rtBfq/TLhpDlYFzyS1/g=='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hubspotusercontent-na1.net https://cdn2.hubspot.net https://*.hsappstatic.net https://www.gstatic.com https://cdnjs.cloudflare.com https://funnel.io https://lf16-tiktok-web.tiktokcdn-us.com https://sf16-website-login.neutral.ttwstatic.com https://googletagmanager.com https://tagmanager.google.com; style-src-attr 'unsafe-inline'; connect-src 'self' https://*.funnel.io https://funnel.io https://*.sentry.io https://*.convertexperiments.com/ https://*.hsforms.com https://*.hubapi.com https://*.hubspot.com https://*.fullstory.com https://api.claydar.com https://collector.funnel.io https://idm-api.access.us.funnel.io https://resolver.confidence.dev https://googletagmanager.com https://*.googletagmanager.com https://www.googleadservices.com https://www.google.com https://wdhengbze2.execute-api.eu-west-1.amazonaws.com https://vnhkzlu3i8.execute-api.eu-west-1.amazonaws.com https://js.hsforms.net/ https://tr.snapchat.com https://tr6.snapchat.com https://bat.bing.com https://ct.pinterest.com https://pixel-config.reddit.com https://px.ads.linkedin.com https://www.facebook.com https://connect.facebook.net https://*.tiktok.com https://analytics-ipv6.tiktokw.us https://*.byteoversea.com https://js.hs-banner.com https://*.google-analytics.com https://*.analytics.google.com https://*.g.doubleclick.net https://pagead2.googlesyndication.com https://google.com https://web-script.api.sayprimer.com https://api.fullcontact.com https://*.liadm.com https://tr.capterra.com https://hubspot-forms-static-embed.s3.amazonaws.com https://vimeo.com; img-src 'self' data: https:; frame-src 'self' https://collector.funnel.io https://*.hubspot.com https://*.hubspot.net https://*.hubspotvideo.com https://*.hsforms.com https://*.googletagmanager.com https://safeframe.googlesyndication.com https://www.youtube.com https://www.instagram.com https://ct.pinterest.com https://tr.snapchat.com https://www.facebook.com https://www.tiktok.com https://vimeo.com https://player.vimeo.com https://platform.twitter.com https://www.linkedin.com https://funnel.storylane.io https://www.google.com https://open.spotify.com https://app.convert.com https://*.clients6.google.com https://*.liadm.com; font-src 'self' data: https://fonts.gstatic.com https://*.funnel.io https://funnel.io https://*.hubspotusercontent-na1.net https://static.hsappstatic.net; media-src 'self' data: https://funnel.io; base-uri 'self'; report-to csp-endpoint