Content-Security-Policy Analysis for https://content.cerifi.com

Open Cached · just now

13 directives

Content-Security-Policy

Content-Security-Policy: script-src 'self' https: cerifi.widen.net d1tnz2kubv5f2a.cloudfront.net authorapi.learnosity.com cdn.pendo.io 'sha256-6zeFAXp+LMypfHuppNt+DvJIuDyYi7mGS/WirHRWYds=';frame-src 'self' https: cerifi.widen.net d1tnz2kubv5f2a.cloudfront.net authorapi.learnosity.com cerifi.widencollective.com localhost;connect-src 'self' https: d1tnz2kubv5f2a.cloudfront.net authorapi.learnosity.com cerifi.widencollective.com;img-src 'self' data: blob: cerifi.widen.net d1tnz2kubv5f2a.cloudfront.net authorapi.learnosity.com assets.learnosity.com smart.passperfect.com www.smart7.com cerifi.widencollective.com questioneditor.learnosity.com data.pendo.io;media-src 'self' data: blob: cerifi.widen.net d1tnz2kubv5f2a.cloudfront.net authorapi.learnosity.com assets.learnosity.com cerifi.widencollective.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

script-src Keyword —

'self'

script-src Scheme —

https:

script-src Host —

cerifi.widen.net

script-src Host

AWS CloudFront

d1tnz2kubv5f2a.cloudfront.net

script-src Host —

authorapi.learnosity.com

script-src Host

Pendo

cdn.pendo.io

ASN | Google Cloud

script-src Hash —

'sha256-6zeFAXp+LMypfHuppNt+DvJIuDyYi7mGS/WirHRWYds='

frame-src Keyword —

'self'

frame-src Scheme —

https:

frame-src Host —

cerifi.widen.net

frame-src Host

AWS CloudFront

d1tnz2kubv5f2a.cloudfront.net

frame-src Host —

authorapi.learnosity.com

frame-src Host —

cerifi.widencollective.com

frame-src Host —

localhost

connect-src Keyword —

'self'

connect-src Scheme —

https:

connect-src Host

AWS CloudFront

d1tnz2kubv5f2a.cloudfront.net

connect-src Host —

authorapi.learnosity.com

connect-src Host —

cerifi.widencollective.com

img-src Keyword —

'self'

img-src Scheme —

data:

img-src Scheme —

blob:

img-src Host —

cerifi.widen.net

img-src Host

AWS CloudFront

d1tnz2kubv5f2a.cloudfront.net

img-src Host —

authorapi.learnosity.com

img-src Host —

assets.learnosity.com

img-src Host —

smart.passperfect.com

img-src Host —

www.smart7.com

img-src Host —

cerifi.widencollective.com

img-src Host —

questioneditor.learnosity.com

img-src Host

Pendo

data.pendo.io

ASN | Google Cloud

media-src Keyword —

'self'

media-src Scheme —

data:

media-src Scheme —

blob:

media-src Host —

cerifi.widen.net

media-src Host

AWS CloudFront

d1tnz2kubv5f2a.cloudfront.net

media-src Host —

authorapi.learnosity.com

media-src Host —

assets.learnosity.com

media-src Host —

cerifi.widencollective.com

default-src Keyword —

'self'

base-uri Keyword —

'self'

font-src Keyword —

'self'

font-src Scheme —

https:

font-src Scheme —

data:

form-action Keyword —

'self'

frame-ancestors Keyword —

'self'

object-src Keyword —

'none'

script-src-attr Keyword —

'none'

style-src Keyword —

'self'

style-src Scheme —

https:

style-src Keyword —

'unsafe-inline'

Content-Security-Policy-Report-Only

No report-only CSP headers found.