Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://r.stripe.com https://js.stripe.com https://*.js.stripe.com https://connect-js.stripe.com https://www.googletagmanager.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://connect.facebook.net https://iframely.net https://*.iframely.net https://iframe.ly https://*.iframe.ly https://cdn.iframe.ly https://maps.googleapis.com https://storage.googleapis.com https://*.storage.googleapis.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://*.mux.com https://*.litix.io https://snippet.meticulous.ai https://browser.sentry-cdn.com https://cdn.refersion.com https://www.gstatic.com https://*.gstatic.com https://cdnjs.cloudflare.com https://js.hs-scripts.com https://js.userflow.com https://*.userflow.com https://cdn.jwplayer.com https://js.hs-banner.com https://js.hs-analytics.net https://js.usemessages.com https://js.hsadspixel.net https://api.hubspot.com https://static.hsappstatic.net static.cloudflareinsights.com https://cdn.pendo.io https://*.pendo.io https://*.hyros.com https://*.hyr.so https://tiktokw.us https://*.tiktokw.us https://*.tiktok.com https://*.doubleclick.net; connect-src 'self' https://r.stripe.com https://api.stripe.com https://connect-js.stripe.com https://maps.googleapis.com https://places.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://*.googletagmanager.com https://connect.facebook.net https://www.facebook.com https://iframely.net https://*.iframely.net https://iframe.ly https://*.iframe.ly https://storage.googleapis.com https://*.storage.googleapis.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://*.intercom-messenger.com wss://*.intercom-messenger.com https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://*.ingest.sentry.io https://*.sentry.io https://*.mux.com https://*.litix.io https://cognito-identity.us-west-2.amazonaws.com https://user-events-v3.s3-accelerate.amazonaws.com https://browser.sentry-cdn.com https://*.refersion.com https://*.amazonaws.com https://www.google.com https://*.google.com https://*.userflow.com https://cdn.jwplayer.com https://*.jwpsrv.com https://player.vimeo.com https://*.vimeo.com https://*.vimeocdn.com https://api.hubspot.com https://static.hsappstatic.net https://api.hubapi.com https://app.pendo.io https://*.pendo.io https://*.hyros.com https://*.hyr.so https://tiktokw.us https://*.tiktokw.us https://*.tiktok.com https://*.doubleclick.net; frame-src 'self' https://r.stripe.com https://*.js.stripe.com https://js.stripe.com https://connect-js.stripe.com https://hooks.stripe.com https://www.googletagmanager.com https://iframely.net https://*.iframely.net https://iframe.ly https://*.iframe.ly https://intercom-sheets.com https://www.intercom-reporting.com https://*.mux.com https://*.litix.io https://www.youtube.com https://youtube.com https://www.youtube-nocookie.com https://player.vimeo.com https://vimeo.com https://embed.vidbeo.com https://fast.wistia.net https://snippet.meticulous.ai https://www.exercise.com https://app.pendo.io https://tiktokw.us https://*.tiktokw.us https://*.tiktok.com https://*.doubleclick.net https://*.amazonaws.com/weighttraining.com/ https://*.amazonaws.com/weighttrainingdev/ https://weighttraining.com.s3.amazonaws.com https://weighttrainingdev.s3.amazonaws.com https://weighttraining.com.s3.us-east-1.amazonaws.com https://weighttrainingdev.s3.us-east-1.amazonaws.com; img-src 'self' data: blob: https://*; worker-src 'self' blob: