Content-Security-Policy Analysis for https://coxpass.cox.com

Open Cached · just now

10 directives

Content-Security-Policy

No enforced CSP headers found.

Content-Security-Policy-Report-Only

Content-Security-Policy-Report-Only: object-src 'none'; base-uri https://mysignins.microsoft.com; default-src https://mysignins.microsoft.com https://api.mysignins.microsoft.com; script-src https://mysignins.microsoft.com https://api.mysignins.microsoft.com https://amcdn.msftauth.net https://js.monitor.azure.com; style-src https://mysignins.microsoft.com https://api.mysignins.microsoft.com 'unsafe-inline'; img-src https://mysignins.microsoft.com https://api.mysignins.microsoft.com https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.msocdn.com https://*.azureedge.net https://*.azure.com https://*.office.net https://*.office.com https://*.office365.com https://*.microsoft.com https://*.windows.net https://*.microsoftonline.com https://*.microsoftonline-int.com https://*.office.net https://*.sharepointonline.com data: blob:; font-src https://mysignins.microsoft.com https://api.mysignins.microsoft.com https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.msocdn.com https://*.azureedge.net https://*.azure.com https://*.office.net https://*.office.com https://*.office365.com https://*.microsoft.com https://*.windows.net https://*.microsoftonline.com https://*.microsoftonline-int.com https://*.office.net https://*.sharepointonline.com data: blob:; frame-ancestors https://mysignins.microsoft.com https://api.mysignins.microsoft.com; upgrade-insecure-requests; report-to csp-report-endpoint

object-src Keyword —

'none'

base-uri Host —

https://mysignins.microsoft.com

ASN | Microsoft

default-src Host —

https://mysignins.microsoft.com

ASN | Microsoft

default-src Host —

https://api.mysignins.microsoft.com

ASN | Microsoft

script-src Host —

https://mysignins.microsoft.com

ASN | Microsoft

script-src Host —

https://api.mysignins.microsoft.com

ASN | Microsoft

script-src Host —

https://amcdn.msftauth.net

ASN | Microsoft

script-src Host

Azure Monitor

https://js.monitor.azure.com

ASN | Microsoft

style-src Host —

https://mysignins.microsoft.com

ASN | Microsoft

style-src Host —

https://api.mysignins.microsoft.com

ASN | Microsoft

style-src Keyword —

'unsafe-inline'

img-src Host —

https://mysignins.microsoft.com

ASN | Microsoft

img-src Host —

https://api.mysignins.microsoft.com

ASN | Microsoft

img-src Host —

https://*.msauth.net

img-src Host —

https://*.msftauth.net

img-src Host —

https://*.msftauthimages.net

img-src Host —

https://*.msauthimages.net

img-src Host

Azure Application Proxy

https://*.msidentity.com

img-src Host —

https://*.msocdn.com

img-src Host

AzureFrontDoor

https://*.azureedge.net

img-src Host

Microsoft Azure

https://*.azure.com

ASN | Microsoft

img-src Host

Microsoft 365

https://*.office.net

img-src Host

Microsoft 365

https://*.office.com

ASN | Microsoft

img-src Host

Microsoft 365

https://*.office365.com

ASN | Microsoft

img-src Host —

https://*.microsoft.com

ASN | Microsoft

img-src Host —

https://*.windows.net

ASN | Microsoft

img-src Host —

https://*.microsoftonline.com

img-src Host —

https://*.microsoftonline-int.com

img-src Host

Microsoft 365

https://*.office.net

img-src Host

Microsoft SharePoint

https://*.sharepointonline.com

ASN | Microsoft

img-src Scheme —

data:

img-src Scheme —

blob:

font-src Host —

https://mysignins.microsoft.com

ASN | Microsoft

font-src Host —

https://api.mysignins.microsoft.com

ASN | Microsoft

font-src Host —

https://*.msauth.net

font-src Host —

https://*.msftauth.net

font-src Host —

https://*.msftauthimages.net

font-src Host —

https://*.msauthimages.net

font-src Host

Azure Application Proxy

https://*.msidentity.com

font-src Host —

https://*.msocdn.com

font-src Host

AzureFrontDoor

https://*.azureedge.net

font-src Host

Microsoft Azure

https://*.azure.com

ASN | Microsoft

font-src Host

Microsoft 365

https://*.office.net

font-src Host

Microsoft 365

https://*.office.com

ASN | Microsoft

font-src Host

Microsoft 365

https://*.office365.com

ASN | Microsoft

font-src Host —

https://*.microsoft.com

ASN | Microsoft

font-src Host —

https://*.windows.net

ASN | Microsoft

font-src Host —

https://*.microsoftonline.com

font-src Host —

https://*.microsoftonline-int.com

font-src Host

Microsoft 365

https://*.office.net

font-src Host

Microsoft SharePoint

https://*.sharepointonline.com

ASN | Microsoft

font-src Scheme —

data:

font-src Scheme —

blob:

frame-ancestors Host —

https://mysignins.microsoft.com

ASN | Microsoft

frame-ancestors Host —

https://api.mysignins.microsoft.com

ASN | Microsoft

upgrade-insecure-requests Source —

(no sources)

report-to Host —

csp-report-endpoint