Content-Security-Policy Analysis for https://syncedtool.com

Open Cached · just now

7 directives

Content-Security-Policy

Content-Security-Policy: default-src 'self' https://fonts.gstatic.com google.com.br www.google.com.br;script-src 'unsafe-inline' 'unsafe-eval' d2c9xx7hhelyow.cloudfront.net webedit.syncedtool.com https://www.google-analytics.com https://wopi.syncedtool.com blob: https://*.cdn.office.net http://*.cdn.office.net analytics.google.com https://script.crazyegg.com https://www.googleadservices.com web-preview.syncedtool.ca https://browser.sentry-cdn.com 'wasm-unsafe-eval' https://analytics.google.com https://www.googletagmanager.com googletagmanager.com www.google-analytics.com 'self' *.google-analytics.com;style-src 'unsafe-inline' https://wopi.syncedtool.com https://*.cdn.office.net web-preview.syncedtool.ca 'self' http://*.cdn.office.net d2c9xx7hhelyow.cloudfront.net webedit.syncedtool.com https://fonts.googleapis.com;img-src https://*.g.doubleclick.net https://www.google-analytics.com googletagmanager.com https://wopi.syncedtool.com www.google-analytics.com blob: https://*.cdn.office.net web-preview.syncedtool.ca 'self' http://*.cdn.office.net data: https://*.public.onecdn.static.microsoft analytics.google.com d2c9xx7hhelyow.cloudfront.net https://www.googletagmanager.com webedit.syncedtool.com https://*.df.onecdn.static.microsoft google.com.br www.google.com.br;font-src https://wopi.syncedtool.com https://fonts.gstatic.com blob: https://*.cdn.office.net web-preview.syncedtool.ca 'self' http://*.cdn.office.net data: d2c9xx7hhelyow.cloudfront.net webedit.syncedtool.com;connect-src wss://web-preview.syncedtool.ca sentry.anchorworks.com https://www.google-analytics.com https://wopi.syncedtool.com analytics.google.com https://pws-collect.pdftron.com/ https://script.crazyegg.com https://*.g.doubleclick.net https://*.analytics.google.com https://www.pdftron.com/ https://analytics.google.com https://www.googletagmanager.com wss://webedit.syncedtool.com https://web-preview.syncedtool.ca googletagmanager.com https://proxy.pdftron.com/ www.google-analytics.com 'self' *.google-analytics.com;frame-src https://*.g.doubleclick.net https://*.officeapps.live.com https://wopi.syncedtool.com blob: web-preview.syncedtool.ca 'self' https://www.googletagmanager.com webedit.syncedtool.com https://td.doubleclick.net;

default-src Keyword —

'self'

default-src Host

Google Fonts

https://fonts.gstatic.com

default-src Host —

google.com.br

default-src Host —

www.google.com.br

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

script-src Host

AWS CloudFront

d2c9xx7hhelyow.cloudfront.net

script-src Host —

webedit.syncedtool.com

ASN | EFOLDER - eFolder, Inc

script-src Host

Google Analytics

https://www.google-analytics.com

script-src Host —

https://wopi.syncedtool.com

ASN | EFOLDER - eFolder, Inc

script-src Scheme —

blob:

script-src Host

Microsoft 365

https://*.cdn.office.net

script-src Host

Microsoft 365

http://*.cdn.office.net

script-src Host

Google Analytics

analytics.google.com

script-src Host

Crazy Egg

https://script.crazyegg.com

ASN | Cloudflare

script-src Host

Google Conversion Tracking

https://www.googleadservices.com

script-src Host —

web-preview.syncedtool.ca

ASN | HUT8-EAST - Hut 8 Mining Corp.

script-src Host

Sentry

https://browser.sentry-cdn.com

script-src Keyword —

'wasm-unsafe-eval'

script-src Host

Google Analytics

https://analytics.google.com

script-src Host

Google Tag Manager

https://www.googletagmanager.com

script-src Host

Google Tag Manager

googletagmanager.com

script-src Host

Google Analytics

www.google-analytics.com

script-src Keyword —

'self'

script-src Host

Google Analytics

*.google-analytics.com

style-src Keyword —

'unsafe-inline'

style-src Host —

https://wopi.syncedtool.com

ASN | EFOLDER - eFolder, Inc

style-src Host

Microsoft 365

https://*.cdn.office.net

style-src Host —

web-preview.syncedtool.ca

ASN | HUT8-EAST - Hut 8 Mining Corp.

style-src Keyword —

'self'

style-src Host

Microsoft 365

http://*.cdn.office.net

style-src Host

AWS CloudFront

d2c9xx7hhelyow.cloudfront.net

style-src Host —

webedit.syncedtool.com

ASN | EFOLDER - eFolder, Inc

style-src Host

Google Fonts

https://fonts.googleapis.com

img-src Host

Google DoubleClick

https://*.g.doubleclick.net

img-src Host

Google Analytics

https://www.google-analytics.com

img-src Host

Google Tag Manager

googletagmanager.com

img-src Host —

https://wopi.syncedtool.com

ASN | EFOLDER - eFolder, Inc

img-src Host

Google Analytics

www.google-analytics.com

img-src Scheme —

blob:

img-src Host

Microsoft 365

https://*.cdn.office.net

img-src Host —

web-preview.syncedtool.ca

ASN | HUT8-EAST - Hut 8 Mining Corp.

img-src Keyword —

'self'

img-src Host

Microsoft 365

http://*.cdn.office.net

img-src Scheme —

data:

img-src Host —

https://*.public.onecdn.static.microsoft

img-src Host

Google Analytics

analytics.google.com

img-src Host

AWS CloudFront

d2c9xx7hhelyow.cloudfront.net

img-src Host

Google Tag Manager

https://www.googletagmanager.com

img-src Host —

webedit.syncedtool.com

ASN | EFOLDER - eFolder, Inc

img-src Host —

https://*.df.onecdn.static.microsoft

img-src Host —

google.com.br

img-src Host —

www.google.com.br

font-src Host —

https://wopi.syncedtool.com

ASN | EFOLDER - eFolder, Inc

font-src Host

Google Fonts

https://fonts.gstatic.com

font-src Scheme —

blob:

font-src Host

Microsoft 365

https://*.cdn.office.net

font-src Host —

web-preview.syncedtool.ca

ASN | HUT8-EAST - Hut 8 Mining Corp.

font-src Keyword —

'self'

font-src Host

Microsoft 365

http://*.cdn.office.net

font-src Scheme —

data:

font-src Host

AWS CloudFront

d2c9xx7hhelyow.cloudfront.net

font-src Host —

webedit.syncedtool.com

ASN | EFOLDER - eFolder, Inc

connect-src Host —

wss://web-preview.syncedtool.ca

ASN | HUT8-EAST - Hut 8 Mining Corp.

connect-src Host —

sentry.anchorworks.com

ASN | EFOLDER - eFolder, Inc

connect-src Host

Google Analytics

https://www.google-analytics.com

connect-src Host —

https://wopi.syncedtool.com

ASN | EFOLDER - eFolder, Inc

connect-src Host

Google Analytics

analytics.google.com

connect-src Host —

https://pws-collect.pdftron.com/

connect-src Host

Crazy Egg

https://script.crazyegg.com

ASN | Cloudflare

connect-src Host

Google DoubleClick

https://*.g.doubleclick.net

connect-src Host

Google Analytics

https://*.analytics.google.com

connect-src Host —

https://www.pdftron.com/

connect-src Host

Google Analytics

https://analytics.google.com

connect-src Host

Google Tag Manager

https://www.googletagmanager.com

connect-src Host —

wss://webedit.syncedtool.com

ASN | EFOLDER - eFolder, Inc

connect-src Host —

https://web-preview.syncedtool.ca

ASN | HUT8-EAST - Hut 8 Mining Corp.

connect-src Host

Google Tag Manager

googletagmanager.com

connect-src Host —

https://proxy.pdftron.com/

connect-src Host

Google Analytics

www.google-analytics.com

connect-src Keyword —

'self'

connect-src Host

Google Analytics

*.google-analytics.com

frame-src Host

Google DoubleClick

https://*.g.doubleclick.net

frame-src Host —

https://*.officeapps.live.com

ASN | Microsoft

frame-src Host —

https://wopi.syncedtool.com

ASN | EFOLDER - eFolder, Inc

frame-src Scheme —

blob:

frame-src Host —

web-preview.syncedtool.ca

ASN | HUT8-EAST - Hut 8 Mining Corp.

frame-src Keyword —

'self'

frame-src Host

Google Tag Manager

https://www.googletagmanager.com

frame-src Host —

webedit.syncedtool.com

ASN | EFOLDER - eFolder, Inc

frame-src Host

Google DoubleClick

https://td.doubleclick.net

Content-Security-Policy-Report-Only

No report-only CSP headers found.