daylite.app

HTML metadata

Technology

Analytics

• Google Tag Manager

Third-party hosts loaded (1)

• www.googletagmanager.com×1

Social

• twitter
• facebook
• instagram
• linkedin

DNS records live

NS

• ns1.dnsimple.com
• ns2.dnsimple-edge.net
• ns3.dnsimple.com
• ns4.dnsimple-edge.org

MX

• 10 daylite-app.p10.spamhero.com
• 20 daylite-app.p20.spamhero.net
• 30 daylite-app.p30.spamhero.net
• 40 daylite-app.p40.spamhero.net

TXT

Show 6 TXT records

• google-site-verification=jz32sQEKROeYchjfwVcbFBEwcBLPka73Cd8QPcU4NCQ
• mandrill_verify.ZEdeaP7d1C8o6yV_fzmCIg
• zoom-domain-verification=ZOOM_verify_134ab71744f040d1ab9bfae103f4e59e
• ALIAS for marketcircle.map.fastly.net
• google-site-verification=rL6oDGj_Pd9sPk1KpvRWkwfal8KEMUsarEXH8krv_cY
• google-site-verification=ArtB2wp-VPPGy8MneFZX21io_UAQBhDgdV1z6hCe0C4

Email authentication strong

SPF

v=spf1 include:emailsrvr.com include:spf.mandrillapp.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.daylite.app/

present

• strict-transport-security
• content-security-policy

findings

• short HSTS max-age
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (5)

• facebook.com×1
• instagram.com×1
• linkedin.com×1
• statuspal.eu×1
• twitter.com×1

Linked from (1)

• erlef.org×2