Open
Cached
·
just now
3
directives
Content-Security-Policy
Content-Security-Policy: frame-ancestors 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-inline' wave-ai.net api.wave-ai.net dev.wave-ai.net lyricstudio.net melodystudio.net app.melodystudio.net *.googleapis.com *.firebaseio.com js.chargebee.com assets.anytrack.io analytics.tiktok.com cdn.amplitude.com www.paypal.com www.paypalobjects.com googleads.g.doubleclick.net bid.g.doubleclick.net js.stripe.com r.wdfl.co www.google-analytics.com www.google.com www.google.co.uk www.google.ca pay.google.com pay.google.ca pay.google.co.uk www.gstatic.com www.gstatic.co.uk www.gstatic.ca www.googleadservices.com www.googletagmanager.com connect.facebook.net www.facebook.com apis.google.com apis.google.co.uk apis.google.ca *.firstpromoter.com https://app.getterms.io/cookie-consent/embed/67b79785-7ad9-420a-b320-653944f0eb73
frame-ancestors
Keyword
—
'self'
worker-src
Keyword
—
'self'
worker-src
Scheme
—
blob:
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-inline'
script-src
Host
—
script-src
Host
—
script-src
Host
—
script-src
Host
—
script-src
Host
—
script-src
Host
—
Content-Security-Policy-Report-Only
No report-only CSP headers found.