test.aaalifedesk.com
Risk Score: 0Last scanned: 2025-09-24 18:59:37 UTC • Duration: 6585ms • View Scan Details →
2
Total Scans
Missing
CSP Status
6
Security Headers
0
CSP Violations
Security Headers
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block, 1; mode=block ;report=https://aaalife.report-uri.com/r/d/xss/enforce
Permissions-Policy
usb =(),midi =(), microphone =(), camera =(),magnetometer=(), gyroscope=()
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content Security Policy
Policy Source: header
frame-ancestors 'self' localhost:* aaalifeinsurance--train--c.sandbox.vf.force.com aaalifeinsurance--agtoneuat--c.sandbox.vf.force.com aaalifeinsurance--agtoneuat.sandbox.lightning.force.com aaalifeinsurance--full--c.sandbox.vf.force.com aaalifeinsurance--agtoneuat.sandbox.my.salesforce.com igoforms-uat2.ipipeline.com aaalifeinsurance--train.sandbox.my.salesforce.com aaalifeinsurance--train.sandbox.lightning.force.com aaalifeinsurance--train--agentone.sandbox.vf.force.com aaalifeinsurance--full.sandbox.lightning.force.com aaalifeinsurance--full--agentone.sandbox.vf.force.com *.google-analytics.com *.analytics.google.com *.aaalife.com app.optimizely.com *.onelogin.com *.aaalifedesk.com *.ipipeline.com aaalifeinsurance--full.sandbox.my.salesforce.com aaalifeinsurance.lightning.force.com *.visual.force.com; report-uri https://aaalife.report-uri.com/r/t/csp/enforce