3t.app
3t.app
HTML metadata
Technology
Third-party hosts loaded (1)
- euc-widget.freshworks.com×1
DNS records live
- NS
-
- ns1-35.azure-dns.com
- ns2-35.azure-dns.net
- ns3-35.azure-dns.org
- ns4-35.azure-dns.info
- MX
-
- 0 3t-app.mail.protection.outlook.com
- TXT
-
f5yp4qv1lkx0m6lfnls218snlcl6ngr9nhj83xbw25vwm5dnn4wh4js1b5nlzptc
Email authentication strong
- SPF
-
v=spf1 redirect=_slz2f9jnu.sdmarc.netno all qualifier - DMARC
-
v=DMARC1; p=reject; pct=100; rua=mailto:a.lz2f9jnu@sdmarc.netpolicy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
GeoTrust TLS RSA CA G1
Expires in 105 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'none'; style-src 'self' 'unsafe-inline' https://euc-widget.freshworks.com/; script-src 'self' 'unsafe-inline' blob: https://euc-widget.freshworks.com https://www.google.com https://www.gstatic.com; connect-src 'self' https://*.tristel.dev https://*.3t.app https://euc-widget.freshworks.com https://tristel87602544233146309.freshdesk.com/ https://eastus2-3.in.applicationinsights.azure.com/v2/track https://uksouth-1.in.applicationinsights.azure.com/v2/track https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json https://www.google.com; object-src 'none'; frame-src 'self' blob: https://player.vimeo.com https://www.google.com; img-src 'self' https://*.tristel.dev https://*.3t.app data: blob: https://i.vimeocdn.com https://s3-eu-central-1.amazonaws.com; font-src 'self'; frame-ancestors 'none';- strict-transport-security
max-age=10886400; includeSubDomains; preload