Content-Security-Policy Analysis for https://www.askyourdevelopers.net

Open Cached · 20h ago

10 directives

Content-Security-Policy

Content-Security-Policy: base-uri 'self'; default-src 'none'; script-src 'self' 'unsafe-inline' www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js https://static.cloudflareinsights.com/beacon.min.js; style-src 'self' 'unsafe-inline' cloud.typography.com d3hjue7omxs01q.cloudfront.net; object-src 'none'; form-action 'self'; font-src 'self' data:; connect-src 'self' www.google-analytics.com; img-src 'self' data: www.google-analytics.com; manifest-src 'self';

base-uri Keyword —

'self'

default-src Keyword —

'none'

script-src Keyword —

'self'

script-src Keyword —

'unsafe-inline'

script-src Host

Google Tag Manager

www.googletagmanager.com

script-src Host

Google Analytics

www.google-analytics.com

script-src Host

Google Analytics

ssl.google-analytics.com

script-src Host

Cloudflare CDNJS

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

ASN | Cloudflare

script-src Host

Cloudflare Web Analytics

https://static.cloudflareinsights.com/beacon.min.js

ASN | Cloudflare

style-src Keyword —

'self'

style-src Keyword —

'unsafe-inline'

style-src Host —

cloud.typography.com

style-src Host

AWS CloudFront

d3hjue7omxs01q.cloudfront.net

object-src Keyword —

'none'

form-action Keyword —

'self'

font-src Keyword —

'self'

font-src Scheme —

data:

connect-src Keyword —

'self'

connect-src Host

Google Analytics

www.google-analytics.com

img-src Keyword —

'self'

img-src Scheme —

data:

img-src Host

Google Analytics

www.google-analytics.com

manifest-src Keyword —

'self'

Content-Security-Policy-Report-Only

No report-only CSP headers found.