Content-Security-Policy Analysis for https://amocrm.ru

Open Cached · just now

12 directives

Content-Security-Policy

Content-Security-Policy: default-src 'self' gso.amocrm.ru; script-src 'self' 'strict-dynamic' 'unsafe-inline' https://www.gstatic.com https://www.google.com http://www.googleadservices.com https://www.googletagmanager.com https://cdn.jsdelivr.net https://seal.starfieldtech.com 'sha256-6/v+FSMWnmvsGNghwyNkr2VwAMemIky1qH4GhuhErw8=' 'unsafe-hashes' piper.amocrm.ru gso.amocrm.ru https://my.hellobar.com https://www.youtube.com https://rutube.ru 'sha256-qZJmHHAaUu28WoFKc0FVNpA5ikXzX0NBeqIpY0bQXIA=' 'sha256-V7US+zMwAMOPr/YqM4zVsHsKGl3xUiVIwhFUvnv87QE=' 'sha256-J8lzg3ubs2SO6PW9MmHWe1UzbBMwuiLWxN/otQCygyY=' 'sha256-disSjv6Cqh2qc1///UXyReEByhnnMEGIa7VnqInfjls=' 'sha256-eH5kMeUdc48DzHbZtubwbQ1dUOxSsKEw4nqHROB4O+g=' 'sha256-sejyC18/DnWxENEG0wtqHl60q8kck4ZIDJVPYZoFY2Y=' 'sha256-yHwihVYvV0uJwcx2/8gO6wxKSQKbIKgPrOhvJErN3Zs=' 'sha256-DpOoqibK/BsYhobWHnU38Pyzt5SjDZuR/mFsAiVN7kk=' https://ajax.googleapis.com https://www.facebook.com https://connect.facebook.net https://graph.facebook.com https://vk.com https://login.vk.com https://m.vk.com top-fwz1.mail.ru https://mc.yandex.ru https://yastatic.net 'nonce-e9af510aa1a2'; style-src 'self' https://fonts.googleapis.com 'strict-dynamic' 'unsafe-inline' https://unpkg.com gso.amocrm.ru connect.facebook.net; form-action 'self' https://www.facebook.com; frame-ancestors 'self' https://*.amocrm.ru chrome-extension://cfaicdlgblgdchnpdilihjmfnogpjakl chrome-extension://eaeaddaoioikiaokcmjfeghddidmmfhc; worker-src 'none'; object-src 'none'; font-src 'self' data: https://fonts.gstatic.com; img-src 'self' data: blob: https://i.postimg.cc https://seal.godaddy.com https://widgets.amocrm.ru piper.amocrm.ru gso.amocrm.ru https://assets.hellobar.com https://www.google-analytics.com https://www.google.com https://www.google.ru https://www.googletagmanager.com https://www.facebook.com https://connect.facebook.net https://vk.com https://login.vk.com https://m.vk.com https://mc.yandex.ru https://yastatic.net https://mc.yandex.md; frame-src 'self' www.facebook.com www.googletagmanager.com piper.amocrm.ru gso.amocrm.ru forms.amocrm.ru button.amocrm.ru drive-a.amocrm.ru drive-b.amocrm.ru drive.amocrm.ru hb.bizmrg.com *.amazonaws.com https://www.youtube.com https://rutube.ru https://www.google.com https://www.facebook.com https://vk.com https://login.vk.com https://m.vk.com https://mc.yandex.ru https://yandex.ru; connect-src 'self' https://*.amocrm.ru https://appbroker.amocrm-dev.ru https://appbroker.amostage.ru https://appbroker.amocrm.ru gso.amocrm.ru lc-ru.amocrm.com https://pro.ip-api.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com https://graph.facebook.com https://vk.com https://login.vk.com https://m.vk.com https://top-fwz1.mail.ru https://mc.yandex.ru https://mc.yandex.md; base-uri 'self';

default-src Keyword —

'self'

default-src Host —

gso.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

script-src Keyword —

'self'

script-src Keyword —

'strict-dynamic'

script-src Keyword —

'unsafe-inline'

script-src Host

Google Static File Front End

https://www.gstatic.com

ASN | Google

script-src Host

Google Search

https://www.google.com

ASN | Google

script-src Host

Google Conversion Tracking

http://www.googleadservices.com

ASN | Google

script-src Host

Google Tag Manager

https://www.googletagmanager.com

ASN | Google

script-src Host

jsDelivr

https://cdn.jsdelivr.net

ASN | Cloudflare

script-src Host —

https://seal.starfieldtech.com

ASN | GO-DADDY-COM-LLC - GoDaddy.com

script-src Hash —

'sha256-6/v+FSMWnmvsGNghwyNkr2VwAMemIky1qH4GhuhErw8='

script-src Keyword —

'unsafe-hashes'

script-src Host —

piper.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

script-src Host —

gso.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

script-src Host —

https://my.hellobar.com

ASN | Cloudflare

script-src Host

YouTube

https://www.youtube.com

ASN | Google

script-src Host —

https://rutube.ru

ASN | AS-SERVICEPIPE - SERVICEPIPE LLC

script-src Hash —

'sha256-qZJmHHAaUu28WoFKc0FVNpA5ikXzX0NBeqIpY0bQXIA='

script-src Hash —

'sha256-V7US+zMwAMOPr/YqM4zVsHsKGl3xUiVIwhFUvnv87QE='

script-src Hash —

'sha256-J8lzg3ubs2SO6PW9MmHWe1UzbBMwuiLWxN/otQCygyY='

script-src Hash —

'sha256-disSjv6Cqh2qc1///UXyReEByhnnMEGIa7VnqInfjls='

script-src Hash —

'sha256-eH5kMeUdc48DzHbZtubwbQ1dUOxSsKEw4nqHROB4O+g='

script-src Hash —

'sha256-sejyC18/DnWxENEG0wtqHl60q8kck4ZIDJVPYZoFY2Y='

script-src Hash —

'sha256-yHwihVYvV0uJwcx2/8gO6wxKSQKbIKgPrOhvJErN3Zs='

script-src Hash —

'sha256-DpOoqibK/BsYhobWHnU38Pyzt5SjDZuR/mFsAiVN7kk='

script-src Host

Google Hosted Libraries

https://ajax.googleapis.com

ASN | Google

script-src Host

Facebook

https://www.facebook.com

ASN | Facebook

script-src Host

Facebook

https://connect.facebook.net

ASN | Facebook

script-src Host

Facebook

https://graph.facebook.com

ASN | Facebook

script-src Host —

https://vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

script-src Host —

https://login.vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

script-src Host —

https://m.vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

script-src Host —

top-fwz1.mail.ru

ASN | VK-AS - LLC VK

script-src Host Yandex

https://mc.yandex.ru

ASN | YANDEX - YANDEX LLC

script-src Host

Yandex Tools

https://yastatic.net

ASN | YANDEX - YANDEX LLC

script-src Nonce —

'nonce-e9af510aa1a2'

style-src Keyword —

'self'

style-src Host

Google Fonts

https://fonts.googleapis.com

ASN | Google

style-src Keyword —

'strict-dynamic'

style-src Keyword —

'unsafe-inline'

style-src Host

unpkg

https://unpkg.com

ASN | Cloudflare

style-src Host —

gso.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

style-src Host

Facebook

connect.facebook.net

ASN | Facebook

form-action Keyword —

'self'

form-action Host

Facebook

https://www.facebook.com

ASN | Facebook

frame-ancestors Keyword —

'self'

frame-ancestors Host —

https://*.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

frame-ancestors Host —

chrome-extension://cfaicdlgblgdchnpdilihjmfnogpjakl

frame-ancestors Host —

chrome-extension://eaeaddaoioikiaokcmjfeghddidmmfhc

worker-src Keyword —

'none'

object-src Keyword —

'none'

font-src Keyword —

'self'

font-src Scheme —

data:

font-src Host

Google Fonts

https://fonts.gstatic.com

ASN | Google

img-src Keyword —

'self'

img-src Scheme —

data:

img-src Scheme —

blob:

img-src Host —

https://i.postimg.cc

ASN | PUREVOLTAGE-INC - PureVoltage Hosting Inc.

img-src Host —

https://seal.godaddy.com

ASN | GO-DADDY-COM-LLC - GoDaddy.com

img-src Host —

https://widgets.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

img-src Host —

piper.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

img-src Host —

gso.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

img-src Host —

https://assets.hellobar.com

ASN | Cloudflare

img-src Host

Google Analytics

https://www.google-analytics.com

ASN | Google

img-src Host

Google Search

https://www.google.com

ASN | Google

img-src Host —

https://www.google.ru

ASN | Google

img-src Host

Google Tag Manager

https://www.googletagmanager.com

ASN | Google

img-src Host

Facebook

https://www.facebook.com

ASN | Facebook

img-src Host

Facebook

https://connect.facebook.net

ASN | Facebook

img-src Host —

https://vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

img-src Host —

https://login.vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

img-src Host —

https://m.vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

img-src Host Yandex

https://mc.yandex.ru

ASN | YANDEX - YANDEX LLC

img-src Host

Yandex Tools

https://yastatic.net

ASN | YANDEX - YANDEX LLC

img-src Host —

https://mc.yandex.md

ASN | YANDEX - YANDEX LLC

frame-src Keyword —

'self'

frame-src Host

Facebook

www.facebook.com

ASN | Facebook

frame-src Host

Google Tag Manager

www.googletagmanager.com

ASN | Google

frame-src Host —

piper.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

frame-src Host —

gso.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

frame-src Host —

forms.amocrm.ru

ASN | SELECTEL - JSC Selectel

frame-src Host —

button.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

frame-src Host —

drive-a.amocrm.ru

ASN | SELECTEL - JSC Selectel

frame-src Host —

drive-b.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

frame-src Host —

drive.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

frame-src Host —

hb.bizmrg.com

ASN | VK-AS - LLC VK

frame-src Host

AWS

*.amazonaws.com

ASN | Amazon

frame-src Host

YouTube

https://www.youtube.com

ASN | Google

frame-src Host —

https://rutube.ru

ASN | AS-SERVICEPIPE - SERVICEPIPE LLC

frame-src Host

Google Search

https://www.google.com

ASN | Google

frame-src Host

Facebook

https://www.facebook.com

ASN | Facebook

frame-src Host —

https://vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

frame-src Host —

https://login.vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

frame-src Host —

https://m.vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

frame-src Host Yandex

https://mc.yandex.ru

ASN | YANDEX - YANDEX LLC

frame-src Host Yandex

https://yandex.ru

ASN | YANDEX - YANDEX LLC

connect-src Keyword —

'self'

connect-src Host —

https://*.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

connect-src Host —

https://appbroker.amocrm-dev.ru

connect-src Host —

https://appbroker.amostage.ru

connect-src Host —

https://appbroker.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

connect-src Host —

gso.amocrm.ru

ASN | UNITEDNET - EDINAYA SET LIMITED LIABILITY COMPANY

connect-src Host —

lc-ru.amocrm.com

ASN | SERVERS-COM - Servers.com

connect-src Host

IP-API

https://pro.ip-api.com

ASN | AS-GLOBALTELEHOST - GTHost

connect-src Host

Google Analytics

https://www.google-analytics.com

ASN | Google

connect-src Host

Google DoubleClick

https://stats.g.doubleclick.net

ASN | Google

connect-src Host

Facebook

https://www.facebook.com

ASN | Facebook

connect-src Host

Facebook

https://graph.facebook.com

ASN | Facebook

connect-src Host —

https://vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

connect-src Host —

https://login.vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

connect-src Host —

https://m.vk.com

ASN | VKONTAKTE-SPB-AS - LLC VK

connect-src Host —

https://top-fwz1.mail.ru

ASN | VK-AS - LLC VK

connect-src Host Yandex

https://mc.yandex.ru

ASN | YANDEX - YANDEX LLC

connect-src Host —

https://mc.yandex.md

ASN | YANDEX - YANDEX LLC

base-uri Keyword —

'self'

Content-Security-Policy-Report-Only

No report-only CSP headers found.