indexo.dev

avon.me

.me crawl

First seen 2026-04-22 · Last seen 2026-05-12 · ok HTTP/1.1 200 9138 ms crawled 2026-05-16

GB · 134.65.161.46 · AS27263 NATURA &Co UK HOLDINGS LIMITED

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Obavještenje za kupce - Avon
Language
sr

DNS records live

NS
  • dns4.avon.com
  • dns6.avon.com
TXT
Show 10 TXT records
  • _c45pqzqprjkme9jp993hocdsuijbal8
  • _wnuzjm3k04884nvu1ay1nro5o0wtlsm
  • qdwxgpy6rqf2hgq53khcz0spnv2f81q0
  • pmylqs72d693jshjmzn12qdx98qbm491
  • db4r2dptngmbshl9hhgfkqgn8sj4hf1l
  • vl1dnf893d2751ckjqdz2fpkrzhg4qbn
  • _8qe7cjmiamtqnoe15j43vo3kcs5lcrj
  • _hkforjncaio1i0svte5v8hgy4iobmix
  • vn0szj1pghfkx6lsm48zpzfs388xnvmc
  • _2cle50qpk9hgyxwuewgrnjishleyjb2

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-04-23 to 2026-11-08
Expires in 173 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.avon.me/maintenance.html

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; worker-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;

Links to (1)

Linked from (1)