Content-Security-Policy Analysis for https://remote.bdsupport.com

Open Cached · just now

13 directives

Content-Security-Policy

Content-Security-Policy: default-src 'none'; base-uri 'self'; connect-src 'self' data: https://cdn.plyr.io/ wss://*.us2.ninjarmm.com wss://*.rmmservices.net https://*.us2.ninjarmm.com https://*.rmmservices.net https://*.ninjarmm.com https://*.ingest.sentry.io https://vimeo.com https://maps.googleapis.com https://data.eu.pendo.io https://content-5057394946277376.static.eu.pendo.io https://www.recaptcha.net https://addons.mozilla.org; font-src 'self' https://fonts.gstatic.com https://f.vimeocdn.com https://*.ninjarmm.com; form-action 'self' https://*.zendesk.com https://*.ninjaone.com https://*.accelo.com https://*.officeapps.live.com https://*.office.microsoft.com; frame-ancestors 'self'; frame-src 'self' https://player.vimeo.com https://vimeo.com/ https://secureforms.ninjarmm.com https://secureforms.us2.ninjarmm.com https://secureforms.rmmservices.net https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ ninjarmm: https://play.google.com https://*.officeapps.live.com https://*.office.microsoft.com https://us2-ninja-attachments.s3.us-east-2.amazonaws.com https://*.ninjarmm.com https://account.google.com https://enterprise.google.com; img-src 'self' data: blob: https://us2-ninja-attachments.s3.us-east-2.amazonaws.com https://i.vimeocdn.com https://chart.googleapis.com https://resources.ninjarmm.com https://ninjauploads.ninjarmm.com/ https://ninjauploads.s3.amazonaws.com https://*.cdn.office.net https://*.mzstatic.com https://*.googleusercontent.com https://*.ggpht.com https://*.googleapis.com https://maps.gstatic.com https://data.eu.pendo.io https://content-5057394946277376.static.eu.pendo.io; media-src 'self' https://*.ninjarmm.com https://cdn.plyr.io/ https://*.ci.vimeows.com https://*.vimeocdn.com https://live-api.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com; script-src 'self'  https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://apis.google.com https://*.vimeocdn.com https://fresnel.vimeocdn.com https://maps.googleapis.com https://cdn.eu.pendo.io https://data.eu.pendo.io https://content-5057394946277376.static.eu.pendo.io; style-src 'self' 'unsafe-inline' https://apis.google.com https://fonts.googleapis.com https://fresnel.vimeocdn.com https://content-5057394946277376.static.eu.pendo.io; worker-src 'self' blob:;

default-src Keyword —

'none'

base-uri Keyword —

'self'

connect-src Keyword —

'self'

connect-src Scheme —

data:

connect-src Host

Plyr

https://cdn.plyr.io/

ASN | Cloudflare

connect-src Host —

wss://*.us2.ninjarmm.com

connect-src Host —

wss://*.rmmservices.net

connect-src Host —

https://*.us2.ninjarmm.com

connect-src Host —

https://*.rmmservices.net

connect-src Host —

https://*.ninjarmm.com

ASN | Cloudflare

connect-src Host

Sentry

https://*.ingest.sentry.io

connect-src Host

Vimeo

https://vimeo.com

ASN | Cloudflare

connect-src Host

Google Maps

https://maps.googleapis.com

connect-src Host

Pendo

https://data.eu.pendo.io

ASN | Google Cloud

connect-src Host

Pendo

https://content-5057394946277376.static.eu.pendo.io

connect-src Host

Google reCAPTCHA

https://www.recaptcha.net

connect-src Host —

https://addons.mozilla.org

font-src Keyword —

'self'

font-src Host

Google Fonts

https://fonts.gstatic.com

font-src Host

Vimeo

https://f.vimeocdn.com

font-src Host —

https://*.ninjarmm.com

ASN | Cloudflare

form-action Keyword —

'self'

form-action Host

Zendesk

https://*.zendesk.com

ASN | Cloudflare

form-action Host —

https://*.ninjaone.com

ASN | Cloudflare

form-action Host —

https://*.accelo.com

form-action Host —

https://*.officeapps.live.com

ASN | Microsoft

form-action Host —

https://*.office.microsoft.com

ASN | Microsoft

frame-ancestors Keyword —

'self'

frame-src Keyword —

'self'

frame-src Host

Vimeo

https://player.vimeo.com

ASN | Cloudflare

frame-src Host

Vimeo

https://vimeo.com/

ASN | Cloudflare

frame-src Host —

https://secureforms.ninjarmm.com

frame-src Host —

https://secureforms.us2.ninjarmm.com

frame-src Host —

https://secureforms.rmmservices.net

frame-src Host

Google reCAPTCHA

https://www.google.com/recaptcha/

frame-src Host

Google reCAPTCHA

https://www.recaptcha.net/recaptcha/

frame-src Scheme —

ninjarmm:

frame-src Host —

https://play.google.com

frame-src Host —

https://*.officeapps.live.com

ASN | Microsoft

frame-src Host —

https://*.office.microsoft.com

ASN | Microsoft

frame-src Host

AWS

https://us2-ninja-attachments.s3.us-east-2.amazonaws.com

frame-src Host —

https://*.ninjarmm.com

ASN | Cloudflare

frame-src Host —

https://account.google.com

frame-src Host —

https://enterprise.google.com

img-src Keyword —

'self'

img-src Scheme —

data:

img-src Scheme —

blob:

img-src Host

AWS

https://us2-ninja-attachments.s3.us-east-2.amazonaws.com

img-src Host

Vimeo

https://i.vimeocdn.com

img-src Host

Google API JS Client

https://chart.googleapis.com

img-src Host —

https://resources.ninjarmm.com

img-src Host —

https://ninjauploads.ninjarmm.com/

img-src Host

Amazon S3

https://ninjauploads.s3.amazonaws.com

img-src Host

Microsoft 365

https://*.cdn.office.net

img-src Host —

https://*.mzstatic.com

img-src Host

Google Cloud Storage

https://*.googleusercontent.com

img-src Host —

https://*.ggpht.com

img-src Host

Google API JS Client

https://*.googleapis.com

img-src Host

Google Maps

https://maps.gstatic.com

img-src Host

Pendo

https://data.eu.pendo.io

ASN | Google Cloud

img-src Host

Pendo

https://content-5057394946277376.static.eu.pendo.io

media-src Keyword —

'self'

media-src Host —

https://*.ninjarmm.com

ASN | Cloudflare

media-src Host

Plyr

https://cdn.plyr.io/

ASN | Cloudflare

media-src Host —

https://*.ci.vimeows.com

media-src Host

Vimeo

https://*.vimeocdn.com

media-src Host

Vimeo

https://live-api.cloud.vimeo.com/

ASN | Google Cloud

object-src Keyword —

'self'

object-src Host

Vimeo

https://*.vimeocdn.com

script-src Keyword —

'self'

script-src Host

Google reCAPTCHA

https://www.google.com/recaptcha/

script-src Host

Google reCAPTCHA

https://www.recaptcha.net/recaptcha/

script-src Host

Google Static File Front End

https://www.gstatic.com/recaptcha/

script-src Host

Google Static File Front End

https://www.gstatic.cn/recaptcha/

script-src Host

Google API JS Client

https://apis.google.com

script-src Host

Vimeo

https://*.vimeocdn.com

script-src Host

Vimeo

https://fresnel.vimeocdn.com

ASN | Google Cloud

script-src Host

Google Maps

https://maps.googleapis.com

script-src Host

Pendo

https://cdn.eu.pendo.io

ASN | Google Cloud

script-src Host

Pendo

https://data.eu.pendo.io

ASN | Google Cloud

script-src Host

Pendo

https://content-5057394946277376.static.eu.pendo.io

style-src Keyword —

'self'

style-src Keyword —

'unsafe-inline'

style-src Host

Google API JS Client

https://apis.google.com

style-src Host

Google Fonts

https://fonts.googleapis.com

style-src Host

Vimeo

https://fresnel.vimeocdn.com

ASN | Google Cloud

style-src Host

Pendo

https://content-5057394946277376.static.eu.pendo.io

worker-src Keyword —

'self'

worker-src Scheme —

blob:

Content-Security-Policy-Report-Only

No report-only CSP headers found.