dashira.tech
dashira.tech
HTML metadata
Technology
- CMS
- Next.js
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- i.pravatar.cc×54
- www.googletagmanager.com×1
DNS records live
- NS
-
- ns1.digitalocean.com
- ns2.digitalocean.com
- ns3.digitalocean.com
- Verified for
-
Email authentication no MX
- SPF
- not published
- DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 77 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
camera=(), microphone=(), geolocation=(), payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://clerk.dashira.tech https://accounts.dashira.tech https://*.clerk.accounts.dev https://larissa.dashira.tech https://www.googletagmanager.com https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https: blob:; connect-src 'self' https://dashira.tech https://clerk.dashira.tech https://accounts.dashira.tech https://*.clerk.accounts.dev https://checkout.stripe.com https://api.stripe.com https://larissa.dashira.tech https://cdn.jsdelivr.net https://www.googletagmanager.com https://www.google-analytics.com https://region1.google-analytics.com https://googleads.g.doubleclick.net https://www.googleadservices.com; frame-src https://clerk.dashira.tech https://accounts.dashira.tech https://*.clerk.accounts.dev https://checkout.stripe.com https://js.stripe.com https://challenges.cloudflare.com; w- strict-transport-security
max-age=31536000; includeSubDomains; preload