DNS Gurus
Cached · just now
14 directives

Content-Security-Policy

default-src Keyword
'self'
script-src Keyword
'self'
script-src Keyword
'unsafe-inline'
script-src Host PostHog logo PostHog
https://*.i.posthog.com
script-src Host jsDelivr logo jsDelivr
https://cdn.jsdelivr.net
ASN | Fastly
script-src Host unpkg logo unpkg
https://unpkg.com
ASN | Cloudflare
script-src Host Sentry logo Sentry
https://*.sentry.io
ASN | Google Cloud
script-src Host Cloudflare Turnstile logo Cloudflare Turnstile
https://challenges.cloudflare.com
ASN | Cloudflare
script-src Host Cloudflare Web Analytics logo Cloudflare Web Analytics
https://static.cloudflareinsights.com
ASN | Cloudflare
script-src Host Google Tag Manager logo Google Tag Manager
https://www.googletagmanager.com
ASN | Google
script-src Host Facebook logo Facebook
https://connect.facebook.net
ASN | Facebook
script-src Host Pinterest logo Pinterest
https://s.pinimg.com
ASN | Akamai
script-src Host Pinterest logo Pinterest
https://ct.pinterest.com
ASN | Akamai
style-src Keyword
'self'
style-src Keyword
'unsafe-inline'
style-src Host Google Fonts logo Google Fonts
https://fonts.googleapis.com
ASN | Google
font-src Keyword
'self'
font-src Host Google Fonts logo Google Fonts
https://fonts.gstatic.com
ASN | Google
font-src Scheme
data:
img-src Keyword
'self'
img-src Scheme
data:
img-src Scheme
https:
img-src Scheme
blob:
img-src Host Supabase logo Supabase
https://*.supabase.co
ASN | Amazon
img-src Host Unsplash logo Unsplash
https://images.unsplash.com
ASN | Fastly
img-src Host Pexels logo Pexels
https://images.pexels.com
ASN | Cloudflare
media-src Keyword
'self'
media-src Scheme
https:
media-src Scheme
blob:
connect-src Keyword
'self'
connect-src Scheme
blob:
connect-src Host PostHog logo PostHog
https://*.i.posthog.com
connect-src Host Supabase logo Supabase
https://*.supabase.co
ASN | Amazon
connect-src Host Supabase logo Supabase
wss://*.supabase.co
ASN | Amazon
connect-src Host
https://api.wiroko.com
ASN | Cloudflare
connect-src Host
wss://api.wiroko.com
ASN | Cloudflare
connect-src Host
https://api.remove.bg
ASN | Google Cloud
connect-src Host Pexels logo Pexels
https://images.pexels.com
ASN | Cloudflare
connect-src Host Pexels logo Pexels
https://api.pexels.com
ASN | Cloudflare
connect-src Host Sentry logo Sentry
https://*.sentry.io
ASN | Google Cloud
connect-src Host Sentry logo Sentry
https://*.ingest.sentry.io
connect-src Host PostHog logo PostHog
https://us.i.posthog.com
ASN | Amazon
connect-src Host Cloudflare Web Analytics logo Cloudflare Web Analytics
https://cloudflareinsights.com
ASN | Cloudflare
connect-src Host Google Analytics logo Google Analytics
https://www.google-analytics.com
ASN | Google
connect-src Host Google DoubleClick logo Google DoubleClick
https://stats.g.doubleclick.net
ASN | Google
connect-src Host Facebook logo Facebook
https://www.facebook.com
ASN | Facebook
connect-src Host Pinterest logo Pinterest
https://ct.pinterest.com
ASN | Akamai
connect-src Host Google Analytics logo Google Analytics
https://region1.google-analytics.com
ASN | Google
frame-src Keyword
'self'
frame-src Host YouTube logo YouTube
https://www.youtube.com
ASN | Google
frame-src Host Vimeo logo Vimeo
https://player.vimeo.com
ASN | Cloudflare
frame-src Host Cloudflare Turnstile logo Cloudflare Turnstile
https://challenges.cloudflare.com
ASN | Cloudflare
frame-src Host Pinterest logo Pinterest
https://ct.pinterest.com
ASN | Akamai
worker-src Keyword
'self'
worker-src Scheme
blob:
object-src Keyword
'none'
base-uri Keyword
'self'
form-action Keyword
'self'
frame-ancestors Keyword
'none'
upgrade-insecure-requests Source
(no sources)

Content-Security-Policy-Report-Only

No report-only CSP headers found.