firstvet.com
HTML metadata
Technology
- CDN
- Amazon CloudFront
- CMS
- Nuxt
Registration
- Registrar
- Name SRS AB
- Created
- 2010-04-03
- Expires
- 2029-04-03 1050 days left
- Updated
- 2025-03-19
- Name servers
-
- ns-1254.awsdns-28.org
- ns-1575.awsdns-04.co.uk
- ns-332.awsdns-41.com
- ns-544.awsdns-04.net
DNS records live
- NS
-
- ns-1254.awsdns-28.org
- ns-1575.awsdns-04.co.uk
- ns-332.awsdns-41.com
- ns-544.awsdns-04.net
- MX
-
Show 6 MX records
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- 999 ms76307027.msv1.invalid
- TXT
-
Show 5 TXT records
stripe-verification=d1a0ba318bc0ef31bedb60158c34ec6592bf7c362c21c53f69872666f44bd0fbsubdomain-owner-verification=5a87d330da4ed7a1cae36e47965a5480subdomain-owner-verification=80c5cb2c4208763339c6f8942f8646f6facebook-domain-verification=weg7pv3sb8nl748cwzup0s7pgm3cidgoogle-site-verification=i5S96uUzNA7rOsvgHvXbJLBJiGCBmtYCQPCldx85NO0
Email authentication partial
- SPF
-
v=spf1 include:_spf.google.com include:one.zoho.eu include:mailgun.org include:spf.mandrillapp.com include:trustpilotservice.com include:spf.dixa.io include:servers.mcsv.net ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; pct=100; fo=1; ri=3600; rua=mailto:f09d1028@dmarc.mailgun.org,mailto:90e85736@inbox.ondmarc.com,mailto:ktpoxgfj@ag.eu.dmarcian.com,mailto:dmarc@firstvet.com; ruf=mailto:f09d1028@dmarc.mailgun.org,mailto:90e85736@inbox.ondmarc.com;policy: none (monitoring only) - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXeJji6GTqtZ0nvMAXYGkxzx7AzT2gbbaESRAhkSA04dTuXMcQNhprfmrdAdiEKzW30IeqskG3+Iac… - k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed - google:
Certificate (current)
Amazon RSA 2048 M01
Expires in 113 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer- x-frame-options
SAMEORIGIN- permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()- x-content-type-options
nosniff- content-security-policy
base-uri 'self'; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com https://use.fontawesome.com; form-action 'self' search.google.com *.facebook.com connect.facebook.net; frame-ancestors 'self' firstvet.com *.firstvet.com https://dev.mypetstore.telushealth.com; img-src * data:; object-src 'none'; script-src-attr 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com translate.googleapis.com https://optimize.google.com https://*.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com https://use.fontawesome.com https://*.globalpay.com https://*.sandbox.globalpay.com; script-src 'self' 'unsafe-inline' https://se.api.shop.firstvet.com http://localhost:7777 https://*.googletagmanager.com https://tagmanager.google.com https://*.googleoptimize.com https://optimize.google.com https://*.analytics.google.com https://*.google-analytics.com https://www.googleadservices.com https://www.google.com https://googleads.g.doubleclick.net https://translate.google.co- strict-transport-security
max-age=15552000; includeSubDomains- cross-origin-opener-policy
same-origin-allow-popups- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
same-origin