Content-Security-Policy Analysis for https://dashboard.cubesoftware.com

Open Cached · just now

9 directives

Content-Security-Policy

Content-Security-Policy: default-src 'none'; script-src 'self' https://maps.google.com https://accounts.google.com    'sha256-9uFLu5CG8mWlvx0LK6lgendCxUX57TuWk3wkgZpBeWU=' 'sha256-ib2/2v5zC6gGM6Ety7iYgBUvpy/caRX9xV/pzzV7hf0=' 'sha256-isH538cVBUY8IMlGYGbWtBwr+cGqkc4mN6nLcA7lUjE='; child-src 'self' https://accounts.google.com; style-src 'self' 'nonce-W6K3qH6E9A'   https://accounts.google.com; font-src *; img-src * 'self' data:; connect-src 'self' https://accounts.google.com metabase.us10.list-manage.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com    ; manifest-src 'self';  frame-ancestors portal.cubesoftware.com;

default-src Keyword —

'none'

script-src Keyword —

'self'

script-src Host

Google Maps

https://maps.google.com

script-src Host

Google Sign-In

https://accounts.google.com

script-src Hash —

'sha256-9uFLu5CG8mWlvx0LK6lgendCxUX57TuWk3wkgZpBeWU='

script-src Hash —

'sha256-ib2/2v5zC6gGM6Ety7iYgBUvpy/caRX9xV/pzzV7hf0='

script-src Hash —

'sha256-isH538cVBUY8IMlGYGbWtBwr+cGqkc4mN6nLcA7lUjE='

child-src Keyword —

'self'

child-src Host

Google Sign-In

https://accounts.google.com

style-src Keyword —

'self'

style-src Nonce —

'nonce-W6K3qH6E9A'

style-src Host

Google Sign-In

https://accounts.google.com

font-src Host —

*

img-src Host —

*

img-src Keyword —

'self'

img-src Scheme —

data:

connect-src Keyword —

'self'

connect-src Host

Google Sign-In

https://accounts.google.com

connect-src Host

Mailchimp

metabase.us10.list-manage.com

connect-src Host

LaunchDarkly

events.launchdarkly.com

connect-src Host

LaunchDarkly

app.launchdarkly.com

connect-src Host

LaunchDarkly

clientstream.launchdarkly.com

manifest-src Keyword —

'self'

frame-ancestors Host —

portal.cubesoftware.com

Content-Security-Policy-Report-Only

No report-only CSP headers found.