Content-Security-Policy Analysis for https://help.commerce.campaignmonitor.com

Open Cached · just now

5 directives

Content-Security-Policy

Content-Security-Policy: upgrade-insecure-requests, frame-ancestors 'self'; report-uri /_/commcsp?disposition=enforce

upgrade-insecure-requests, Host —

frame-ancestors

upgrade-insecure-requests, Keyword —

'self'

report-uri Host —

/_/commcsp?disposition=enforce

Content-Security-Policy-Report-Only

Content-Security-Policy-Report-Only: frame-src *.force.com https://player.vimeo.com https://www.linkedin.com 'self' https://stats.g.doubleclick.net *.youtube.co.uk https://sfdc-link-preview.hk.salesforce.com https://emmabot.ada.support https://checkoutshopper-test.adyen.com/ https://pal-test.adyen.com *.cybersource.com *.youtube.es https://*.springcm.com *.adis.ws https://usa846.sfdc-8tgtt5.salesforce.com *.createsend.com https://cti-client.talkdeskapp.com *.youtube.ie https://www.youtube.com *.cloudinary.com https://pay.google.com *.vimeo.com *.youtube.jp bcove.video https://region1.google-analytics.com *.youtube.fr https://cm-commerce.com https://*.a.forceusercontent.com https://player.cloudinary.com https://static.ada.support https://sfdc-link-preview-staging.sfdc.sh https://s1.adis.ws https://rollout.ada.support *.forceusercontent.com *.brightcove.net *.youtube.com *.youtube.nl *.beaufort12.com https://service.force.com/embeddedservice/ https://fast.wistia.net https://ha1.createsend1.com *.quip.com *.arkoselabs.com https://*.docusign.net https://api.mixpanel.com *.youtube-nocookie.com https://www.paypal.com https://appiniummastertrial.secure.force.com https://play.vidyard.com https://*.mytalkdesk.com *.youtube.com.br *.salesforce-experience.com http://createsend.com *.salesforceliveagent.com https://cmcommerce-gr.ada.support https://scormanywhere.secure.force.com https://checkoutshopper-live.adyen.com/ https://*.clm.docusign.mil *.sfdcfc.net *.youtube.ca https://emma-status.statuscast.com https://location.force.com https://*.docusign.com *.vidyard.com https://www.gstatic.com/recaptcha/ https://players.brightcove.net https://cmagencyadmin-gr.ada.support https://cdn.embedly.com https://www.google.com/recaptcha/ https://js.stripe.com/ https://www.sandbox.paypal.com https://*.clmfed.docusign.com https://campaignmonitor.ada.support https://*.googleusercontent.com https://*.a.forceusercontent.com/lightningmaps/ https://emma-cm-gr.ada.support https://www.googletagmanager.com *.wistia.net https://www.google-analytics.com *.salesforce.com https://cmdirect-gr.ada.support https://emma.file.force.com *.youtube.pl https://campaignmonitor.statuscast.com; report-to sfdc-csp-ep; report-uri https://emma.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00Dfn000009XzLq&networkId=0DMan0000002fIQ&type=communities

frame-src Host

Salesforce Sites

*.force.com

frame-src Host

Vimeo

https://player.vimeo.com

ASN | Cloudflare

frame-src Host

LinkedIn

https://www.linkedin.com

ASN | Cloudflare

frame-src Keyword —

'self'

frame-src Host

Google DoubleClick

https://stats.g.doubleclick.net

frame-src Host —

*.youtube.co.uk

frame-src Host

Salesforce Cloud

https://sfdc-link-preview.hk.salesforce.com

frame-src Host —

https://emmabot.ada.support

frame-src Host

Adyen

https://checkoutshopper-test.adyen.com/

ASN | ADYEN - Adyen N.V.

frame-src Host

Adyen

https://pal-test.adyen.com

ASN | ADYEN - Adyen N.V.

frame-src Host —

*.cybersource.com

ASN | Cloudflare

frame-src Host —

*.youtube.es

frame-src Host —

https://*.springcm.com

frame-src Host —

*.adis.ws

frame-src Host

Salesforce Cloud

https://usa846.sfdc-8tgtt5.salesforce.com

frame-src Host —

*.createsend.com

frame-src Host —

https://cti-client.talkdeskapp.com

ASN | Cloudflare

frame-src Host —

*.youtube.ie

frame-src Host

YouTube

https://www.youtube.com

frame-src Host

Cloudinary

*.cloudinary.com

ASN | Cloudflare

frame-src Host

Google Pay

https://pay.google.com

frame-src Host

Vimeo

*.vimeo.com

ASN | Cloudflare

frame-src Host —

*.youtube.jp

frame-src Host —

bcove.video

ASN | Google Cloud

frame-src Host

Google Analytics

https://region1.google-analytics.com

frame-src Host —

*.youtube.fr

frame-src Host —

https://cm-commerce.com

ASN | Cloudflare

frame-src Host —

https://*.a.forceusercontent.com

frame-src Host

Cloudinary

https://player.cloudinary.com

frame-src Host —

https://static.ada.support

frame-src Host —

https://sfdc-link-preview-staging.sfdc.sh

frame-src Host —

https://s1.adis.ws

ASN | Cloudflare

frame-src Host —

https://rollout.ada.support

frame-src Host —

*.forceusercontent.com

frame-src Host

Brightcove

*.brightcove.net

frame-src Host

YouTube

*.youtube.com

frame-src Host —

*.youtube.nl

frame-src Host —

*.beaufort12.com

ASN | Cloudflare

frame-src Host

Salesforce Cloud

https://service.force.com/embeddedservice/

ASN | Salesforce

frame-src Host

Wistia

https://fast.wistia.net

frame-src Host —

https://ha1.createsend1.com

frame-src Host —

*.quip.com

frame-src Host

Arkose Labs

*.arkoselabs.com

frame-src Host

DocuSign

https://*.docusign.net

ASN | DOCUS-6-PROD - Docusign

frame-src Host

Mixpanel

https://api.mixpanel.com

ASN | Google Cloud

frame-src Host

YouTube

*.youtube-nocookie.com

frame-src Host

PayPal

https://www.paypal.com

frame-src Host

Salesforce Sites

https://appiniummastertrial.secure.force.com

frame-src Host

Vidyard

https://play.vidyard.com

frame-src Host —

https://*.mytalkdesk.com

frame-src Host —

*.youtube.com.br

frame-src Host —

*.salesforce-experience.com

frame-src Host —

http://createsend.com

frame-src Host

Salesforce Cloud

*.salesforceliveagent.com

frame-src Host —

https://cmcommerce-gr.ada.support

frame-src Host

Salesforce Sites

https://scormanywhere.secure.force.com

frame-src Host

Adyen

https://checkoutshopper-live.adyen.com/

ASN | ADYEN - Adyen N.V.

frame-src Host —

https://*.clm.docusign.mil

frame-src Host —

*.sfdcfc.net

frame-src Host —

*.youtube.ca

frame-src Host —

https://emma-status.statuscast.com

ASN | Microsoft

frame-src Host

Salesforce Sites

https://location.force.com

ASN | Salesforce

frame-src Host

DocuSign

https://*.docusign.com

frame-src Host

Vidyard

*.vidyard.com

ASN | Cloudflare

frame-src Host

Google Static File Front End

https://www.gstatic.com/recaptcha/

frame-src Host

Brightcove

https://players.brightcove.net

frame-src Host —

https://cmagencyadmin-gr.ada.support

frame-src Host —

https://cdn.embedly.com

ASN | Cloudflare

frame-src Host

Google reCAPTCHA

https://www.google.com/recaptcha/

frame-src Host

Stripe

https://js.stripe.com/

frame-src Host

PayPal

https://www.sandbox.paypal.com

frame-src Host

DocuSign

https://*.clmfed.docusign.com

frame-src Host —

https://campaignmonitor.ada.support

frame-src Host

Google Cloud Storage

https://*.googleusercontent.com

frame-src Host —

https://*.a.forceusercontent.com/lightningmaps/

frame-src Host —

https://emma-cm-gr.ada.support

frame-src Host

Google Tag Manager

https://www.googletagmanager.com

frame-src Host

Wistia

*.wistia.net

frame-src Host

Google Analytics

https://www.google-analytics.com

frame-src Host

Salesforce Cloud

*.salesforce.com

frame-src Host —

https://cmdirect-gr.ada.support

frame-src Host

Salesforce Sites

https://emma.file.force.com

frame-src Host —

*.youtube.pl

frame-src Host —

https://campaignmonitor.statuscast.com

ASN | Microsoft

report-to Host —

sfdc-csp-ep

report-uri Host

Salesforce Sites

https://emma.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00Dfn000009XzLq&networkId=0DMan0000002fIQ&type=communities