Content-Security-Policy Analysis for https://decisions.dynamed.com

Open Cached · just now

14 directives

Content-Security-Policy

Content-Security-Policy: default-src 'none'; worker-src blob:; script-src 'nonce-6e4538e57a38ac5cfcf5819579aef8c9' 'unsafe-inline' 'unsafe-eval' 'self' https://*.cloudflare.com https://*.osano.com https://resources.ebsco.zone; style-src 'self' https://fonts.googleapis.com https://*.typekit.net 'unsafe-inline'; img-src 'self' data: https blob: resources.ebsco.zone ab-configuration-cdn.ebsco.com connect.ebsco.com resources.ebsco.zone cmp.osano.com p.typekit.net; connect-src 'self' https://*.dmp.eis-deliveryintegration.cloud https://*.dmp.eis-deliverydevqa.cloud https://*.dynamed.com https://ab-configuration-cdn.ebsco.com https://staging-telemetry.ebsco.com https://telemetry.ebsco.com https://unpkg.com https://www.cloudflare.com https://*.osano.com https://resources.ebsco.zone/ebsco-policies/terms-of-use.md https://resources.ebsco.zone https://*.amplitude.com telemetry.ebsco.com login.ebsco.zone myaccount.ebsco.healthcare use.typekit.net; font-src 'self' https://fonts.gstatic.com https://*.typekit.net https://resources.ebsco.zone; object-src 'self'; media-src 'self'; manifest-src 'self'; frame-src *; base-uri 'self'; frame-ancestors 'self' https://*.cerner.com https://*.epic.com https://*.healthdecision.com; form-action 'self'

default-src Keyword — 'none'

worker-src Scheme — blob:

script-src Keyword — 'nonce-6e4538e57a38ac5cfcf5819579aef8c9'

script-src Keyword — 'unsafe-inline'

script-src Keyword — 'unsafe-eval'

script-src Keyword — 'self'

script-src Host

Cloudflare CDN https://*.cloudflare.com

script-src Host

Osano https://*.osano.com

script-src Host — https://resources.ebsco.zone

style-src Keyword — 'self'

style-src Host

Google Fonts https://fonts.googleapis.com

style-src Host

Adobe Fonts (Typekit) https://*.typekit.net

style-src Keyword — 'unsafe-inline'

img-src Keyword — 'self'

img-src Scheme — data:

img-src Host — https

img-src Scheme — blob:

img-src Host — resources.ebsco.zone

img-src Host — ab-configuration-cdn.ebsco.com

img-src Host — connect.ebsco.com

img-src Host — resources.ebsco.zone

img-src Host

Osano cmp.osano.com

img-src Host

Adobe Fonts (Typekit) p.typekit.net

connect-src Keyword — 'self'

connect-src Host — https://*.dmp.eis-deliveryintegration.cloud

connect-src Host — https://*.dmp.eis-deliverydevqa.cloud

connect-src Host — https://*.dynamed.com

connect-src Host — https://ab-configuration-cdn.ebsco.com

connect-src Host — https://staging-telemetry.ebsco.com

connect-src Host — https://telemetry.ebsco.com

connect-src Host

unpkg https://unpkg.com

connect-src Host

Cloudflare CDN https://www.cloudflare.com

connect-src Host

Osano https://*.osano.com

connect-src Host — https://resources.ebsco.zone/ebsco-policies/terms-of-use.md

connect-src Host — https://resources.ebsco.zone

connect-src Host

Amplitude https://*.amplitude.com

connect-src Host — telemetry.ebsco.com

connect-src Host — login.ebsco.zone

connect-src Host — myaccount.ebsco.healthcare

connect-src Host

Adobe Fonts (Typekit) use.typekit.net

font-src Keyword — 'self'

font-src Host

Google Fonts https://fonts.gstatic.com

font-src Host

Adobe Fonts (Typekit) https://*.typekit.net

font-src Host — https://resources.ebsco.zone

object-src Keyword — 'self'

media-src Keyword — 'self'

manifest-src Keyword — 'self'

frame-src Host — *

base-uri Keyword — 'self'

frame-ancestors Keyword — 'self'

frame-ancestors Host — https://*.cerner.com

frame-ancestors Host — https://*.epic.com

frame-ancestors Host — https://*.healthdecision.com

form-action Keyword — 'self'

Content-Security-Policy-Report-Only

No report-only CSP headers found.