Open
Cached
·
just now
12
directives
Content-Security-Policy
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com https://assets.calendly.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.dropbox.com https://accounts.google.com https://apis.google.com https://js.live.net/v7.2/OneDrive.js https://a.omappapi.com/ https://bat.bing.com/ https://www.youtube.com/ *.boldagent.ai *.insertchat.com *.storylane.io *.bolddesk.com *.chatbase.co *.helpscout.net *.clarity.ms *.cloudflareinsights.com *.cloudflare.com *.cloudfront.net *.doubleclick.net *.syncfusion.com https://cdn.jsdelivr.net https://static.ads-twitter.com https://www.redditstatic.com https://connect.facebook.net https://snap.licdn.com https://r.wdfl.co https://tracking.g2crowd.com https://us-assets.i.posthog.com https://www.googleadservices.com https://app.factors.ai https://www.googlesyndication.com https://region1.google-analytics.com; style-src 'self' 'unsafe-inline' *.bolddesk.com *.storylane.io *.cloudflareinsights.com *.cloudflare.com *.boldagent.ai https://cdn.syncfusion.com https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css https://fonts.googleapis.com https://storage.googleapis.com https://a.omappapi.com/; font-src 'self' data: https://fonts.gstatic.com; media-src 'self' *.bolddesk.com *.storylane.io *.googleapis.com *.syncfusion.com; object-src 'none'; child-src 'none'; frame-src 'self' *.googleapis.com *.syncfusion.com *.loom.com *.veed.io *.zight.com *.synthesia.io *.easyreg.ca *.sharepoint.com *.olvy.co *.vimeo.com *.wistia.com *.wistia.net *.chatbase.co *.diagrams.net *.storylane.io *.insertchat.com *.google.com *.boldagent.ai *.recaptcha.net *.guidejar.com *.betterstack.com *.alcousa.org *.huducloud.com *.guideflow.com syncfusion.atlassian.net https://calendly.com https://guides.autrix.co.uk *.supademo.com https://www.youtube.com https://www.youtube-nocookie.com https://qaresource.imocha.io https://scribehow.com https://komododecks.com https://kommodo.ai/ https://calendly.com/ *.blob.core.windows.net *.arcade.software https://www.googletagmanager.com/; frame-ancestors *; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'; form-action 'self'
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
media-src
Keyword
—
'self'
object-src
Keyword
—
'none'
child-src
Keyword
—
'none'
frame-src
Keyword
—
'self'
frame-src
Host
—
frame-ancestors
Host
—
*
upgrade-insecure-requests
Source
—
(no sources)
block-all-mixed-content
Source
—
(no sources)
base-uri
Keyword
—
'self'
form-action
Keyword
—
'self'
Content-Security-Policy-Report-Only
No report-only CSP headers found.