Pedidos ou recursos que ofendem as políticas de segurança
Violação
Tipo
Informação
Recurso
https://www.klwines.com/
Descrição
[Report Only] Refused to load the image 'https://klwimages.blob.core.windows.net/images/d5f44541-516f-44a8-b707-e337f34099b3Aug-2024-Banner-Desktop-Insider%27s.jpg' because it violates the following Content Security Policy directive: "default-src 'unsafe-inline' 'unsafe-eval' 'self' *.klwines.com *.klwinternal.com *.klwinternalstg.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.visualstudio.com *.datadome.co cdn.jsdelivr.net connect.facebook.net www.facebook.com *.addthis.com *.addthisedge.com *.moatads.com *.squarespace-cdn.com pbs.twimg.com *.cdninstagram.com stats.g.doubleclick.net www.google.com www.google-analytics.com www.gstatic.com www.paypalobjects.com www.exploretock.com analytics.google.com fonts.gstatic.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
[Report Only] Refused to load the image 'https://klwimages.blob.core.windows.net/images/23db4f23-6778-45a0-bcfd-470b87dcab8cKLWines_AngelusLunch_2024.jpeg' because it violates the following Content Security Policy directive: "default-src 'unsafe-inline' 'unsafe-eval' 'self' *.klwines.com *.klwinternal.com *.klwinternalstg.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.visualstudio.com *.datadome.co cdn.jsdelivr.net connect.facebook.net www.facebook.com *.addthis.com *.addthisedge.com *.moatads.com *.squarespace-cdn.com pbs.twimg.com *.cdninstagram.com stats.g.doubleclick.net www.google.com www.google-analytics.com www.gstatic.com www.paypalobjects.com www.exploretock.com analytics.google.com fonts.gstatic.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
[Report Only] Refused to create a worker from 'blob:https://www.klwines.com/bae1ec84-2c5c-45e6-a032-4f81e0097e5d' because it violates the following Content Security Policy directive: "default-src 'unsafe-inline' 'unsafe-eval' 'self' *.klwines.com *.klwinternal.com *.klwinternalstg.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.visualstudio.com *.datadome.co cdn.jsdelivr.net connect.facebook.net www.facebook.com *.addthis.com *.addthisedge.com *.moatads.com *.squarespace-cdn.com pbs.twimg.com *.cdninstagram.com stats.g.doubleclick.net www.google.com www.google-analytics.com www.gstatic.com www.paypalobjects.com www.exploretock.com analytics.google.com fonts.gstatic.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.
[Report Only] Refused to create a worker from 'blob:https://www.klwines.com/bae1ec84-2c5c-45e6-a032-4f81e0097e5d' because it violates the following Content Security Policy directive: "default-src 'unsafe-inline' 'unsafe-eval' 'self' *.klwines.com *.klwinternal.com *.klwinternalstg.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.visualstudio.com *.datadome.co cdn.jsdelivr.net connect.facebook.net www.facebook.com *.addthis.com *.addthisedge.com *.moatads.com *.squarespace-cdn.com pbs.twimg.com *.cdninstagram.com stats.g.doubleclick.net www.google.com www.google-analytics.com www.gstatic.com www.paypalobjects.com www.exploretock.com analytics.google.com fonts.gstatic.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.