Content-Security-Policy-Report-Only: default-src 'self'; frame-src 'self' https://replicate-search-prototype-production.replicate.workers.dev https://www.googletagmanager.com; worker-src https://static.replicateassets.com; connect-src 'self' https://api.replicate.com https://stream.replicate.com https://replicate.delivery https://*.replicate.delivery https://api.us.svix.com https://*.sentry.io https://*.usepylon.com https://*.posthog.com https://pylon-avatars.s3.us-west-1.amazonaws.com https://d3vl36l12sfx26.cloudfront.net https://og.replicateassets.com https://static.replicateassets.com https://*.pusher.com https://www.googletagmanager.com https://*.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://www.replicatestatus.com https://replicate-search-prototype-production.replicate.workers.dev https://replicate-search.replicate-search.workers.dev; font-src 'self' data: https://*.usepylon.com https://*.posthog.com https://pylon-avatars.s3.us-west-1.amazonaws.com https://d31rfu1d3w8e4q.cloudfront.net https://d3vl36l12sfx26.cloudfront.net https://fonts.replicateassets.com https://*.pusher.com https://fonts.gstatic.com https://replicate-search-prototype-production.replicate.workers.dev; img-src 'self' blob: data: https://replicate.delivery https://*.replicate.delivery https://og.replicateassets.com https://static.replicateassets.com https://d31rfu1d3w8e4q.cloudfront.net https://d3vl36l12sfx26.cloudfront.net https://*.githubusercontent.com https://github.com https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://*.google-analytics.com https://*.googletagmanager.com https://replicate-search-prototype-production.replicate.workers.dev https://replicateassets.com/cdn-cgi/image/; media-src 'self' https://replicate.delivery https://*.replicate.delivery https://static.replicateassets.com https://d31rfu1d3w8e4q.cloudfront.net https://d3vl36l12sfx26.cloudfront.net https://*.sentry.io https://replicate-search-prototype-production.replicate.workers.dev https://replicateassets.com/cdn-cgi/media/; script-src 'report-sample' 'self' 'nonce-NzBlZDVlODMtM2ZiNC00ZTZmLTk0ZDQtZWVmZTRjYWU1ZjBh' https://*.usepylon.com https://*.posthog.com https://pylon-avatars.s3.us-west-1.amazonaws.com https://d31rfu1d3w8e4q.cloudfront.net https://d3vl36l12sfx26.cloudfront.net https://static.replicateassets.com https://*.pusher.com https://www.googletagmanager.com https://tagmanager.google.com https://*.googletagmanager.com https://replicate-search-prototype-production.replicate.workers.dev https://challenges.cloudflare.com; style-src 'self' https://*.usepylon.com https://*.posthog.com https://pylon-avatars.s3.us-west-1.amazonaws.com https://d31rfu1d3w8e4q.cloudfront.net https://d3vl36l12sfx26.cloudfront.net https://static.replicateassets.com https://*.pusher.com https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://replicate-search-prototype-production.replicate.workers.dev; frame-ancestors 'self'; report-to csp-endpoint;