Open
Cached
·
just now
6
directives
Content-Security-Policy
Content-Security-Policy: default-src * data: blob:;script-src *.on24.com *.cloudfront.net *.walkme.com *.facebook.net *.facebook.com *.pendo.io *.storage.googleapis.com *.totango.com *.zopim.com *.zopim.io *.zdassets.com *.driftt.com *.driftcdn.com *.sharethis.com *.stream-io-api.com wccanalyticsqa.azurewebsites.net https://*.zendesk.com wss://*.zendesk.com 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src wss://*.on24.com https://telemetry.banuba.cloud/ *.walkme.com *.on24.com blob: *.cdninstagram.com on24.zendesk.com *.facebook.net *.facebook.com *.zopim.com *.zopim.io *.zdassets.com *.driftt.com *.driftcdn.com *.bitmovin.com *.sharethis.com wss://*.zopim.com wss://*.stream-io-api.com https://*.stream-io-api.com https://*.zendesk.com wss://*.zendesk.com https://app.pendo.io 'self'; object-src *.on24.com; frame-ancestors *.on24.com;
default-src
Host
—
*
default-src
Scheme
—
data:
default-src
Scheme
—
blob:
script-src
Host
—
script-src
Host
—
script-src
Host
—
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
script-src
Scheme
—
blob:
script-src
Scheme
—
data:
script-src
Keyword
—
'self'
style-src
Scheme
—
data:
style-src
Scheme
—
blob:
style-src
Keyword
—
'unsafe-inline'
style-src
Host
—
*
connect-src
Scheme
—
blob:
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Keyword
—
'self'
Content-Security-Policy-Report-Only
No report-only CSP headers found.