One day's worth of CSP violations injected by toolbars and various other *ware

csp violations

129 times:
<safari-extension://com.evernote.safari.clipper-q79wdw8yh9>

96 times:
<safari-extension://com.ideashower.pocket.safari-et279a6r5n>

88 times:
<>

34 times:
<about>

18 times:
<webviewprogressproxy://>

13 times:
<https://o.yieldsquare.com>

9 times:
<http://fonts.gstatic.com>
<safari-extension://com.solfyre-id.sid-lite-safari-44v7eryqa5>
<http://compare.buyhatke.com>

8 times:
<https://fonts.gstatic.com>

6 times:
<mx://res/reader-mode/reader.html>
<https://icontent.us>

5 times:
<https://d389zggrogs7qo.cloudfront.net>

4 times:
<https://d3ijcis4e2ziok.cloudfront.net>
<https://dl.metabar.ru>
<https://bufferapp.com>
<http://fontface.ninja>

3 times:
<https://www.instapaper.com>
<mbinit://>
<https://www.superfish.com>

2 times:
<https://pf-cdn.printfriendly.com>
<https://api.jollywallet.com>
safari-extension://com.avast.wrc-6h4hrtu5e3>
safari-extension://com.wotservicesoy.wot-ff6ww26hl3>
<https://5k9v3bc1-enehfzfv.netdna-ssl.com>
<https://4x3zy4ql-l8bu4n1j.netdna-ssl.com>
safari-extension://com.betteradvertising.ghostery-hpy23a294x>
<http://themes.googleusercontent.com>
https://css.zohostatic.com>
<http://10.129.1.211:15871>

1 times:
<safari-extension://com.add0n.dictionary-2c3w8rz8nd>
<https://apps.2gis.ru>
<http://restapi.dictionary.com>
<https://ads.panoramtech.net>
<https://nikkomsgchannel>
<https://cdn.viglink.com>
<mxaddon-pkg>
<https://www.google-analytics.com>
<https://i_sbitinjs_info.tlscdn.com>
<http://50.116.62.47>
<safari-extension://com.interclue.ultimatestatusbar-725998gksy>
<chrome-extension://>
<https://inst.shoppingate.info>
<https://mc.yandex.ru>
<http://vivafiliates.com.br>
<asset>
<https://translate.google.com>
<https://gateway.zscalertwo.net>
<https://www.best-deals-products.com>

Interesting! I had a bunch from fonts.googleapis.com and fonts.gstatic.com and encrypted-tbn2.gstatic.com and other dubious google sites. CSP-Reporting-Only is cool.