basketsandbloomstt.com
basketsandbloomstt.com
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress 7.0
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (7)
- hb.wpmucdn.com×32
- fonts.googleapis.com×5
- www.googletagmanager.com×3
- cdnjs.cloudflare.com×2
- challenges.cloudflare.com×2
- fonts.gstatic.com×1
- gmpg.org×1
Social
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 2020-08-28
- Expires
- 2027-08-28 448 days left
- Updated
- 2025-08-28
- Name servers
-
- ns1.dreamhost.com
- ns2.dreamhost.com
- ns3.dreamhost.com
DNS records live
- NS
-
- ns1.dreamhost.com
- ns2.dreamhost.com
- ns3.dreamhost.com
- MX
-
- 0 mx1.mailchannels.net
- 0 mx2.mailchannels.net
Email authentication weak
- SPF
-
v=spf1 mx include:netblocks.dreamhost.com include:relay.mailchannels.net -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 53 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- weak content type protection
Header values
- referrer-policy
origin-when-cross-origin, no-referrer-when-downgrade- x-frame-options
sameorigin, SAMEORIGIN- permissions-policy
accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)- x-content-type-options
nosniff, nosniff- content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;- strict-transport-security
max-age=2592000, max-age=31536000;