DNS Gurus
Cached · just now
10 directives

Content-Security-Policy

default-src Keyword
'self'
default-src Host
https://*.apple.com
ASN | Apple
img-src Keyword
'self'
img-src Host
https://*.apple.com
ASN | Apple
img-src Host
https://*.apple-mapkit.com
img-src Host
https://*.mzstatic.com
ASN | Apple
img-src Scheme
data:
img-src Scheme
blob:
style-src Keyword
'self'
style-src Host
https://*.apple.com
ASN | Apple
style-src Host
https://*.apple-mapkit.com
style-src Keyword
'unsafe-inline'
script-src Keyword
'self'
script-src Host
https://*.apple.com
ASN | Apple
script-src Host
https://*.apple-mapkit.com
script-src Scheme
blob:
script-src Hash
'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E='
script-src Hash
'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo='
script-src Hash
'sha256-p7PoC97FO+Lu90RNjGWxhbm13yALSR4xzV8vaDhaQBo='
script-src Hash
'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc='
script-src Keyword
'unsafe-eval'
connect-src Keyword
'self'
connect-src Host
https://*.apple.com
ASN | Apple
connect-src Host
https://*.apple-mapkit.com
connect-src Host
https://*.applemusic.com
ASN | Apple
connect-src Host
https://*.mzstatic.com
ASN | Apple
connect-src Host
https://mediaservices.cdn-apple.com
ASN | Akamai
connect-src Host
https://*.push.apple.com
connect-src Host
wss://*.push.apple.com
media-src Keyword
'self'
media-src Host
https://*.apple.com
ASN | Apple
media-src Host
https://*.applemusic.com
ASN | Apple
media-src Host
https://*.mzstatic.com
ASN | Apple
media-src Scheme
blob:
child-src Keyword
'self'
child-src Host
https://*.apple.com
ASN | Apple
child-src Host
https://apple.songshift.com
ASN | Amazon
child-src Scheme
music:
child-src Scheme
musics:
child-src Scheme
blob:
child-src Scheme
itms:
child-src Scheme
itmss:
frame-ancestors Keyword
'none'
block-all-mixed-content Source
(no sources)
report-uri Host
/api/csp-report

Content-Security-Policy-Report-Only

No report-only CSP headers found.