astrata.co
astrata.co
HTML metadata
Technology
- Server
- Apache
- CMS
- WordPress
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
- Fonts
-
- Adobe Fonts
- Font Awesome
Third-party hosts loaded (5)
- js.hs-scripts.com×2
- use.fontawesome.com×2
- kit.fontawesome.com×1
- use.typekit.net×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns-1038.awsdns-01.org
- ns-1890.awsdns-44.co.uk
- ns-302.awsdns-37.com
- ns-595.awsdns-10.net
- MX
-
- 10 d323076a.ess.barracudanetworks.com
- 20 d323076b.ess.barracudanetworks.com
- Verified for
-
- Apple
- Atlassian
- Brevo
- Cursor
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com include:sendersrv.com include:48247493.spf10.hubspotemail.net -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; fo=1; rua=mailto:rua+astrata.co@dmarc.barracudanetworks.com; ruf=mailto:ruf+astrata.co@dmarc.barracudanetworks.compolicy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv492lfcaU5gz22Gb/RVVybOm9eYlSa/XGvn0yEf7GNy/LBchNAuWlf5/dUCeCcr0ItasxO0y0iGZZs… - mail:
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed - selector1:
Certificate (current)
E8
Expires in 18 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://kit.fontawesome.com https://app.chatfunnels.com https://js.hs-scripts.com https://static.bilinmedia.net https://cdn.jsdelivr.net https://unpkg.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hubspot.com https://js.hscollectedforms.net https://js-na1.hs-scripts.com https://linkprotect.cudasvc.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com https://s.ytimg.com; style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://use.typekit.net https://cdn.jsdelivr.net https://p.typekit.net; img-src 'self' data: https://www.google-analytics.com https://secure.gravatar.com https://track.hubspot.com https://forms.hsforms.com https://static.bilinmedia.net https://perf-na1.hsforms.com https://www.googletagmanager.com https://i.ytimg.com https://yt3.ggpht.com; connect-src 'self' https://www.googleta- strict-transport-security
max-age=63072000; includeSubDomains; preload