Open
Cached
·
just now
6
directives
Content-Security-Policy
Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline' https://*.smassets.net https://www.google.com https://www.gstatic.com https://www.recaptcha.net wss://*.hotjar.com wss://*.qualified.com https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com; upgrade-insecure-requests; connect-src https: wss: https://rum-ingest.us1.signalfx.com/ https://api.schedule.zoominfo.com https://ws.zoominfo.com 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://js.zi-scripts.com https://schedule.zoominfo.com https://ws-assets.zoominfo.com https://www.googletagmanager.com 'self'; worker-src https: blob: 'self'; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com https://*.cloud.microsoft
default-src
Scheme
—
https:
default-src
Scheme
—
data:
default-src
Keyword
—
'unsafe-eval'
default-src
Keyword
—
'unsafe-inline'
default-src
Host
—
upgrade-insecure-requests
Source
—
(no sources)
connect-src
Scheme
—
https:
connect-src
Scheme
—
wss:
connect-src
Keyword
—
'self'
script-src
Scheme
—
https:
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'self'
worker-src
Scheme
—
https:
worker-src
Scheme
—
blob:
worker-src
Keyword
—
'self'
frame-ancestors
Keyword
—
'self'
Content-Security-Policy-Report-Only
No report-only CSP headers found.