Content-Security-Policy Analysis for https://portal.flexispy.com

Open Cached · just now

8 directives

Content-Security-Policy

Content-Security-Policy: default-src 'self'; font-src 'self' https://*.googleapis.com https://*.gstatic.com https://*.chatbase.co; img-src 'self' data: https://translate.googleapis.com https://fonts.gstatic.com https://www.gstatic.com https://js.intercomcdn.com https://static.intercomassets.com http://img.youtube.com https://*.googleusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://*.flexispy.com https://chart.googleapis.com https://*.myhuaweicloud.com https://logo.clearbit.com https://*.chatbase.co *.youtube.com https://*.ytimg.com *.google.com https://*.openstreetmap.org; script-src https://translate.googleapis.com 'self' 'unsafe-eval' https://translate-pa.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://js.intercomcdn.com *.google.com https://www.gstatic.com https://ajax.googleapis.com https://*.chatbase.co http://*.google.com https://*.openstreetmap.org https://*.flexispy.com https://*.mobilefonex.com https://*.doubleclick.net https://*.mailchimp.com *.intercom.io https://mandrillapp.com 'unsafe-inline'; style-src 'self' *.googleapis.com https://*.gstatic.com https://*.chatbase.co https://*.youtube.com 'unsafe-inline';frame-src 'self' https://fast.wistia.net https://survey.zohopublic.com https://www.google.com https://www.chatbase.co https://www.youtube.com https://api-iam.intercom.io; connect-src wss://*.intercom-messenger.com https://*.intercom-messenger.com https://translate-pa.googleapis.com https://translate.googleapis.com https://locationiq.org wss://nexus-websocket-a.intercom.io https://www.chatbase.co https://api-iam.intercom.io https://*.flexispy.com https://*.mobilefonex.com https://maps.googleapis.com https://www.google-analytics.com https://osm1.unwiredlabs.com; media-src https://js.intercomcdn.com

default-src Keyword —

'self'

font-src Keyword —

'self'

font-src Host

Google API JS Client

https://*.googleapis.com

font-src Host

Google Static File Front End

https://*.gstatic.com

font-src Host —

https://*.chatbase.co

img-src Keyword —

'self'

img-src Scheme —

data:

img-src Host

Google Translate

https://translate.googleapis.com

img-src Host

Google Fonts

https://fonts.gstatic.com

img-src Host

Google Static File Front End

https://www.gstatic.com

img-src Host

Intercom

https://js.intercomcdn.com

img-src Host

Intercom

https://static.intercomassets.com

img-src Host

YouTube

http://img.youtube.com

img-src Host

Google Cloud Storage

https://*.googleusercontent.com

img-src Host

Google Tag Manager

https://www.googletagmanager.com

img-src Host

Google Analytics

https://www.google-analytics.com

img-src Host —

https://*.flexispy.com

ASN | HWCLOUDS-AS-AP HUAWEI CLOUDS

img-src Host

Google API JS Client

https://chart.googleapis.com

img-src Host —

https://*.myhuaweicloud.com

img-src Host

ClearBit

https://logo.clearbit.com

img-src Host —

https://*.chatbase.co

img-src Host

YouTube

*.youtube.com

img-src Host

YouTube

https://*.ytimg.com

img-src Host

Google Search

*.google.com

img-src Host

OpenStreetMap

https://*.openstreetmap.org

script-src Host

Google Translate

https://translate.googleapis.com

script-src Keyword —

'self'

script-src Keyword —

'unsafe-eval'

script-src Host

Google API JS Client

https://translate-pa.googleapis.com

script-src Host

Google Analytics

https://www.google-analytics.com

script-src Host

Google Tag Manager

https://www.googletagmanager.com

script-src Host

Intercom

https://js.intercomcdn.com

script-src Host

Google Search

*.google.com

script-src Host

Google Static File Front End

https://www.gstatic.com

script-src Host

Google Hosted Libraries

https://ajax.googleapis.com

script-src Host —

https://*.chatbase.co

script-src Host —

http://*.google.com

script-src Host

OpenStreetMap

https://*.openstreetmap.org

script-src Host —

https://*.flexispy.com

ASN | HWCLOUDS-AS-AP HUAWEI CLOUDS

script-src Host —

https://*.mobilefonex.com

ASN | SWITCH-LTD - SWITCH

script-src Host

Google DoubleClick

https://*.doubleclick.net

script-src Host —

https://*.mailchimp.com

script-src Host

Intercom

*.intercom.io

script-src Host —

https://mandrillapp.com

script-src Keyword —

'unsafe-inline'

style-src Keyword —

'self'

style-src Host

Google API JS Client

*.googleapis.com

style-src Host

Google Static File Front End

https://*.gstatic.com

style-src Host —

https://*.chatbase.co

style-src Host

YouTube

https://*.youtube.com

style-src Keyword —

'unsafe-inline'

frame-src Keyword —

'self'

frame-src Host

Wistia

https://fast.wistia.net

frame-src Host

Zoho Mail

https://survey.zohopublic.com

frame-src Host

Google Search

https://www.google.com

frame-src Host —

https://www.chatbase.co

frame-src Host

YouTube

https://www.youtube.com

frame-src Host

Intercom

https://api-iam.intercom.io

connect-src Host

Intercom

wss://*.intercom-messenger.com

connect-src Host

Intercom

https://*.intercom-messenger.com

connect-src Host

Google API JS Client

https://translate-pa.googleapis.com

connect-src Host

Google Translate

https://translate.googleapis.com

connect-src Host —

https://locationiq.org

ASN | Cloudflare

connect-src Host

Intercom

wss://nexus-websocket-a.intercom.io

connect-src Host —

https://www.chatbase.co

connect-src Host

Intercom

https://api-iam.intercom.io

connect-src Host —

https://*.flexispy.com

ASN | HWCLOUDS-AS-AP HUAWEI CLOUDS

connect-src Host —

https://*.mobilefonex.com

ASN | SWITCH-LTD - SWITCH

connect-src Host

Google Maps

https://maps.googleapis.com

connect-src Host

Google Analytics

https://www.google-analytics.com

connect-src Host —

https://osm1.unwiredlabs.com

media-src Host

Intercom

https://js.intercomcdn.com

Content-Security-Policy-Report-Only

No report-only CSP headers found.