kastle.com
kastle.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (10)
- cdn.jsdelivr.net×6
- stagingkastle.wpengine.com×6
- js.hs-scripts.com×3
- vjs.zencdn.net×3
- cdn.hu-manity.co×2
- js.hsforms.net×2
- stats.wp.com×2
- dc.ads.linkedin.com×1
- kastledev.wpengine.com×1
- www.googletagmanager.com×1
Contact
- Phone
Registration
- Registrar
- Network Solutions, LLC
- Created
- 1992-09-21
- Expires
- 2026-09-20 123 days left
- Updated
- 2021-07-22
- Name servers
-
- ns10.dnsmadeeasy.com
- ns11.dnsmadeeasy.com
- ns12.dnsmadeeasy.com
- ns13.dnsmadeeasy.com
- ns14.dnsmadeeasy.com
- ns15.dnsmadeeasy.com
DNS records live
- NS
-
- ns10.dnsmadeeasy.com
- ns11.dnsmadeeasy.com
- ns12.dnsmadeeasy.com
- ns13.dnsmadeeasy.com
- ns14.dnsmadeeasy.com
- ns15.dnsmadeeasy.com
- MX
-
- 5 kastle-com.mail.protection.outlook.com
- TXT
-
Show 4 TXT records
have-i-been-pwned-verification=c78faa61d73f271c64413cbf04412b58logmein-verification-code=0FtLtPZ9QVmzcLUlubze9TONlatlassian-sending-domain-verification=598f333e-aefd-4ecc-b544-e3f4b5a73a37_7s04ic6e4nfe4m2fcsy1kc2znq0wypb
- Verified for
-
- Apple
- Atlassian
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 mx include:servers.mcsv.net include:_spf.checkvideo.net include:spf.protection.outlook.com include:3851256.spf02.hubspotemail.net include:_spf.ultipro.com include:_spf.messagegears.net include:_spf.psm.knowbe4.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=quarantine; rua=mailto:infotech@kastle.com; ruf=mailto:infosec@kastle.com; rf=afrf; pct=100policy: quarantine - DKIM
-
Show 5 DKIM selectors
- selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3pBuY6l+tFxtOCQHscJc/VPix9lh0RFueHuAbVL7a9EJ3KLuNCzl48uPwXPwKgpyzcBRcBKzr7MNfgfcYDe… - mail:
v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Fm59+50dA0uM9+GbWHDecCfx7HQ/n/bn1qu9SnzJQ9ryjKyKXvCva3YxS9pEc6sqyrw… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni0nP4zcSQ7uQNZyYHV0crIgCfK4wPF1LrI6rVGkxhcIwKjjzKbqml+BgniOhc98l/zP/aVXnkMkfUglQ0… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRP0fbGg6OQ85WVow85v1TrsN+tMNlSOVigQ+Y3TQpiufr9xk8BPbq/JjuithYxA99l54m+MIAS3kwRxXo+5a8OZ… - smtpapi:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed - selector2:
Certificate (current)
DigiCert Global G2 TLS RSA SHA256 2020 CA1
Expires in 16 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=()- x-content-type-options
nosniff- content-security-policy
upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' blob: https://*.hu-manity.co https://*.hs-scripts.com https://*.hubspotfeedback.com https://feedback.hubapi.com https://feedback-eu1.hubapi.com https://*.hsforms.com https://*.hsleadflows.net https://*.hsforms.net https://*.hscollectedforms.net https://*.hubspot.net https://static.hsappstatic.net https://*.usemessages.com https://*.hs-banner.com https://*.hubspot.com https://js-eu1.hscta.net https://*.hsadspixel.net https://*.hs-analytics.net https://js.hscta.net https://stats.wp.com https://cdn.dreamdata.cloud https://cdn.jsdelivr.net https://connect.facebook.net https://googleads.g.doubleclick.net https://js.hsforms.net https://js.zi-scripts.com https://pixel.mathtag.com https://player.vimeo.com https://scout-cdn.salesloft.com https://snap.licdn.com https://tags.clickagy.com https://tracking.g2crowd.com https://vjs.zencdn.net https://www.google-analytics.com https://www.google.com https://www.googletagma- strict-transport-security
max-age=31536000; includeSubDomains; preload- cross-origin-opener-policy
unsafe-none- cross-origin-embedder-policy
unsafe-none; report-to='default'- cross-origin-resource-policy
cross-origin