Content-Security-Policy Analysis for https://www.taxjar.com

Open Cached · just now

8 directives

Content-Security-Policy

No enforced CSP headers found.

Content-Security-Policy-Report-Only

Content-Security-Policy-Report-Only: default-src 'self';  connect-src  'self'  https://go.taxjar.com https://cdn.segment.com/v1/projects/ https://api.segment.io/v1/ https://l.clarity.ms/collect https://k.clarity.ms  https://e.clarity.ms/collect https://q.clarity.ms/collect https://a.clarity.ms/collect https://px.ads.linkedin.com  https://bat.bing.com https://806-qbe-674.mktoresp.com https://806-qbe-674.mktoutil.com https://consent.trustarc.com https://www2.profitwell.com https://services.postcodeanywhere.co.uk/Capture/Interactive/ https://taxjar.netlify.app https://yoast.com https://js.zi-scripts.com https://ws.zoominfo.com https://taxjar.widget.insent.ai https://fast.wistia.com/embed/captions/ https://fast.wistia.com/embed/medias/ https://embed-cloudfront.wistia.com/deliveries/ https://distillery.wistia.com/x https://pipedream.wistia.com/mput https://fg8vvsvnieiv3ej16jby.litix.io wss://ws.hotjar.com https://vc.hotjar.io/sessions/ https://browser.sentry-cdn.com https://www.google.com/ccm/collect https://www.google-analytics.com/j/collect https://analytics.google.com/g/collect https://www.google.com/pagead/form-data/975686394 https://www.google.com/ccm/form-data/975686394 https://www.google.com/rmkt/collect/975686394/ https://stats.g.doubleclick.net/g/collect https://api.nelioabtesting.com/v1/; font-src  'self'  https://fonts.googleapis.com  https://fonts.gstatic.com  https://consent.trustarc.com  https://fast.wistia.com; frame-src  'self'  https://go.taxjar.com https://www.googletagmanager.com https://clarity.microsoft.com https://consent-pref.trustarc.com https://taxjar.widget.insent.ai https://privacy-central.securiti.ai; img-src  'self'  blob: https://www.facebook.com  https://px.ads.linkedin.com/collect https://px4.ads.linkedin.com/collect https://consent.trustarc.com  https://www.google.com/pagead/1p-user-list/ https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975686394/ https://bat.bing.com https://c.bing.com https://embed-ssl.wistia.com/deliveries/ https://fast.wistia.com/assets/images/ https://secure.gravatar.com; media-src 'self'  blob:; script-src  'self'  'unsafe-inline' 'unsafe-eval' blob: https://go.taxjar.com https://www.clarity.ms/tag/ https://scripts.clarity.ms/ https://*.cloudfront.net/js/profitwell.js https://cdn.segment.com/analytics.js/ https://cdn.segment.com/analytics-next/ https://cdn.segment.com/next-integrations/ https://public.profitwell.com  https://cdn.jsdelivr.net/npm/[email protected]/slick/slick.min.js  https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975686394/  https://snap.licdn.com  https://munchkin.marketo.net  https://my.hellobar.com  https://static.hotjar.com  https://script.hotjar.com https://bat.bing.com https://consent.trustarc.com https://browser.sentry-cdn.com https://api.addressy.com/js/ https://code.jquery.com https://fast.wistia.com/embed/medias/853xo00tjc.jsonp https://fast.wistia.com/embed/medias/yu81g7udgk.jsonp https://fast.wistia.com/embed/medias/hcgep638gh.jsonp https://fast.wistia.com/embed/medias/oehrrl4f31.jsonp https://fast.wistia.com/embed/medias/3how0hex6q.jsonp https://fast.wistia.com/embed/medias/z87muv02ls.jsonp https://fast.wistia.com/assets/external/E-v1.js https://fast.wistia.com/assets/external/captions.js https://fast.wistia.com/assets/external/playPauseLoadingControl.js https://fast.wistia.com/assets/external/playPauseLoadingControl.js@d98ec3b14807fff7a2dbb5c19bb675bceeeb8750 https://fast.wistia.com/assets/external/playPauseLoadingControl.js@b4a3424d019643b4e71751c50ed3c4cbeed4cf93 https://fast.wistia.com/assets/external/playPauseLoadingControl.js@d7524f8b2af5d52bfefafbc8ced7e18856431fb7 https://fast.wistia.com/assets/external/interFontFace.js@b4a3424d019643b4e71751c50ed3c4cbeed4cf93 https://fast.wistia.com/assets/external/engines/hls_video.js@b4a3424d019643b4e71751c50ed3c4cbeed4cf93 https://fast.wistia.com/assets/external/vulcanV2Player/video/ui_components/Storyboard.js@b4a3424d019643b4e71751c50ed3c4cbeed4cf93 https://fast.wistia.com/assets/external/interFontFace.js https://fast.wistia.com/assets/external/engines/hls_video.js https://fast.wistia.com/assets/external/vulcanV2Player/video/ui_components/Storyboard.js https://fast.wistia.com/assets/external/vulcanV2Player/video/controls/SettingsControl/dialog.js https://fast.wistia.com/assets/external/vulcanV2Player/video/controls/VolumeSliderControl/VolumeSliderControl.js https://fast.wistia.com/assets/external/vulcanV2Player/TouchEvents.js https://fast.wistia.com/assets/external/wistia-mux.js https://fast.wistia.com/assets/external/wistia-mux.js@d7524f8b2af5d52bfefafbc8ced7e18856431fb7 https://fast.wistia.com/assets/external/interFontFace.js@d98ec3b14807fff7a2dbb5c19bb675bceeeb8750 https://fast.wistia.com/assets/external/engines/hls_video.js@d98ec3b14807fff7a2dbb5c19bb675bceeeb8750 https://fast.wistia.com/assets/external/interFontFace.js@d7524f8b2af5d52bfefafbc8ced7e18856431fb7 https://fast.wistia.com/assets/external/engines/hls_video.js@d7524f8b2af5d52bfefafbc8ced7e18856431fb7 https://js.zi-scripts.com ws-assets.zoominfo.com https://taxjar.widget.insent.ai https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/374982569515249 https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.js; style-src 'self'  'unsafe-inline' https://fonts.googleapis.com https://go.taxjar.com;

default-src Keyword —

'self'

connect-src Keyword —

'self'

connect-src Host —

https://go.taxjar.com

ASN | Cloudflare

connect-src Host