enorsecurities.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (3)
- d335luupugsy2.cloudfront.net×2
- gmpg.org×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 2023-05-12
- Expires
- 2027-05-12 358 days left
- Updated
- 2026-02-20
- Name servers
-
- michelle.ns.cloudflare.com
- renan.ns.cloudflare.com
DNS records live
- NS
-
- michelle.ns.cloudflare.com
- renan.ns.cloudflare.com
- MX
-
- 0 enorsecurities-com.mail.protection.outlook.com
- TXT
-
Show 8 TXT records
google-site-verification=04iSX0Q27tG79oM0qZZRyiV_eHIel36v0ur8b6iMpHUgoogle-site-verification=3eTdsWwQZDZAeV-fTmlaVdC7-JpJ2_1aoTUAJKNoLjEgoogle-site-verification=gAMD_3h6Hs63PUg1GFxUjWQrBvPjXiy1JXMxlJuACFYgoogle-site-verification=zT1V1dlKeL8rHA5D2GFKsVWETwGQtBKO1CxFeyaIzvMhosting-site=enor-securitiesslack-domain-verification=8XN0h1SjgAZaGj1rXhJ2GHrxLxEqngJqHx63EHwMbrevo-code:c1af1659039194d9d12e871e6321be51firebase=onboarding-securities
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:mail.zendesk.com include:_spf.firebasemail.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.compolicy: none (monitoring only) - DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA… - mail:
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zhpopqz3Xn1Yzq1zwGbde7fov3ElGYQA3kiZrYtnFwV/d/54hBJDu/N7/aYskMrR3Oglq6KAmZcUc12W1… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77WtpYaHUp1LvhiweReDEIfNN+N+2dCvJ3zOUCHn+EhW8WQIk1Q25oJmIoKFMVipBIa6Dz4BP6ShOIfm/R…
selectors probed - k2:
Certificate (current)
E8
Expires in 61 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(), microphone=(), camera=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' *.cloudfront.net https://www.googletagmanager.com/gtag/ *.facebook.net *.hotjar.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ 'self' data:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' wss://api.trade.enorsecurities.com https://www.google-analytics.com https://www.googletagmanager.com https://enor.pixelsensei.com.br www.facebook.com wss://ws.hotjar.com https://*.hotjar.io *.rdstation.com.br; frame-src 'self' https://bo.analytics.mb.enorsecurities.com https://panel.web.enorsecurities.com; object-src 'none'; worker-src 'self' *.enorsecurities.com;- strict-transport-security
max-age=15552000; includeSubDomains