Open
Cached
·
just now
13
directives
Content-Security-Policy
Content-Security-Policy: connect-src 'self' blob: https://gcp.api.snapchat.com https://aws.api.snapchat.com https://*.google-analytics.com https://*.analytics.google.com https://stats.g.doubleclick.net https://*.googletagmanager.com https://www.snapchat.com https://app.snapchat.com https://sentry.sc-prod.net https://us-central1-gcp.api.snapchat.com https://accounts.snapchat.com ws: wss: https://static.snapchat.com https://cdn.contentful.com https://story.snapchat.com https://hcaptcha.com https://*.hcaptcha.com https://www.google.com/recaptcha/ https://session.snapchat.com https://graphql.contentful.com https://cf-st.sc-cdn.net https://app.snapchat.com https://s.sc-cdn.net https://bolt-gcdn.sc-cdn.net; img-src 'self' blob: data: https://support-tools.storage.googleapis.com https://www.snapchat.com https://story.snapchat.com https://cf-st.sc-cdn.net https://*.google-analytics.com https://*.googletagmanager.com data: https://www.google.com https://www.google.co.uk https://www.google.com.sa https://www.google.ca https://www.google.fr https://www.google.com.no https://www.google.com.au https://static.snapchat.com https://images.bitmoji.com https://impala-media-production.s3.amazonaws.com https://bolt-gcdn.sc-cdn.net https://lens-storage.storage.googleapis.com https://community-lens.storage.googleapis.com https://lens-preview-storage.storage.googleapis.com https://app.snapchat.com https://sc-static-web-assets-prod.s3.amazonaws.com https://storage.googleapis.com; media-src https://bolt-gcdn.sc-cdn.net https://static.snapchat.com https://s.sc-cdn.net https://cf-st.sc-cdn.net blob:; script-src 'wasm-unsafe-eval' 'self' https://static.snapchat.com https://www.google-analytics.com https://*.googletagmanager.com https://hcaptcha.com https://*.hcaptcha.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' https://static.snapchat.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; default-src 'self'; font-src 'self' https://snap-design-system.storage.googleapis.com https://ads-interfaces.sc-cdn.net https://static.snapchat.com; object-src 'self' *.snapchat.com *.snap.com blob:; frame-ancestors https://localhost:3000 https://www.snapchat.com; frame-src https://iframe.arkoselabs.com https://hcaptcha.com https://*.hcaptcha.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; report-uri ; report-to ; block-all-mixed-content
connect-src
Keyword
—
'self'
connect-src
Scheme
—
blob:
connect-src
Scheme
—
ws:
connect-src
Scheme
—
wss:
img-src
Keyword
—
'self'
img-src
Scheme
—
blob:
img-src
Scheme
—
data:
img-src
Scheme
—
data:
img-src
Host
—
media-src
Scheme
—
blob:
script-src
Keyword
—
'wasm-unsafe-eval'
script-src
Keyword
—
'self'
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
default-src
Keyword
—
'self'
font-src
Keyword
—
'self'
object-src
Keyword
—
'self'
object-src
Scheme
—
blob:
frame-ancestors
Host
—
report-uri
Source
—
(no sources)
report-to
Source
—
(no sources)
block-all-mixed-content
Source
—
(no sources)
Content-Security-Policy-Report-Only
No report-only CSP headers found.