Content-Security-Policy Analysis for https://maven-plugins.sourceforge.net

Open Cached · just now

9 directives

Content-Security-Policy

Content-Security-Policy: report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; script-src 'self' *.licdn.com a.fsdn.com *.google.com http://c.sf-syn.com http://b.sf-syn.com *.cloudflareinsights.com *.google-analytics.com *.tiny.cloud *.recaptcha.net recaptcha.net *.gstatic.com *.googletagservices.com *.googlesyndication.com *.doubleclick.net *.googletagmanager.com *.consentmanager.net *.microsofttranslator.com translate.googleapis.com translate.google.cn *.gstatic.cn *.tds.bid esm.sh blob: *.adnxs.com *.bing.com *.slashdotmedia.com *.crsspxl.com http://*.pro-market.net ml314.com j.6sc.co *.hs-scripts.com js.hsadspixel.net js.hs-analytics.net js.hs-banner.com js.hscollectedforms.net js.usemessages.com fe.sitedataprocessing.com a.usbrowserspeed.com d-code.liadm.com frontend.id-visitors.com *.identitymatrix.ai 'unsafe-inline' 'unsafe-eval'; fenced-frame-src https:; frame-ancestors 'self'; frame-src 'self' a.fsdn.com *.google.com http://c.sf-syn.com http://b.sf-syn.com *.googletagmanager.com *.doubleclick.net *.gstatic.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com *.consentmanager.net player.twitch.tv *.crsspxl.com http://*.pro-market.net app.hubspot.com; form-action 'self' lists.sourceforge.net aistudio.google.com; script-src-attr 'unsafe-hashes' 'sha256-4d6SN0yYeMqJ0cKMQtg6WeJWMAytzagOyddgGs8IrQg=' 'sha256-tBDVzvq7nAZRA5cnijB1/8uEyvj+5hEDBhcx7F72AGE=' 'report-sample'; object-src 'none'; upgrade-insecure-requests

report-uri Host

Report URI

https://sourceforge.report-uri.com/r/d/csp/enforce

script-src Keyword —

'self'

script-src Host

LinkedIn

*.licdn.com

script-src Host —

a.fsdn.com

script-src Host

Google Search

*.google.com

script-src Host —

http://c.sf-syn.com

script-src Host —

http://b.sf-syn.com

script-src Host

Cloudflare Web Analytics

*.cloudflareinsights.com

script-src Host

Google Analytics

*.google-analytics.com

script-src Host —

*.tiny.cloud

script-src Host

Google reCAPTCHA

*.recaptcha.net

script-src Host

Google reCAPTCHA

recaptcha.net

script-src Host

Google Static File Front End

*.gstatic.com

script-src Host

Google DoubleClick

*.googletagservices.com

script-src Host

Google AdSense

*.googlesyndication.com

script-src Host

Google DoubleClick

*.doubleclick.net

script-src Host

Google Tag Manager

*.googletagmanager.com

script-src Host —

*.consentmanager.net

script-src Host

Microsoft Translator

*.microsofttranslator.com

script-src Host

Google Translate

translate.googleapis.com

script-src Host

Google Translate

translate.google.cn

script-src Host

Google Static File Front End

*.gstatic.cn

script-src Host —

*.tds.bid

script-src Host

esm.sh

esm.sh

script-src Scheme —

blob:

script-src Host

AppNexus (Xandr)

*.adnxs.com

script-src Host

Bing

*.bing.com

script-src Host —

*.slashdotmedia.com

ASN | Cloudflare

script-src Host —

*.crsspxl.com

script-src Host —

http://*.pro-market.net

script-src Host —

ml314.com

ASN | Google Cloud

script-src Host

6sense

j.6sc.co

script-src Host

HubSpot

*.hs-scripts.com

script-src Host

HubSpot

js.hsadspixel.net

ASN | Cloudflare

script-src Host

HubSpot Analytics

js.hs-analytics.net

ASN | Cloudflare

script-src Host

HubSpot

js.hs-banner.com

ASN | Cloudflare

script-src Host

HubSpot Forms

js.hscollectedforms.net

ASN | Cloudflare

script-src Host

HubSpot Live Chat

js.usemessages.com

ASN | Cloudflare

script-src Host —

fe.sitedataprocessing.com

script-src Host —

a.usbrowserspeed.com

script-src Host —

d-code.liadm.com

script-src Host —

frontend.id-visitors.com

script-src Host —

*.identitymatrix.ai

ASN | Cloudflare

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

fenced-frame-src Scheme —

https:

frame-ancestors Keyword —

'self'

frame-src Keyword —

'self'

frame-src Host —

a.fsdn.com

frame-src Host

Google Search

*.google.com

frame-src Host —

http://c.sf-syn.com

frame-src Host —

http://b.sf-syn.com

frame-src Host

Google Tag Manager

*.googletagmanager.com

frame-src Host

Google DoubleClick

*.doubleclick.net

frame-src Host

Google Static File Front End

*.gstatic.com

frame-src Host

Google reCAPTCHA

*.recaptcha.net

frame-src Host

Google reCAPTCHA

recaptcha.net

frame-src Host

YouTube

*.youtube.com

frame-src Host

YouTube

www.youtube-nocookie.com

frame-src Host —

*.consentmanager.net

frame-src Host

Twitch

player.twitch.tv

frame-src Host —

*.crsspxl.com

frame-src Host —

http://*.pro-market.net

frame-src Host

HubSpot

app.hubspot.com

ASN | Cloudflare

form-action Keyword —

'self'

form-action Host —

lists.sourceforge.net

ASN | LIGHTEDGE-AS-02 - LightEdge Solutions

form-action Host —

aistudio.google.com

script-src-attr Keyword —

'unsafe-hashes'

script-src-attr Hash —

'sha256-4d6SN0yYeMqJ0cKMQtg6WeJWMAytzagOyddgGs8IrQg='

script-src-attr Hash —

'sha256-tBDVzvq7nAZRA5cnijB1/8uEyvj+5hEDBhcx7F72AGE='

script-src-attr Keyword —

'report-sample'

object-src Keyword —

'none'

upgrade-insecure-requests Source —

(no sources)

Content-Security-Policy-Report-Only

No report-only CSP headers found.