Content-Security-Policy Analysis for https://connect.notified.com

Open Cached · 34m ago

10 directives

Content-Security-Policy

Content-Security-Policy: upgrade-insecure-requests; base-uri 'self'; default-src 'self' https://www.recaptcha.net data:; script-src 'self' 'unsafe-inline' https://www.google.com https://www.recaptcha.net https://www.gstatic.com https://www.gstatic.cn; img-src https: data: blob:; object-src 'none'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com ;frame-src https://www.google.com https://www.recaptcha.net;frame-ancestors 'self' https://distribute.notified.com;

upgrade-insecure-requests Source —

(no sources)

base-uri Keyword —

'self'

default-src Keyword —

'self'

default-src Host

Google reCAPTCHA

https://www.recaptcha.net

default-src Scheme —

data:

script-src Keyword —

'self'

script-src Keyword —

'unsafe-inline'

script-src Host

Google Search

https://www.google.com

script-src Host

Google reCAPTCHA

https://www.recaptcha.net

script-src Host

Google Static File Front End

https://www.gstatic.com

script-src Host

Google Static File Front End

https://www.gstatic.cn

img-src Scheme —

https:

img-src Scheme —

data:

img-src Scheme —

blob:

object-src Keyword —

'none'

style-src Keyword —

'self'

style-src Host

Google Fonts

https://fonts.googleapis.com

style-src Keyword —

'unsafe-inline'

font-src Keyword —

'self'

font-src Host

Google Fonts

https://fonts.googleapis.com

font-src Host

Google Fonts

https://fonts.gstatic.com

frame-src Host

Google Search

https://www.google.com

frame-src Host

Google reCAPTCHA

https://www.recaptcha.net

frame-ancestors Keyword —

'self'

frame-ancestors Host —

https://distribute.notified.com

Content-Security-Policy-Report-Only

No report-only CSP headers found.