Content-Security-Policy Analysis for https://kollective.app

Open Cached · just now

5 directives

Content-Security-Policy

Content-Security-Policy: base-uri 'self';object-src 'none';style-src 'self' https://fonts.googleapis.com go.kollective.com pages.riverbed.com 'unsafe-inline' data:;frame-ancestors 'self';worker-src blob: ;

base-uri Keyword —

'self'

object-src Keyword —

'none'

style-src Keyword —

'self'

style-src Host

Google Fonts

https://fonts.googleapis.com

ASN | Google

style-src Host —

go.kollective.com

ASN | Cloudflare

style-src Host —

pages.riverbed.com

ASN | Cloudflare

style-src Keyword —

'unsafe-inline'

style-src Scheme —

data:

frame-ancestors Keyword —

'self'

worker-src Scheme —

blob:

Content-Security-Policy-Report-Only

No report-only CSP headers found.