Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://r.bing.com https://*.ssl.ak.dynamic.tiles.virtualearth.net https://accounts.google.com https://content.pendo.sharpcloud.com https://www.bing.com https://www.youtube.com https://data.pendo.sharpcloud.com https://cdnjs.cloudflare.com/ajax/libs/toastr.js https://dev.virtualearth.net;style-src 'self' 'unsafe-inline' https://r.bing.com https://accounts.google.com https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css https://www.bing.com https://fonts.googleapis.com;font-src 'self' data: https://atlas.microsoft.com https://fonts.gstatic.com;frame-ancestors 'self' ;worker-src 'self' blob:;report-uri /csp/cspreport