https://zurichau.my.site.com/s/login/?ec=302&startURL=%2Fs%2F

ID da verificação
2c695984-b051-4b1f-a4bf-e889b23cb1e7Concluído
URL enviado:
https://zurichau.my.site.com/Redirecionado
Relatório concluído:

Riscos · 0 encontrado(s)

  • Sem classificação

Cabeçalhos de segurança · 3 encontrado(s)

NomeValorSuporteInfo
Strict-Transport-Securitymax-age=63072000; includeSubDomainsBomDeclarar que um site só pode ser acessado por meio de uma conexão segura (HTTPS).

Clique para saber mais...
X-Frame-OptionsSAMEORIGINBomIndicar se um navegador deve ter permissão para renderizar uma página em <frame>, <iframe>, <embed> ou <object>.

Clique para saber mais...
X-Content-Type-OptionsBomIndicar que os tipos MIME anunciados nos cabeçalhos Content-Type devem ser seguidos e não alterados.

Clique para saber mais...
Content-Security-Policyupgrade-insecure-requests frame-ancestors 'self'BomControlar os recursos que o agente do usuário pode carregar para uma determinada página.

Clique para saber mais...
Referrer-PolicyBomControlar a quantidade de informações de referência que devem ser incluídas nas solicitações.

Clique para saber mais...
Clear-Site-DataBomControlar os dados armazenados por um navegador cliente quanto às suas origens.

Clique para saber mais...
X-Permitted-Cross-Domain-PoliciesBomControlar se um cliente web, como Adobe Flash Player ou Adobe Acrobat, tem permissão para controlar dados entre domínios.

Clique para saber mais...
Permissions-PolicyRecentePermitir e negar o uso de recursos do navegador em um documento ou iframe.

Clique para saber mais...
Cross-Origin-Embedder-PolicyRecenteConfigurar a incorporação de recursos de origem cruzada no documento.

Clique para saber mais...
Cross-Origin-Opener-PolicyRecenteGarantir que um documento de nível superior não compartilhe um grupo de contexto de navegação com documentos de origem cruzada.

Clique para saber mais...
Cross-Origin-Resource-PolicyRecenteSolicitar que o navegador bloqueie solicitações de origem cruzada/entre sites no-cors para o recurso fornecido.

Clique para saber mais...
X-XSS-ProtectionDescontinuadoDescontinuado Impede o carregamento de páginas quando detectam ataques refletidos de cross-site scripting (XSS).

Clique para saber mais...
Feature-PolicyDescontinuadoDescontinuado Substituído pelo cabeçalho Permissions-Policy.

Clique para saber mais...
Expect-CTDescontinuadoDescontinuado Optar por relatar e/ou aplicar requisitos de transparência de certificados.

Clique para saber mais...
Public-Key-PinsDescontinuadoDescontinuado Permitir que sites HTTPS resistam à falsificação de invasores usando certificados emitidos incorretamente ou fraudulentos.

Clique para saber mais...

Violações de segurança · 2 encontrada(s)

ViolaçãoTipoInformações
Recurso
https://zurichau.my.site.com/s/login/?ec=302&startURL=%2Fs%2F
Descrição
Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1993028&time=1729554152763&url=https%3A%2F%2Fzurichau.my.site.com%2Fs%2Flogin%2F%3Fec%3D302%26startURL%3D%252Fs%252F' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://zurichau.my.salesforce.com https://zurichau.file.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://payments.salesforce.com/icons/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/icons/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/icons/ https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://www.sandbox.paypal.com https://www.paypal.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://aus90.sfdc-vwfla6.salesforce.com/icons/ https://www.google-analytics.com https://stats.g.doubleclick.net https://rapi.walkme.com https://tagmanager.google.com https://ssl.gstatic.com https://*.marketo.com https://061-qid-567.mktoresp.com https://www.google.com www.google.com.au https://sjrtp7-cdn.marketo.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://munchkin.marketo.net https://sjrtp7.marketo.com https://rtp-static.marketo.com https://www.googletagmanager.com https://zoneeducation.com.au https://zurichau--zonedev--c.cs6.visual.force.com https://gateway.on24.com https://qafederation.on24.com https://www.on24.com https://www-stg.zoneeducation.com.au http://www-stg.zoneeducation.com.au https://www.zoneeducation.com.au https://federation.on24.com https://uat2-zurichau.cs6.force.com https://ajax.googleapis.com https://event.on24.com https://hooshmarketing.com https://rapi.getjaco.com https://zurichau.my.site.com https://customcheckout.bambora.com.au https://customcheckout-uat.bambora.net.au https://cdn.na.bambora.com https://www.ippayments.com.au https://d2qhvajt3imc89.cloudfront.net https://use.fontawesome.com https://s3-us-west-1.amazonaws.com https://analytics.walkme.com https://api.walkme.com https://cdn.walkme.com https://dap.walkme.com https://ec.walkme.com https://editor.walkme.com https://editorsite.walkme.com https://insights.walkme.com https://insights2.walkme.com https://papi.walkme.com https://playerserver.walkme.com https://www.zurich.com.au https://techsee.me https://zurprod.techsee.me https://self.techsee.me https://self1.techsee.me https://zurprod-api.techsee.me https://zurprod.sf-na.techsee.me https://zurprod.sf-na.desktop.show https://{imagebaseurl}.techsee.me https://media-zurprod.cdn-us.techsee.me https://maps.a.forceusercontent.com https://{recordingbaseurl}.techsee.me https://rec.techsee.me https://media-subdomain.cdn.techsee.me *.walkme.com https://resources.digital-cloud.medallia.com https://app.powerbi.com https://*.google-analytics.com http://image.notifications.zurich.com.au https://zds.zurich.com https://cdn.jsdelivr.net https://zurichau.force.com".
Política de segurança de conteúdoControlar os recursos que o agente do usuário pode carregar para uma determinada página.

Clique para saber mais...
Recurso
https://snap.licdn.com/li.lms-analytics/insight.min.js
Descrição
Refused to connect to 'https://px.ads.linkedin.com/wa/' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.paypal.com https://www.sandbox.paypal.com https://zurichau.my.salesforce-scrt.com https://fonts.googleapis.com/css2 https://payments.salesforce.com/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://checkoutshopper-live.adyen.com/ https://checkoutshopper-test.adyen.com/ https://o11y.sfproxy-core1.sfdc-vwfla6.svc.sfdcfc.net/ui-telemetry https://www.google-analytics.com https://stats.g.doubleclick.net https://rapi.walkme.com https://tagmanager.google.com https://ssl.gstatic.com https://*.marketo.com https://061-qid-567.mktoresp.com https://www.google.com www.google.com.au https://sjrtp7-cdn.marketo.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://munchkin.marketo.net https://sjrtp7.marketo.com https://rtp-static.marketo.com https://www.googletagmanager.com https://zoneeducation.com.au https://zurichau--zonedev--c.cs6.visual.force.com https://gateway.on24.com https://qafederation.on24.com https://www.on24.com https://www-stg.zoneeducation.com.au http://www-stg.zoneeducation.com.au https://www.zoneeducation.com.au https://federation.on24.com https://uat2-zurichau.cs6.force.com https://ajax.googleapis.com https://event.on24.com https://hooshmarketing.com https://rapi.getjaco.com https://zurichau.my.site.com https://customcheckout.bambora.com.au https://customcheckout-uat.bambora.net.au https://cdn.na.bambora.com https://www.ippayments.com.au https://d2qhvajt3imc89.cloudfront.net https://use.fontawesome.com https://s3-us-west-1.amazonaws.com https://analytics.walkme.com https://api.walkme.com https://cdn.walkme.com https://dap.walkme.com https://ec.walkme.com https://editor.walkme.com https://editorsite.walkme.com https://insights.walkme.com https://insights2.walkme.com https://papi.walkme.com https://playerserver.walkme.com https://www.zurich.com.au *.walkme.com https://resources.digital-cloud.medallia.com https://*.google-analytics.com https://zds.zurich.com https://cdn.jsdelivr.net https://zurichau.force.com".
Política de segurança de conteúdoControlar os recursos que o agente do usuário pode carregar para uma determinada página.

Clique para saber mais...

Certificados · 6 encontrado(s)

AssuntoData de emissãoData de validade
prod.cdn.salesforce-experience.com6 de mar. de 2024, 00:00:004 de mar. de 2025, 23:59:59
bootstrapcdn.com20 de set. de 2024, 01:25:0419 de dez. de 2024, 01:25:03
walkme.com4 de dez. de 2023, 00:00:003 de dez. de 2024, 23:59:59
*.google-analytics.com30 de set. de 2024, 14:36:1523 de dez. de 2024, 14:36:14
snap.licdn.com13 de dez. de 2023, 00:00:0012 de dez. de 2024, 23:59:59
www.zurich.com.au24 de jan. de 2024, 00:00:0023 de fev. de 2025, 23:59:59