demos24plus.com
demos24plus.com
HTML metadata
Technology
- Server
- nginx
- CMS
- Ghost
- PHP
- 8.3.29 security-only
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- scripts.luigisbox.tech×1
- www.googletagmanager.com×1
Registration
- Registrar
- Ascio Technologies, Inc. Danmark - Filial af Ascio technologies, Inc. USA
- Created
- 2008-02-09
- Expires
- 2027-02-09 253 days left
- Updated
- 2026-01-12
- Name servers
-
- alfa.ns.active24.cz
- beta.ns.active24.cz
- gama.ns.active24.sk
DNS records live
- NS
-
- alfa.ns.active24.cz
- beta.ns.active24.cz
- gama.ns.active24.sk
- MX
-
- 10 demos24plus-com.mail.protection.outlook.com
- TXT
-
52fVvPtuf5PyMnrnHO2d9toQ1hnsVrPjFIbkPXYgGuWbtUNl3BhrBA68Bz+p8/etqasN9XUdgbK5eJfjf8DWQQ==
- Verified for
-
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com ip4:185.10.86.68/32 ip4:193.85.182.2/32 ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:dmarcreports@demos-trade.com; ruf=mailto:dmarcreports@demos-trade.com; fo=1; sp=reject;policy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 65 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval' data: blob:; worker-src 'self' blob:; connect-src 'self' https://* wss://*.productfruits.com; frame-src 'self' https://*.demos24plus.com https://*.cookiebot.com https://*.googletagmanager.com https://*.google.com https://*.productfruits.com https://*.facebook.com https://*.facebook.net https://*.youtube.com https://www.youtube-nocookie.com https://mapy.com https://*.mapy.com https://*.seznam.cz;