coloriginz.com
coloriginz.com
HTML metadata
Technology
- CDN
- Cloudflare
- jQuery
- 3.7.1
- Stack
- Java
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (5)
- checkoutshopper-live.cdn.adyen.com×3
- fonts.googleapis.com×1
- res.cloudinary.com×1
- www.datadoghq-browser-agent.com×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- Tucows Domains Inc.
- Created
- 2017-09-28
- Expires
- 2026-09-28 117 days left
- Updated
- 2025-08-30
- Name servers
-
- eloise.ns.cloudflare.com
- sterling.ns.cloudflare.com
DNS records live
- NS
-
- eloise.ns.cloudflare.com
- sterling.ns.cloudflare.com
- MX
-
- 10 d308061.a.ess.de.barracudanetworks.com
- 20 d308061.b.ess.de.barracudanetworks.com
- TXT
-
R6vSyLu2h/1Z0+sNTzYfIhpTY8CYUDVAdaNxVHqfesgK0Fwja7lBOFEmglIY40nnkqIYn+B4qetuEjG8Lm7VNg==20191028072459243kik388451hncv12g56q8c8xvs57ifwomxk2bj77no4y4yw7J1x78WKLXCKhrXEQHJ7lil1MBFJwuMs/CACAqJfrfaApwcqtHxuc8Cv0AQCbDFvYOR8LVi7HC+uZulASB8Mi1Q==
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 mx a ip4:109.109.120.0/24 ip4:109.109.101.232/29 ip4:109.109.101.142/32 ip4:46.44.136.154/32 ip4:212.19.235.251 ip4:46.44.136.131/32 include:_primary01.bssdomain.com include:_primary02.bssdomain.com include:_freshportal.bssdomain.com include:sendgrid.net -allstrict (-all) - DMARC
-
v=DMARC1; p=none; fo=1; rua=mailto:dmarc_agg@vali.email,mailto:rua+coloriginz.com@dmarc.barracudanetworks.com; ruf=mailto:ruf+coloriginz.com@dmarc.barracudanetworks.compolicy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXyx0lFgDw5Xa1mLnAvB/wDg/chur5wIyeQS2oLK9NyaOyx4o2bh0LiESc5/FVFh4sIcNZTTkjwks2… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5XZrwjpl8Ol+8LggUaj1ck+s2zqaW5Z+SRjzqwlceGFTEORvWACy3PmKnsqUVDWgk+1BuEIi7tzLr… - k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - selector1:
Certificate (current)
WE1
Expires in 69 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' https://*.userlane.com; script-src 'self' https://*.cookiebot.eu https://*.cookiebot.com https://www.datadoghq-browser-agent.com https://*.pinterest.com https://tally.so/widgets/embed.js https://*.youtube.com/ https://*.azureedge.net https://*.clarity.ms https://www.instagram.com/ https://code.jquery.com/ https://cdnjs.cloudflare.com/ https://*.dynamics.com https://www.googleanalytics.com https://optimize.google.com https://*.mailplus.nl https://connect.facebook.net https://*.clickdimensions.com https://www.gstatic.com https://www.google.com https://www.paypal.com https://www.paypalobjects.com https://checkoutshopper-live.cdn.adyen.com https://checkoutshopper-test.cdn.adyen.com https://script.hotjar.com https://tag.static.eu.context.cloud.sap https://www.google-analytics.com https://*.hotjar.com 'unsafe-inline' https://www.googletagmanager.com https://ssl.google-analytics.com https://*.vo.msecnd.net https://*.userlane.com https://www.googleoptimize.com 'unsafe-inline- strict-transport-security
max-age=31536000 ; includeSubDomains