firecore.com

HTML metadata

Title: Firecore - Video Player for iPhone, iPad, Apple TV, Mac, and Vision
Description: Introducing Infuse 8 – the most versatile player for the Apple ecosystem. Play Everything. Limitless Streaming. Automagic Organization. Now available for Apple Vision Pro. Download for free!
Language: en
Canonical: https://firecore.com

Open Graph

url: https://firecore.com/home
title: Firecore - Video Player for iPhone, iPad, Apple TV, Mac, and Vision
site name: Firecore
description: Introducing Infuse 8 – the most versatile player for the Apple ecosystem. Play Everything. Limitless Streaming. Automagic Organization. Now available for Apple Vision Pro. Download for free!

Technology

CDN: Cloudflare
CMS: Drupal

Fonts

Font Awesome

Third-party hosts loaded (3)

use.fontawesome.com×3
mastodon.social×2
challenges.cloudflare.com×1

Social

Contact

Address: st updates delivered to your inbox.Subscribe© 2026

Registration

Registrar

Dynadot Inc

Created

2001-03-07

Expires

2032-03-07 2118 days left

Updated

2025-12-22

Name servers

dan.ns.cloudflare.com
karina.ns.cloudflare.com

DNS records live

NS

dan.ns.cloudflare.com
karina.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 aspmx2.googlemail.com
10 aspmx3.googlemail.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

apple-domain-verification=VytQaw6b_KudWaN_vUWfrmnq-qJWXWW_lVywb4M9Iwo
google-site-verification=E2kIAUOElAi7RSrzifEBsnXEhuTRqmSr8hPE2bvUbUw
site24x7-signals-domain-verification=e611c29f551a31aad380acf218799226

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:amazonses.com include:mail.zendesk.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:56808ee7ac784d38a81927376541abc8@dmarc-reports.cloudflare.net

policy: quarantine

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9eARCWoAw+8qtvE4YtqJHpexQyIAYdJZ474Z+AcH1TVoKebfBkBluBW6fCFCMLF2yv5fnvPmpxdM84gkprW…

selectors probed

Certificate (current)

WE1

from 2026-04-12 to 2026-07-11

Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://firecore.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), microphone=(), geolocation=()
x-content-type-options: nosniff
content-security-policy: object-src 'none'; script-src 'self' 'report-sample' https://*.googletagmanager.com https://tagmanager.google.com https://static.zdassets.com https://ekr.zdassets.com https://ekr.zendesk.com https://*.zendesk.com ajax.cloudflare.com https://challenges.cloudflare.com interfaces.zapier.com https://use.fontawesome.com; script-src-elem 'self' 'report-sample' 'unsafe-inline' https://www.googletagmanager.com https://*.googletagmanager.com googletagmanager.com https://*.zdassets.com https://*.zendesk.com https://challenges.cloudflare.com ajax.cloudflare.com interfaces.zapier.com https://use.fontawesome.com; style-src 'self' 'report-sample' *.firecore.com https://*.zendesk.com https://*.zdassets.com https://*.zdusercontent.com https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com; style-src-attr 'self' 'report-sample' 'unsafe-inline'; style-src-elem 'self' 'report-sample' 'unsafe-inline' *.firecore.com https://*.zendesk.com https://*.zdassets.com https://*.zdu
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy: cross-origin
cross-origin-resource-policy: cross-origin

Links to (5)

Linked from (1)

app-talk.com×2