Open
Cached
·
just now
8
directives
Content-Security-Policy
Content-Security-Policy: connect-src 'self' *.arexchange.com app.pendo.io data.pendo.io pendo-static-4558985839575040.storage.googleapis.com *.google-analytics.com; default-src 'self' *.arexchange.com *.aspnetcdn.com *.bootstrapcdn.com *.fontawesome.com *.cloudflare.com *.google-analytics.com *.google.com *.gstatic.com; frame-ancestors app.pendo.io; frame-src app.pendo.io *.google.com; img-src 'self' data: *.arexchange.com *.aspnetcdn.com *.bootstrapcdn.com *.fontawesome.com *.cloudflare.com *.google-analytics.com *.google.com *.gstatic.com app.pendo.io cdn.pendo.io data.pendo.io pendo-static-4558985839575040.storage.googleapis.com; script-src 'self' *.arexchange.com *.aspnetcdn.com *.bootstrapcdn.com *.fontawesome.com *.cloudflare.com *.google-analytics.com *.google.com *.googletagmanager.com *.gstatic.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-4558985839575040.storage.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.arexchange.com *.aspnetcdn.com *.bootstrapcdn.com *.fontawesome.com *.cloudflare.com *.google-analytics.com *.google.com *.gstatic.com app.pendo.io pendo-io-static.storage.googleapis.com pendo-static-4558985839575040.storage.googleapis.com 'unsafe-inline'; worker-src blob:;
connect-src
Keyword
—
'self'
default-src
Keyword
—
'self'
default-src
Host
—
img-src
Keyword
—
'self'
img-src
Scheme
—
data:
img-src
Host
—
script-src
Keyword
—
'self'
script-src
Host
—
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
style-src
Keyword
—
'self'
style-src
Host
—
style-src
Keyword
—
'unsafe-inline'
worker-src
Scheme
—
blob:
Content-Security-Policy-Report-Only
No report-only CSP headers found.