Content-Security-Policy Analysis for https://amsoil.ca

Open Cached · just now

4 directives

Content-Security-Policy

Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.amsoil.com *.amsoil.ca *.amsoilindustrial.com https://amsoilcontent.com https://www.amsoilcontent.com https://cdn.evgnet.com *.evergage.com https://amsoil.us-1.evergage.com https://analytics.amsoil.com https://analytics.amsoil.ca https://analytics.amsoilindustrial.com https://static.cloud.coveo.com https://www.google-analytics.com https://maps.googleapis.com https://assets.sitescdn.net https://realtimeanalytics.yext.com https://cdnjs.cloudflare.com/ *.doubleclick.net https://snap.licdn.com https://bat.bing.com *.microsoft.com *.facebook.net *.facebook.com *.criteo.com *.criteo.net https://www.googletagmanager.com *.linkedin.com *.google.com https://www.googleoptimize.com *.hotjar.com *.bc0a.com *.brightedge.com cdn.b0e8.com device.clearsale.com.br https://www.paypalobjects.com *.paypal.com https://www.gstatic.com https://www.googleadservices.com *.wistia.com *.wistia.net https://az124611.vo.msecnd.net https://cookie-cdn.cookiepro.com https://cdn-us.clickdimensions.com cdn.attn.tv *.attentivemobile.com *.googlesyndication.com *.powerobjects.net *.zoominfo.com *.convertlanguage.com *.docusign.com https://challenges.cloudflare.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://api.ipify.org https://appleid.cdn-apple.com https://*.trustarc.com https://cdn.cookielaw.org https://geolocation.onetrust.com *.niceincontact.com *.mountain.com https://*.qualtrics.com https://*.siteintercept.qualtrics.com https://*.amazon-adsystem.com https://browser.sentry-cdn.com blob:; frame-src 'self' *.amsoil.com *.amsoil.ca https://amsoilcontent.com *.hotjar.com *.criteo.com *.criteo.net *.docusign.net *.docusign.com *.facebook.com *.google.com *.paypal.com *.doubleclick.net *.powerobjects.net *.googlesyndication.com *.wistia.com *.wistia.net creatives.attn.tv https://challenges.cloudflare.com https://a25683390326.cdn.optimizely.com https://a25683390326.cdn-pci.optimizely.com *.niceincontact.com https://*.trustarc.com https://*.qualtrics.com https://*.siteintercept.qualtrics.com https://www.googletagmanager.com https://cdn.cookielaw.org; frame-ancestors 'self' https://sapcc.amsoil.com; report-uri /csp-report

script-src Keyword —

'self'

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

script-src Host —

*.amsoil.com

ASN | Cloudflare

script-src Host —

*.amsoil.ca

ASN | Cloudflare

script-src Host —

*.amsoilindustrial.com

ASN | Cloudflare

script-src Host —

https://amsoilcontent.com

ASN | Cloudflare

script-src Host —

https://www.amsoilcontent.com

ASN | Cloudflare

script-src Host —

https://cdn.evgnet.com

script-src Host Salesforce Personalization

*.evergage.com

script-src Host Salesforce Personalization

https://amsoil.us-1.evergage.com

script-src Host —

https://analytics.amsoil.com

script-src Host —

https://analytics.amsoil.ca

script-src Host —

https://analytics.amsoilindustrial.com

script-src Host —

https://static.cloud.coveo.com

script-src Host

Google Analytics

https://www.google-analytics.com

script-src Host

Google Maps

https://maps.googleapis.com

script-src Host —

https://assets.sitescdn.net

ASN | Cloudflare

script-src Host —

https://realtimeanalytics.yext.com

ASN | Cloudflare

script-src Host

Cloudflare CDNJS

https://cdnjs.cloudflare.com/

ASN | Cloudflare

script-src Host

Google DoubleClick

*.doubleclick.net

script-src Host

LinkedIn

https://snap.licdn.com

script-src Host Microsoft Advertising

https://bat.bing.com

ASN | Microsoft

script-src Host —

*.microsoft.com

ASN | Microsoft

script-src Host

Facebook

*.facebook.net

script-src Host

Facebook

*.facebook.com

script-src Host Criteo

*.criteo.com

script-src Host Criteo

*.criteo.net

script-src Host

Google Tag Manager

https://www.googletagmanager.com

script-src Host

LinkedIn

*.linkedin.com

ASN | Microsoft

script-src Host

Google Search

*.google.com

script-src Host

Google Optimize

https://www.googleoptimize.com

script-src Host

Hotjar

*.hotjar.com

script-src Host —

*.bc0a.com

ASN | Google Cloud

script-src Host —

*.brightedge.com

ASN | Google Cloud

script-src Host —

cdn.b0e8.com

ASN | Google Cloud

script-src Host —

device.clearsale.com.br

ASN | Microsoft

script-src Host

PayPal

https://www.paypalobjects.com

script-src Host

PayPal

*.paypal.com

script-src Host

Google Static File Front End

https://www.gstatic.com

script-src Host

Google Conversion Tracking

https://www.googleadservices.com

script-src Host

Wistia

*.wistia.com

script-src Host

Wistia

*.wistia.net

script-src Host

Microsoft Azure

https://az124611.vo.msecnd.net

ASN | Microsoft

script-src Host

OneTrust

https://cookie-cdn.cookiepro.com

ASN | Cloudflare

script-src Host —

https://cdn-us.clickdimensions.com

ASN | Microsoft

script-src Host —

cdn.attn.tv

script-src Host —

*.attentivemobile.com

ASN | Cloudflare

script-src Host

Google AdSense

*.googlesyndication.com

script-src Host —

*.powerobjects.net

script-src Host

ZoomInfo

*.zoominfo.com

ASN | Cloudflare

script-src Host —

*.convertlanguage.com

ASN | NAVISITE-EAST-2 - Navisite Opco LLC

script-src Host

DocuSign

*.docusign.com

script-src Host

Cloudflare Turnstile

https://challenges.cloudflare.com

ASN | Cloudflare

script-src Host

Optimizely

https://*.optimizely.com

script-src Host

Amazon S3

https://optimizely.s3.amazonaws.com

script-src Host

Amazon S3

https://cdn-assets-prod.s3.amazonaws.com

script-src Host ipify

https://api.ipify.org

ASN | Cloudflare

script-src Host

Apple ID

https://appleid.cdn-apple.com

script-src Host

TrustArc

https://*.trustarc.com

ASN | Cloudflare

script-src Host

OneTrust

https://cdn.cookielaw.org

ASN | Cloudflare

script-src Host

OneTrust

https://geolocation.onetrust.com

ASN | Cloudflare

script-src Host —

*.niceincontact.com

script-src Host MNTN

*.mountain.com

ASN | Cloudflare

script-src Host Qualtrics

https://*.qualtrics.com

script-src Host Qualtrics

https://*.siteintercept.qualtrics.com

ASN | Cloudflare

script-src Host

Amazon Advertising

https://*.amazon-adsystem.com

script-src Host

Sentry

https://browser.sentry-cdn.com

script-src Scheme —

blob:

frame-src Keyword —

'self'

frame-src Host —

*.amsoil.com

ASN | Cloudflare

frame-src Host —

*.amsoil.ca

ASN | Cloudflare

frame-src Host —

https://amsoilcontent.com

ASN | Cloudflare

frame-src Host

Hotjar

*.hotjar.com

frame-src Host Criteo

*.criteo.com

frame-src Host Criteo

*.criteo.net

frame-src Host

DocuSign

*.docusign.net

frame-src Host

DocuSign

*.docusign.com

frame-src Host

Facebook

*.facebook.com

frame-src Host

Google Search

*.google.com

frame-src Host

PayPal

*.paypal.com

frame-src Host

Google DoubleClick

*.doubleclick.net

frame-src Host —

*.powerobjects.net

frame-src Host

Google AdSense

*.googlesyndication.com

frame-src Host

Wistia

*.wistia.com

frame-src Host

Wistia

*.wistia.net

frame-src Host —

creatives.attn.tv

frame-src Host

Cloudflare Turnstile

https://challenges.cloudflare.com

ASN | Cloudflare

frame-src Host

Optimizely

https://a25683390326.cdn.optimizely.com

ASN | Cloudflare

frame-src Host

Optimizely

https://a25683390326.cdn-pci.optimizely.com

ASN | Cloudflare

frame-src Host —

*.niceincontact.com

frame-src Host

TrustArc

https://*.trustarc.com

ASN | Cloudflare

frame-src Host Qualtrics

https://*.qualtrics.com

frame-src Host Qualtrics

https://*.siteintercept.qualtrics.com

ASN | Cloudflare

frame-src Host

Google Tag Manager

https://www.googletagmanager.com

frame-src Host

OneTrust

https://cdn.cookielaw.org

ASN | Cloudflare

frame-ancestors Keyword —

'self'

frame-ancestors Host —

https://sapcc.amsoil.com

ASN | Cloudflare

report-uri Host —

/csp-report

Content-Security-Policy-Report-Only

No report-only CSP headers found.