Content-Security-Policy Analysis for https://100ms.live

Open Cached · just now

12 directives

Content-Security-Policy

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://meticulous.ai https://*.meticulous.ai https://hs-scripts.com https://*.hs-scripts.com http://hs-scripts.com http://*.hs-scripts.com https://hs-analytics.net https://*.hs-analytics.net https://hsleadflows.net https://*.hsleadflows.net https://hscollectedforms.net https://*.hscollectedforms.net https://hs-banner.com https://*.hs-banner.com https://hsforms.net https://*.hsforms.net https://googletagmanager.com https://*.googletagmanager.com https://googleoptimize.com https://*.googleoptimize.com https://google-analytics.com https://*.google-analytics.com https://amazonaws.com https://*.amazonaws.com https://devrev.ai https://*.devrev.ai https://amplitude.com https://*.amplitude.com https://cdn-cookieyes.com https://licdn.com https://*.licdn.com https://clarity.ms https://*.clarity.ms https://apollo.io https://*.apollo.io https://framer.com https://*.framer.com https://framerusercontent.com https://*.framerusercontent.com https://sentry-cdn.com https://*.sentry-cdn.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; media-src 'self' https://storage.googleapis.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://amplitude.com https://*.amplitude.com https://hsforms.com https://*.hsforms.com https://hubspot.com https://*.hubspot.com https://googletagmanager.com https://*.googletagmanager.com https://google-analytics.com https://*.google-analytics.com https://google.com https://*.google.com https://devrev.ai https://*.devrev.ai https://linkedin.com https://*.linkedin.com https://aplo-evnt.com https://clarity.ms https://*.clarity.ms https://100ms.live https://*.100ms.live https://geolocation-db.com https://cookieyes.com https://*.cookieyes.com https://cdn-cookieyes.com https://*.cdn-cookieyes.com https://amazonaws.com https://*.amazonaws.com https://algolia.net https://*.algolia.net; frame-src 'self' https://googletagmanager.com https://*.googletagmanager.com https://calendly.com https://*.calendly.com https://meticulous.ai https://*.meticulous.ai https://100ms.live https://*.100ms.live; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self' https://hsforms.com https://*.hsforms.com

default-src Keyword —

'self'

script-src Keyword —

'self'

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

script-src Host —

https://meticulous.ai

ASN | Cloudflare

script-src Host —

https://*.meticulous.ai

ASN | Cloudflare

script-src Host

HubSpot

https://hs-scripts.com

script-src Host

HubSpot

https://*.hs-scripts.com

script-src Host

HubSpot

http://hs-scripts.com

script-src Host

HubSpot

http://*.hs-scripts.com

script-src Host

HubSpot Analytics

https://hs-analytics.net

script-src Host

HubSpot Analytics

https://*.hs-analytics.net

script-src Host

HubSpot

https://hsleadflows.net

script-src Host

HubSpot

https://*.hsleadflows.net

script-src Host

HubSpot Forms

https://hscollectedforms.net

script-src Host

HubSpot Forms

https://*.hscollectedforms.net

script-src Host

HubSpot

https://hs-banner.com

script-src Host

HubSpot

https://*.hs-banner.com

script-src Host

HubSpot Forms

https://hsforms.net

script-src Host

HubSpot Forms

https://*.hsforms.net

script-src Host

Google Tag Manager

https://googletagmanager.com

script-src Host

Google Tag Manager

https://*.googletagmanager.com

script-src Host

Google Optimize

https://googleoptimize.com

script-src Host

Google Optimize

https://*.googleoptimize.com

script-src Host

Google Analytics

https://google-analytics.com

script-src Host

Google Analytics

https://*.google-analytics.com

script-src Host

AWS

https://amazonaws.com

script-src Host

AWS

https://*.amazonaws.com

script-src Host —

https://devrev.ai

script-src Host —

https://*.devrev.ai

script-src Host

Amplitude

https://amplitude.com

script-src Host

Amplitude

https://*.amplitude.com

script-src Host

CookieYes

https://cdn-cookieyes.com

ASN | Cloudflare

script-src Host

LinkedIn

https://licdn.com

script-src Host

LinkedIn

https://*.licdn.com

script-src Host

Microsoft Clarity

https://clarity.ms

ASN | Microsoft

script-src Host

Microsoft Clarity

https://*.clarity.ms

ASN | Microsoft

script-src Host —

https://apollo.io

ASN | Cloudflare

script-src Host —

https://*.apollo.io

ASN | Cloudflare

script-src Host

Framer

https://framer.com

script-src Host

Framer

https://*.framer.com

script-src Host

Framer

https://framerusercontent.com

script-src Host

Framer

https://*.framerusercontent.com

script-src Host

Sentry

https://sentry-cdn.com

script-src Host

Sentry

https://*.sentry-cdn.com

style-src Keyword —

'self'

style-src Keyword —

'unsafe-inline'

style-src Host

Google Fonts

https://fonts.googleapis.com

img-src Keyword —

'self'

img-src Scheme —

data:

img-src Scheme —

blob:

img-src Scheme —

https:

media-src Keyword —

'self'

media-src Host

Google Cloud Storage

https://storage.googleapis.com

font-src Keyword —

'self'

font-src Host

Google Fonts

https://fonts.gstatic.com

connect-src Keyword —

'self'

connect-src Host

Amplitude

https://amplitude.com

connect-src Host

Amplitude

https://*.amplitude.com

connect-src Host

HubSpot Forms

https://hsforms.com

connect-src Host

HubSpot Forms

https://*.hsforms.com

connect-src Host

HubSpot

https://hubspot.com

ASN | Cloudflare

connect-src Host

HubSpot

https://*.hubspot.com

ASN | Cloudflare

connect-src Host

Google Tag Manager

https://googletagmanager.com

connect-src Host

Google Tag Manager

https://*.googletagmanager.com

connect-src Host

Google Analytics

https://google-analytics.com

connect-src Host

Google Analytics

https://*.google-analytics.com

connect-src Host

Google Search

https://google.com

connect-src Host —

https://*.google.com

connect-src Host —

https://devrev.ai

connect-src Host —

https://*.devrev.ai

connect-src Host

LinkedIn

https://linkedin.com

ASN | Microsoft

connect-src Host

LinkedIn

https://*.linkedin.com

ASN | Microsoft

connect-src Host —

https://aplo-evnt.com

ASN | Cloudflare

connect-src Host

Microsoft Clarity

https://clarity.ms

ASN | Microsoft

connect-src Host

Microsoft Clarity

https://*.clarity.ms

ASN | Microsoft

connect-src Host —

https://100ms.live

connect-src Host —

https://*.100ms.live

connect-src Host —

https://geolocation-db.com

ASN | DigitalOcean

connect-src Host

CookieYes

https://cookieyes.com

ASN | Cloudflare

connect-src Host

CookieYes

https://*.cookieyes.com

ASN | Cloudflare

connect-src Host

CookieYes

https://cdn-cookieyes.com

ASN | Cloudflare

connect-src Host

CookieYes

https://*.cdn-cookieyes.com

ASN | Cloudflare

connect-src Host

AWS

https://amazonaws.com

connect-src Host

AWS

https://*.amazonaws.com

connect-src Host

Algolia

https://algolia.net

ASN | LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.

connect-src Host

Algolia

https://*.algolia.net

ASN | LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.

frame-src Keyword —

'self'

frame-src Host

Google Tag Manager

https://googletagmanager.com

frame-src Host

Google Tag Manager

https://*.googletagmanager.com

frame-src Host

Calendly

https://calendly.com

ASN | Cloudflare

frame-src Host

Calendly

https://*.calendly.com

ASN | Cloudflare

frame-src Host —

https://meticulous.ai

ASN | Cloudflare

frame-src Host —

https://*.meticulous.ai

ASN | Cloudflare

frame-src Host —

https://100ms.live

frame-src Host —

https://*.100ms.live

worker-src Keyword —

'self'

worker-src Scheme —

blob:

object-src Keyword —

'none'

base-uri Keyword —

'self'

form-action Keyword —

'self'

form-action Host

HubSpot Forms

https://hsforms.com

form-action Host

HubSpot Forms

https://*.hsforms.com

Content-Security-Policy-Report-Only

No report-only CSP headers found.