Open
Cached
·
just now
6
directives
Content-Security-Policy
Content-Security-Policy: default-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://signrequest.com https://cdn.signrequest.com https://signrequest-static.s3.amazonaws.com https://js-agent.newrelic.com https://bam.nr-data.net https://www.google-analytics.com https://ssl.google-analytics.com https://ajax.googleapis.com https://apis.google.com https://www.googletagmanager.com https://tagmanager.google.com https://optimize.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.stripe.com https://*.zapier.com https://zapier.com https://www.dropbox.com https://*.cookiebot.com https://ct.capterra.com https://connect.facebook.net https://static.zdassets.com https://62vqqh6qv58h.statuspage.io https://snap.licdn.com https://survey.survicate.com https://surveys-static.survicate.com https://trackcmp.net https://diffuser-cdn.app-us1.com https://prism.app-us1.com ; style-src 'self' 'unsafe-inline' https://signrequest-static.s3.amazonaws.com https://tagmanager.google.com https://fonts.googleapis.com https://optimize.google.com https://zapier.com https://*.webflow.com ; img-src * data:; font-src 'self' data: https://signrequest-static.s3.amazonaws.com https://assets.website-files.com https://assets-global.website-files.com https://*.website-files.com https://*.webflow.com https://fonts.gstatic.com; report-uri https://sentry.sr-staging-1.com/api/2/security/?sentry_key=a6f9acd3a2264908b8efd53f59f51fe3
default-src
Host
—
*
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'unsafe-inline'
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
img-src
Host
—
*
img-src
Scheme
—
data:
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
Content-Security-Policy-Report-Only
No report-only CSP headers found.