Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-N2U5YWZmZjItYWE0Mi00MGIzLTg3OTktOTY5NGY1NDhlYTNh' 'strict-dynamic' 'wasm-unsafe-eval' https://cdn.grok.com https://*.googleapis.com https://*.google.com https://*.withgoogle.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleadservices.com https://*.googlesyndication.com https://*.doubleclick.net https://*.cloudflareinsights.com https://unpkg.com/@googleworkspace/drive-picker-element@0/dist/index.iife.min.js https://*.reddit.com https://embed.reddit.com/widgets.js https://*.twitter.com https://*.x.com https://analytics.tiktok.com https://sgtm-prod-985009374134.us-central1.run.app https://cdn.cookielaw.org https://cookie-cdn.cookiepro.com https://geolocation.onetrust.com https://privacyportal.onetrust.com https://*.paypal.com https://*.paypalobjects.com https://*.braintreegateway.com; worker-src 'self' blob: https://cdn.grok.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://cdn.grok.com; img-src 'self' blob: data: https: https://assets.grok.com https://assets.grokusercontent.com; media-src 'self' blob: https://assets.grok.com https://assets.grokusercontent.com https://*.googleapis.com https://*.x.ai wss://*.x.ai https://*.twimg.com https://cdn.grok.com; font-src 'self' https://use.typekit.net https://fonts.gstatic.com https://cdn.grok.com; frame-src 'self' blob: data: com.grokapp: intent: https://assets.grok.com https://assets.grokusercontent.com https://www.archives.gov https://arxiv.org https://*.js.stripe.com https://*.stripe.com https://artifacts.grokusercontent.com https://*.googleapis.com https://*.google.com https://*.withgoogle.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleadservices.com https://*.googlesyndication.com https://*.doubleclick.net https://*.youtube.com https://*.microsoftonline.com https://*.live.com https://*.microsoft.com https://*.onedrive.com https://challenges.cloudflare.com https://*.reddit.com https://groktpcontent.com https://data.x.ai https://*.twitter.com https://*.x.com https://*.paypal.com https://*.paypalobjects.com https://*.braintreegateway.com https://cdn.cookielaw.org https://cookie-cdn.cookiepro.com https://geolocation.onetrust.com https://privacyportal.onetrust.com; object-src 'none'; base-uri 'none'; form-action 'self' https://*.microsoftonline.com https://*.live.com https://*.microsoft.com https://*.onedrive.com; frame-ancestors https://x.com https://starfleet.teachx.ai; block-all-mixed-content; connect-src 'self' data: https://cdn.grok.com https://*.x.ai wss://*.x.ai https://*.twimg.com https://*.grok.com wss://*.grok.com https://*.grok-sandbox.com wss://*.grok-sandbox.com ws://localhost:* ws://127.0.0.1:* https://assets.grok.com https://assets.grokusercontent.com wss://code.grok.com/ws/code-client https://*.js.stripe.com https://*.stripe.com https://featureassets.org https://*.googleapis.com https://*.google.com https://*.withgoogle.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleadservices.com https://*.googlesyndication.com https://*.doubleclick.net https://*.microsoftonline.com https://*.live.com https://*.microsoft.com https://*.onedrive.com https://*.mixpanel.com https://*.twitter.com https://*.x.com https://analytics.tiktok.com https://sgtm-prod-985009374134.us-central1.run.app https://cdn.cookielaw.org https://cookie-cdn.cookiepro.com https://geolocation.onetrust.com https://privacyportal.onetrust.com https://*.paypal.com https://*.braintreegateway.com https://*.braintree-api.com; upgrade-insecure-requests;