Content-Security-Policy Analysis for https://dataops-dk.sentry.io

Open Cached · just now

13 directives

Content-Security-Policy

Content-Security-Policy: connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io browser.sentry-cdn.com sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com plausible.io api.github.com *.intercom.io wss://*.intercom.io *.intercom-messenger.com wss://*.intercom-messenger.com uploads.intercomcdn.com uploads.intercomusercontent.com; font-src * data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io 'self' intercom-sheets.com www.intercom-reporting.com; media-src *; frame-ancestors 'self' *.sentry.io; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com plausible.io app.intercom.io widget.intercom.io js.intercomcdn.com 'nonce-0z2E7418SEMYxjNygCfFrA=='; default-src 'none'; worker-src blob:; style-src * 'unsafe-inline'; object-src 'none'; base-uri 'none'; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=273f2f34b571cb83327243bcdf245904c6516b99

connect-src Keyword —

'self'

connect-src Host

Algolia

*.algolia.net

ASN | LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.

connect-src Host

Algolia

*.algolianet.com

ASN | Cloudflare

connect-src Host

Algolia

*.algolia.io

ASN | LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.

connect-src Host

Sentry

browser.sentry-cdn.com

connect-src Host

Sentry

sentry.io

ASN | Google Cloud

connect-src Host

Sentry

*.sentry.io

ASN | Google Cloud

connect-src Host

Sentry

s1.sentry-cdn.com

connect-src Host

Sentry

o1.ingest.sentry.io

ASN | Google Cloud

connect-src Host

Amplitude

api2.amplitude.com

connect-src Host

Pendo

app.pendo.io

ASN | Google Cloud

connect-src Host

Pendo

data.pendo.io

ASN | Google Cloud

connect-src Host

Sentry

reload.getsentry.net

ASN | Google Cloud

connect-src Host

Statuspage

t687h3m0nh65.statuspage.io

connect-src Host

Zendesk

sentry.zendesk.com

ASN | Cloudflare

connect-src Host —

ekr.zdassets.com

ASN | Cloudflare

connect-src Host

Google Maps

maps.googleapis.com

connect-src Host

Plausible Analytics

plausible.io

connect-src Host

GitHub

api.github.com

connect-src Host

Intercom

*.intercom.io

connect-src Host

Intercom

wss://*.intercom.io

connect-src Host

Intercom

*.intercom-messenger.com

connect-src Host

Intercom

wss://*.intercom-messenger.com

connect-src Host

Intercom

uploads.intercomcdn.com

connect-src Host

Intercom

uploads.intercomusercontent.com

font-src Host —

*

font-src Scheme —

data:

frame-src Host

Pendo

app.pendo.io

ASN | Google Cloud

frame-src Host

Arcade

demo.arcade.software

frame-src Host

Stripe

js.stripe.com

frame-src Host

Sentry

sentry.io

ASN | Google Cloud

frame-src Keyword —

'self'

frame-src Host

Intercom

intercom-sheets.com

frame-src Host

Intercom

www.intercom-reporting.com

media-src Host —

*

frame-ancestors Keyword —

'self'

frame-ancestors Host

Sentry

*.sentry.io

ASN | Google Cloud

script-src Keyword —

'self'

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'report-sample'

script-src Host

Sentry

s1.sentry-cdn.com

script-src Host

Sentry

js.sentry-cdn.com

script-src Host

Sentry

browser.sentry-cdn.com

script-src Host

Amazon S3

statuspage-production.s3.amazonaws.com

script-src Host

Zendesk

static.zdassets.com

ASN | Cloudflare

script-src Host —

aui-cdn.atlassian.com

script-src Host —

connect-cdn.atl-paas.net

script-src Host

Stripe

js.stripe.com

script-src Keyword —

'strict-dynamic'

script-src Host

Pendo

cdn.pendo.io

ASN | Google Cloud

script-src Host

Pendo

data.pendo.io

ASN | Google Cloud

script-src Host

Google Cloud Storage

pendo-io-static.storage.googleapis.com

script-src Host

Google Cloud Storage

pendo-static-5634074999128064.storage.googleapis.com

script-src Host

Plausible Analytics

plausible.io

script-src Host

Intercom

app.intercom.io

script-src Host

Intercom

widget.intercom.io

script-src Host

Intercom

js.intercomcdn.com

script-src Nonce —

'nonce-0z2E7418SEMYxjNygCfFrA=='

default-src Keyword —

'none'

worker-src Scheme —

blob:

style-src Host —

*

style-src Keyword —

'unsafe-inline'

object-src Keyword —

'none'

base-uri Keyword —

'none'

img-src Host —

*

img-src Scheme —

blob:

img-src Scheme —

data:

report-uri Host

Sentry

https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=273f2f34b571cb83327243bcdf245904c6516b99

ASN | Google Cloud

Content-Security-Policy-Report-Only

No report-only CSP headers found.