Open
Cached
·
just now
11
directives
Content-Security-Policy
Content-Security-Policy: default-src 'none';img-src * data:;script-src 'self' https://cdn.mxpnl.com https://eu.mixpanel.com https://prp.dintero.com;style-src 'self' 'unsafe-inline' https://unpkg.com;font-src 'self';base-uri 'self';manifest-src 'self';connect-src 'self' https://backoffice.dintero.com https://backoffice.test.dintero.com https://*.dintero.com https://test-federated-user-pool.auth.eu-west-1.amazoncognito.com https://prod-federated-user-pool.auth.eu-west-1.amazoncognito.com https://maps.google.com https://maps.googleapis.com https://sentry.io https://cognito-idp.eu-west-1.amazonaws.com https://external-assets-test-dintero-com.s3.eu-west-1.amazonaws.com https://external-assets-dintero-com.s3.eu-west-1.amazonaws.com https://api-eu.mixpanel.com https://cdn.mxpnl.com https://eu.mixpanel.com;report-uri https://o301187.ingest.sentry.io/api/1726231/security/?sentry_key=d06a82439e314d08a7a9cd501b01740e;frame-ancestors 'none';frame-src 'self' https://dashboard.quickr.no https://app.v2-test.quickr.no
default-src
Keyword
—
'none'
img-src
Host
—
*
img-src
Scheme
—
data:
script-src
Keyword
—
'self'
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
font-src
Keyword
—
'self'
base-uri
Keyword
—
'self'
manifest-src
Keyword
—
'self'
connect-src
Keyword
—
'self'
frame-ancestors
Keyword
—
'none'
frame-src
Keyword
—
'self'
Content-Security-Policy-Report-Only
No report-only CSP headers found.