Reporting-Endpoints: csp-endpoint="/reporting/resources/report.py?reportID=320db941-960a-4529-8c4a-24aeb6739309" Content-Security-Policy: script-src 'self' 'unsafe-inline'; img-src 'none'; report-to csp-endpoint