Content-Security-Policy Analysis for https://static.syca.nl

Open Cached · just now

2 directives

Content-Security-Policy

Content-Security-Policy: script-src 'self' syca.nl *.syca.nl *.googleapis.com *.google-analytics.com *.google.com *.facebook.net *.facebook.com *.gstatic.com 'unsafe-inline' ; object-src 'self'

script-src Keyword —

'self'

script-src Host —

syca.nl

ASN | TransIP

script-src Host —

*.syca.nl

ASN | TransIP

script-src Host

Google API JS Client

*.googleapis.com

ASN | Google

script-src Host

Google Analytics

*.google-analytics.com

ASN | Google

script-src Host

Google Search

*.google.com

ASN | Google

script-src Host

Facebook

*.facebook.net

script-src Host

Facebook

*.facebook.com

ASN | Facebook

script-src Host

Google Static File Front End

*.gstatic.com

ASN | Google

script-src Keyword —

'unsafe-inline'

object-src Keyword —

'self'

Content-Security-Policy-Report-Only

No report-only CSP headers found.