indexo.dev

espnimages.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-19 · ok HTTP/1.1 200 1395 ms crawled 2026-05-07

US · 32.192.149.161 · AS14618 Amazon.com, Inc.

Reputation 87/100 weak security headers no dmarc policy

Classifying

HTML metadata

Title
ESPN Images
Language
en

Technology

Server
nginx

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2003-04-25
Expires
2027-04-25 340 days left
Updated
2026-03-26
Name servers
  • ns-1056.awsdns-04.org
  • ns-2026.awsdns-61.co.uk
  • ns-59.awsdns-07.com
  • ns-956.awsdns-55.net

DNS records live

NS
  • ns-1056.awsdns-04.org
  • ns-2026.awsdns-61.co.uk
  • ns-59.awsdns-07.com
  • ns-956.awsdns-55.net
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • google-site-verification=A1MhWq9-Ygk2CvR-Mhw60jg2G6977rkrcTMmQ2U_FAY
  • mandrill_verify.ZGIBATnS1HRqahlcliq0sg

Email authentication weak

SPF
v=spf1 include:spf.mandrillapp.com ?all
neutral (?all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M02
from 2025-06-29 to 2026-07-29
Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://library.espnimages.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
frame-ancestors 'self';script-src static.espnimages.com fonts.googleapis.com www.googletagmanager.com widget.intercom.io js.intercomcdn.com cdn.mxpnl.com cdn.segment.com unpkg.com us.posthog.com us.i.posthog.com us-assets.i.posthog.com cdn.embedly.com *.cookiebot.com blob: data: 'self' 'nonce-zPIX5yMAOi8wGrgmMObrMfdJqSJf08Z9';style-src static.espnimages.com fonts.googleapis.com www.googletagmanager.com widget.intercom.io js.intercomcdn.com cdn.mxpnl.com cdn.segment.com unpkg.com us.posthog.com us.i.posthog.com us-assets.i.posthog.com cdn.embedly.com *.cookiebot.com blob: data: 'self' 'unsafe-inline';base-uri 'self';object-src 'none'

Linked from (2)