Open
Cached
·
37m ago
5
directives
Content-Security-Policy
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.veracode.io https://*.veracode.com https://*.veracode.us https://*.veracode-staging.us https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-5629974204907520.storage.googleapis.com; worker-src 'self' blob:; connect-src 'self' https://insight.app.longbow.security https://*.veracode.io https://*.veracode.com https://*.veracode.us https://*.veracode-staging.us; frame-ancestors https://*.veracode.io https://*.veracode.com https://*.veracode.us https://*.veracode-staging.us https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-5629974204907520.storage.googleapis.com; object-src 'self' https://*.veracode.io https://*.veracode.com https://*.veracode.us https://*.veracode-staging.us https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://cdn.pendo.io https://pendo-static-5629974204907520.storage.googleapis.com
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
script-src
Host
—
script-src
Host
—
script-src
Host
—
worker-src
Keyword
—
'self'
worker-src
Scheme
—
blob:
connect-src
Keyword
—
'self'
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
frame-ancestors
Host
—
frame-ancestors
Host
—
frame-ancestors
Host
—
object-src
Keyword
—
'self'
object-src
Host
—
object-src
Host
—
object-src
Host
—
Content-Security-Policy-Report-Only
No report-only CSP headers found.