Values for x-permitted-cross-domain-policies: none 49,200 master-only 2,965 none; 108 all 88 master only 15 value 12 : none 8 by-content-type 8 'none' 5 self 5 “none” 4 origin-when-cross-origin 3 ALLOW-FROM https://www.linkedin.com 2 "master-only" 2 require-corp 2 max-age=31536000; includeSubDomains; preload 2 master-only; 2 'master-only' | 'none' 2 "none" 2 https://js.hs-scripts.com/43541275.js 1 * 1 value="master-only" 1 always 1 script-src 'self' 1 1 {} 1 strict-origin-when-cross-origin 1 max-age=63072000; 1 X-Permitted-Cross-Domain-Policies 1 'master-only'; 1 master-only, master-only 1 : master-only 1 https://llanes.viajesvirtualesweb.es 1 DENY 1 upgrade-insecure-requests; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' *.pricespider.com *.mapbox.com *.lytics.io js.jebbit.com blob:; media-src 'self' videos.ctfassets.net *.iesnare.com data:; manifest-src 'self' login.windows.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org script.crazyegg.com js.jebbit.com js.adsrvr.org connect.facebook.net z.moatads.com cdn.segment.com pghub.io www.youtube.com *.lytics.io *.bazaarvoice.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com *.iesnare.com; font-src 'self' data: ; frame-ancestors 'none'; frame-src 'self' insight.adsrvr.org *.doubleclick.net feed.pghub.io www.facebook.com consumersupport.pg.com pgnagain.jebbit.com jebbit.ilovegain.com www.youtube.com pg-lex.my.salesforce-sites.com; img-src 'self' data: images.ctfassets.net www.google-analytics.com www.googletagmanager.com pixel.tapad.com *.doubleclick.net www.facebook.com *.lytics.io *.akamaihd.net *.moatads.com *.pricespider.com *.bazaarvoice.com i.ytimg.com cdn.cookielaw.org; connect-src 'self' *.google-analytics.com *.cookielaw.org *.jebbit.com *.doubleclick.net *.crazyegg.com *.adsrvr.org *.segment.com *.segment.io *.bazaarvoice.com *.pricespider.com *.mapbox.com geolocation-db.com *.algolia.net *.algolianet.com wss:; base-uri 'none'; default-src 'none'; 1 "master-only"; 1