Open
Cached
·
just now
10
directives
Content-Security-Policy
Content-Security-Policy: default-src * blob: data:; script-src 'report-sample' https://accounts.google.com/gsi/client https://googleads.g.doubleclick.net/pagead/viewthroughconversion/ https://www.google-analytics.com/analytics.js https://www.google.com/recaptcha/api.js https://www.googletagmanager.com https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js https://www.gstatic.com/marketing-cms/reviewed-scripts/ https://www.gstatic.com/recaptcha/releases/; object-src 'none'; style-src 'unsafe-inline' *; report-uri https://csp.withgoogle.com/csp/corp-marketing-cms-team; base-uri 'self', script-src 'nonce-vj3KfhJL3B5_rzJuxulauw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/cameyo_google; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/cameyo_google
default-src
Host
—
*
default-src
Scheme
—
blob:
default-src
Scheme
—
data:
script-src
Keyword
—
'report-sample'
object-src
Keyword
—
'none'
style-src
Keyword
—
'unsafe-inline'
style-src
Host
—
*
base-uri
Host
—
base-uri
Host
—
base-uri
Nonce
—
'nonce-vj3KfhJL3B5_rzJuxulauw'
base-uri
Keyword
—
'report-sample'
base-uri
Keyword
—
'strict-dynamic'
base-uri
Keyword
—
'unsafe-eval'
base-uri
Keyword
—
'unsafe-inline'
base-uri
Scheme
—
http:
base-uri
Scheme
—
https:
object-src
Keyword
—
'none'
base-uri
Host
—
base-uri
Host
—
base-uri
Keyword
—
'script'
Content-Security-Policy-Report-Only
No report-only CSP headers found.