Content-Security-Policy: default-src 'self'; base-uri 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.cookielaw.org cdnjs.cloudflare.com *.adform.net *.adoberesources.net *.brightcove.net *.cisco.com *.cloudfront.net *.crazyegg.com *.devnetcloud.com *.fullstory.com *.go-mpulse.net *.googleapis.com *.googletagmanager.com *.gstatic.com *.google.com *.google-analytics.com *.jsdelivr.net *.marketo.com *.marketo.net *.mktoweb.com *.redditstatic.com *.tiqcdn.com *.youtube.com *.bootstrapcdn.com zeptojs.com googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.bootstrapcdn.com *.cisco.com *.devnetcloud.com *.marketo.com *.s4d.io *.googleapis.com; img-src 'self' data: https:; font-src 'self' data: *.cisco.com *.cloudflare.com *.devnetcloud.com *.s4d.io *.gstatic.com *.googleapis.com; connect-src 'self' *.mktoresp.com cdn.cookielaw.org *.google-analytics.com *.googletagmanager.com *.cisco.com *.meraki.com *.ciscospark.com *.demdex.net *.devnetcloud.com wss://*.devnetcloud.com *.doubleclick.net *.fullstory.com *.go-mpulse.net *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com *.marketo.com *.webex.com *.cloudflare.com *.bootstrapcdn.com d284bhzo6zkm22.cloudfront.net d3rt9pnq9219aa.cloudfront.net *.onetrust.com *.reddit.com *.githubusercontent.com; media-src 'self' https:; frame-src asciinema.org *.iframe.ly *.cloudfront.net *.adform.net katakoda.com *.doubleclick.net www.brighttalk.com *.google.com *.youtube.com youtube.com *.brightcove.net *.cisco.com *.demdex.net *.devnetcloud.com *.mktoweb.com *.twitter.com www.youtube-nocookie.com; frame-ancestors *.cisco.com *.devnetcloud.com; worker-src 'self' blob:; block-all-mixed-content; report-to default