Open
Cached
·
just now
9
directives
Content-Security-Policy
No enforced CSP headers found.
Content-Security-Policy-Report-Only
Content-Security-Policy-Report-Only: default-src 'self'; frame-src 'self' rev.io *.rev.io *.billcenter.net *.agentclick.com app.powerbi.com js.stripe.com rev-io.releasenotes.io cdn.elev.io *.payaconnect.com *.ippay.com *.Authorize.net *.cardknox.com *.usaepay.com *.trxservices.net *.trxservices.com; img-src 'self' data: blob: *.rev.io *.billcenter.net *.agentclick.com s3.amazonaws.com p.typekit.net secure.gravatar.com cdn.datatables.net cdn.elev.io code.jquery.com zapier-images.imgix.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.rev.io *.billcenter.net *.agentclick.com cdn.elev.io use.typekit.net cdnjs.cloudflare.com cdn.datatables.net web-sdk.aptrinsic.com js.stripe.com *.churnzero.net *.zapier.com *.usaepay.com; style-src 'self' 'unsafe-inline' *.rev.io *.billcenter.net *.agentclick.com cdnjs.cloudflare.com *.churnzero.net code.jquery.com *.zapier.com; font-src 'self' data: use.typekit.net cdn.elev.io *.churnzero.net fonts.gstatic.com; connect-src 'self' ipa.elev.io cdn.elev.io esp.aptrinsic.com events.elev.io *.churnzero.net us-autocomplete-pro.api.smartystreets.com *.zapier.com; media-src 'self' cdn.elev.io;report-uri https://myh2o.com/SharedWebServices/CSP.asmx/Report;
default-src
Keyword
—
'self'
frame-src
Keyword
—
'self'
frame-src
Host
—
frame-src
Host
—
img-src
Keyword
—
'self'
img-src
Scheme
—
data:
img-src
Scheme
—
blob:
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
connect-src
Keyword
—
'self'
media-src
Keyword
—
'self'