Content-Security-Policy Analysis for https://dataxltd.com

Open Cached · just now

8 directives

Content-Security-Policy

Content-Security-Policy: default-src 'self'; style-src 'self' https://fonts.googleapis.com https://fast.fonts.net; font-src 'self' https://fonts.googleapis.com https://fast.fonts.net https://fonts.gstatic.com; script-src 'self' https://www.google.com https://www.gstatic.com; form-action https://webto.salesforce.com; navigate-to www.facebook.com twitter.com www.linkedin.com *.dataxltd.com *.equifax.com www.lend360.org www.bankrate.com; frame-ancestors none; frame-src 'self' https://www.google.com

default-src Keyword —

'self'

style-src Keyword —

'self'

style-src Host

Google Fonts

https://fonts.googleapis.com

style-src Host

Fonts.com

https://fast.fonts.net

ASN | Cloudflare

font-src Keyword —

'self'

font-src Host

Google Fonts

https://fonts.googleapis.com

font-src Host

Fonts.com

https://fast.fonts.net

ASN | Cloudflare

font-src Host

Google Fonts

https://fonts.gstatic.com

script-src Keyword —

'self'

script-src Host

Google Search

https://www.google.com

script-src Host

Google Static File Front End

https://www.gstatic.com

form-action Host

Salesforce Cloud

https://webto.salesforce.com

ASN | Salesforce

navigate-to Host

Facebook

www.facebook.com

navigate-to Host

Twitter

twitter.com

ASN | Cloudflare

navigate-to Host

LinkedIn

www.linkedin.com

ASN | Cloudflare

navigate-to Host —

*.dataxltd.com

navigate-to Host —

*.equifax.com

ASN | Cloudflare

navigate-to Host —

www.lend360.org

navigate-to Host —

www.bankrate.com

frame-ancestors Host —

none

frame-src Keyword —

'self'

frame-src Host

Google Search

https://www.google.com

Content-Security-Policy-Report-Only

No report-only CSP headers found.