Content-Security-Policy Analysis for https://mail.steelecss.com

Open Cached · just now

4 directives

Content-Security-Policy

Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-a9g_eIL3TrgK6PozfNU3qA' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All

No enforced CSP headers found.

Content-Security-Policy-Report-Only

object-src Keyword —

'none'

base-uri Keyword —

'self'

script-src Keyword —

'self'

script-src Nonce —

'nonce-a9g_eIL3TrgK6PozfNU3qA'

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

script-src Host —

https://*.msauth.net

script-src Host —

https://*.msftauth.net

script-src Host —

https://*.msftauthimages.net

script-src Host —

https://*.msauthimages.net

script-src Host Azure Application Proxy

https://*.msidentity.com

script-src Host —

https://*.microsoftonline-p.com

script-src Host —

https://*.microsoftazuread-sso.com

script-src Host

AzureFrontDoor

https://*.azureedge.net

script-src Host

Microsoft 365

https://*.outlook.com

ASN | Microsoft

script-src Host

Microsoft 365

https://*.office.com

ASN | MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

script-src Host

Microsoft 365

https://*.office365.com

ASN | Microsoft

script-src Host —

https://*.microsoft.com

ASN | Microsoft

script-src Host Bing

https://*.bing.com

ASN | Microsoft

script-src Keyword —

'report-sample'

report-uri Host —

https://csp.microsoft.com/report/ESTS-UX-All

ASN | Microsoft