holocard.net
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (3)
- fonts.googleapis.com×1
- fonts.gstatic.com×1
- www.googletagmanager.com×1
Registration
- Registrar
- Network Solutions, LLC
- Created
- 2017-09-26
- Expires
- 2034-09-26 3052 days left
- Updated
- 2024-09-27
- Name servers
-
- ns1.honolulu.gov
- ns2.honolulu.gov
DNS records live
- NS
-
- ns2.holocard.net
- ns4.holocard.net
- MX
-
- 10 mail.holocard.net
- 10 mail1.holocard.net
- 10 mail2.holocard.net
Email authentication partial
- SPF
-
v=spf1 ip4:206.195.188.232 ip4:166.122.98.149 -ano all qualifier - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKsqdlCuakxDqv0w7h/Db35h7aihZdWNYQmK3he8YmZFSq+lm6FWJwoHMbF1fN5ukE/3nSSFnyCqrnMy0i… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPYbHRBMerbDa8LdbO4njfNPs+E1tuArtv2fSmH0Yuh56iM0Hum6KpncSmZSY95DGlKiZ5/nwmfiTbroe5Czd2jG…
selectors probed - s1:
Certificate (current)
DigiCert Global G2 TLS RSA SHA256 2020 CA1
Expires in 58 days
HTTP security headers
- present
-
- content-security-policy
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin, no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), usb=()- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com/ connect.facebook.net/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ www.googletagmanager.com/ maps.googleapis.com/ translate.google.com/ translate.googleapis.com/ stats.g.doubleclick.net/ *.azure.com/ use.typekit.net/ marathonconsulting.atlassian.net/ cdnjs.cloudflare.com/;connect-src 'self' dc.services.visualstudio.com/ www.google.com/recaptcha/ www.google-analytics.com/ analytics.google.com/ maps.googleapis.com/ mapsresources-pa.googleapis.com/ translate.googleapis.com/ stats.g.doubleclick.net/ *.azure.com/;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com/ajax/libs/bootstrap-select/ fonts.googleapis.com/ translate.googleapis.com/;font-src 'self' fonts.gstatic.com/;img-src 'self' data: www.google-analytics.com/ www.googletagmanager.com/ maps.gstatic.com/ *.googleapis.com/ www.facebook.com/ img.youtube.com/ blob: img.youtube.com/ i.ytimg.com/ translate.googleapis.com/ translate.google.com/ www.google.- content-security-policy-report-only
script-src 'self' 'unsafe-eval' www.google-analytics.com/ connect.facebook.net/ www.gstatic.com/recaptcha/ www.google.com/recaptcha/ www.googletagmanager.com/ maps.googleapis.com/ translate.google.com/ translate.googleapis.com/ stats.g.doubleclick.net/ *.azure.com/ use.typekit.net/ marathonconsulting.atlassian.net/ cdnjs.cloudflare.com/'sha256-9vpql/NLyCCe3HPEb2b/lcLKPbkRi48w2Lfn0AbTxsQ=' 'sha256-Li9FAxfIT8E3Ozz6qtK+x9AoPjrSCo5DyiKfbfBx5Ss=' 'sha256-/zQMntUppDC4ECEbEPW+kfNUzeh71Tsyi1NNG5Ly7Cg=' 'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=' 'sha256-6wRdeNJzEHNIsDAMAdKbdVLWIqu8b6+Bs+xVNZqplQw=' 'sha256-UExdFPC+ORL+I/AbwhushlqrhwVppoMKXm6O0ecJ/oE=' 'sha256-mnCX3BURGD0rMu4hJlERrL2QDg4TcG+31C435wakipY=' 'sha256-2daeCimD23CWeQ6yqZ2yMxqV4F6YfEWWwxFAUxPJhFM=' 'sha256-0Gi8cz79ztWp6DwrZuSV6iMF6n8zkGfzch2t2bNODgc=' 'sha256-b24aJZ/ojs8OZhjcR049Kgmtyw+b+/ru1YHpev4O3kM=' 'nonce-UqCVYYLhNfSxF6wzNHzFd6/xwZ+ft+TIgDpYp/l/8iM='; report-uri /csp-violations