Open
Cached
·
just now
15
directives
Content-Security-Policy
Content-Security-Policy: default-src 'self'; script-src 'nonce-geY7zXoB9MBxbwi3fQS1ug==' 'self' 'strict-dynamic' https://vercel.live https://rstr.in https://cdn.raster.app https://*.sanity.io https://core.sanity-cdn.com https://cdn.jsdelivr.net https://jobs.ashbyhq.com https://*.outgrow.us https://*.outgrow.co https://dyv6f9ner1ir9.cloudfront.net https://*.chilipiper.com https://www.youtube.com https://s.ytimg.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://*.gstatic.com https://js.hs-banner.com https://js.hs-analytics.net https://js.hsforms.net https://js.hs-scripts.com https://js.hscollectedforms.net https://*.hubspot.com https://*.hsforms.com https://connect.facebook.net https://static.ads-twitter.com https://snap.licdn.com https://darkvisitors.com https://*.claydar.com https://*.contentsquare.net https://*.heapanalytics.com https://cdn.heapanalytics.com https://cdn.dreamdata.cloud https://cdn.drda.io https://cdn.userose.ai https://api.userose.ai https://unpkg.com; script-src-elem 'nonce-geY7zXoB9MBxbwi3fQS1ug==' 'strict-dynamic' 'self' 'strict-dynamic' https://vercel.live https://rstr.in https://cdn.raster.app https://*.sanity.io https://core.sanity-cdn.com https://cdn.jsdelivr.net https://jobs.ashbyhq.com https://*.outgrow.us https://*.outgrow.co https://dyv6f9ner1ir9.cloudfront.net https://*.chilipiper.com https://www.youtube.com https://s.ytimg.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://*.gstatic.com https://js.hs-banner.com https://js.hs-analytics.net https://js.hsforms.net https://js.hs-scripts.com https://js.hscollectedforms.net https://*.hubspot.com https://*.hsforms.com https://connect.facebook.net https://static.ads-twitter.com https://snap.licdn.com https://darkvisitors.com https://*.claydar.com https://*.contentsquare.net https://*.heapanalytics.com https://cdn.heapanalytics.com https://cdn.dreamdata.cloud https://cdn.drda.io https://cdn.userose.ai https://api.userose.ai https://unpkg.com; style-src 'self' 'unsafe-inline'; font-src 'self' data: https://cdn.userose.ai; img-src 'self' data: blob: https:; frame-src 'self' https://vercel.live https://rstr.in https://cdn.raster.app https://*.sanity.io https://www.youtube.com https://youtube.com https://www.youtube-nocookie.com https://player.vimeo.com https://*.outgrow.us https://*.outgrow.co https://jobs.ashbyhq.com https://dyv6f9ner1ir9.cloudfront.net https://*.chilipiper.com https://www.googletagmanager.com https://*.hubspot.com https://*.hsforms.com https://cdn.dreamdata.cloud https://cdn.drda.io https://cdn.userose.ai https://api.userose.ai https://unpkg.com; media-src 'self' https://vercel.live https://rstr.in https://cdn.raster.app https://cdn.sanity.io https://orb-website-public-assets.s3.us-east-1.amazonaws.com https://cdn.userose.ai; worker-src 'self' blob:; connect-src 'self' https://vercel.live https://rstr.in https://cdn.raster.app *.vercel.app https://*.sanity.io https://*.api.sanity.io https://www.youtube.com https://*.youtube.com https://*.googlevideo.com https://vimeo.com https://*.vimeo.com https://cdn.jsdelivr.net https://assets.unicorn.studio https://usebasin.com https://links.withorb.com https://*.chilipiper.com https://api.ashbyhq.com https://jobs.ashbyhq.com https://*.outgrow.us https://*.outgrow.co https://api-n.outgrow.co https://dyv6f9ner1ir9.cloudfront.net https://www.google-analytics.com https://analytics.google.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://*.doubleclick.net https://*.hubspot.com https://*.hsforms.com https://api.hubspot.com https://forms.hubspot.com https://connect.facebook.net https://www.facebook.com https://static.ads-twitter.com https://analytics.twitter.com https://*.twitter.com https://snap.licdn.com https://px.ads.linkedin.com https://darkvisitors.com https://static.claydar.com https://api.claydar.com https://*.claydar.com https://contentsquare.net https://*.contentsquare.net https://heapanalytics.com https://*.heapanalytics.com https://api.cr-relay.com https://*.cr-relay.com https://cdn.dreamdata.cloud https://cdn.drda.io https://cdn.userose.ai https://api.userose.ai https://unpkg.com; base-uri 'self'; form-action 'self' https://links.withorb.com https://*.hubspot.com https://*.hsforms.com; frame-ancestors 'self'; object-src 'none'; upgrade-insecure-requests;
default-src
Keyword
—
'self'
script-src
Nonce
—
'nonce-geY7zXoB9MBxbwi3fQS1ug=='
script-src
Keyword
—
'self'
script-src
Keyword
—
'strict-dynamic'
script-src
Host
—
script-src-elem
Nonce
—
'nonce-geY7zXoB9MBxbwi3fQS1ug=='
script-src-elem
Keyword
—
'strict-dynamic'
script-src-elem
Keyword
—
'self'
script-src-elem
Keyword
—
'strict-dynamic'
script-src-elem
Host
—
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
img-src
Keyword
—
'self'
img-src
Scheme
—
data:
img-src
Scheme
—
blob:
img-src
Scheme
—
https:
frame-src
Keyword
—
'self'
media-src
Keyword
—
'self'
worker-src
Keyword
—
'self'
worker-src
Scheme
—
blob:
connect-src
Keyword
—
'self'
connect-src
Host
—
connect-src
Host
—
base-uri
Keyword
—
'self'
form-action
Keyword
—
'self'
frame-ancestors
Keyword
—
'self'
object-src
Keyword
—
'none'
upgrade-insecure-requests
Source
—
(no sources)
Content-Security-Policy-Report-Only
No report-only CSP headers found.