Open
Cached
·
just now
12
directives
Content-Security-Policy
No enforced CSP headers found.
Content-Security-Policy-Report-Only
Content-Security-Policy-Report-Only: script-src 'unsafe-eval' http://js1.chargebeestatic.com/static/app-static-assets/app/51.5.4_v1/ http://js1.chargebeestatic.com/static/app-static-assets/core/core-3.0.23/ http://js1.chargebeestatic.com/static/app-static-assets/theme/theme-1.0.0/ http://js1.chargebeestatic.com/static/app-static-assets/tp/tp-3.0.1/ http://fast.wistia.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://static.intercomcdn.com https://www.google-analytics.com https://d190vb4jo83j4z.cloudfront.net https://d70osjg6p82s2.cloudfront.net https://d2yyd1h5u9mauk.cloudfront.net https://static.asknice.ly/ https://widget.freshworks.com/ https://wchat.freshchat.com/ https://api.mixpanel.com https://js.driftt.com/ https://cdn.pendo.io/ https://data.pendo.io/ https://www.google.com/recaptcha/ https://*.fullstory.com https://fullstory.com/s/ https://*.qualtrics.com https://*.visualwebsiteoptimizer.com https://app.vwo.com/ https://accounts.google.com/gsi/client/ https://js.trainn.co/ https://cdn.ai.devcb.in https://cdn.ai.chargebee.com https://chargebee.freshchat.com https://www.chargebee.com/help/app/ http://js1.chargebeestatic.com/static/app-static-assets/cb-ui/ui-prod-v82/ http://js1.chargebeestatic.com/static/app-static-assets/cb-vue/cb-vue-254/ http://js1.chargebeestatic.com/static/app-static-assets/hp-ui/hp-ui-app-5.2.8/ http://js1.chargebeestatic.com/static/app-static-assets/hp/hp-9.4.1/ 'nonce-G72TdxTvq1/SzKm9AjnLhuL0T0g='; style-src 'unsafe-inline' http://css1.chargebeestatic.com/static/app-static-assets/app/51.5.4_v1/ http://css1.chargebeestatic.com/static/app-static-assets/core/core-3.0.23/ http://css1.chargebeestatic.com/static/app-static-assets/theme/theme-1.0.0/ http://css1.chargebeestatic.com/static/app-static-assets/tp/tp-3.0.1/ http://fast.wistia.net https://fonts.googleapis.com https://widget.freshworks.com/ https://wchat.freshchat.com/ https://js.driftt.com/ https://cdn.pendo.io/ https://*.visualwebsiteoptimizer.com https://app.vwo.com/ https://accounts.google.com/gsi/style/ http://themes.chargebee.com/static/ https://d1h1clvcju65jp.cloudfront.net https://d3hgg72alrcti0.cloudfront.net http://js1.chargebeestatic.com/static/app-static-assets/cb-ui/ui-prod-v82/ http://css1.chargebeestatic.com/static/app-static-assets/cb-vue/cb-vue-254/ http://css1.chargebeestatic.com/static/app-static-assets/hp-ui/hp-ui-app-5.2.8/ http://css1.chargebeestatic.com/static/app-static-assets/hp/hp-9.4.1/; img-src 'self' http://css1.chargebeestatic.com/static/app-static-assets/app/51.5.4_v1/ http://css1.chargebeestatic.com/static/app-static-assets/core/core-3.0.23/ http://css1.chargebeestatic.com/static/app-static-assets/theme/theme-1.0.0/ http://css1.chargebeestatic.com/static/app-static-assets/tp/tp-3.0.1/ http://js1.chargebeestatic.com/static/app-static-assets/tp/tp-3.0.1/ https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://www.google-analytics.com https://d190vb4jo83j4z.cloudfront.net https://d70osjg6p82s2.cloudfront.net https://cdn.pendo.io/ https://data.pendo.io/ https://*.qualtrics.com https://*.visualwebsiteoptimizer.com https://app.vwo.com/ https://chart.googleapis.com/ https://wingify-assets.s3.amazonaws.com/ https://zxing.org/ http://themes.chargebee.com/static/ https://d1h1clvcju65jp.cloudfront.net https://d3hgg72alrcti0.cloudfront.net https://cb-invoice-logos-prod.s3.us-east-1.amazonaws.com data: https://*.googleusercontent.com http://js1.chargebeestatic.com/static/app-static-assets/cb-ui/ui-prod-v82/ http://css1.chargebeestatic.com/static/app-static-assets/cb-vue/cb-vue-254/ http://css1.chargebeestatic.com/static/app-static-assets/hp-ui/hp-ui-app-5.2.8/ http://css1.chargebeestatic.com/static/app-static-assets/hp/hp-9.4.1/ https://cbcustomersuccess.asknice.ly; font-src 'self' http://css1.chargebeestatic.com/static/app-static-assets/app/51.5.4_v1/ http://css1.chargebeestatic.com/static/app-static-assets/core/core-3.0.23/ http://css1.chargebeestatic.com/static/app-static-assets/theme/theme-1.0.0/ http://css1.chargebeestatic.com/static/app-static-assets/tp/tp-3.0.1/ https://js.intercomcdn.com https://fonts.gstatic.com data: http://js1.chargebeestatic.com/static/app-static-assets/cb-ui/ui-prod-v82/ http://css1.chargebeestatic.com/static/app-static-assets/cb-vue/cb-vue-254/ http://css1.chargebeestatic.com/static/app-static-assets/hp-ui/hp-ui-app-5.2.8/ http://css1.chargebeestatic.com/static/app-static-assets/hp/hp-9.4.1/; object-src 'none'; base-uri 'none'; frame-ancestors 'self' http://*.chargebee.com; connect-src 'self' https://widget.freshworks.com/ https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://web.delighted.com https://static.asknice.ly/ https://api.mixpanel.com https://data.pendo.io/ https://*.fullstory.com https://*.qualtrics.com https://*.visualwebsiteoptimizer.com https://app.vwo.com/ https://accounts.google.com/gsi/ https://js.trainn.co/ https://*.portal.trainn.co https://cbcustomersuccess.asknice.ly; frame-src 'self' https://accounts.google.com http://fast.wistia.com https://widget.freshworks.com/ https://wchat.freshchat.com/ https://chargebee.webpush.freshchat.com/ https://www.google.com/recaptcha/ https://js.driftt.com/ https://*.visualwebsiteoptimizer.com https://app.vwo.com/ https://accounts.google.com/gsi/ https://*.portal.trainn.co https://*.copilot.chargebee.com https://app.chargebee.com https://copilot.chargebee.com https://ai.chargebee.com https://*.ai.chargebee.com https://*.copilot.eu.chargebee.com https://app.eu.chargebee.com https://copilot.eu.chargebee.com https://ai.eu.chargebee.com https://*.ai.eu.chargebee.com https://*.copilot.au.chargebee.com https://app.au.chargebee.com https://copilot.au.chargebee.com https://ai.au.chargebee.com https://*.ai.au.chargebee.com https://chargebee.freshchat.com https://cb-data-export-prod.s3.us-east-1.amazonaws.com http://*.chargebee.com https://cbcustomersuccess.asknice.ly https://share.intercom.io https://www.youtube.com https://player.vimeo.com http://fast.wistia.net; child-src https://share.intercom.io https://www.youtube.com https://player.vimeo.com http://fast.wistia.net 'self' https://accounts.google.com http://fast.wistia.com https://widget.freshworks.com/ https://wchat.freshchat.com/ https://chargebee.webpush.freshchat.com/ https://www.google.com/recaptcha/ https://js.driftt.com/ https://*.visualwebsiteoptimizer.com https://app.vwo.com/ https://accounts.google.com/gsi/ https://*.portal.trainn.co https://*.copilot.chargebee.com https://app.chargebee.com https://copilot.chargebee.com https://ai.chargebee.com https://*.ai.chargebee.com https://*.copilot.eu.chargebee.com https://app.eu.chargebee.com https://copilot.eu.chargebee.com https://ai.eu.chargebee.com https://*.ai.eu.chargebee.com https://*.copilot.au.chargebee.com https://app.au.chargebee.com https://copilot.au.chargebee.com https://ai.au.chargebee.com https://*.ai.au.chargebee.com https://chargebee.freshchat.com https://cb-data-export-prod.s3.us-east-1.amazonaws.com http://*.chargebee.com https://cbcustomersuccess.asknice.ly; media-src https://js.intercomcdn.com; report-uri https://sentry.io/api/1357639/security/?sentry_key=33fa3d38332c426c82c8d522ff9d017a
script-src
Keyword
—
'unsafe-eval'
script-src
Nonce
—
'nonce-G72TdxTvq1/SzKm9AjnLhuL0T0g='
style-src
Keyword
—
'unsafe-inline'
img-src
Keyword
—
'self'
img-src
Scheme
—
data:
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
object-src
Keyword
—
'none'
base-uri
Keyword
—
'none'
frame-ancestors
Keyword
—
'self'
connect-src
Keyword
—
'self'
frame-src
Keyword
—
'self'
child-src
Keyword
—
'self'
