Content-Security-Policy Analysis for https://ne16.com

Open Cached · 1m ago

11 directives

Content-Security-Policy

Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; script-src 'self' https://*.appcues.com https://*.appcues.net cdn.segment.com https://salesiq.zohopublic.com https://js.zohocdn.com https://vimeo.com https://www.youtube.com 'nonce-c4a6f5fe-45fc-4c77-ba72-432c1c79c1db'; worker-src 'self' https://*.appcues.com https://*.appcues.net cdn.segment.com blob:; connect-src 'self' wss://www.ne16.com api.segment.io cdn.segment.com https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com wss://*.zohopublic.com https://salesiq.zohopublic.com https://us4-files.zohopublic.com https://vimeo.com https://www.youtube.com editor.ne16.com data: blob:; frame-src 'self' https://*.appcues.com https://salesiq.zohopublic.com/ https://api.zapier.com/ https://zapier.com/; style-src 'self' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com https://css.zohocdn.com https://static.zohocdn.com https://vimeo.com https://www.youtube.com 'unsafe-inline'; img-src 'self' blob: data: *; media-src 'self' blob: *; font-src 'self' fonts.gstatic.com https://css.zohocdn.com data:; report-uri /Analytics/api/Error/Csp;

default-src Keyword —

'none'

frame-ancestors Keyword —

'none'

script-src Keyword —

'self'

script-src Host —

https://*.appcues.com

script-src Host —

https://*.appcues.net

script-src Host

Segment

cdn.segment.com

script-src Host

Zoho Mail

https://salesiq.zohopublic.com

script-src Host

Zoho Mail

https://js.zohocdn.com

script-src Host

Vimeo

https://vimeo.com

ASN | Cloudflare

script-src Host

YouTube

https://www.youtube.com

script-src Nonce —

'nonce-c4a6f5fe-45fc-4c77-ba72-432c1c79c1db'

worker-src Keyword —

'self'

worker-src Host —

https://*.appcues.com

worker-src Host —

https://*.appcues.net

worker-src Host

Segment

cdn.segment.com

worker-src Scheme —

blob:

connect-src Keyword —

'self'

connect-src Host —

wss://www.ne16.com

connect-src Host

Segment

api.segment.io

connect-src Host

Segment

cdn.segment.com

connect-src Host —

https://*.appcues.com

connect-src Host —

https://*.appcues.net

connect-src Host —

wss://*.appcues.net

connect-src Host —

wss://*.appcues.com

connect-src Host

Zoho Mail

wss://*.zohopublic.com

connect-src Host

Zoho Mail

https://salesiq.zohopublic.com

connect-src Host

Zoho Mail

https://us4-files.zohopublic.com

connect-src Host

Vimeo

https://vimeo.com

ASN | Cloudflare

connect-src Host

YouTube

https://www.youtube.com

connect-src Host —

editor.ne16.com

connect-src Scheme —

data:

connect-src Scheme —

blob:

frame-src Keyword —

'self'

frame-src Host —

https://*.appcues.com

frame-src Host

Zoho Mail

https://salesiq.zohopublic.com/

frame-src Host

Zapier

https://api.zapier.com/

frame-src Host

Zapier

https://zapier.com/

style-src Keyword —

'self'

style-src Host —

https://*.appcues.com

style-src Host —

https://*.appcues.net

style-src Host

Google Fonts

https://fonts.googleapis.com

style-src Host

Google Fonts

https://fonts.google.com

style-src Host

Zoho Mail

https://css.zohocdn.com

style-src Host

Zoho Mail

https://static.zohocdn.com

style-src Host

Vimeo

https://vimeo.com

ASN | Cloudflare

style-src Host

YouTube

https://www.youtube.com

style-src Keyword —

'unsafe-inline'

img-src Keyword —

'self'

img-src Scheme —

blob:

img-src Scheme —

data:

img-src Host —

*

media-src Keyword —

'self'

media-src Scheme —

blob:

media-src Host —

*

font-src Keyword —

'self'

font-src Host

Google Fonts

fonts.gstatic.com

font-src Host

Zoho Mail

https://css.zohocdn.com

font-src Scheme —

data:

report-uri Host —

/Analytics/api/Error/Csp

Content-Security-Policy-Report-Only

No report-only CSP headers found.