12 directives

Content-Security-Policy

No enforced CSP headers found.

Content-Security-Policy-Report-Only

base-uri Keyword
'self'
default-src Keyword
'self'
script-src Keyword
'self'
script-src Nonce
'nonce-a8b3c39785b741918b3438d5aa0cc815'
style-src Keyword
'self'
style-src Keyword
'unsafe-inline'
style-src Host
*
img-src Keyword
'self'
font-src Keyword
'self'
font-src Host
frame-ancestors Keyword
'self'
frame-ancestors Host
ASN | Amazon
frame-ancestors Host
frame-ancestors Host
frame-ancestors Host
frame-ancestors Host
ASN | Amazon
frame-ancestors Host
frame-ancestors Host
form-action Keyword
'self'
report-to Host
frame-src Keyword
'self'
frame-src Host
frame-src Host
frame-src Host
connect-src Keyword
'self'