{
  "scan": {
    "algorithmVersion": 4,
    "grade": "C+",
    "error": null,
    "score": 60,
    "statusCode": 200,
    "testsFailed": 2,
    "testsPassed": 8,
    "testsQuantity": 10,
    "responseHeaders": {
      "date": "Mon, 08 Dec 2025 08:35:15 GMT",
      "content-type": "text/html; charset=utf-8",
      "content-length": "6874",
      "connection": "close",
      "cache-control": "private",
      "server": "Microsoft-IIS/10.0",
      "x-sharepointhealthscore": "0",
      "x-aspnet-version": "4.0.30319",
      "sprequestguid": "6af4e0a1-8446-e045-5895-af1354e2f0b2",
      "request-id": "6af4e0a1-8446-e045-5895-af1354e2f0b2",
      "x-frame-options": "SAMEORIGIN",
      "content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com;",
      "sprequestduration": "12",
      "spiislatency": "0",
      "x-powered-by": "ASP.NET",
      "x-content-type-options": "nosniff",
      "x-ms-invokeapp": "1; RequireReadOnly",
      "access-control-allow-origin": "*"
    }
  },
  "tests": {
    "content-security-policy": {
      "expectation": "csp-implemented-with-no-unsafe",
      "pass": false,
      "result": "csp-implemented-with-unsafe-inline",
      "scoreModifier": -20,
      "data": {
        "frame-ancestors": [
          "'self'",
          "*.dynamics.com",
          "*.microsoft.com",
          "*.microsoftstream.com",
          "*.office.com",
          "*.officeapps.live.com",
          "*.onedrive.live.com",
          "*.powerapps.com",
          "*.skype.com",
          "*.stream.azure-test.net",
          "*.teams.microsoft.com",
          "*.teams.microsoft.us",
          "*.yammer.com",
          "local.teams.office.com",
          "onedrive.live.com",
          "teams.microsoft.com"
        ]
      },
      "http": true,
      "meta": false,
      "policy": {
        "antiClickjacking": true,
        "defaultNone": false,
        "insecureBaseUri": true,
        "insecureFormAction": true,
        "insecureSchemeActive": false,
        "insecureSchemePassive": false,
        "strictDynamic": false,
        "unsafeEval": false,
        "unsafeInline": true,
        "unsafeInlineStyle": true,
        "unsafeObjects": true
      },
      "numPolicies": 1
    },
    "cookies": {
      "expectation": "cookies-secure-with-httponly-sessions",
      "pass": true,
      "result": "cookies-not-found",
      "scoreModifier": 0,
      "data": null,
      "sameSite": false
    },
    "cross-origin-resource-sharing": {
      "expectation": "cross-origin-resource-sharing-not-implemented",
      "pass": true,
      "result": "cross-origin-resource-sharing-not-implemented",
      "scoreModifier": 0,
      "data": null
    },
    "redirection": {
      "expectation": "redirection-to-https",
      "pass": true,
      "result": "redirection-to-https",
      "scoreModifier": 0,
      "destination": "https://corda.eea.europa.eu/_layouts/15/CustomLoginPageFBA/CustomLogin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsitepages%252Fhome%252Easpx&Source=%2Fsitepages%2Fhome%2Easpx",
      "redirects": true,
      "route": [
        "http://corda.eea.europa.eu/",
        "https://corda.eea.europa.eu/sitepages/home.aspx",
        "https://corda.eea.europa.eu/_layouts/15/Authenticate.aspx?Source=%2Fsitepages%2Fhome%2Easpx",
        "https://corda.eea.europa.eu/_layouts/15/CustomLoginPageFBA/CustomLogin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsitepages%252Fhome%252Easpx&Source=%2Fsitepages%2Fhome%2Easpx"
      ],
      "statusCode": 200
    },
    "referrer-policy": {
      "expectation": "referrer-policy-private",
      "pass": true,
      "result": "referrer-policy-not-implemented",
      "scoreModifier": 0,
      "data": null,
      "http": false,
      "meta": false
    },
    "strict-transport-security": {
      "expectation": "hsts-implemented-max-age-at-least-six-months",
      "pass": false,
      "result": "hsts-not-implemented",
      "scoreModifier": -20,
      "data": null,
      "includeSubDomains": false,
      "maxAge": null,
      "preload": false,
      "preloaded": false
    },
    "subresource-integrity": {
      "expectation": "sri-implemented-and-external-scripts-loaded-securely",
      "pass": true,
      "result": "sri-not-implemented-but-all-scripts-loaded-from-secure-origin",
      "scoreModifier": 0,
      "data": {}
    },
    "x-content-type-options": {
      "expectation": "x-content-type-options-nosniff",
      "pass": true,
      "result": "x-content-type-options-nosniff",
      "scoreModifier": 0,
      "data": "nosniff"
    },
    "x-frame-options": {
      "expectation": "x-frame-options-sameorigin-or-deny",
      "pass": true,
      "result": "x-frame-options-implemented-via-csp",
      "scoreModifier": 5,
      "data": "SAMEORIGIN"
    },
    "cross-origin-resource-policy": {
      "expectation": "corp-implemented-with-same-site",
      "pass": true,
      "result": "corp-not-implemented",
      "scoreModifier": 0,
      "data": null,
      "http": false,
      "meta": false
    }
  }
}