Content-Security-Policy Analysis for https://learn.composecure.com

Open Cached · just now

16 directives

Content-Security-Policy

Content-Security-Policy: frame-ancestors 'self'

frame-ancestors Keyword —

'self'

Content-Security-Policy-Report-Only

Content-Security-Policy-Report-Only: default-src 'self'; script-src 'nonce-QVJDVUxVUw==' 'strict-dynamic' 'self' https://cdn.cookielaw.org https://319-mss-906.mktoweb.com https://cdn.jsdelivr.net https://d3e54v103j8qbb.cloudfront.net https://cdn.prod.website-files.com https://www.googletagmanager.com https://www.youtube.com https://www.youtube-nocookie.com https://snap.licdn.com https://*.hotjar.com https://*.hotjar.io https://googleads.g.doubleclick.net https://static.cloudflareinsights.com https://static.doubleclick.net https://www.google.com https://www.gstatic.com https://www.composecure.com; style-src 'self' https://cdn.prod.website-files.com https://319-mss-906.mktoweb.com https://www.youtube.com https://www.youtube-nocookie.com; img-src 'self' https://cdn.prod.website-files.com https://cdn.cookielaw.org https://px.ads.linkedin.com https://www.google.com.ar https://www.googletagmanager.com https://www.google.com https://www.linkedin.com https://i.ytimg.com https://www.youtube.com https://www.youtube-nocookie.com https://yt3.ggpht.com; font-src 'self' https://cdn.prod.website-files.com https://fonts.gstatic.com https://learn.composecure.com; connect-src 'self' https://cdn.cookielaw.org https://geolocation.onetrust.com https://cdn.prod.website-files.com https://analytics.google.com https://www.google.com https://319-mss-906.mktoweb.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://px.ads.linkedin.com https://www.youtube.com https://www.youtube-nocookie.com https://www.composecure.com https://jnn-pa.googleapis.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.webflow.com; frame-src 'self' https://composecure.com https://www.composecure.com https://cdn.embedly.com https://319-mss-906.mktoweb.com https://www.youtube.com https://www.youtube-nocookie.com https://www.googletagmanager.com https://ir.composecure.com https://*.webflow.com; form-action 'self'; media-src 'self' https://cdn.prod.website-files.com https://cdn.bfldr.com https://dl.dropboxusercontent.com; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://report.centralcsp.com/691cd4c0dce21fa55fa5bb9a; report-to csp-endpoint

default-src Keyword —

'self'

script-src Nonce —

'nonce-QVJDVUxVUw=='

script-src Keyword —

'strict-dynamic'

script-src Keyword —

'self'

script-src Host

OneTrust

https://cdn.cookielaw.org

ASN | Cloudflare

script-src Host

Adobe Marketo

https://319-mss-906.mktoweb.com

ASN | Cloudflare

script-src Host

jsDelivr

https://cdn.jsdelivr.net

ASN | Cloudflare

script-src Host

AWS CloudFront

https://d3e54v103j8qbb.cloudfront.net

script-src Host

Webflow

https://cdn.prod.website-files.com

ASN | Cloudflare

script-src Host

Google Tag Manager

https://www.googletagmanager.com

script-src Host

YouTube

https://www.youtube.com

script-src Host

YouTube

https://www.youtube-nocookie.com

script-src Host

LinkedIn

https://snap.licdn.com

script-src Host

Hotjar

https://*.hotjar.com

script-src Host

Hotjar

https://*.hotjar.io

script-src Host

Google DoubleClick

https://googleads.g.doubleclick.net

script-src Host

Cloudflare Web Analytics

https://static.cloudflareinsights.com

ASN | Cloudflare

script-src Host

Google DoubleClick

https://static.doubleclick.net

script-src Host

Google Search

https://www.google.com

script-src Host

Google Static File Front End

https://www.gstatic.com

script-src Host —

https://www.composecure.com

ASN | Cloudflare

style-src Keyword —

'self'

style-src Host

Webflow

https://cdn.prod.website-files.com

ASN | Cloudflare

style-src Host

Adobe Marketo

https://319-mss-906.mktoweb.com

ASN | Cloudflare

style-src Host

YouTube

https://www.youtube.com

style-src Host

YouTube

https://www.youtube-nocookie.com

img-src Keyword —

'self'

img-src Host

Webflow

https://cdn.prod.website-files.com

ASN | Cloudflare

img-src Host

OneTrust

https://cdn.cookielaw.org

ASN | Cloudflare

img-src Host

LinkedIn

https://px.ads.linkedin.com

ASN | Microsoft

img-src Host —

https://www.google.com.ar

img-src Host

Google Tag Manager

https://www.googletagmanager.com

img-src Host

Google Search

https://www.google.com

img-src Host

LinkedIn

https://www.linkedin.com

ASN | Cloudflare

img-src Host

YouTube

https://i.ytimg.com

img-src Host

YouTube

https://www.youtube.com

img-src Host

YouTube

https://www.youtube-nocookie.com

img-src Host —

https://yt3.ggpht.com

font-src Keyword —

'self'

font-src Host

Webflow

https://cdn.prod.website-files.com

ASN | Cloudflare

font-src Host

Google Fonts

https://fonts.gstatic.com

font-src Host —

https://learn.composecure.com

ASN | Cloudflare

connect-src Keyword —

'self'

connect-src Host

OneTrust

https://cdn.cookielaw.org

ASN | Cloudflare

connect-src Host

OneTrust

https://geolocation.onetrust.com

ASN | Cloudflare

connect-src Host

Webflow

https://cdn.prod.website-files.com

ASN | Cloudflare

connect-src Host

Google Analytics

https://analytics.google.com

connect-src Host

Google Search

https://www.google.com

connect-src Host

Adobe Marketo

https://319-mss-906.mktoweb.com

ASN | Cloudflare

connect-src Host

Google DoubleClick

https://googleads.g.doubleclick.net

connect-src Host

Google DoubleClick

https://stats.g.doubleclick.net

connect-src Host

LinkedIn

https://px.ads.linkedin.com

ASN | Microsoft

connect-src Host

YouTube

https://www.youtube.com

connect-src Host

YouTube

https://www.youtube-nocookie.com

connect-src Host —

https://www.composecure.com

ASN | Cloudflare

connect-src Host

Google API JS Client

https://jnn-pa.googleapis.com

connect-src Host

Hotjar

https://*.hotjar.com

connect-src Host

Hotjar

https://*.hotjar.io

connect-src Host

Hotjar

wss://*.hotjar.com

connect-src Host

Webflow

https://*.webflow.com

frame-src Keyword —

'self'

frame-src Host —

https://composecure.com

ASN | Cloudflare

frame-src Host —

https://www.composecure.com

ASN | Cloudflare

frame-src Host

Embedly

https://cdn.embedly.com

ASN | Cloudflare

frame-src Host

Adobe Marketo

https://319-mss-906.mktoweb.com

ASN | Cloudflare

frame-src Host

YouTube

https://www.youtube.com

frame-src Host

YouTube

https://www.youtube-nocookie.com

frame-src Host

Google Tag Manager

https://www.googletagmanager.com

frame-src Host —

https://ir.composecure.com

frame-src Host

Webflow

https://*.webflow.com

form-action Keyword —

'self'

media-src Keyword —

'self'

media-src Host

Webflow

https://cdn.prod.website-files.com

ASN | Cloudflare

media-src Host —

https://cdn.bfldr.com

media-src Host

Dropbox

https://dl.dropboxusercontent.com

ASN | DROPBOX - Dropbox, Inc.

object-src Keyword —

'none'

base-uri Keyword —

'self'

frame-ancestors Keyword —

'none'

upgrade-insecure-requests Source —

(no sources)

report-uri Host —

https://report.centralcsp.com/691cd4c0dce21fa55fa5bb9a

report-to Host —

csp-endpoint