lions.co
HTML metadata
Technology
- CMS
- Next.js
- Analytics
-
- Google Tag Manager
- Microsoft Clarity
Third-party hosts loaded (4)
- cdn.builder.io×61
- www.clarity.ms×2
- www.googletagmanager.com×2
- transcend-cdn.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns-1091.awsdns-08.org
- ns-1924.awsdns-48.co.uk
- ns-29.awsdns-03.com
- ns-849.awsdns-42.net
- MX
-
- 10 us-smtp-inbound-1.mimecast.com
- 20 us-smtp-inbound-2.mimecast.com
- TXT
-
Show 4 TXT records
google-site-verification=570S577s1mq8nBQjaPPM0pK1x9mZOC7oLaxnYpAA0NIgoogle-site-verification=anA4hW01KKMBYQcNiKLfXlTmjEgA1y8pWR1X9KWN11U0ed1fe018ab194227ed71a4762b7b1191356d91463MS=ms90579621
Email authentication partial
- SPF
-
v=spf1 include:_u.lions.co._spf.smart.ondmarc.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; sp=none; pct=100; adkim=r; aspf=r; fo=1; ri=3600; rua=mailto:937ab994@inbox.ondmarc.com,mailto:dmarc-reports@ lions.co; ruf=mailto:937ab994@inbox.ondmarc.com,mailto:dmarc-reports@lions.copolicy: none (monitoring only) · sp=none - DKIM
-
- s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GO5njKkX+cNAwsEXSxWRiMCod+1pLOLdM375b+6tEUylwbEmuWN0L0AvPxx2h6dtjDlCbwITPfYF5poHa… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEwPWGWi7B0ZUEAhHy7ICWCiSm2Zczfpn3/85grRyWWC/bWqwf/2+kuR9IcXqXwXl+4SC7E14yKmA7gvjD8EvRLw…
selectors probed - s1:
Certificate (current)
Amazon RSA 2048 M03
Expires in 55 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
deny- permissions-policy
camera=(), microphone=(), geolocation=()- x-content-type-options
nosniff- content-security-policy
default-src https: data: blob: wss:; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https: https://*.googletagmanager.com https://transcend-cdn.com https://page.ascential.com https://connect.facebook.net; style-src 'self' 'unsafe-inline' nonce-YzIzNDkzOTUtNWRmMy00NDg5LTlmOWItNDA2MjBiMDdmM2Y4 https:; img-src 'self' blob: data: https:; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https://builder.io; frame-src 'self' https://page.ascential.com https://vimeo.com https://player.vimeo.com https://*.googletagmanager.com https://www.youtube.com https://youtube.com https://www.youtube-nocookie.com https://youtube-nocookie.com https://open.spotify.com https://e.infogram.com/; block-all-mixed-content; upgrade-insecure-requests; connect-src 'self' https://s3-eu-west-1.amazonaws.com https://ascentialcdn.filespin.io https://cdn.builder.io https://transcend-cdn.com https://telemetry.transcend.io/collect https://*.google-analytics.com https://*.analyt- strict-transport-security
max-age=31536000 ; includeSubDomains