Content-Security-Policy Analysis for https://engage.cloud-dev.microsoft

Open Cached · just now

22 directives

Content-Security-Policy

Content-Security-Policy: base-uri 'self'; child-src 'self' https://amcdn.msftauth.net https://outlook.exo.eaglex.ic.gov https://outlook.exo.microsoft.scloud https://outlook.office.com https://outlook.office365.us https://partner.outlook.cn https://shell.azurefd.eaglex.ic.gov https://shell.azurefd.microsoft.scloud https://shell.cdn.office.net https://shellppe.cdn.office.net https://webmail.apps.mil https://webshell.dodsuite.office365.us https://webshell.suite.eaglex.ic.gov https://webshell.suite.microsoft.scloud https://webshell.suite.office.com https://webshell.suite.office365.us https://webshell.suite.officeppe.com https://webshell.suite.partner.microsoftonline.cn; connect-src 'self' https: https://*.dev.yammer.com/ https://*.labs.yammer.dev/ https://int.augloop.svc.cloud-dev.microsoft https://labscdn.azureedge.net/ https://labsgeneralpurpose.blob.core.windows.net/ https://labsyammerclients.blob.core.windows.net/ wss://*.augloop.svc.cloud.microsoft/ wss://*.delve.office.com/ wss://*.rt.yammer.com/cometd/ wss://augloop.svc.cloud.microsoft/ wss://int.augloop.svc.cloud-dev.microsoft; default-src 'none'; font-src 'self' data: https://*.cdn.office.net/ https://*.delve.office.com/ https://*.dev.yammer.com/ https://*.engage.cloud.microsoft/ https://*.labs.yammer.dev/ https://*.res.office365.com/ https://aesir.office.com https://c.s-microsoft.com https://engage.cloud.microsoft/ https://engage.usgovcloud.microsoft/ https://labscdn.azureedge.net/ https://labsgeneralpurpose.blob.core.windows.net/ https://labsyammerclients.blob.core.windows.net/ https://maxcdn.bootstrapcdn.com/bootstrap/ https://res-1.cdn.office.net https://res-1.public.onecdn.static.microsoft/ https://res-2.public.onecdn.static.microsoft/ https://res-4.public.onecdn.static.microsoft/ https://res-gcch.onecdn.usgovcloud-static.microsoft/ https://res.public.onecdn.static.microsoft/ https://spoprod-a.akamaihd.net/ https://static2.sharepointonline.com https://thumbnails.yammer.com/ https://web.yammer.com/ https://www.microsoft.com https://www.yammer.com/; form-action 'self' https:; frame-ancestors 'self' https: https://*.dev.yammer.com/ https://*.labs.yammer.dev/; frame-src 'self' blob: https: https://*.dev.yammer.com/ https://*.labs.yammer.dev/; img-src 'self' blob: data: https:; manifest-src 'self' https://*.cdn.office.net/ https://*.dev.yammer.com/ https://*.labs.yammer.dev/ https://*.res.office365.com/ https://labsgeneralpurpose.blob.core.windows.net/ https://labsyammerclients.blob.core.windows.net/ https://res-1.public.onecdn.static.microsoft/ https://res-2.public.onecdn.static.microsoft/ https://res-4.public.onecdn.static.microsoft/ https://res-gcch.onecdn.usgovcloud-static.microsoft/ https://res.public.onecdn.static.microsoft/; media-src 'self' blob: https://*.cdn.office.net/ https://*.dev.yammer.com/ https://*.engage.cloud.microsoft/ https://*.labs.yammer.dev/ https://*.sharepoint.com https://engage.cloud.microsoft/ https://engage.usgovcloud.microsoft/ https://web.yammer.com/ https://www.yammer.com/; object-src 'none'; report-to csp-endpoint; report-uri https://csp.microsoft.com/report/VivaEngage-Internal-NONPRD; script-src 'nonce-UFw+gRhMRpNKypgxMonI6KMbKrhpitvB2BXkeKZ0tek=' 'report-sample' 'self' 'strict-dynamic' https://*.cdn.office.net/ https://*.delve.office.com/ https://*.dev.yammer.com/ https://*.engage.cloud.microsoft/ https://*.labs.yammer.dev/ https://*.microsoft.com https://*.res.office365.com/ https://*.visualstudio.com/ https://a-ring.msedge.net https://acdc-direct.office.com https://admin.microsoft.com https://aesir.office.com https://afd-a-acdc-direct.office.com https://afd-k-acdc-direct.office.com https://amcdn.msauth.net/ https://amcdn.msftauth.net/ https://atm-fp-direct.office.com https://b-ring.msedge.net https://dev.azure.com/ https://engage.cloud.microsoft/ https://engage.usgovcloud.microsoft/ https://gtm-dyn-direct.office365.com https://js.monitor.azure.com/ https://k-ring.msedge.net https://labscdn.azureedge.net/ https://labsgeneralpurpose.blob.core.windows.net/ https://labsyammerclients.blob.core.windows.net/ https://outlook.exo.eaglex.ic.gov https://outlook.exo.microsoft.scloud https://outlook.live.com https://outlook.office.com https://outlook.office365.us https://ow1.res.office365.com https://partner.outlook.cn https://r4.res.office365.com https://res-1.public.onecdn.static.microsoft/ https://res-2.public.onecdn.static.microsoft/ https://res-4.public.onecdn.static.microsoft/ https://res-gcch.onecdn.usgovcloud-static.microsoft/ https://res.public.onecdn.static.microsoft/ https://s-ring.msedge.net https://shell.azurefd.eaglex.ic.gov https://shell.azurefd.microsoft.scloud https://shellprod.msocdn.com https://statics.teams.cloud.microsoft https://statics.teams.microsoft.com https://substrate.office.com https://web.vortex.data.microsoft.com https://web.yammer.com/ https://webmail.apps.mil https://webshell.dodsuite.office365.us https://webshell.suite.eaglex.ic.gov https://webshell.suite.microsoft.scloud https://webshell.suite.office.com https://webshell.suite.office365.us https://webshell.suite.officeppe.com https://webshell.suite.partner.microsoftonline.cn https://www.yammer.com/ wss://*.delve.office.com; script-src-attr 'report-sample' 'self'; script-src-elem 'self' blob: https://*.cdn.office.net.rproxy.goskope.com/ https://*.cdn.office.net/ https://*.dev.yammer.com/ https://*.engage.cloud.microsoft/ https://*.labs.yammer.dev/ https://*.res.office365.com/ https://amcdn.msauth.net/ https://amcdn.msftauth.net/ https://engage.cloud.microsoft/ https://engage.usgovcloud.microsoft/ https://js.monitor.azure.com/ https://labscdn.azureedge.net/ https://labsgeneralpurpose.blob.core.windows.net/ https://labsyammerclients.blob.core.windows.net/ https://res-1.public.onecdn.static.microsoft/ https://res-2.public.onecdn.static.microsoft/ https://res-4.public.onecdn.static.microsoft/ https://res-gcch.onecdn.usgovcloud-static.microsoft/ https://res.public.onecdn.static.microsoft/ https://web.yammer.com/ https://www.yammer.com/; style-src 'report-sample' 'self' 'unsafe-inline' https://*.cdn.office.net/ https://*.dev.yammer.com/ https://*.engage.cloud.microsoft/ https://*.labs.yammer.dev/ https://*.res.office365.com/ https://*.visualstudio.com/ https://dev.azure.com/ https://engage.cloud.microsoft/ https://engage.usgovcloud.microsoft/ https://labscdn.azureedge.net/ https://labsgeneralpurpose.blob.core.windows.net/ https://labsyammerclients.blob.core.windows.net/ https://res-1.public.onecdn.static.microsoft/ https://res-2.public.onecdn.static.microsoft/ https://res-4.public.onecdn.static.microsoft/ https://res-gcch.onecdn.usgovcloud-static.microsoft/ https://res.public.onecdn.static.microsoft/ https://shell.azurefd.eaglex.ic.gov https://shell.azurefd.microsoft.scloud https://shellprod.msocdn.com https://web.yammer.com/ https://www.microsoft.com https://www.yammer.com/; style-src-attr 'report-sample' 'self' 'unsafe-inline' https://*.cdn.office.net/ https://*.dev.yammer.com/ https://*.engage.cloud.microsoft/ https://*.labs.yammer.dev/ https://*.res.office365.com/ https://engage.cloud.microsoft/ https://engage.usgovcloud.microsoft/ https://labscdn.azureedge.net/ https://labsgeneralpurpose.blob.core.windows.net/ https://labsyammerclients.blob.core.windows.net/ https://res-1.public.onecdn.static.microsoft/ https://res-2.public.onecdn.static.microsoft/ https://res-4.public.onecdn.static.microsoft/ https://res-gcch.onecdn.usgovcloud-static.microsoft/ https://res.public.onecdn.static.microsoft/ https://web.yammer.com/ https://www.yammer.com/; style-src-elem 'self' 'unsafe-inline' https://*.cdn.office.net/ https://*.dev.yammer.com/ https://*.engage.cloud.microsoft/ https://*.labs.yammer.dev/ https://*.res.office365.com/ https://*.visualstudio.com/ https://dev.azure.com/ https://engage.cloud.microsoft/ https://engage.usgovcloud.microsoft/ https://labscdn.azureedge.net/ https://labsgeneralpurpose.blob.core.windows.net/ https://labsyammerclients.blob.core.windows.net/ https://res-1.public.onecdn.static.microsoft/ https://res-2.public.onecdn.static.microsoft/ https://res-4.public.onecdn.static.microsoft/ https://res-gcch.onecdn.usgovcloud-static.microsoft/ https://res.public.onecdn.static.microsoft/ https://visualsponline.azurewebsites.net/app/js/ https://web.yammer.com/ https://www.yammer.com/; upgrade-insecure-requests; worker-src 'self' blob: https://*.cdn.office.net/ https://*.dev.yammer.com/ https://*.labs.yammer.dev/ https://engage.cloud.microsoft/ https://engage.usgovcloud.microsoft/ https://res-1.public.onecdn.static.microsoft/ https://res-2.public.onecdn.static.microsoft/ https://res-4.public.onecdn.static.microsoft/ https://res-gcch.onecdn.usgovcloud-static.microsoft/ https://res.public.onecdn.static.microsoft/ https://web.yammer.com/

base-uri Keyword —

'self'

child-src Keyword —

'self'

child-src Host —

https://amcdn.msftauth.net

ASN | Microsoft

child-src Host —

https://outlook.exo.eaglex.ic.gov

child-src Host —

https://outlook.exo.microsoft.scloud

child-src Host

Microsoft 365

https://outlook.office.com

ASN | Microsoft

child-src Host —

https://outlook.office365.us

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

child-src Host —

https://partner.outlook.cn

child-src Host —

https://shell.azurefd.eaglex.ic.gov

child-src Host —

https://shell.azurefd.microsoft.scloud

child-src Host

Microsoft 365

https://shell.cdn.office.net

ASN | Akamai

child-src Host

Microsoft 365

https://shellppe.cdn.office.net

ASN | Akamai

child-src Host —

https://webmail.apps.mil

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

child-src Host —

https://webshell.dodsuite.office365.us

child-src Host —

https://webshell.suite.eaglex.ic.gov

child-src Host —

https://webshell.suite.microsoft.scloud

child-src Host

Microsoft 365

https://webshell.suite.office.com

ASN | Microsoft

child-src Host —

https://webshell.suite.office365.us

child-src Host —

https://webshell.suite.officeppe.com

ASN | Microsoft

child-src Host —

https://webshell.suite.partner.microsoftonline.cn

connect-src Keyword —

'self'

connect-src Scheme —

https:

connect-src Host —

https://*.dev.yammer.com/

connect-src Host —

https://*.labs.yammer.dev/

connect-src Host —

https://int.augloop.svc.cloud-dev.microsoft

ASN | Microsoft

connect-src Host

AzureFrontDoor

https://labscdn.azureedge.net/

connect-src Host

Azure Blob Storage

https://labsgeneralpurpose.blob.core.windows.net/

ASN | Microsoft

connect-src Host

Azure Blob Storage

https://labsyammerclients.blob.core.windows.net/

ASN | Microsoft

connect-src Host —

wss://*.augloop.svc.cloud.microsoft/

ASN | Microsoft

connect-src Host

Microsoft 365

wss://*.delve.office.com/

ASN | Microsoft

connect-src Host —

wss://*.rt.yammer.com/cometd/

connect-src Host —

wss://augloop.svc.cloud.microsoft/

ASN | Microsoft

connect-src Host —

wss://int.augloop.svc.cloud-dev.microsoft

ASN | Microsoft

default-src Keyword —

'none'

font-src Keyword —

'self'

font-src Scheme —

data:

font-src Host

Microsoft 365

https://*.cdn.office.net/

font-src Host

Microsoft 365

https://*.delve.office.com/

ASN | Microsoft

font-src Host —

https://*.dev.yammer.com/

font-src Host —

https://*.engage.cloud.microsoft/

ASN | Microsoft

font-src Host —

https://*.labs.yammer.dev/

font-src Host

Microsoft 365

https://*.res.office365.com/

font-src Host

Microsoft 365

https://aesir.office.com

font-src Host —

https://c.s-microsoft.com

ASN | Akamai

font-src Host —

https://engage.cloud.microsoft/

ASN | Microsoft

font-src Host —

https://engage.usgovcloud.microsoft/

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

font-src Host

AzureFrontDoor

https://labscdn.azureedge.net/

font-src Host

Azure Blob Storage

https://labsgeneralpurpose.blob.core.windows.net/

ASN | Microsoft

font-src Host

Azure Blob Storage

https://labsyammerclients.blob.core.windows.net/

ASN | Microsoft

font-src Host

BootstrapCDN

https://maxcdn.bootstrapcdn.com/bootstrap/

ASN | Cloudflare

font-src Host

Microsoft 365

https://res-1.cdn.office.net

ASN | Akamai

font-src Host —

https://res-1.public.onecdn.static.microsoft/

ASN | Akamai

font-src Host —

https://res-2.public.onecdn.static.microsoft/

ASN | Microsoft

font-src Host —

https://res-4.public.onecdn.static.microsoft/

ASN | Microsoft

font-src Host —

https://res-gcch.onecdn.usgovcloud-static.microsoft/

ASN | Akamai

font-src Host —

https://res.public.onecdn.static.microsoft/

ASN | Akamai

font-src Host

Akamai

https://spoprod-a.akamaihd.net/

ASN | Akamai

font-src Host

Microsoft SharePoint

https://static2.sharepointonline.com

ASN | Akamai

font-src Host —

https://thumbnails.yammer.com/

ASN | Microsoft

font-src Host —

https://web.yammer.com/

ASN | Microsoft

font-src Host —

https://www.microsoft.com

ASN | Akamai

font-src Host —

https://www.yammer.com/

ASN | Microsoft

form-action Keyword —

'self'

form-action Scheme —

https:

frame-ancestors Keyword —

'self'

frame-ancestors Scheme —

https:

frame-ancestors Host —

https://*.dev.yammer.com/

frame-ancestors Host —

https://*.labs.yammer.dev/

frame-src Keyword —

'self'

frame-src Scheme —

blob:

frame-src Scheme —

https:

frame-src Host —

https://*.dev.yammer.com/

frame-src Host —

https://*.labs.yammer.dev/

img-src Keyword —

'self'

img-src Scheme —

blob:

img-src Scheme —

data:

img-src Scheme —

https:

manifest-src Keyword —

'self'

manifest-src Host

Microsoft 365

https://*.cdn.office.net/

manifest-src Host —

https://*.dev.yammer.com/

manifest-src Host —

https://*.labs.yammer.dev/

manifest-src Host

Microsoft 365

https://*.res.office365.com/

manifest-src Host

Azure Blob Storage

https://labsgeneralpurpose.blob.core.windows.net/

ASN | Microsoft

manifest-src Host

Azure Blob Storage

https://labsyammerclients.blob.core.windows.net/

ASN | Microsoft

manifest-src Host —

https://res-1.public.onecdn.static.microsoft/

ASN | Akamai

manifest-src Host —

https://res-2.public.onecdn.static.microsoft/

ASN | Microsoft

manifest-src Host —

https://res-4.public.onecdn.static.microsoft/

ASN | Microsoft

manifest-src Host —

https://res-gcch.onecdn.usgovcloud-static.microsoft/

ASN | Akamai

manifest-src Host —

https://res.public.onecdn.static.microsoft/

ASN | Akamai

media-src Keyword —

'self'

media-src Scheme —

blob:

media-src Host

Microsoft 365

https://*.cdn.office.net/

media-src Host —

https://*.dev.yammer.com/

media-src Host —

https://*.engage.cloud.microsoft/

ASN | Microsoft

media-src Host —

https://*.labs.yammer.dev/

media-src Host

Microsoft SharePoint

https://*.sharepoint.com

ASN | Microsoft

media-src Host —

https://engage.cloud.microsoft/

ASN | Microsoft

media-src Host —

https://engage.usgovcloud.microsoft/

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

media-src Host —

https://web.yammer.com/

ASN | Microsoft

media-src Host —

https://www.yammer.com/

ASN | Microsoft

object-src Keyword —

'none'

report-to Host —

csp-endpoint

report-uri Host —

https://csp.microsoft.com/report/VivaEngage-Internal-NONPRD

ASN | Microsoft

script-src Nonce —

'nonce-UFw+gRhMRpNKypgxMonI6KMbKrhpitvB2BXkeKZ0tek='

script-src Keyword —

'report-sample'

script-src Keyword —

'self'

script-src Keyword —

'strict-dynamic'

script-src Host

Microsoft 365

https://*.cdn.office.net/

script-src Host

Microsoft 365

https://*.delve.office.com/

ASN | Microsoft

script-src Host —

https://*.dev.yammer.com/

script-src Host —

https://*.engage.cloud.microsoft/

ASN | Microsoft

script-src Host —

https://*.labs.yammer.dev/

script-src Host —

https://*.microsoft.com

ASN | Microsoft

script-src Host

Microsoft 365

https://*.res.office365.com/

script-src Host —

https://*.visualstudio.com/

ASN | Microsoft

script-src Host —

https://a-ring.msedge.net

ASN | Microsoft

script-src Host

Microsoft 365

https://acdc-direct.office.com

ASN | Microsoft

script-src Host —

https://admin.microsoft.com

ASN | Microsoft

script-src Host

Microsoft 365

https://aesir.office.com

script-src Host

Microsoft 365

https://afd-a-acdc-direct.office.com

ASN | Microsoft

script-src Host

Microsoft 365

https://afd-k-acdc-direct.office.com

ASN | Microsoft

script-src Host —

https://amcdn.msauth.net/

ASN | Microsoft

script-src Host —

https://amcdn.msftauth.net/

ASN | Microsoft

script-src Host

Microsoft 365

https://atm-fp-direct.office.com

ASN | Microsoft

script-src Host —

https://b-ring.msedge.net

ASN | Microsoft

script-src Host

Microsoft Azure

https://dev.azure.com/

ASN | Microsoft

script-src Host —

https://engage.cloud.microsoft/

ASN | Microsoft

script-src Host —

https://engage.usgovcloud.microsoft/

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

script-src Host

Microsoft 365

https://gtm-dyn-direct.office365.com

ASN | Microsoft

script-src Host

Azure Monitor

https://js.monitor.azure.com/

ASN | Microsoft

script-src Host —

https://k-ring.msedge.net

ASN | Microsoft

script-src Host

AzureFrontDoor

https://labscdn.azureedge.net/

script-src Host

Azure Blob Storage

https://labsgeneralpurpose.blob.core.windows.net/

ASN | Microsoft

script-src Host

Azure Blob Storage

https://labsyammerclients.blob.core.windows.net/

ASN | Microsoft

script-src Host —

https://outlook.exo.eaglex.ic.gov

script-src Host —

https://outlook.exo.microsoft.scloud

script-src Host —

https://outlook.live.com

ASN | Microsoft

script-src Host

Microsoft 365

https://outlook.office.com

ASN | Microsoft

script-src Host —

https://outlook.office365.us

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

script-src Host

Microsoft 365

https://ow1.res.office365.com

ASN | Akamai

script-src Host —

https://partner.outlook.cn

script-src Host

Microsoft 365

https://r4.res.office365.com

ASN | Akamai

script-src Host —

https://res-1.public.onecdn.static.microsoft/

ASN | Akamai

script-src Host —

https://res-2.public.onecdn.static.microsoft/

ASN | Microsoft

script-src Host —

https://res-4.public.onecdn.static.microsoft/

ASN | Microsoft

script-src Host —

https://res-gcch.onecdn.usgovcloud-static.microsoft/

ASN | Akamai

script-src Host —

https://res.public.onecdn.static.microsoft/

ASN | Akamai

script-src Host —

https://s-ring.msedge.net

ASN | Microsoft

script-src Host —

https://shell.azurefd.eaglex.ic.gov

script-src Host —

https://shell.azurefd.microsoft.scloud

script-src Host —

https://shellprod.msocdn.com

ASN | Akamai

script-src Host —

https://statics.teams.cloud.microsoft

script-src Host —

https://statics.teams.microsoft.com

ASN | Microsoft

script-src Host

Microsoft 365

https://substrate.office.com

ASN | Microsoft

script-src Host —

https://web.vortex.data.microsoft.com

script-src Host —

https://web.yammer.com/

ASN | Microsoft

script-src Host —

https://webmail.apps.mil

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

script-src Host —

https://webshell.dodsuite.office365.us

script-src Host —

https://webshell.suite.eaglex.ic.gov

script-src Host —

https://webshell.suite.microsoft.scloud

script-src Host

Microsoft 365

https://webshell.suite.office.com

ASN | Microsoft

script-src Host —

https://webshell.suite.office365.us

script-src Host —

https://webshell.suite.officeppe.com

ASN | Microsoft

script-src Host —

https://webshell.suite.partner.microsoftonline.cn

script-src Host —

https://www.yammer.com/

ASN | Microsoft

script-src Host

Microsoft 365

wss://*.delve.office.com

ASN | Microsoft

script-src-attr Keyword —

'report-sample'

script-src-attr Keyword —

'self'

script-src-elem Keyword —

'self'

script-src-elem Scheme —

blob:

script-src-elem Host —

https://*.cdn.office.net.rproxy.goskope.com/

ASN | NETSKOPE - Netskope Inc

script-src-elem Host

Microsoft 365

https://*.cdn.office.net/

script-src-elem Host —

https://*.dev.yammer.com/

script-src-elem Host —

https://*.engage.cloud.microsoft/

ASN | Microsoft

script-src-elem Host —

https://*.labs.yammer.dev/

script-src-elem Host

Microsoft 365

https://*.res.office365.com/

script-src-elem Host —

https://amcdn.msauth.net/

ASN | Microsoft

script-src-elem Host —

https://amcdn.msftauth.net/

ASN | Microsoft

script-src-elem Host —

https://engage.cloud.microsoft/

ASN | Microsoft

script-src-elem Host —

https://engage.usgovcloud.microsoft/

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

script-src-elem Host

Azure Monitor

https://js.monitor.azure.com/

ASN | Microsoft

script-src-elem Host

AzureFrontDoor

https://labscdn.azureedge.net/

script-src-elem Host

Azure Blob Storage

https://labsgeneralpurpose.blob.core.windows.net/

ASN | Microsoft

script-src-elem Host

Azure Blob Storage

https://labsyammerclients.blob.core.windows.net/

ASN | Microsoft

script-src-elem Host —

https://res-1.public.onecdn.static.microsoft/

ASN | Akamai

script-src-elem Host —

https://res-2.public.onecdn.static.microsoft/

ASN | Microsoft

script-src-elem Host —

https://res-4.public.onecdn.static.microsoft/

ASN | Microsoft

script-src-elem Host —

https://res-gcch.onecdn.usgovcloud-static.microsoft/

ASN | Akamai

script-src-elem Host —

https://res.public.onecdn.static.microsoft/

ASN | Akamai

script-src-elem Host —

https://web.yammer.com/

ASN | Microsoft

script-src-elem Host —

https://www.yammer.com/

ASN | Microsoft

style-src Keyword —

'report-sample'

style-src Keyword —

'self'

style-src Keyword —

'unsafe-inline'

style-src Host

Microsoft 365

https://*.cdn.office.net/

style-src Host —

https://*.dev.yammer.com/

style-src Host —

https://*.engage.cloud.microsoft/

ASN | Microsoft

style-src Host —

https://*.labs.yammer.dev/

style-src Host

Microsoft 365

https://*.res.office365.com/

style-src Host —

https://*.visualstudio.com/

ASN | Microsoft

style-src Host

Microsoft Azure

https://dev.azure.com/

ASN | Microsoft

style-src Host —

https://engage.cloud.microsoft/

ASN | Microsoft

style-src Host —

https://engage.usgovcloud.microsoft/

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

style-src Host

AzureFrontDoor

https://labscdn.azureedge.net/

style-src Host

Azure Blob Storage

https://labsgeneralpurpose.blob.core.windows.net/

ASN | Microsoft

style-src Host

Azure Blob Storage

https://labsyammerclients.blob.core.windows.net/

ASN | Microsoft

style-src Host —

https://res-1.public.onecdn.static.microsoft/

ASN | Akamai

style-src Host —

https://res-2.public.onecdn.static.microsoft/

ASN | Microsoft

style-src Host —

https://res-4.public.onecdn.static.microsoft/

ASN | Microsoft

style-src Host —

https://res-gcch.onecdn.usgovcloud-static.microsoft/

ASN | Akamai

style-src Host —

https://res.public.onecdn.static.microsoft/

ASN | Akamai

style-src Host —

https://shell.azurefd.eaglex.ic.gov

style-src Host —

https://shell.azurefd.microsoft.scloud

style-src Host —

https://shellprod.msocdn.com

ASN | Akamai

style-src Host —

https://web.yammer.com/

ASN | Microsoft

style-src Host —

https://www.microsoft.com

ASN | Akamai

style-src Host —

https://www.yammer.com/

ASN | Microsoft

style-src-attr Keyword —

'report-sample'

style-src-attr Keyword —

'self'

style-src-attr Keyword —

'unsafe-inline'

style-src-attr Host

Microsoft 365

https://*.cdn.office.net/

style-src-attr Host —

https://*.dev.yammer.com/

style-src-attr Host —

https://*.engage.cloud.microsoft/

ASN | Microsoft

style-src-attr Host —

https://*.labs.yammer.dev/

style-src-attr Host

Microsoft 365

https://*.res.office365.com/

style-src-attr Host —

https://engage.cloud.microsoft/

ASN | Microsoft

style-src-attr Host —

https://engage.usgovcloud.microsoft/

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

style-src-attr Host

AzureFrontDoor

https://labscdn.azureedge.net/

style-src-attr Host

Azure Blob Storage

https://labsgeneralpurpose.blob.core.windows.net/

ASN | Microsoft

style-src-attr Host

Azure Blob Storage

https://labsyammerclients.blob.core.windows.net/

ASN | Microsoft

style-src-attr Host —

https://res-1.public.onecdn.static.microsoft/

ASN | Akamai

style-src-attr Host —

https://res-2.public.onecdn.static.microsoft/

ASN | Microsoft

style-src-attr Host —

https://res-4.public.onecdn.static.microsoft/

ASN | Microsoft

style-src-attr Host —

https://res-gcch.onecdn.usgovcloud-static.microsoft/

ASN | Akamai

style-src-attr Host —

https://res.public.onecdn.static.microsoft/

ASN | Akamai

style-src-attr Host —

https://web.yammer.com/

ASN | Microsoft

style-src-attr Host —

https://www.yammer.com/

ASN | Microsoft

style-src-elem Keyword —

'self'

style-src-elem Keyword —

'unsafe-inline'

style-src-elem Host

Microsoft 365

https://*.cdn.office.net/

style-src-elem Host —

https://*.dev.yammer.com/

style-src-elem Host —

https://*.engage.cloud.microsoft/

ASN | Microsoft

style-src-elem Host —

https://*.labs.yammer.dev/

style-src-elem Host

Microsoft 365

https://*.res.office365.com/

style-src-elem Host —

https://*.visualstudio.com/

ASN | Microsoft

style-src-elem Host

Microsoft Azure

https://dev.azure.com/

ASN | Microsoft

style-src-elem Host —

https://engage.cloud.microsoft/

ASN | Microsoft

style-src-elem Host —

https://engage.usgovcloud.microsoft/

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

style-src-elem Host

AzureFrontDoor

https://labscdn.azureedge.net/

style-src-elem Host

Azure Blob Storage

https://labsgeneralpurpose.blob.core.windows.net/

ASN | Microsoft

style-src-elem Host

Azure Blob Storage

https://labsyammerclients.blob.core.windows.net/

ASN | Microsoft

style-src-elem Host —

https://res-1.public.onecdn.static.microsoft/

ASN | Akamai

style-src-elem Host —

https://res-2.public.onecdn.static.microsoft/

ASN | Microsoft

style-src-elem Host —

https://res-4.public.onecdn.static.microsoft/

ASN | Microsoft

style-src-elem Host —

https://res-gcch.onecdn.usgovcloud-static.microsoft/

ASN | Akamai

style-src-elem Host —

https://res.public.onecdn.static.microsoft/

ASN | Akamai

style-src-elem Host

Microsoft Azure

https://visualsponline.azurewebsites.net/app/js/

ASN | Microsoft

style-src-elem Host —

https://web.yammer.com/

ASN | Microsoft

style-src-elem Host —

https://www.yammer.com/

ASN | Microsoft

upgrade-insecure-requests Source —

(no sources)

worker-src Keyword —

'self'

worker-src Scheme —

blob:

worker-src Host

Microsoft 365

https://*.cdn.office.net/

worker-src Host —

https://*.dev.yammer.com/

worker-src Host —

https://*.labs.yammer.dev/

worker-src Host —

https://engage.cloud.microsoft/

ASN | Microsoft

worker-src Host —

https://engage.usgovcloud.microsoft/

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

worker-src Host —

https://res-1.public.onecdn.static.microsoft/

ASN | Akamai

worker-src Host —

https://res-2.public.onecdn.static.microsoft/

ASN | Microsoft

worker-src Host —

https://res-4.public.onecdn.static.microsoft/

ASN | Microsoft

worker-src Host —

https://res-gcch.onecdn.usgovcloud-static.microsoft/

ASN | Akamai

worker-src Host —

https://res.public.onecdn.static.microsoft/

ASN | Akamai

worker-src Host —

https://web.yammer.com/

ASN | Microsoft

Content-Security-Policy-Report-Only

No report-only CSP headers found.