healthtrain.app

HTML metadata

Technology

Server

nginx

CMS

WordPress 7.0

jQuery

3.7.1

Stack

PHP

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• js-eu1.hs-scripts.com×2
• kit.fontawesome.com×2
• healy2.site.transip.me×1
• www.googletagmanager.com×1

Social

• linkedin

Contact

Phone

• 1698645904704
• 1698136683889
• 1707814384802
• 1698136770806

DNS records live

NS

• ns0.transip.net
• ns1.transip.nl
• ns2.transip.eu

MX

• 1 aspmx.l.google.com
• 10 alt3.aspmx.l.google.com
• 10 alt4.aspmx.l.google.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

Verified for

• Google

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:mailgun.org include:spf.flowmailer.net include:145537445.spf02.hubspotemail.net ip4:136.144.206.116 ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; sp=reject; adkim=r; aspf=r; rua=mailto:watchdog1@watchdog.kevlarr.io,mailto:dmarc@inbound.flowmailer.net; ruf=mailto:dmarc@inbound.flowmailer.net; fo=1

policy: reject (enforced) · sp=reject

DKIM

• google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDyvfBPNZxpo5W2+kDpSD0v349xSBcaoMy/U1sXaSbQcGSPZUGFsGfBHEwZdgm8WblKBiHnHVv6NDE…
• s1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVhmsldrAVsM8o84+FbRXNVdTJBsnSQzrEQ/c2ul8uYvUcOtxtj7YVbTTN+GUtAS8fXTSMAX+lzTExSNdgDM2iA9ALpIq…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.healthtrain.app/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (2)

• transip.me×1
• linkedin.com×1