checkmaster.co.uk
HTML metadata
Technology
- Server
- Apache
- Fonts
-
- Google Fonts
Third-party hosts loaded (2)
- static.roadtech.co.uk×12
- fonts.googleapis.com×2
Contact
DNS records live
- NS
-
- name-1a.road-runner.net
- name-1b.road-runner.net
- name-1c.road-runner.net
- MX
-
- 10 productmail.rtisp.net
- 500 smx1.rtisp.net
- 500 smx2.rtisp.net
Email authentication partial
- SPF
-
v=spf1 +a:sh.rtisp.net include:_spf.rtisp.net -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc@roadtech.co.uk; ruf=mailto:dmarc@roadtech.co.uk; sp=none; ri=86400policy: none (monitoring only) · sp=none - DKIM
-
- default:
v=DKIM1; k=rsa; t=y; s=email; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TS+fQUsRA+ezOegqZBr8lArwiClyM1HLz/34MS1nYO1EH9M1Dl5oJOvQkrXt1fI…
selectors probed - default:
Certificate (current)
Thawte TLS RSA CA G1
Expires in 262 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- permissions-policy
camera=(self)- x-content-type-options
nosniff- content-security-policy
object-src 'none'; base-uri 'none'; frame-ancestors 'self' www.checkmaster.co.uk; form-action 'self' https://*.checkmaster.co.uk https://www.checkmaster.co.uk https://checkmaster.co.uk http://*.checkmaster.local http://checkmaster.local; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://static.roadtech.co.uk http://static.roadtech.co.uk https://ajax.googleapis.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com http://fonts.googleapis.com https://static.roadtech.co.uk http://static.roadtech.co.uk- strict-transport-security
max-age=63072000; includeSubDomains; preload