Content-Security-Policy Analysis for https://www.rescuetime.com

Open Cached · just now

17 directives

Content-Security-Policy

Content-Security-Policy: default-src 'none'; base-uri 'self' docs.helpscout.net; child-src 'self' assets.braintreegateway.com assets.rescuetime.com assets-dev.rescuetime.com c.paypal.com www.youtube.com player.vimeo.com fast.wistia.net moz-extension://* chrome-extension://*; connect-src 'self' www.rescuetime.com dev.rescuetime.com d3ccrbqtj64zhq.cloudfront.net support-media.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.sandbox.braintreegateway.com client-analytics.braintreegateway.com *.braintree-api.com *.paypal.com *.google-analytics.com *.googletagmanager.com *.google.com *.linkedin.com connect.facebook.net www.facebook.com ysxtsrzt2b4s.statuspage.io rescuetime.helpscoutdocs.com secure.helpscout.net api.ipify.org beaconapi.helpscout.net chatapi.helpscout.net d3hb14vkzrxvla.cloudfront.net stats.g.doubleclick.net *.sumologic.com sentry.io *.ingest.sentry.io *.sentry-cdn.com wss: wss://*.pusher.com slack.com *.asana.com trello.com *.atlassian.com github.com exist.io *.visualwebsiteoptimizer.com app.vwo.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.gist.build blog.rescuetime.com *.fontawesome.com *.getharvest.com; font-src 'self' data: d1tc833ex4oc93.cloudfront.net www.rescuetime.com dev.rescuetime.com assets.rescuetime.com assets-dev.rescuetime.com fonts.gstatic.com app.vwo.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.gist.build *.fontawesome.com; form-action 'self' www.rescuetime.com dev.rescuetime.com community.rescuetime.com blog.rescuetime.com *.welltory.com slack.com *.asana.com trello.com *.atlassian.com github.com *.github.com google.com *.google.com appleid.apple.com *.microsoftonline.com twitter.com *.twitter.com facebook.com *.facebook.com linkedin.com *.linkedin.com spotify.com *.spotify.com getharvest.com *.getharvest.com; frame-ancestors moz-extension://* chrome-extension://*; frame-src 'self' www.rescuetime.com dev.rescuetime.com d3ccrbqtj64zhq.cloudfront.net support-media.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com assets.braintreegateway.com *.paypal.com djtflbt20bdde.cloudfront.net beacon-v2.helpscout.net platform.twitter.com *.googletagmanager.com accounts.google.com appleid.apple.com www.google.com bid.g.doubleclick.net *.facebook.com tst.kaptcha.com ssl.kaptcha.com www.youtube.com moz-extension://* chrome-extension://* ifttt.com *.vimeo.com app.vwo.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.userreport.com *.gist.build; img-src 'self' www.rescuetime.com dev.rescuetime.com data: d3ccrbqtj64zhq.cloudfront.net support-media.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com assets.braintreegateway.com *.paypal.com platform.twitter.com pbs.twimg.com appleid.apple.com accounts.google.com *.google-analytics.com *.googletagmanager.com www.google.com googleads.g.doubleclick.net connect.facebook.net *.facebook.com d33v4339jhl8k0.cloudfront.net moz-extension://* chrome-extension://* via.placeholder.com ifttt.com api.producthunt.com zapier.com cdn.zapier.com *.adsymptotic.com *.visualwebsiteoptimizer.com *.ads.linkedin.com app.vwo.com track.customer.io secure.gravatar.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.scdn.co *.userreport.com *.gist.build *.spotify.com *.spotifycdn.com *.ytimg.com *.linkedin.com snap.licdn.com; manifest-src 'self'; media-src 'self' www.rescuetime.com dev.rescuetime.com beacon-v2.helpscout.net support-media-storage.s3.amazonaws.com d3ccrbqtj64zhq.cloudfront.net support-media.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com; object-src 'self' www.rescuetime.com dev.rescuetime.com djtflbt20bdde.cloudfront.net beacon-v2.helpscout.net assets.rescuetime.com assets-dev.rescuetime.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.rescuetime.com dev.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com js.braintreegateway.com assets.braintreegateway.com www.paypalobjects.com *.paypal.com d12wqas9hcki3z.cloudfront.net d33v4339jhl8k0.cloudfront.net djtflbt20bdde.cloudfront.net beacon-v2.helpscout.net cdn.ravenjs.com platform.twitter.com www.google-analytics.com www.googletagmanager.com accounts.google.com www.google.com www.googleadservices.com googleads.g.doubleclick.net appleid.cdn-apple.com appleid.apple.com www.gstatic.com zapier.com connect.facebook.net dev.visualwebsiteoptimizer.com app.vwo.com cdn.rawgit.com player.vimeo.com assets.customer.io *.licdn.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.sentry-cdn.com *.gist.build gist-queue-consumer-api.cloud.gist.build ajax.googleapis.com blog.rescuetime.com *.userreport.com *.fontawesome.com *.linkedin.com snap.licdn.com; style-src 'self' 'unsafe-inline' www.rescuetime.com dev.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com accounts.google.com appleid.apple.com fonts.googleapis.com beacon-v2.helpscout.net d12wqas9hcki3z.cloudfront.net djtflbt20bdde.cloudfront.net app.vwo.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.gist.build *.fontawesome.com; upgrade-insecure-requests; worker-src blob:; report-uri https://www.rescuetime.com/csp-report

default-src Keyword —

'none'

base-uri Keyword —

'self'

base-uri Host —

docs.helpscout.net

ASN | Amazon

child-src Keyword —

'self'

child-src Host

Braintree

assets.braintreegateway.com

ASN | Cloudflare

child-src Host —

assets.rescuetime.com

ASN | Amazon

child-src Host —

assets-dev.rescuetime.com

ASN | Amazon

child-src Host

PayPal

c.paypal.com

ASN | Fastly

child-src Host

YouTube

www.youtube.com

ASN | Google

child-src Host

Vimeo

player.vimeo.com

ASN | Cloudflare

child-src Host

Wistia

fast.wistia.net

ASN | Fastly

child-src Host —

moz-extension://*

child-src Host —

chrome-extension://*

connect-src Keyword —

'self'

connect-src Host —

www.rescuetime.com

ASN | Amazon

connect-src Host —

dev.rescuetime.com

ASN | Amazon

connect-src Host

AWS CloudFront

d3ccrbqtj64zhq.cloudfront.net

ASN | Amazon

connect-src Host —

support-media.rescuetime.com

ASN | Amazon

connect-src Host

AWS CloudFront

d1tc833ex4oc93.cloudfront.net

ASN | Amazon

connect-src Host —

assets.rescuetime.com

ASN | Amazon

connect-src Host —

assets-dev.rescuetime.com

ASN | Amazon

connect-src Host

Braintree

api.braintreegateway.com

ASN | Cloudflare

connect-src Host

Braintree

api.sandbox.braintreegateway.com

ASN | Cloudflare

connect-src Host

Braintree

client-analytics.sandbox.braintreegateway.com

connect-src Host

Braintree

client-analytics.braintreegateway.com

ASN | Amazon

connect-src Host

Braintree

*.braintree-api.com

connect-src Host

PayPal

*.paypal.com

ASN | Fastly

connect-src Host

Google Analytics

*.google-analytics.com

ASN | Google

connect-src Host

Google Tag Manager

*.googletagmanager.com

ASN | Google

connect-src Host

Google Search

*.google.com

ASN | Google

connect-src Host

*.linkedin.com

ASN | Microsoft

connect-src Host

Facebook

connect.facebook.net

ASN | Facebook

connect-src Host

Facebook

www.facebook.com

ASN | Facebook

connect-src Host

Statuspage

ysxtsrzt2b4s.statuspage.io

ASN | Amazon

connect-src Host

Help Scout

rescuetime.helpscoutdocs.com

ASN | Amazon

connect-src Host —

secure.helpscout.net

ASN | Amazon

connect-src Host

ipify

api.ipify.org

ASN | Cloudflare

connect-src Host —

beaconapi.helpscout.net

ASN | Amazon

connect-src Host —

chatapi.helpscout.net

ASN | Amazon

connect-src Host

AWS CloudFront

d3hb14vkzrxvla.cloudfront.net

ASN | Amazon

connect-src Host

Google DoubleClick

stats.g.doubleclick.net

ASN | Google

connect-src Host —

*.sumologic.com

ASN | Amazon

connect-src Host

Sentry

sentry.io

ASN | Google Cloud

connect-src Host

Sentry

*.ingest.sentry.io

connect-src Host

Sentry

*.sentry-cdn.com

connect-src Scheme —

wss:

connect-src Host

Pusher

wss://*.pusher.com

ASN | Amazon

connect-src Host

Slack

slack.com

ASN | Amazon

connect-src Host

Asana

*.asana.com

ASN | Amazon

connect-src Host —

trello.com

ASN | Amazon

connect-src Host —

*.atlassian.com

ASN | Amazon

connect-src Host

GitHub

github.com

ASN | GitHub

connect-src Host —

exist.io

ASN | OVH

connect-src Host

Visual Website Optimizer

*.visualwebsiteoptimizer.com

ASN | Google Cloud

connect-src Host

Visual Website Optimizer

app.vwo.com

ASN | Cloudflare

connect-src Host —

*.ubembed.com

connect-src Host

Sprig

*.userleap.com

ASN | Amazon

connect-src Host

Sprig

*.sprig.com

ASN | Amazon

connect-src Host

UserSnap

*.usersnap.com

ASN | Amazon

connect-src Host

Customer.io

*.gist.build

ASN | Cloudflare

connect-src Host —

blog.rescuetime.com

ASN | Google Cloud

connect-src Host

Font Awesome

*.fontawesome.com

ASN | Cloudflare

connect-src Host —

*.getharvest.com

ASN | Cloudflare

font-src Keyword —

'self'

font-src Scheme —

data:

font-src Host

AWS CloudFront

d1tc833ex4oc93.cloudfront.net

ASN | Amazon

font-src Host —

www.rescuetime.com

ASN | Amazon

font-src Host —

dev.rescuetime.com

ASN | Amazon

font-src Host —

assets.rescuetime.com

ASN | Amazon

font-src Host —

assets-dev.rescuetime.com

ASN | Amazon

font-src Host

Google Fonts

fonts.gstatic.com

ASN | Google

font-src Host

Visual Website Optimizer

app.vwo.com

ASN | Cloudflare

font-src Host —

*.ubembed.com

font-src Host

Sprig

*.userleap.com

ASN | Amazon

font-src Host

Sprig

*.sprig.com

ASN | Amazon

font-src Host

UserSnap

*.usersnap.com

ASN | Amazon

font-src Host

Customer.io

*.gist.build

ASN | Cloudflare

font-src Host

Font Awesome

*.fontawesome.com

ASN | Cloudflare

form-action Keyword —

'self'

form-action Host —

www.rescuetime.com

ASN | Amazon

form-action Host —

dev.rescuetime.com

ASN | Amazon

form-action Host —

community.rescuetime.com

ASN | Hurricane Electric

form-action Host —

blog.rescuetime.com

ASN | Google Cloud

form-action Host —

*.welltory.com

ASN | Cloudflare

form-action Host

Slack

slack.com

ASN | Amazon

form-action Host

Asana

*.asana.com

ASN | Amazon

form-action Host —

trello.com

ASN | Amazon

form-action Host —

*.atlassian.com

ASN | Amazon

form-action Host

GitHub

github.com

ASN | GitHub

form-action Host

GitHub

*.github.com

ASN | GitHub

form-action Host

Google Search

google.com

ASN | Google

form-action Host

Google Search

*.google.com

ASN | Google

form-action Host —

appleid.apple.com

ASN | Apple

form-action Host —

*.microsoftonline.com

form-action Host

Twitter

twitter.com

ASN | Cloudflare

form-action Host

Twitter

*.twitter.com

ASN | Cloudflare

form-action Host

Facebook

facebook.com

ASN | Facebook

form-action Host

Facebook

*.facebook.com

ASN | Facebook

form-action Host

linkedin.com

ASN | Microsoft

form-action Host

*.linkedin.com

ASN | Microsoft

form-action Host

Spotify

spotify.com

ASN | Google Cloud

form-action Host

Spotify

*.spotify.com

ASN | Google Cloud

form-action Host —

getharvest.com

ASN | Cloudflare

form-action Host —

*.getharvest.com

ASN | Cloudflare

frame-ancestors Host —

moz-extension://*

frame-ancestors Host —

chrome-extension://*

frame-src Keyword —

'self'

frame-src Host —

www.rescuetime.com

ASN | Amazon

frame-src Host —

dev.rescuetime.com

ASN | Amazon

frame-src Host

AWS CloudFront

d3ccrbqtj64zhq.cloudfront.net

ASN | Amazon

frame-src Host —

support-media.rescuetime.com

ASN | Amazon

frame-src Host

AWS CloudFront

d1tc833ex4oc93.cloudfront.net

ASN | Amazon

frame-src Host —

assets.rescuetime.com

ASN | Amazon

frame-src Host —

assets-dev.rescuetime.com

ASN | Amazon

frame-src Host

Braintree

assets.braintreegateway.com

ASN | Cloudflare

frame-src Host

PayPal

*.paypal.com

ASN | Fastly

frame-src Host

AWS CloudFront

djtflbt20bdde.cloudfront.net

frame-src Host —

beacon-v2.helpscout.net

ASN | Amazon

frame-src Host

Twitter

platform.twitter.com

ASN | Fastly

frame-src Host

Google Tag Manager

*.googletagmanager.com

ASN | Google

frame-src Host

Google Sign-In

accounts.google.com

ASN | Google

frame-src Host —

appleid.apple.com

ASN | Apple

frame-src Host

Google Search

www.google.com

ASN | Google

frame-src Host

Google DoubleClick

bid.g.doubleclick.net

ASN | Google

frame-src Host

Facebook

*.facebook.com

ASN | Facebook

frame-src Host —

tst.kaptcha.com

ASN | Amazon

frame-src Host —

ssl.kaptcha.com

ASN | Amazon

frame-src Host

YouTube

www.youtube.com

ASN | Google

frame-src Host —

moz-extension://*

frame-src Host —

chrome-extension://*

frame-src Host —

ifttt.com

ASN | Amazon

frame-src Host

Vimeo

*.vimeo.com

ASN | Cloudflare

frame-src Host

Visual Website Optimizer

app.vwo.com

ASN | Cloudflare

frame-src Host —

*.ubembed.com

frame-src Host

Sprig

*.userleap.com

ASN | Amazon

frame-src Host

Sprig

*.sprig.com

ASN | Amazon

frame-src Host

UserSnap

*.usersnap.com

ASN | Amazon

frame-src Host —

*.userreport.com

ASN | Automattic

frame-src Host

Customer.io

*.gist.build

ASN | Cloudflare

img-src Keyword —

'self'

img-src Host —

www.rescuetime.com

ASN | Amazon

img-src Host —

dev.rescuetime.com

ASN | Amazon

img-src Scheme —

data:

img-src Host

AWS CloudFront

d3ccrbqtj64zhq.cloudfront.net

ASN | Amazon

img-src Host —

support-media.rescuetime.com

ASN | Amazon

img-src Host

AWS CloudFront

d1tc833ex4oc93.cloudfront.net

ASN | Amazon

img-src Host —

assets.rescuetime.com

ASN | Amazon

img-src Host —

assets-dev.rescuetime.com

ASN | Amazon

img-src Host

Braintree

assets.braintreegateway.com

ASN | Cloudflare

img-src Host

PayPal

*.paypal.com

ASN | Fastly

img-src Host

Twitter

platform.twitter.com

ASN | Fastly

img-src Host

Twitter

pbs.twimg.com

ASN | Fastly

img-src Host —

appleid.apple.com

ASN | Apple

img-src Host

Google Sign-In

accounts.google.com

ASN | Google

img-src Host

Google Analytics

*.google-analytics.com

ASN | Google

img-src Host

Google Tag Manager

*.googletagmanager.com

ASN | Google

img-src Host

Google Search

www.google.com

ASN | Google

img-src Host

Google DoubleClick

googleads.g.doubleclick.net

ASN | Google

img-src Host

Facebook

connect.facebook.net

ASN | Facebook

img-src Host

Facebook

*.facebook.com

ASN | Facebook

img-src Host

AWS CloudFront

d33v4339jhl8k0.cloudfront.net

ASN | Amazon

img-src Host —

moz-extension://*

img-src Host —

chrome-extension://*

img-src Host —

via.placeholder.com

ASN | Amazon

img-src Host —

ifttt.com

ASN | Amazon

img-src Host

Product Hunt

api.producthunt.com

ASN | Cloudflare

img-src Host

Zapier

zapier.com

ASN | Amazon

img-src Host

Zapier

cdn.zapier.com

ASN | Amazon

img-src Host —

*.adsymptotic.com

img-src Host

Visual Website Optimizer

*.visualwebsiteoptimizer.com

ASN | Google Cloud

img-src Host

*.ads.linkedin.com

ASN | LinkedIn

img-src Host

Visual Website Optimizer

app.vwo.com

ASN | Cloudflare

img-src Host

Customer.io

track.customer.io

ASN | Google Cloud

img-src Host

Gravatar

secure.gravatar.com

ASN | Automattic

img-src Host —

*.ubembed.com

img-src Host

Sprig

*.userleap.com

ASN | Amazon

img-src Host

Sprig

*.sprig.com

ASN | Amazon

img-src Host

UserSnap

*.usersnap.com

ASN | Amazon

img-src Host —

*.scdn.co

img-src Host —

*.userreport.com

ASN | Automattic

img-src Host

Customer.io

*.gist.build

ASN | Cloudflare

img-src Host

Spotify

*.spotify.com

ASN | Google Cloud

img-src Host —

*.spotifycdn.com

img-src Host

YouTube

*.ytimg.com

img-src Host

*.linkedin.com

ASN | Microsoft

img-src Host

snap.licdn.com

ASN | Akamai

manifest-src Keyword —

'self'

media-src Keyword —

'self'

media-src Host —

www.rescuetime.com

ASN | Amazon

media-src Host —

dev.rescuetime.com

ASN | Amazon

media-src Host —

beacon-v2.helpscout.net

ASN | Amazon

media-src Host

Amazon S3

support-media-storage.s3.amazonaws.com

ASN | Amazon

media-src Host

AWS CloudFront

d3ccrbqtj64zhq.cloudfront.net

ASN | Amazon

media-src Host —

support-media.rescuetime.com

ASN | Amazon

media-src Host

AWS CloudFront

d1tc833ex4oc93.cloudfront.net

ASN | Amazon

media-src Host —

assets.rescuetime.com

ASN | Amazon

media-src Host —

assets-dev.rescuetime.com

ASN | Amazon

object-src Keyword —

'self'

object-src Host —

www.rescuetime.com

ASN | Amazon

object-src Host —

dev.rescuetime.com

ASN | Amazon

object-src Host

AWS CloudFront

djtflbt20bdde.cloudfront.net

object-src Host —

beacon-v2.helpscout.net

ASN | Amazon

object-src Host —

assets.rescuetime.com

ASN | Amazon

object-src Host —

assets-dev.rescuetime.com

ASN | Amazon

script-src Keyword —

'self'

script-src Keyword —

'unsafe-eval'

script-src Keyword —

'unsafe-inline'

script-src Host —

www.rescuetime.com

ASN | Amazon

script-src Host —

dev.rescuetime.com

ASN | Amazon

script-src Host

AWS CloudFront

d1tc833ex4oc93.cloudfront.net

ASN | Amazon

script-src Host —

assets.rescuetime.com

ASN | Amazon

script-src Host —

assets-dev.rescuetime.com

ASN | Amazon

script-src Host

Braintree

js.braintreegateway.com

ASN | Fastly

script-src Host

Braintree

assets.braintreegateway.com

ASN | Cloudflare

script-src Host

PayPal

www.paypalobjects.com

ASN | Cloudflare

script-src Host

PayPal

*.paypal.com

ASN | Fastly

script-src Host

AWS CloudFront

d12wqas9hcki3z.cloudfront.net

ASN | Amazon

script-src Host

AWS CloudFront

d33v4339jhl8k0.cloudfront.net

ASN | Amazon

script-src Host

AWS CloudFront

djtflbt20bdde.cloudfront.net

script-src Host —

beacon-v2.helpscout.net

ASN | Amazon

script-src Host

Sentry

cdn.ravenjs.com

ASN | Fastly

script-src Host

Twitter

platform.twitter.com

ASN | Fastly

script-src Host

Google Analytics

www.google-analytics.com

ASN | Google

script-src Host

Google Tag Manager

www.googletagmanager.com

ASN | Google

script-src Host

Google Sign-In

accounts.google.com

ASN | Google

script-src Host

Google Search

www.google.com

ASN | Google

script-src Host

Google Conversion Tracking

www.googleadservices.com

ASN | Google

script-src Host

Google DoubleClick

googleads.g.doubleclick.net

ASN | Google

script-src Host

Apple ID

appleid.cdn-apple.com

ASN | Akamai

script-src Host —

appleid.apple.com

ASN | Apple

script-src Host

Google Static File Front End

www.gstatic.com

ASN | Google

script-src Host

Zapier

zapier.com

ASN | Amazon

script-src Host

Facebook

connect.facebook.net

ASN | Facebook

script-src Host

Visual Website Optimizer

dev.visualwebsiteoptimizer.com

ASN | Google Cloud

script-src Host

Visual Website Optimizer

app.vwo.com

ASN | Cloudflare

script-src Host

RawGit

cdn.rawgit.com

ASN | CDN77

script-src Host

Vimeo

player.vimeo.com

ASN | Cloudflare

script-src Host

Customer.io

assets.customer.io

ASN | Amazon

script-src Host

*.licdn.com

script-src Host —

*.ubembed.com

script-src Host

Sprig

*.userleap.com

ASN | Amazon

script-src Host

Sprig

*.sprig.com

ASN | Amazon

script-src Host

UserSnap

*.usersnap.com

ASN | Amazon

script-src Host

Sentry

*.sentry-cdn.com

script-src Host

Customer.io

*.gist.build

ASN | Cloudflare

script-src Host

Customer.io

gist-queue-consumer-api.cloud.gist.build

ASN | Google Cloud

script-src Host

Google Hosted Libraries

ajax.googleapis.com

ASN | Google

script-src Host —

blog.rescuetime.com

ASN | Google Cloud

script-src Host —

*.userreport.com

ASN | Automattic

script-src Host

Font Awesome

*.fontawesome.com

ASN | Cloudflare

script-src Host

*.linkedin.com

ASN | Microsoft

script-src Host

snap.licdn.com

ASN | Akamai

style-src Keyword —

'self'

style-src Keyword —

'unsafe-inline'

style-src Host —

www.rescuetime.com

ASN | Amazon

style-src Host —

dev.rescuetime.com

ASN | Amazon

style-src Host

AWS CloudFront

d1tc833ex4oc93.cloudfront.net

ASN | Amazon

style-src Host —

assets.rescuetime.com

ASN | Amazon

style-src Host —

assets-dev.rescuetime.com

ASN | Amazon

style-src Host

Google Sign-In

accounts.google.com

ASN | Google

style-src Host —

appleid.apple.com

ASN | Apple

style-src Host

Google Fonts

fonts.googleapis.com

ASN | Google

style-src Host —

beacon-v2.helpscout.net

ASN | Amazon

style-src Host

AWS CloudFront

d12wqas9hcki3z.cloudfront.net

ASN | Amazon

style-src Host

AWS CloudFront

djtflbt20bdde.cloudfront.net

style-src Host

Visual Website Optimizer

app.vwo.com

ASN | Cloudflare

style-src Host —

*.ubembed.com

style-src Host

Sprig

*.userleap.com

ASN | Amazon

style-src Host

Sprig

*.sprig.com

ASN | Amazon

style-src Host

UserSnap

*.usersnap.com

ASN | Amazon

style-src Host

Customer.io

*.gist.build

ASN | Cloudflare

style-src Host

Font Awesome

*.fontawesome.com

ASN | Cloudflare

upgrade-insecure-requests Source —

(no sources)

worker-src Scheme —

blob:

report-uri Host —

https://www.rescuetime.com/csp-report

ASN | Amazon

Content-Security-Policy-Report-Only

No report-only CSP headers found.