Open
Cached
·
just now
8
directives
Content-Security-Policy
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' analytics.umami.is supernova54887.activehosted.com cdn.cookielaw.org geolocation.onetrust.com privacyportal.onetrust.com cookie-cdn.cookiepro.com www.googletagmanager.com www.google-analytics.com googleads.g.doubleclick.net static.hotjar.com snap.licdn.com assets.apollo.io customerioforms.com https://*.zdassets.com https://*.zendesk.com; style-src 'self' 'unsafe-inline'; img-src * blob: data:; media-src 'self' *.s3.amazonaws.com; connect-src *; font-src 'self'; frame-src https://www.youtube.com https://*.typeform.com https://privacyportal.onetrust.com https://cdn.cookielaw.org https://www.googletagmanager.com https://*.zendesk.com https://*.zdassets.com https://*.zopim.com
default-src
Keyword
—
'self'
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'unsafe-inline'
script-src
Host
—
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
img-src
Host
—
*
img-src
Scheme
—
blob:
img-src
Scheme
—
data:
media-src
Keyword
—
'self'
connect-src
Host
—
*
font-src
Keyword
—
'self'
frame-src
Host
—
Content-Security-Policy-Report-Only
No report-only CSP headers found.