eurocoinpay.app
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
Third-party hosts loaded (1)
- cdn.jsdelivr.net×1
DNS records live
- NS
-
- ns2.dondominio.com
- ns7.dondominio.com
- MX
-
- 20 mx01.dondominio.com
Email authentication partial
- SPF
-
v=spf1 include:spf.dondominio.comno all qualifier - DMARC
-
v=DMARC1; p=none; rua=mailto:no-reply@eurocoinpay.app; ruf=mailto:no-reply@eurocoinpay.app; fo=1policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 70 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'none';base-uri 'none';script-src 'self' https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:;img-src 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;frame-src *.google.com;connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com https://*.eurocoinbroker.com data: blob:;font-src 'self' data: https://cdn.jsdelivr.net https://fonts.gstatic.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net/npm/semantic-ui@2.4.1/dist/semantic.min.css;worker-src blob:;manifest-src 'self'- strict-transport-security
max-age=31536000;- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
require-corp- cross-origin-resource-policy
cross-origin