Open
Cached
·
just now
5
directives
Content-Security-Policy
Content-Security-Policy: base-uri 'none'; object-src 'none'; script-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com https://unpkg.com https://www.googletagmanager.com https://tools.luckyorange.com 'unsafe-eval' 'strict-dynamic' 'nonce-fi7GkABx7aRwTT2NzJAVjg=='; frame-ancestors 'self'; upgrade-insecure-requests
base-uri
Keyword
—
'none'
object-src
Keyword
—
'none'
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'strict-dynamic'
script-src
Nonce
—
'nonce-fi7GkABx7aRwTT2NzJAVjg=='
frame-ancestors
Keyword
—
'self'
upgrade-insecure-requests
Source
—
(no sources)
Content-Security-Policy-Report-Only
No report-only CSP headers found.