Values for x-permitted-cross-domain-policies:
none 44,959
master-only 2,905
none; 113
all 77
value 12
by-content-type 8
: none 7
master only 7
'none' 6
self 6
origin-when-cross-origin 3
“none” 3
master-only, master-only 3
* 2
ALLOW-FROM https://www.linkedin.com 2
"master-only" 2
always 2
"master-only"; 2
'master-only'; 1
1 1
script-src 'self' 1
{} 1
max-age=63072000; 1
require-corp 1
'master-only' | 'none' 1
upgrade-insecure-requests;         worker-src 'self' blob:;         style-src 'self' 'unsafe-inline' *.pricespider.com *.mapbox.com *.lytics.io js.jebbit.com blob:;         media-src 'self' videos.ctfassets.net *.iesnare.com data:;         manifest-src 'self' login.windows.net;         script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org script.crazyegg.com js.jebbit.com js.adsrvr.org connect.facebook.net z.moatads.com cdn.segment.com pghub.io www.youtube.com *.lytics.io *.bazaarvoice.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com *.iesnare.com;         font-src 'self' data: ;         frame-ancestors 'none';         frame-src  'self' insight.adsrvr.org *.doubleclick.net feed.pghub.io www.facebook.com consumersupport.pg.com pgnagain.jebbit.com jebbit.ilovegain.com www.youtube.com pg-lex.my.salesforce-sites.com;         img-src 'self' data: images.ctfassets.net www.google-analytics.com www.googletagmanager.com pixel.tapad.com *.doubleclick.net www.facebook.com *.lytics.io *.akamaihd.net *.moatads.com *.pricespider.com *.bazaarvoice.com i.ytimg.com cdn.cookielaw.org;          connect-src 'self' *.google-analytics.com *.cookielaw.org *.jebbit.com *.doubleclick.net *.crazyegg.com *.adsrvr.org *.segment.com *.segment.io *.bazaarvoice.com *.pricespider.com *.mapbox.com geolocation-db.com *.algolia.net *.algolianet.com wss:;          base-uri 'none';         default-src 'none'; 1
strict-origin-when-cross-origin 1
"none" 1
X-Permitted-Cross-Domain-Policies 1
: master-only 1
DENY 1
max-age=31536000; includeSubDomains; preload 1