gayest.dev
HTML metadata
Contact
DNS records live
- NS
-
- coco.bunny.net
- kiki.bunny.net
- MX
-
- 10 in1-smtp.messagingengine.com
- 20 in2-smtp.messagingengine.com
Email authentication partial
- SPF
-
v=spf1 include:spf.messagingengine.com ?allneutral (?all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 45 days
HTTP security headers
- present
-
- content-security-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob:; frame-src https:; img-src data: https:; media-src https:; object-src 'none'; sandbox allow-downloads allow-forms allow-modals allow-pointer-lock allow-popups allow-presentation allow-same-origin allow-scripts;