Content-Security-Policy Analysis for https://eightam.com

Open Cached · 3m ago

14 directives

Content-Security-Policy

No enforced CSP headers found.

Content-Security-Policy-Report-Only

Content-Security-Policy-Report-Only: default-src 'self'; connect-src *; img-src * data:; script-src 'self' cdn.bizible.com; style-src 'self' 'unsafe-inline' https://404-tpa-276.mktoweb.com/ https://*.qualified.com; font-src 'self' kit.fontawesome.com ka-p.fontawesome.com https://fast.wistia.com/ https://fast.wistia.net/ data:; form-action 'self'; object-src 'none'; media-src 'self' blob: mediastream: https://*.qualified.com; frame-src https://www.googletagmanager.com https://td.doubleclick.net/ https://gtm.8am.com/ https://insight.adsrvr.org/ https://app.netlify.com/ https://404-tpa-276.mktoweb.com/ https://*.qualified.com; child-src https://*.qualified.com; frame-ancestors demo.affinipay.com ka-p.fontawesome.com https://app.contentful.com; upgrade-insecure-requests; block-all-mixed-content

default-src Keyword —

'self'

connect-src Host —

*

img-src Host —

*

img-src Scheme —

data:

script-src Keyword —

'self'

script-src Host

Adobe Marketo

cdn.bizible.com

style-src Keyword —

'self'

style-src Keyword —

'unsafe-inline'

style-src Host

Adobe Marketo

https://404-tpa-276.mktoweb.com/

ASN | Cloudflare

style-src Host

Qualified

https://*.qualified.com

ASN | Cloudflare

font-src Keyword —

'self'

font-src Host

Font Awesome

kit.fontawesome.com

ASN | Cloudflare

font-src Host

Font Awesome

ka-p.fontawesome.com

ASN | Cloudflare

font-src Host

Wistia

https://fast.wistia.com/

font-src Host

Wistia

https://fast.wistia.net/

font-src Scheme —

data:

form-action Keyword —

'self'

object-src Keyword —

'none'

media-src Keyword —

'self'

media-src Scheme —

blob:

media-src Scheme —

mediastream:

media-src Host

Qualified

https://*.qualified.com

ASN | Cloudflare

frame-src Host

Google Tag Manager

https://www.googletagmanager.com

frame-src Host

Google DoubleClick

https://td.doubleclick.net/

frame-src Host —

https://gtm.8am.com/

frame-src Host

The Trade Desk

https://insight.adsrvr.org/

frame-src Host

Netlify

https://app.netlify.com/

frame-src Host

Adobe Marketo

https://404-tpa-276.mktoweb.com/

ASN | Cloudflare

frame-src Host

Qualified

https://*.qualified.com

ASN | Cloudflare

child-src Host

Qualified

https://*.qualified.com

ASN | Cloudflare

frame-ancestors Host —

demo.affinipay.com

frame-ancestors Host

Font Awesome

ka-p.fontawesome.com

ASN | Cloudflare

frame-ancestors Host

Contentful

https://app.contentful.com

upgrade-insecure-requests Source —

(no sources)

block-all-mixed-content Source —

(no sources)