| warning | other | - URL
- https://techcrunch.com/2024/12/10/wordpress-vs-wp-engine-drama-explained/
- Texto
- An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
|
| error | security | - URL
- https://techcrunch.com/2024/12/10/wordpress-vs-wp-engine-drama-explained/
- Texto
- Refused to create a worker from 'blob:https://techcrunch.com/572eed11-9c7d-4b41-a1b5-6fc45b85d94a' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' wnsrvbjmeprtfrnfx.ay.delivery *.polarcdn.com *.mrf.io *.facebook.net *.twitter.com *.x.com *.instagram.com *.licdn.com *.reddit.com js.hsadspixel.net stats.wp.com *.gstatic.com *.cxense.com *.marker.io www.npttech.com *.tinypass.com *.yahoosandbox.com s0.wp.com *.google.com *.yimg.com *.yahoo.com *.yahoo.net consent.cmp.oath.com *.typekit.net *.techcrunch.com *.g.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googletagmanager.com *.hsforms.net *.hscollectedforms.net *.hubspot.com static.criteo.net *.hs-scripts.com *.hs-banner.com *.hs-analytics.net 'unsafe-inline' *.tiktok.com *.ttwstatic.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokv.com *.tiktokcdn.com *.musical.ly *.muscdn.com tiktokcdn.com.c.worldfcdn.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
|
| warning | other | - URL
- https://s.yimg.com/oa/consent.js?ver=250110
- Texto
- An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
|
| warning | other | - URL
- https://consent.cmp.oath.com/cmp.js?ver=20250110
- Texto
- An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
|
| warning | other | - URL
- https://consent.cmp.oath.com/cmp.js?ver=20250110
- Texto
- An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
|
| info | other | - URL
- https://techcrunch.com/_static/??-eJxtjc0OgjAMgF/I2ogT4WB8FhgFOli30OJe34SDB8P9+8GSwScxEsO87hOLonlImaRQjwOrYVAct4MZrkEveKLsDAvbD++EY2cE/Zr8ovBhKqB+42z/AZsp0rGs3NntHV+35712rq2aR/gCVQE/Ow==
- Texto
-
IFRAME-RESIZER
Iframe-Resizer 5 is now available via the following two packages:
* @iframe-resizer/parent
* @iframe-resizer/child
Additionally their are also new versions of iframe-resizer for React, Vue, and jQuery.
Version 5 of iframe-resizer has been extensively rewritten to use modern browser APIs, which has enabled significantly better performance and greater accuracy in the detection of content resizing events.
Please see https://iframe-resizer.com/upgrade for more details.
|
| warning | other | - URL
- https://jac.yahoosandbox.com/2.0.0/jac.js?ver=1.0.0
- Texto
- Allow attribute will take precedence over 'allowfullscreen'.
|
| warning | other | - URL
- https://jac.yahoosandbox.com/2.0.0/jac.js?ver=1.0.0
- Texto
- An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
|
| warning | other | - URL
- https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
- Texto
- An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
|
| error | network | - URL
- https://api.alyavista.com/v1/sync
- Texto
- Failed to load resource: the server responded with a status of 404 ()
|
| warning | other | - URL
- https://techcrunch.com/2024/12/10/wordpress-vs-wp-engine-drama-explained/
- Texto
- The resource https://s.yimg.com/aaq/prebid/prebid-2.0.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
|