Open
Cached
·
1m ago
8
directives
Content-Security-Policy
No enforced CSP headers found.
Content-Security-Policy-Report-Only
Content-Security-Policy-Report-Only: default-src 'self' justworks-ciam.okta.com login.justworks.com *.oktacdn.com https://css.justworks.com https://payroll.justworks.com https://cdn.heapanalytics.com https://client-api.auryc.com https://heapanalytics.com https://mt.auryc.com https://oinmanager.okta.com https://data.pendo.io; connect-src 'self' justworks-ciam.okta.com justworks-ciam-admin.okta.com login.justworks.com *.oktacdn.com *.mixpanel.com *.mapbox.com justworks-ciam.kerberos.okta.com justworks-ciam.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: https://css.justworks.com https://payroll.justworks.com https://cdn.heapanalytics.com https://client-api.auryc.com https://heapanalytics.com https://mt.auryc.com https://data.pendo.io *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' justworks-ciam.okta.com login.justworks.com *.oktacdn.com https://css.justworks.com https://payroll.justworks.com https://cdn.heapanalytics.com https://client-api.auryc.com https://heapanalytics.com https://mt.auryc.com https://oinmanager.okta.com https://data.pendo.io; style-src 'unsafe-inline' 'self' 'report-sample' justworks-ciam.okta.com login.justworks.com *.oktacdn.com https://css.justworks.com https://payroll.justworks.com https://cdn.heapanalytics.com https://client-api.auryc.com https://heapanalytics.com https://mt.auryc.com https://oinmanager.okta.com https://data.pendo.io; frame-src 'self' justworks-ciam.okta.com justworks-ciam-admin.okta.com login.justworks.com login.okta.com *.vidyard.com com-okta-authenticator: https://css.justworks.com https://payroll.justworks.com https://cdn.heapanalytics.com https://client-api.auryc.com https://heapanalytics.com https://mt.auryc.com https://oinmanager.okta.com https://data.pendo.io; img-src 'self' justworks-ciam.okta.com login.justworks.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: https://css.justworks.com https://payroll.justworks.com https://cdn.heapanalytics.com https://client-api.auryc.com https://heapanalytics.com https://mt.auryc.com https://oinmanager.okta.com https://data.pendo.io blob:; font-src 'self' justworks-ciam.okta.com login.justworks.com data: *.oktacdn.com fonts.gstatic.com https://css.justworks.com https://payroll.justworks.com https://cdn.heapanalytics.com https://client-api.auryc.com https://heapanalytics.com https://mt.auryc.com https://oinmanager.okta.com https://data.pendo.io; frame-ancestors 'self' https://secure.justworks.com
default-src
Keyword
—
'self'
default-src
Host
—
connect-src
Keyword
—
'self'
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Scheme
—
data:
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'self'
script-src
Keyword
—
'report-sample'
script-src
Host
—
style-src
Keyword
—
'unsafe-inline'
style-src
Keyword
—
'self'
style-src
Keyword
—
'report-sample'
style-src
Host
—
frame-src
Keyword
—
'self'
frame-src
Scheme
—
com-okta-authenticator:
img-src
Keyword
—
'self'
img-src
Host
—
img-src
Scheme
—
data:
img-src
Scheme
—
blob:
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
font-src
Host
—
frame-ancestors
Keyword
—
'self'