mountainone.com
mountainone.com
HTML metadata
Technology
- CMS
- WordPress 6.9.4
- PHP
- 8.2.30 security-only
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (7)
- cdn.jsdelivr.net×2
- cdn-cookieyes.com×1
- cds-sdkcfg.onlineaccess1.com×1
- fonts.googleapis.com×1
- gmpg.org×1
- www.google.com×1
- www.googletagmanager.com×1
Social
Contact
Registration
- Registrar
- Network Solutions, LLC
- Created
- 2004-08-31
- Expires
- 2027-08-08 444 days left
- Updated
- 2023-10-30
- Name servers
-
- dns1.cocci.com
- dns2.cocci.com
DNS records live
- NS
-
- dns1.cocci.com
- dns2.cocci.com
- MX
-
- 10 east.smtp.mx.o365.serverdata.net
- TXT
-
Show 4 TXT records
356q9uumcbkaujq4ufvot05m05v1l1lveilnifv7acd5mt5oeu53h2r82r301j4bc01im656r17nreMS=F82A87B0CAA31740B0DE13F7AF5F0587599938F1
Email authentication partial
- SPF
-
v=spf1 mx ip4:8.27.74.14 ip4:67.210.88.0/24 ip4:63.156.189.0/24 ip4:68.232.131.237 ip4:68.232.137.69 ip4:68.232.141.148 ip4:64.78.0.0/18 ip4:162.244.196.0/22 ip4:199.193.200.0/21 ip4:206.225.164.0/22 ip4:162.216.192.0/22 ip4:185.64.212.0/22 ip4:103.211.140.0/23 ip4:64.28.112.143 ip4:64.28.115.143 include:spf.protection.outlook.com include:spf.cocci.com include:spfhost.messageprovider.com include:mailgun.org include:spfref.jackhenry.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrNpvB0JMsN/wAExeO13pOTnruPJh7J3PyBDFpafQVIj8ALwJmrF0N04uHgWI2B6ROXaL7gNVD7xyvnwNO… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4RO5jA0KeV42VBajJlqTJqk6rVjtxgF4IxN+FtExjeHYlUs0ZewRvrCtQ3dWo83di1CnY6kTG0qWGy7FIh8jIEn…
selectors probed - k2:
Certificate (current)
Go Daddy Secure Certificate Authority - G2
Expires in 52 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' s.pinimg.com ct.pinterest.com cdn-cookieyes.com cds-sdkcfg.onlineaccess1.com connect.facebook.net googleads.g.doubleclick.net s7.addthis.com snap.licdn.com static.ads-twitter.com up.pixel.ad www.google-analytics.com www.google.com www.googletagmanager.com www.gstatic.com www.timevaluecalculators.com *.youtube.com; style-src 'self' 'unsafe-inline' 'report-sample' fonts.googleapis.com www.timevaluecalculators.com cdn.jsdelivr.net; img-src 'self' data: ct.pinterest.com i.pinimg.com cdn-cookieyes.com analytics.twitter.com *.sitescout.com *.linkedin.com t.co www.facebook.com www.google.com www.timevaluecalculators.com i.ytimg.com www.googletagmanager.com; font-src 'self' data: fonts.gstatic.com cdn.jsdelivr.net; connect-src 'self' ct.pinterest.com analytics.pinterest.com cdn-cookieyes.com log.cookieyes.com pagead2.googlesyndication.com www.google-analytics.com stats.g.doubleclick.net cdn.linkedin.oribi.io yo- strict-transport-security
max-age=63072000; includeSubdomains; preload