Content-Security-Policy: connect-src 'self' https://storage.googleapis.com www.google-analytics.com https://o22822.ingest.sentry.io https://analytics.google.com https://*.helpfeel.com https://helpfeel.com wss://*.intercom.io https://*.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://cf.channel.io https://api.channel.io wss://ws.channel.io https://bs.nakanohito.jp http://cs.nakanohito.jp https://collect.ptengine.jp https://*.force.com https://stats.g.doubleclick.net https://mirror2.karte.io wss://mirror-socket2.karte.io https://forms.hubspot.com *.karte.io https://ekr.zdassets.com https://static.zdassets.com https://okage.zendesk.com;default-src 'self';font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://c1.sfdcstatic.com https://fonts.googleapis.com;form-action 'self' *;frame-src 'self' www.google.com www.youtube.com player.vimeo.com players.brightcove.net https://helpfeel.com https://pdfjs.helpfeel.com faq.sonysonpo.co.jp https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://fast.wistia.net https://platform.twitter.com https://social-plugins.line.me https://connect.facebook.net https://www.facebook.com https://bid.g.doubleclick.net https://service.force.com *.karte.io;img-src * data: blob:;media-src *;script-src 'self' www.google-analytics.com www.google.com www.gstatic.com maps.googleapis.com https://storage.googleapis.com/helpfeel-custom-projects/ https://custom-assets.helpfeel.com/ browser.sentry-cdn.com www.googletagmanager.com https://analytics.google.com https://helpfeel.com 'unsafe-inline' 'unsafe-inline' *.karte.io 'unsafe-eval' https://*.intercom.io https://js.intercomcdn.com https://platform.twitter.com https://d.line-scdn.net https://connect.facebook.net cdn.channel.io https://www.youtube.com https://s.ytimg.com http://www.googleadservices.com https://googleads.g.doubleclick.net http://connect.facebook.net http://s.yimg.jp http://cs.nakanohito.jp http://js.ptengine.jp https://b97.yahoo.co.jp https://static.ads-twitter.com https://analytics.twitter.com https://*.salesforceliveagent.com https://*.my.salesforce.com https://static.lightning.force.com https://*.force.com https://cache.dga.jp https://www.iyobank.co.jp https://i39.dga.jp http://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hs-analytics.net https://js.hscollectedforms.net b92.yahoo.co.jp *.sync.usonar.jp mk.desknets.com mk.chatluck.com pi.pardot.com https://static.zdassets.com https://info.stanby.com/;style-src 'self' 'unsafe-inline' https://storage.googleapis.com/helpfeel-custom-projects/ https://custom-assets.helpfeel.com/ https://fonts.googleapis.com https://*.force.com https://cache.dga.jp *.karte.io;worker-src 'self'