Content-Security-Policy Analysis for https://celularesstore.com

Open Cached · just now

4 directives

Content-Security-Policy

4 directives 35 sources

Content-Security-Policy: frame-ancestors 'self'; frame-src 'self' https://*.google.com https://*.googletagmanager.com https://www.sitecdn.com braintreegateway.com assets.braintreegateway.com googletagmanager.com https://client.dropcatch.com https://*.paypal.com https://*.paypalobjects.com https://ssl.kaptcha.com; script-src 'self' https://*.google.com https://*.doubleclick.net https://*.gstatic.com https://*.paypal.com https://*.googletagmanager.com https://secure.dropcatch.com https://*.google-analytics.com 'unsafe-inline'; connect-src 'self' https://*.google.com https://*.paypal.com https://*.amazonaws.com https://*.braintreegateway.com https://*.braintree-api.com https://uilogging.tcdevops.com https://logging.dropcatch.com https://*.google-analytics.com https://translate.dropcatch.com https://client.dropcatch.com wss://rt.dropcatch.com https://*.launchdarkly.com https://o4510675591430144.ingest.us.sentry.io

frame-ancestors Keyword — 'self'

frame-src Keyword — 'self'

frame-src Host — https://*.google.com

frame-src Host

Google Tag Manager https://*.googletagmanager.com

frame-src Host — https://www.sitecdn.com

frame-src Host

Braintree braintreegateway.com

frame-src Host

Braintree assets.braintreegateway.com

frame-src Host

Google Tag Manager googletagmanager.com

frame-src Host — https://client.dropcatch.com

frame-src Host

PayPal https://*.paypal.com

frame-src Host

PayPal https://*.paypalobjects.com

frame-src Host — https://ssl.kaptcha.com

script-src Keyword — 'self'

script-src Host — https://*.google.com

script-src Host

Google DoubleClick https://*.doubleclick.net

script-src Host

Google Static File Front End https://*.gstatic.com

script-src Host

PayPal https://*.paypal.com

script-src Host

Google Tag Manager https://*.googletagmanager.com

script-src Host — https://secure.dropcatch.com

script-src Host

Google Analytics https://*.google-analytics.com

script-src Keyword — 'unsafe-inline'

connect-src Keyword — 'self'

connect-src Host — https://*.google.com

connect-src Host

PayPal https://*.paypal.com

connect-src Host

AWS https://*.amazonaws.com

connect-src Host

Braintree https://*.braintreegateway.com

connect-src Host

Braintree https://*.braintree-api.com

connect-src Host — https://uilogging.tcdevops.com

connect-src Host — https://logging.dropcatch.com

connect-src Host

Google Analytics https://*.google-analytics.com

connect-src Host — https://translate.dropcatch.com

connect-src Host — https://client.dropcatch.com

connect-src Host — wss://rt.dropcatch.com

connect-src Host

LaunchDarkly https://*.launchdarkly.com

connect-src Host

Sentry https://o4510675591430144.ingest.us.sentry.io