indexo.dev

babelway.net

.net crawl

First seen 2026-04-12 · Last seen 2026-05-06 · ok HTTP/1.1 200 593 ms crawled 2026-05-06

DE · 3.120.70.15 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Login page

Technology

Server
Apache
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • fonts.googleapis.com×1
  • www.googletagmanager.com×1

Contact

Email

Registration

Registrar
Gandi SAS
Created
2008-08-28
Expires
2028-08-28 831 days left
Updated
2026-02-26
Name servers
  • ns-1405.awsdns-47.org
  • ns-1551.awsdns-01.co.uk
  • ns-222.awsdns-27.com
  • ns-999.awsdns-60.net

DNS records live

NS
  • ns-1405.awsdns-47.org
  • ns-1551.awsdns-01.co.uk
  • ns-222.awsdns-27.com
  • ns-999.awsdns-60.net
MX
  • 20 ap1.babelway.net

Email authentication partial

SPF
v=spf1 ip4:91.198.243.0/24 ip4:3.120.70.15 ip4:79.125.5.172 a mx ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA OV R36
from 2026-01-26 to 2027-02-27
Expires in 283 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.babelway.net/SelfService3/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
no-referrer-when-downgrade
permissions-policy
geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=*, payment=*
x-content-type-options
nosniff
content-security-policy
font-src 'self' 'unsafe-inline' data: https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.intercomcdn.com https://d5wfroyti11sa.cloudfront.net https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.inlinemanual.com https://d5wfroyti11sa.cloudfront.net; img-src 'self' 'unsafe-inline' blob: data: *.babelway.net *.tradeshift.com https://*.googletagmanager.com https://fonts.googleapis.com https://fonts.gstatic.com https://js.intercomcdn.com https://static.intercomassets.com https://*.inlinemanual.com https://q.stripe.com https://cdn1.iconfinder.com https://*.google-analytics.com https://*.analytics.google.com https://d5wfroyti11sa.cloudfront.net;default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.babelway.net *.tradeshift.com esb3.tradeshiftchina.cn https://*.pendo.io https://*.googletagmanager.com https://*.inlinemanual.com https://*.worknet.ai https://*.intercom.io https://*.intercomcdn.com wss:/
strict-transport-security
max-age=15552000; includeSubDomains
cross-origin-opener-policy
unsafe-none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin

Linked from (1)