Content-Security-Policy: upgrade-insecure-requests

Content-Security-Policy-Report-Only: default-src 'self'; script-src 'report-sample' 'self' https://feedback.hubapi.com https://*.hsforms.com https://*.hscollectedforms.net https://*.helloglobo.com https://*.hubspot.net https://*.hubspotusercontent00.net https://*.hubspotusercontent10.net https://*.hubspotusercontent20.net https://*.hubspotusercontent30.net https://*.hubspotusercontent40.net https://*.hubspot.com https://js.hscta.net https://cdn.ampproject.org https://cdnjs.cloudflare.com https://connect.facebook.net https://*.adroll.com https://googleads.g.doubleclick.net https://ipv4.d.adroll.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.hs-banner.com https://*.hsadspixel.net https://*.hsforms.net https://*.hsleadflows.net https://*.hubspotfeedback.com https://*.usemessages.com https://lex.33across.com https://paperform.co/__embed https://*.linkedin.com https://*.twitter.com https://*.adroll.com https://snap.licdn.com https://snap.licdn.com https://static.hsappstatic.net https://*.google-analytics.com https://*.googletagmanager.com 'strict-dynamic' 'nonce-zQQ7WvF+STFTxO7KVrq62A=='; style-src 'report-sample' 'self' https://*.helloglobo.com https://*.hubspotusercontent00.net https://*.hubspotusercontent10.net https://*.hubspotusercontent20.net https://*.hubspotusercontent30.net https://*.hubspotusercontent40.net https://cdn2.hubspot.net https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hsappstatic.net; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.hscollectedforms.net https://*.hs-banner.com https://*.hubspot.com https://js.hscta.net http://localhost:1442 https://adservice.google.com https://*.hubapi.com https://cdn.ampproject.org https://cdn.linkedin.oribi.io https://exceptions.hs-embed-reporting.com https://forms.hsforms.com https://pagead2.googlesyndication.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com https://www.google-analytics.com https://www.google.com; font-src 'self' https://cdnjs.cloudflare.com https://fonts.gstatic.com https://static.hsappstatic.net; frame-src 'self' https://*.hsforms.net https://*.helloglobo.com https://*.hubspot.net https://*.hs-sites.com https://*.hubspot.com https://*.paperform.co https://*.hsforms.com https://*.twitter.com https://play.hubspotvideo.com https://*.doubleclick.net https://www.facebook.com https://www.youtube.com https://xbbtntnz.paperform.co; img-src 'self' https://*.hsforms.net https://cdn2.hubspot.net https://*.hubspot.net https://*.hubspotusercontent00.net https://*.hubspotusercontent10.net https://*.hubspotusercontent20.net https://*.hubspotusercontent30.net https://*.hubspotusercontent40.net https://*.hubspot.com https://js.hscta.net https://437614.fs1.hubspotusercontent-na1.net https://api-na1.hubapi.com https://*.adroll.com https://dsum-sec.casalemedia.com https://eb2.3lift.com https://exceptions.hs-embed-reporting.com https://*.hsforms.com https://googleads.g.doubleclick.net https://ib.adnxs.com https://idsync.rlcdn.com https://image2.pubmatic.com https://ipv4.d.adroll.com https://no-cache.hubspot.com https://pixel.rubiconproject.com https://px.ads.linkedin.com https://s.amazon-adsystem.com https://static.hsappstatic.net https://sync.outbrain.com https://sync.taboola.com https://ups.analytics.yahoo.com https://us-u.openx.net https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.co.ke https://www.google.co.ve https://www.google.com https://www.google.com.ar https://www.google.com.au https://www.google.com.do https://www.google.com.eg https://www.google.com.et https://www.google.com.kh https://www.google.com.pa https://www.google.com.pk https://www.google.de https://www.google.hn https://www.googletagmanager.com https://x.bidswitch.net; manifest-src 'self'; media-src 'self'; report-uri https://globo.report-uri.com/r/d/csp/reportOnly; worker-src 'none'