Content-Security-Policy Analysis for https://www.acordsolutions.com

Open Cached · just now

1 directives

Content-Security-Policy

Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://googleads.g.doubleclick.net https://script.hotjar.com https://static.hotjar.com https://snap.licdn.com https://cdn-cookieyes.com https://pod-27-sunco-ws.zendesk.com https://static.zdassets.com https://js.stripe.com https://code.jquery.com www.googletagmanager.com *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org;

script-src Keyword —

'self'

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

script-src Host

Google DoubleClick

https://googleads.g.doubleclick.net

script-src Host

Hotjar

https://script.hotjar.com

script-src Host

Hotjar

https://static.hotjar.com

script-src Host

LinkedIn

https://snap.licdn.com

script-src Host

CookieYes

https://cdn-cookieyes.com

ASN | Cloudflare

script-src Host

Zendesk

https://pod-27-sunco-ws.zendesk.com

ASN | Cloudflare

script-src Host

Zendesk

https://static.zdassets.com

ASN | Cloudflare

script-src Host

Stripe

https://js.stripe.com

script-src Host

jQuery

https://code.jquery.com

script-src Host

Google Tag Manager

www.googletagmanager.com

script-src Host

Google API JS Client

*.googleapis.com

script-src Host

Google Static File Front End

*.gstatic.com

script-src Host

Google Search

www.google.com

script-src Host

Google Analytics

*.google-analytics.com

script-src Host

Google API JS Client

apis.google.com

script-src Host

Facebook

connect.facebook.net

script-src Host

Microsoft ASP.NET CDN

ajax.aspnetcdn.com

script-src Host

YouTube

https://www.youtube.com/iframe_api

script-src Host

Twitter

platform.twitter.com

script-src Host

Twitter

https://syndication.twitter.com/

ASN | Cloudflare

script-src Host

YouTube

https://s.ytimg.com

script-src Host

Twitter

https://publish.twitter.com

ASN | Cloudflare

script-src Host

Twitter

*.twimg.com

script-src Host

LinkedIn

platform.linkedin.com

ASN | Cloudflare

script-src Host —

http://platform.stumbleupon.com/1/widgets.js

script-src Host

AzureFrontDoor

https://dec.azureedge.net/

ASN | Microsoft

script-src Host

Adobe Marketo

munchkin.marketo.net

script-src Host

Oracle Eloqua

*.eloqua.com

script-src Host

HubSpot

js.hs-scripts.com

ASN | Cloudflare

script-src Host

HubSpot Analytics

js.hs-analytics.net

ASN | Cloudflare

script-src Host

Oracle Eloqua

*.en25.com

script-src Host

AMP

cdn.ampproject.org

Content-Security-Policy-Report-Only

No report-only CSP headers found.