Open
Cached
·
just now
9
directives
Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://accounts.google.com 'sha256-K2AkR/jTLsGV8PyzWha7/ey1iaD9c5jWRYwa++ZlMZc=' 'sha256-ib2/2v5zC6gGM6Ety7iYgBUvpy/caRX9xV/pzzV7hf0=' 'sha256-isH538cVBUY8IMlGYGbWtBwr+cGqkc4mN6nLcA7lUjE='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline' https://accounts.google.com; font-src *; img-src * 'self' data:; connect-src 'self' https://accounts.google.com metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none';
default-src
Keyword
—
'none'
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src
Hash
—
'sha256-K2AkR/jTLsGV8PyzWha7/ey1iaD9c5jWRYwa++ZlMZc='
script-src
Hash
—
'sha256-ib2/2v5zC6gGM6Ety7iYgBUvpy/caRX9xV/pzzV7hf0='
script-src
Hash
—
'sha256-isH538cVBUY8IMlGYGbWtBwr+cGqkc4mN6nLcA7lUjE='
child-src
Keyword
—
'self'
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
font-src
Host
—
*
img-src
Host
—
*
img-src
Keyword
—
'self'
img-src
Scheme
—
data:
connect-src
Keyword
—
'self'
manifest-src
Keyword
—
'self'
frame-ancestors
Keyword
—
'none'
Content-Security-Policy-Report-Only
No report-only CSP headers found.