burnallgifs.org
HTML metadata
Technology
- Server
- Apache
Third-party hosts loaded (1)
- ad.aloodo.com×1
Registration
- Registrar
- DomainSpot LLC
- Created
- 1999-08-27
- Expires
- 2027-08-27 463 days left
- Updated
- 2025-08-23
- Name servers
-
- ns1.domaindiscover.com
- ns2.domaindiscover.com
DNS records live
- NS
-
- ns1.domaindiscover.com
- ns2.domaindiscover.com
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
E8
Expires in 65 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- missing frame protection
Header values
- referrer-policy
no-referrer-when-downgrade- permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
base-uri 'self'; default-src 'self'; frame-src 'self' www.aloodo.org static.zgp.org dice.zgp.org; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval'; frame-ancestors 'self' https://blog.zgp.org;- strict-transport-security
max-age=2592000- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
same-origin