kactus.com
kactus.com
HTML metadata
Technology
- CDN
- Cloudflare
- Analytics
-
- Cloudflare Insights
- Fonts
-
- Google Fonts
Third-party hosts loaded (4)
- fonts.googleapis.com×3
- fonts.gstatic.com×1
- maps.googleapis.com×1
- static.cloudflareinsights.com×1
Social
Contact
Registration
- Registrar
- Cloudflare, Inc.
- Created
- 1996-07-11
- Expires
- 2026-07-10 50 days left
- Updated
- 2025-06-10
- Name servers
-
- ace.ns.cloudflare.com
- heidi.ns.cloudflare.com
DNS records live
- NS
-
- ace.ns.cloudflare.com
- heidi.ns.cloudflare.com
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
ALIAS for kactus.com.herokudns.com
- Verified for
-
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 ip4:3.93.157.0/24 ip4:3.210.190.0/24 ip4:18.208.124.128/25 ip4:35.190.247.0/24 ip4:35.191.0.0/16 ip4:50.31.32.0/19 ip4:54.174.52.0/24 ip4:54.174.53.128/30 ip4:54.174.57.0/24 ip4:54.174.59.0/24 ip4:54.174.60.0/23 ip4:54.174.63.0/24 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.175.18.0/23 ip4:108.175.30.0/23 ip4:108.177.8.0/21 ip4:108.177.96.0/19 ip4:130.211.0.0/22 ip4:139.180.17.0/24 ip4:142.250.150.27 include:spf1.kactus.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=quarantine; rua=mailto:nb58jlig@ag.eu.dmarcadvisor.com, mailto:dmarc_agg@vali.email; pct=100;policy: quarantine - DKIM
-
Show 4 DKIM selectors
- google:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDi+49Zbk+8AX2LHe0/Z/Q6uHIO1p4IfxNRbzz2Vef9nOogtFMOnqimbXwZ50O7khDvLS2FWcNeYIR6YRV/1B… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw39JwuFG3hgypRXJqLeIr9zWhDnjdyT5QqzUKf8nnGN14ZPOrps7LLiNjjGzg/85dpgqiiBF4kntWvdwvG… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCg1GDWNjoKZhFCRXWjBtBROUJ2e+6HLU9O/4xDvP/MBDV3KNprmWNi+yMrYlljKD4w7YKpBbfoFU4sp/0XERwPwX… - smtpapi:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed - google:
Certificate (current)
WE1
Expires in 68 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' https:; font-src 'self' https: data: kactus-assets.gumlet.io fonts.gstatic.com; img-src 'self' https: data: blob: cdn.kactus.com kactus-assets.gumlet.io maps.gstatic.com maps.googleapis.com axeptio.imgix.net; object-src 'self' https:; script-src 'self' https: 'unsafe-eval' blob: kactus-assets.gumlet.io *.fullstory.com maps.googleapis.com www.googletagmanager.com static.cloudflareinsights.com snid.snitcher.com static.axept.io cdn.segment.com chat-assets.frontapp.com connect.facebook.net www.google-analytics.com kactus.metabaseapp.com *.userguiding.com 'nonce-186a5e1c7890de7822997c9687a15084'; script-src-attr 'self' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline' blob: kactus-assets.gumlet.io maps.googleapis.com fonts.googleapis.com kactus.metabaseapp.com *.userguiding.com; connect-src 'self' https: wss: data: appsignal-endpoint.net *.fullstory.com *.frontapp.com *.ably.io maps.googleapis.com client.axept.io api.axept.io api.segment.io *.segmentapis.com sessio- strict-transport-security
max-age=31556952; includeSubDomains; preload