Content-Security-Policy Analysis for https://usercentrics.eu

Open Cached · just now

3 directives

Content-Security-Policy

Content-Security-Policy: default-src https: data: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.intercom.io wss://*.intercom.io https://js.intercomcdn.com 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https: mailto: tel: *.usercentrics.com https://vars.hotjar.com https://js.intercomcdn.com; worker-src 'self' blob:

default-src Scheme —

https:

default-src Scheme —

data:

default-src Host

Hotjar

https://*.hotjar.com

default-src Host

Hotjar

https://*.hotjar.io

default-src Host

Hotjar

wss://*.hotjar.com

default-src Host

Intercom

https://*.intercom.io

default-src Host

Intercom

wss://*.intercom.io

default-src Host

Intercom

https://js.intercomcdn.com

default-src Keyword —

'unsafe-inline'

default-src Keyword —

'unsafe-eval'

frame-src Keyword —

'self'

frame-src Scheme —

https:

frame-src Scheme —

mailto:

frame-src Scheme —

tel:

frame-src Host —

*.usercentrics.com

ASN | Cloudflare

frame-src Host

Hotjar

https://vars.hotjar.com

frame-src Host

Intercom

https://js.intercomcdn.com

worker-src Keyword —

'self'

worker-src Scheme —

blob:

Content-Security-Policy-Report-Only

No report-only CSP headers found.