Content-Security-Policy Analysis for https://sentry.services.trainsplit.com

Open Cached · 6h ago

11 directives

Content-Security-Policy

No enforced CSP headers found.

Content-Security-Policy-Report-Only

Content-Security-Policy-Report-Only: connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io; style-src 'unsafe-inline' *; img-src blob: data: *; default-src 'none'; worker-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'nonce-xbusT44pmrcoK5jaIhDHuw=='; object-src 'none'; base-uri 'none'; font-src 'self' data:; frame-ancestors 'none'; media-src *

connect-src Keyword —

'self'

connect-src Host

Algolia

*.algolia.net

connect-src Host

Algolia

*.algolianet.com

ASN | Cloudflare

connect-src Host

Algolia

*.algolia.io

style-src Keyword —

'unsafe-inline'

style-src Host —

img-src Scheme —

blob:

img-src Scheme —

data:

img-src Host —

default-src Keyword —

'none'

worker-src Keyword —

'none'

script-src Keyword —

'self'

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'report-sample'

script-src Nonce —

'nonce-xbusT44pmrcoK5jaIhDHuw=='

object-src Keyword —

'none'

base-uri Keyword —

'none'

font-src Keyword —

'self'

font-src Scheme —

data:

frame-ancestors Keyword —

'none'

media-src Host —