Open
Cached
·
just now
5
directives
Content-Security-Policy
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' localhost blob: player.cloudinary.com accounts.google.com studio.cloudinary.com ajax.aspnetcdn.com emaskani.disqus.com static.cloudflareinsights.com unpkg.com cdn.tiny.cloud maps.googleapis.com www.gstatic.com js.api.here.com cdnjs.cloudflare.com img04.en25.com connect.facebook.net www.google-analytics.com www.googletagmanager.com www.google.com mozilla.github.io s3.amazonaws.com cdn.jsdelivr.net; worker-src 'self' blob: 'unsafe-eval' 'unsafe-inline' player.cloudinary.com studio.cloudinary.com cdn.tiny.cloud js.api.here.com www.google-analytics.com www.googletagmanager.com mozilla.github.io; style-src 'self' 'unsafe-inline' blob: data: player.cloudinary.com studio.cloudinary.com accounts.google.com unpkg.com cdn.tiny.cloud cdnjs.cloudflare.com js.api.here.com fonts.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net www.google-analytics.com www.googletagmanager.com; font-src 'self' blob: data: player.cloudinary.com studio.cloudinary.com unpkg.com fonts.googleapis.com emaskani.disqus.com fonts.gstatic.com cdnjs.cloudflare.com js.api.here.com cdn.tiny.cloud cdn.jsdelivr.net www.google-analytics.com www.googletagmanager.com; frame-ancestors 'self'
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'unsafe-inline'
script-src
Host
—
script-src
Scheme
—
blob:
script-src
Host
—
worker-src
Keyword
—
'self'
worker-src
Scheme
—
blob:
worker-src
Keyword
—
'unsafe-eval'
worker-src
Keyword
—
'unsafe-inline'
worker-src
Host
—
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
style-src
Scheme
—
blob:
style-src
Scheme
—
data:
style-src
Host
—
font-src
Keyword
—
'self'
font-src
Scheme
—
blob:
font-src
Scheme
—
data:
font-src
Host
—
frame-ancestors
Keyword
—
'self'
Content-Security-Policy-Report-Only
No report-only CSP headers found.