Open
Cached
·
just now
10
directives
Content-Security-Policy
Content-Security-Policy: child-src blob:; connect-src 'self' https://icons.typeface.ai https://*.litix.io https://*.wistia.com https://*.wistia.net https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://prod-eu2-su1-webapi-apim-1000.azure-api.net https://*.hscollectedforms.net https://hubspot-forms-static-embed.s3.amazonaws.com https://forms.hsforms.com https://static.hsappstatic.net https://api.hubapi.com https://px.ads.linkedin.com https://cdn.linkedin.oribi.io https://*.sentry-cdn.com https://*.ingest.sentry.io https://api-js.mixpanel.com https://*.algolia.net https://*.calendly.com https://www.google.com https://*.cr-relay.com https://api.vector.co https://a.usbrowserspeed.com https://pro.ip-api.com https://*.liadm.com https://www.googletagmanager.com https://dev.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com https://app.vwo.com https://*.ctfassets.net; default-src 'self' https://*.wistia.com https://*.wistia.net; font-src 'self' data: https://*.wistia.com https://fonts.gstatic.com https://dev.visualwebsiteoptimizer.com https://app.vwo.com; frame-src 'self' https://fast.wistia.com https://fast.wistia.net https://www.youtube.com https://www.youtube-nocookie.com https://forms.hsforms.com https://boards.greenhouse.io https://job-boards.greenhouse.io https://calendly.com https://www.googletagmanager.com https://td.doubleclick.net https://*.visualwebsiteoptimizer.com https://app.vwo.com https://i.liadm.com; img-src 'self' blob: data: https://icons.typeface.ai https://*.wistia.net https://*.wistia.com https://fonts.gstatic.com https://www.google.com https://i.ytimg.com https://*.hubspot.com https://*.hsforms.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://prodeu2storagecms1000.blob.core.windows.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.cr-relay.com https://dev.visualwebsiteoptimizer.com https://app.vwo.com https://useruploads.vwo.io https://*.ctfassets.net; media-src 'self' blob: data: https://*.wistia.com https://*.wistia.net https://*.ctfassets.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://repo.well-made.uk https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.wistia.com https://*.wistia.net https://*.youtube.com https://*.youtube-nocookie.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.hs-banner.com https://*.hubspot.com https://*.hscollectedforms.net https://js.hsforms.net https://js.hsadspixel.net https://snap.licdn.com https://src.litix.io https://boards.greenhouse.io https://job-boards.greenhouse.io https://cdn.mxpnl.com https://*.cr-relay.com https://cdn.vector.co https://d-code.liadm.com https://static.hsappstatic.net https://*.sentry-cdn.com https://dev.visualwebsiteoptimizer.com https://app.vwo.com https://a.usbrowserspeed.com; style-src 'self' 'unsafe-inline' blob: https://fast.wistia.com https://www.googletagmanager.com https://fonts.googleapis.com https://dev.visualwebsiteoptimizer.com https://app.vwo.com; worker-src 'self' blob:
child-src
Scheme
—
blob:
connect-src
Keyword
—
'self'
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
default-src
Keyword
—
'self'
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
frame-src
Keyword
—
'self'
img-src
Keyword
—
'self'
img-src
Scheme
—
blob:
img-src
Scheme
—
data:
img-src
Host
—
media-src
Keyword
—
'self'
media-src
Scheme
—
blob:
media-src
Scheme
—
data:
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'unsafe-inline'
script-src
Scheme
—
blob:
script-src
Host
—
script-src
Host
—
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
style-src
Scheme
—
blob:
worker-src
Keyword
—
'self'
worker-src
Scheme
—
blob:
Content-Security-Policy-Report-Only
No report-only CSP headers found.