DNS Gurus
Cached · just now
8 directives

Content-Security-Policy

upgrade-insecure-requests Source
(no sources)
default-src Scheme
https:
default-src Scheme
data:
default-src Scheme
wss:
default-src Scheme
blob:
default-src Keyword
'self'
style-src Keyword
'unsafe-eval'
style-src Keyword
'unsafe-inline'
style-src Keyword
'self'
style-src Host
https://*.trustedshops.com
ASN | Amazon
style-src Host Google Static File Front End logo Google Static File Front End
https://*.gstatic.com
ASN | Google
style-src Host
https://*.smassets.net
style-src Host SurveyMonkey logo SurveyMonkey
https://*.surveymonkey.com
ASN | Amazon
object-src Keyword
'none'
media-src Keyword
'self'
media-src Host YouTube logo YouTube
https://www.youtube.com
ASN | Google
media-src Host Vimeo logo Vimeo
https://player.vimeo.com
ASN | Cloudflare
media-src Host
https://cf-media.sndcdn.com
ASN | Amazon
media-src Scheme
blob:
media-src Scheme
data:
base-uri Keyword
'self'
frame-ancestors Keyword
'self'
frame-ancestors Host Zendesk logo Zendesk
https://*.zendesk.com
ASN | Cloudflare
frame-ancestors Host Shopify logo Shopify
https://*.myshopify.com
ASN | Cloudflare
frame-ancestors Host
https://teams.microsoft.com
ASN | Microsoft
frame-ancestors Host Oracle Eloqua logo Oracle Eloqua
https://*.eloqua.com
ASN | NCUBE-OREGON-AS - Oracle Corporation
frame-ancestors Host SurveyMonkey logo SurveyMonkey
https://*.surveymonkey.com
ASN | Amazon
frame-ancestors Host Microsoft 365 logo Microsoft 365
https://*.office.com
ASN | Microsoft
frame-ancestors Host Microsoft 365 logo Microsoft 365
https://*.office365.com
ASN | Microsoft
script-src Keyword
'unsafe-eval'
script-src Keyword
'unsafe-inline'
script-src Scheme
https:
script-src Scheme
blob:
script-src Keyword
'self'
script-src Keyword
'strict-dynamic'
script-src Nonce
'nonce-JLI0KxkGa/yz8zy3K2Iv1A=='

Content-Security-Policy-Report-Only

No report-only CSP headers found.