Content-Security-Policy Analysis for https://securetrustbank.com

Open Cached · just now

8 directives

Content-Security-Policy

Content-Security-Policy: default-src 'self' https://*.securetrustbank.com https://*.googletagmanager.com;; connect-src 'self' https://*.securetrustbank.com https://*.google-analytics.com https://*.googletagmanager.com https://*.civiccomputing.com https://*.trustpilot.com;; img-src 'self' https://*.securetrustbank.com data: https://*.google-analytics.com https://*.google.com https://*.google.co.uk https://*.googletagmanager.com https://*.gstatic.com https://*.trustpilot.com;; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.securetrustbank.com https://*.googletagmanager.com https://static.srcspot.com https://*.google-analytics.com https://*.trustpilot.com;; style-src 'self' 'unsafe-inline' https://*.securetrustbank.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.trustpilot.com;; font-src 'self' https://*.securetrustbank.com https://*.gstatic.com;; frame-src 'self' https://*.securetrustbank.com https://ir.tools.investis.com https://*.youtube.com https://*.youtube-nocookie.com https://*.investis.com https://*.trustpilot.com;; frame-ancestors 'self'

default-src Keyword —

'self'

default-src Host —

https://*.securetrustbank.com

ASN | Incapsula

default-src Host

Google Tag Manager

https://*.googletagmanager.com

connect-src Keyword —

'self'

connect-src Host —

https://*.securetrustbank.com

ASN | Incapsula

connect-src Host

Google Analytics

https://*.google-analytics.com

connect-src Host

Google Tag Manager

https://*.googletagmanager.com

connect-src Host

Cookie Control

https://*.civiccomputing.com

ASN | IOMART-AS - IOMART CLOUD SERVICES LIMITED

connect-src Host

Trustpilot

https://*.trustpilot.com

img-src Keyword —

'self'

img-src Host —

https://*.securetrustbank.com

ASN | Incapsula

img-src Scheme —

data:

img-src Host

Google Analytics

https://*.google-analytics.com

img-src Host —

https://*.google.com

img-src Host —

https://*.google.co.uk

img-src Host

Google Tag Manager

https://*.googletagmanager.com

img-src Host

Google Static File Front End

https://*.gstatic.com

img-src Host

Trustpilot

https://*.trustpilot.com

script-src Keyword —

'self'

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

script-src Host —

https://*.securetrustbank.com

ASN | Incapsula

script-src Host

Google Tag Manager

https://*.googletagmanager.com

script-src Host —

https://static.srcspot.com

ASN | Google Cloud

script-src Host

Google Analytics

https://*.google-analytics.com

script-src Host

Trustpilot

https://*.trustpilot.com

style-src Keyword —

'self'

style-src Keyword —

'unsafe-inline'

style-src Host —

https://*.securetrustbank.com

ASN | Incapsula

style-src Host

Google API JS Client

https://*.googleapis.com

style-src Host

Google Tag Manager

https://*.googletagmanager.com

style-src Host

Google Static File Front End

https://*.gstatic.com

style-src Host

Trustpilot

https://*.trustpilot.com

font-src Keyword —

'self'

font-src Host —

https://*.securetrustbank.com

ASN | Incapsula

font-src Host

Google Static File Front End

https://*.gstatic.com

frame-src Keyword —

'self'

frame-src Host —

https://*.securetrustbank.com

ASN | Incapsula

frame-src Host

IDX

https://ir.tools.investis.com

ASN | Cloudflare

frame-src Host

YouTube

https://*.youtube.com

frame-src Host

YouTube

https://*.youtube-nocookie.com

frame-src Host

IDX

https://*.investis.com

frame-src Host

Trustpilot

https://*.trustpilot.com

frame-ancestors Keyword —

'self'

Content-Security-Policy-Report-Only

No report-only CSP headers found.