Content-Security-Policy Analysis for https://connect.iprotech.com

Open Cached · just now

11 directives

Content-Security-Policy

Content-Security-Policy: upgrade-insecure-requests; default-src https://*.zoom.us https://zoom.us blob: 'self'; img-src https: about: blob: data: 'self'; style-src https: safari-extension: chrome-extension: 'unsafe-inline' data: 'self'; font-src https: safari-extension: chrome-extension: blob: data: 'self'; connect-src * about: blob: data: 'self'; media-src * rtmp: blob: data: 'self'; frame-src https: ms-appx-web: zoommtg: zoomus: wvjbscheme: zoomprc: zoomzccprc: data: blob: 'self'; object-src 'none'; base-uri 'none';script-src 'self' 'wasm-unsafe-eval' 'strict-dynamic' 'nonce-dbQbB1BuQJKL8p_WZ71LQw' blob: https:;

upgrade-insecure-requests Source —

(no sources)

default-src Host

Zoom

https://*.zoom.us

ASN | Cloudflare

default-src Host

Zoom

https://zoom.us

ASN | Cloudflare

default-src Scheme —

blob:

default-src Keyword —

'self'

img-src Scheme —

https:

img-src Scheme —

about:

img-src Scheme —

blob:

img-src Scheme —

data:

img-src Keyword —

'self'

style-src Scheme —

https:

style-src Scheme —

safari-extension:

style-src Scheme —

chrome-extension:

style-src Keyword —

'unsafe-inline'

style-src Scheme —

data:

style-src Keyword —

'self'

font-src Scheme —

https:

font-src Scheme —

safari-extension:

font-src Scheme —

chrome-extension:

font-src Scheme —

blob:

font-src Scheme —

data:

font-src Keyword —

'self'

connect-src Host —

connect-src Scheme —

about:

connect-src Scheme —

blob:

connect-src Scheme —

data:

connect-src Keyword —

'self'

media-src Host —

media-src Scheme —

rtmp:

media-src Scheme —

blob:

media-src Scheme —

data:

media-src Keyword —

'self'

frame-src Scheme —

https:

frame-src Scheme —

ms-appx-web:

frame-src Scheme —

zoommtg:

frame-src Scheme —

zoomus:

frame-src Scheme —

wvjbscheme:

frame-src Scheme —

zoomprc:

frame-src Scheme —

zoomzccprc:

frame-src Scheme —

data:

frame-src Scheme —

blob:

frame-src Keyword —

'self'

object-src Keyword —

'none'

base-uri Keyword —

'none'

script-src Keyword —

'self'

script-src Keyword —

'wasm-unsafe-eval'

script-src Keyword —

'strict-dynamic'

script-src Nonce —

'nonce-dbQbB1BuQJKL8p_WZ71LQw'

script-src Scheme —

blob:

script-src Scheme —

https:

Content-Security-Policy-Report-Only

No report-only CSP headers found.