luno.com
HTML metadata
Technology
- CDN
- Cloudflare
- Analytics
-
- Amplitude
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (5)
- framerusercontent.com×79
- cdn.amplitude.com×1
- events.framer.com×1
- fonts.gstatic.com×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- Gandi SAS
- Created
- 2001-01-24
- Expires
- 2027-01-24 249 days left
- Updated
- 2025-12-24
- Name servers
-
- barbara.ns.cloudflare.com
- pablo.ns.cloudflare.com
DNS records live
- NS
-
- barbara.ns.cloudflare.com
- pablo.ns.cloudflare.com
- MX
-
- 1 aspmx.l.google.com
- 10 aspmx2.googlemail.com
- 10 aspmx3.googlemail.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
Show 29 TXT records
753733f9-6287-4b23-9d20-7ac1ad331fc49WE805iD41ouVp/vZyixD3zq1eNuZZAWdyBJkP39wqU=9ea23da02c3b1de3f88d55b834c8f6d4623a39e3IvGqKL0jChgX0IRxc6Kka9xlMGeyELj9plQILfIvFvs=KKVru7Cqxau5D5AH-5OJPY2BZ4UIggMS=ms34207728Sendinblue-code:97fdfae4c9d85c75adfd567e7d4d8c89_globalsign-domain-verification=6ITVUUfC2KUGen_tlh8cnJ6RTZ0x-FC80NWna6Gols_globalsign-domain-verification=8O8qOX_vjvZq26FfigKBNpdw0C-H91ZKBcThOfQg91anthropic-domain-verification-5z7vy7=rqgnyRvjABjzhWBpbcnipEhMGapple-domain-verification=GbVSv3CjucYjkctvasv=436ee748f071776a95845238c6ff156datlassian-domain-verification=83oH8S/AIJE4XX/TfRYbxaW8IazPLvPhAJy6Ngd+JpryOYc8+OTBnQrFYQYmSuOjatlassian-domain-verification=SyLEcn/18z01eG6uzJXob8Gj5m/P9aaljWVTYDFtLwaU3wTFXbaMAwl0E9McOxKHatlassian-sending-domain-verification=490b8116-0d1b-4089-813a-4e9814ac84d4canva-site-verification=0JJTwyY-q8z3PXMs2qp7zwfacebook-domain-verification=vamxj9lmindl9rrbxhtdlpgpld985jgoogle-site-verification=54vLJ1NVcPJ3A283GG3qNimU_5WV7IPconeG-3AAqLggoogle-site-verification=L61gPMBLFzBhqy0S02pt7p4Np616uZ9Qx5I7uewdPgEgoogle-site-verification=_-3lybS9ufQ3ekgdj7KH7roH5ttpnLyVpeXv8eFsfccgoogle-site-verification=oZHPk9qUPrB0u1Dcp4fvEDf8KO5grRDXxO_fBIvzM-AiOcrL^Skl2W2RW&#f%8WBC7#0*6c75szRs4^ekWi%QGtay%w0kyaH0XQlBP0C0HyesZ*R&UW*LcZQ$gKi7^ZJLIU2oeV%ps41H%jamf-site-verification=DDvLJe2jylX7qMMn82bqeAmake-domain-verification=f3e37ccf-c09d-4303-908f-6015dd24093dmiro-verification=4788326ea906f9b16bd63bea8b9749c414910de3reftab-domain-verification=24727be351ba766e7c4d4b0ae7514088slack-domain-verification=3NPD4QJTh3TDWMFvBOc3ZLq53lRQzux3KC34Ze9qtwilio-domain-verification=5af0c6adf51ca8a9fe7454319d10b17f03055D46E6
Email authentication strong
- SPF
-
v=spf1 include:amazonses.com include:_spf.google.com include:_spf.atlassian.net include:spf.sendinblue.com include:mail.zendesk.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:a.pdxwxkog@sdmarc.net,mailto:re+a5156475db16@inbound.dmarcdigests.com,mailto:dmarc@luno.com; ruf=mailto:f.pdxwxkog@sdmarc.net,mailto:dmarc@luno.com; fo=1policy: reject (enforced) - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCMFVYJ7GA0nobn1G8ZmL7tfB/TNK9cjoqH3mwIdT1n4qMt/9dQf/xbpot9VS6QCn2PMyj7eJQ9dlwrabtDah… - mail:
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed - google:
Certificate (current)
WE1
Expires in 56 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
Header values
- referrer-policy
same-origin- permissions-policy
camera=(self "https://emea-face-quality.identityx-cloud.com" "https://sdk.onfido.com"), microphone=(self "https://emea-face-quality.identityx-cloud.com" "https://sdk.onfido.com"), geolocation=(self "https://*.geocomply.net" "https://geocomply.net" "https://sdk.onfido.com"), payment=(self "https://*.stripe.com" "https://stripe.com" "https://*.paymentsos.com" "https://paymentsos.com"), publickey-credentials-get=(self), publickey-credentials-create=(self), notifications=(self), autoplay=(self), clipboard-read=(self), clipboard-write=(self "https://sdk.onfido.com"), web-share=(self), accelerometer=(), gyroscope=(), display-capture=(), usb=(), midi=(), serial=(), sync-xhr=(), attribution-reporting=(), browse-topics=(), join-ad-interest-group=(), run-ad-auction=(), shared-storage=(), storage-access=(), private-state-token-issuance=(), private-state-token-redemption=(), private-aggregation=(), identity-credentials-get=(), top-level-storage-access=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' *.luno.com; script-src 'self' 'unsafe-inline' *.luno.com *.framer.com framer.com framerusercontent.com *.framerstatic.com sdk.privacy-center.org www.googletagmanager.com cdn.amplitude.com *.google-analytics.com web-sdk-cdn.singular.net; style-src 'self' 'unsafe-inline' *.luno.com *.framer.com framerusercontent.com fonts.googleapis.com; img-src 'self' data: blob: *.luno.com *.framer.com framerusercontent.com *.lunostatic.com www.google.com www.googletagmanager.com; font-src 'self' *.luno.com fonts.gstatic.com framerusercontent.com; connect-src 'self' *.luno.com *.framer.com *.framerstatic.com framerusercontent.com sdk-api-v1.singular.net api2.amplitude.com *.amplitude.com *.google-analytics.com www.google.com; frame-src 'self' *.luno.com *.framer.com framer.com www.googletagmanager.com; media-src 'self' *.luno.com framerusercontent.com; worker-src blob: 'self'; object-src 'none'; base-uri 'self'; form-action 'self' *.luno.com; frame-ancestors 'self' *.luno.com; report- strict-transport-security
max-age=60- cross-origin-opener-policy
same-origin-allow-popups
Links to (9)
- facebook.com×3
- instagram.com×3
- linkedin.com×3
- t.me×3
- tiktok.com×3
- tradingview.com×3
- trustpilot.com×3
- x.com×3
- youtube.com×3