ensight.com
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
Registration
- Registrar
- CSC Corporate Domains, Inc.
- Created
- 1997-01-23
- Expires
- 2027-01-24 237 days left
- Updated
- 2026-01-20
- Name servers
-
- ns1-07.azure-dns.com
- ns2-07.azure-dns.net
- ns3-07.azure-dns.org
- ns4-07.azure-dns.info
DNS records live
- NS
-
- ns1-07.azure-dns.com
- ns2-07.azure-dns.net
- ns3-07.azure-dns.org
- ns4-07.azure-dns.info
- MX
-
- 10 mxa-00230701.gslb.pphosted.com
- 10 mxb-00230701.gslb.pphosted.com
- TXT
-
qkjxdmqpt5p6yyn8gtbj1jw9b0fgvxbv
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current) wrong cert
Sectigo Public Server Authentication CA OV R36
Expires in 279 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak content type protection
- missing Permissions Policy
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
DENY- x-content-type-options
nosniff, nosniff- content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';- strict-transport-security
max-age=31536000; includeSubDomains- cross-origin-opener-policy
same-origin