blbbigmama.co.uk
blbbigmama.co.uk
HTML metadata
Technology
- Server
- Apache
- CMS
- Gatsby
DNS records live
- NS
-
- ns35.domaincontrol.com
- ns36.domaincontrol.com
- MX
-
- 0 blbbigmama-co-uk.mail.protection.outlook.com
- 10 mx1.emailsrvr.com
- 20 mx2.emailsrvr.com
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc.rua@edrone.app; ruf=mailto:dmarc.ruf@edrone.apppolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 58 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN, SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https://fonts.bunny.net *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors *.zendesk.com *.zdassets.com *.edrone.me *.zopim.com *.meetanshi.com *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.payp