Content-Security-Policy: default-src 'none'; connect-src 'self' *.enable.com *.typekit.net *.hubspot.com *.google-analytics.com *.mktoresp.com *.mktoutil.com https://rs.fullstory.com https://www.facebook.com/tr/ https://stats.g.doubleclick.net/ *.salesloft.com https://api-widget.prodpad.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://bat.bing.com https://api.lever.co https://*.clarity.ms https://secure.adnxs.com https://*.6sc.co; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.enable.com use.typekit.net *.enable.com p.typekit.net https://munchkin.marketo.net/ www.google-analytics.com *.googletagmanager.com ssl.google-analytics.com *.twitter.com *.ads-twitter.com *.bing.com *.hs-growth-metrics.com *.hubspot.com js.hs-scripts.com *.usemessages.com *.hs-analytics.net maps.google.com maps.googleapis.com maps.googleapis.com https://edge.fullstory.com https://www.fullstory.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ https://tpc.googlesyndication.com/ https://connect.facebook.net/ *.hsleadflows.net *.licdn.com *.linkedin.com *.hs-banner.com https://widget.prodpad.com *.salesloft.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://g.microsoft.com https://www.google.com https://rs.fullstory.com https://andreasmb.github.io https://*.clarity.ms https://*.6sc.co; style-src 'self' 'unsafe-inline' *.enable.com p.typekit.net use.typekit.net fonts.googleapis.com https://andreasmb.github.io; font-src 'self' blob: data: use.typekit.net fonts.typekit.net fonts.gstatic.com https://js.intercomcdn.com; img-src 'self' blob: data: *.enable.com enable.com www.google-analytics.com ssl.google-analytics.com p.typekit.net maps.gstatic.com *.hubspot.com csi.gstatic.com *.google.co.uk *.google.com *.googletagmanager.com *.doubleclick.net maps.googleapis.com maps.googleapis.com maps.google.com *.bing.com *.twitter.com *.ads-twitter.com t.co *.hubspot.net *.deal-track.com https://googleads.g.doubleclick.net/ *.linkedin.com https://www.facebook.com/  https://p.adsymptotic.com *.ytimg.com *.hubspotusercontent20.net https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://stagenable.wpengine.com https://www.googleadservices.com https://*.privacysandbox.googleadservices.com https://*.clarity.ms https://*.6sc.co; child-src https://www.facebook.com/ https://staticxx.facebook.com/ https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; frame-src www.facebook.com www.youtube.com *.googlesyndication.com https://app.hubspot.com/ https://go.enable.com/ https://portal.productboard.com/; media-src *.hubspot.net https://js.intercomcdn.com; form-action 'self' https://intercom.help https://api-iam.intercom.io;