milian.com — domain check, WHOIS, DNS & reputation

HTML metadata

Language: en

Technology

Server: nginx
Stack: Java

Third-party hosts loaded (1)

images.dutscher.com×5

Social

Contact

Phone

Registration

Registrar

OVH sas

Created

1997-06-25

Expires

2026-06-24 23 days left

Updated

2025-06-25

Name servers

dns200.anycast.me
ns200.anycast.me

DNS records live

NS

dns200.anycast.me
ns200.anycast.me

MX

0 milian-com.mail.protection.outlook.com

TXT

1|www.milian.com

Verified for

Google
Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:mtest@dutscher.com; aspf=r

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1tjAe/16drUej8aApJuyX42R+WST/MLsn7i+9JXO1xeQ0VvZWePE4ailrty/OAsQm9/71+pg97l1A4c5Ujx…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current) wrong cert

Sectigo Public Server Authentication CA DV R36

from 2026-05-07 to 2026-11-22

Expires in 174 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.milian.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: no-referrer
permissions-policy: accelerometer=(), ambiant-light-sensor=(), autoplay=(self), battery=(), bluetooth=(), browsing-topics=(), camera=(), compute-pressure=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), identity-credentials-get=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-create=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), speaker-selection=(), storage-access=(), usb=(), window-management=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.voiceflow.com; media-src 'self' blob: *.dutscher.com; worker-src 'self' blob: *.dutscher.com; style-src 'self' 'unsafe-inline' *.voiceflow.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com *.google-analytics.com https://www.google.com/recaptcha/api.js https://www.gstatic.com www.paypalobjects.com www.paypal.com matomo.dutscher.com https://cdn.voiceflow.com; img-src 'self' *.paypal.com *.paypalobjects.com *.amazonaws.com blob: *.dutscher.com data: *.dutscher.com www.google-analytics.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.google-analytics.com www.paypal.com matomo.dutscher.com *.voiceflow.com wss://general-runtime.voiceflow.com; frame-src 'self' https://www.youtube.com www.google.com www.youtube-nocookie.com;
strict-transport-security: max-age=31536000 ; includeSubDomains

Links to (4)

Linked from (1)

ilmac.ch×1