Open
Cached
·
just now
13
directives
Content-Security-Policy
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com https://cdn.ingest-lr.com https://cdn.lr-intake.com https://cdn.intake-lr.com https://cdn.logr-ingest.com https://cdn.lrkt-in.com https://cdn.lgrckt-in.com https://chat.lastpass.com https://events.release.goldcast.io https://events.goldcast.io https://assets.adoberesources.net https://documentcloud.adobe.com https://*.jsdelivr.net https://*.lr-in.com https://*.pendo.io https://*.segment.com https://*.cloudfront.net https://*.github.io https://*.relicx.ai https://*.addevent.com https://addevent.com https://*.drimify.com https://*.storage.googleapis.com https://*.drift.com https://*.driftt.com https://*.typeform.com https://*.goldcast.io https://*.logrocket.io https://*.lr-ingest.io https://*.lr-in.com https://*.lr-in-prod.com https://*.newrelic.com https://bam.nr-data.net https://kwizly.com blob:; style-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://*.eu.goldcast.io https://*.release.goldcast.io https://*.goldcast.io https://rsms.me https://*.typekit.net https://*.googleapis.com https://*.typeform.com https://*.pendo.io https://*.typekit.net; object-src 'none'; base-uri 'self'; connect-src *; font-src 'self' https://rsms.me https://*.typekit.net https://*.goldcast.io/ https://*.cloudfront.net https://*.gstatic.com https://*.filestackcontent.com https://s3.amazonaws.com https://*.typekit.net data:; frame-src 'self' https://goldcast-ai-school.onsnapshot.ai https://hids2025.onsnapshot.ai https://player.interactivity.brightcove.com https://resource.thermofisher.com https://auth.slido.com https://chat.lastpass.com https://documentcloud.adobe.com http://goldcast-solutions.s3-website-us-east-1.amazonaws.com https://s3.amazonaws.com https://goldcast-solutions.s3.amazonaws.com https://engamio.live https://survey.alchemer.com https://*.twine.us https://*.onsnapshot.com https://*.sli.do https://*.figma.com https://padlet.com https://*.twine.nyc https://*.webooth.fun https://*.drimify.com https://*.validar.com https://*.virtualbooth.co https://*.driftt.com https://*.drift.com https://*.kudoway.com https://*.typeform.com https://*.pendo.io https://*.drift.click https://snapbar.com https://play.duelbox.com https://*.walls.io https://*.goldcast.io https://*.snapbar.video https://games.mutinyhq.com https://m2.mutinyhq.com https://d10p7fg6cm0drl.cloudfront.net https://kwizly.com; img-src 'self' * blob: https://assets.adoberesources.net https://h3.googleusercontent.com data:; manifest-src 'self'; media-src 'self' * blob:; worker-src 'self' blob:; child-src 'self' blob:;
default-src
Keyword
—
'self'
script-src
Keyword
—
'report-sample'
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'wasm-unsafe-eval'
script-src
Host
—
script-src
Host
—
script-src
Host
—
script-src
Host
—
script-src
Scheme
—
blob:
style-src
Keyword
—
'report-sample'
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
style-src
Keyword
—
'unsafe-eval'
object-src
Keyword
—
'none'
base-uri
Keyword
—
'self'
connect-src
Host
—
*
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
frame-src
Keyword
—
'self'
img-src
Keyword
—
'self'
img-src
Host
—
*
img-src
Scheme
—
blob:
img-src
Scheme
—
data:
manifest-src
Keyword
—
'self'
media-src
Keyword
—
'self'
media-src
Host
—
*
media-src
Scheme
—
blob:
worker-src
Keyword
—
'self'
worker-src
Scheme
—
blob:
child-src
Keyword
—
'self'
child-src
Scheme
—
blob:
Content-Security-Policy-Report-Only
No report-only CSP headers found.