mtchbx.co

HTML metadata

Technology

Server

Pepyaka

CMS

Wix

Third-party hosts loaded (4)

• static.wixstatic.com×55
• static.parastorage.com×11
• siteassets.parastorage.com×3
• browser.sentry-cdn.com×1

Social

• instagram
• linkedin
• twitter

DNS records live

NS

• ns0.wixdns.net
• ns1.wixdns.net

MX

• 10 mx1-usg1.ppe-hosted.com
• 20 mx2-usg1.ppe-hosted.com
• 30 mx3-usg1.ppe-hosted.com

Verified for

• Microsoft 365

Email authentication partial

SPF

v=spf1 include:_spf-usg1.ppe-hosted.com include:secureserver.net ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email

policy: none (monitoring only)

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhDLOKxS47ijBvxrL/Bvm8xvW8BYIjUgmrBX1yZufgFbTj2MBTsRYE9C9dKVRHfkvNKNXK0JUgcFLJq96L…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3m9aDoyCgwLEq6afFaOwdW2WYvOu4KH1VNZbAiEpH4E1umOiAxwLP/ZrD7UICplZzelPH3ghYNMksAp7jn…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.mtchbx.co/

present

• strict-transport-security
• x-content-type-options

findings

• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (6)

• ibj.com×1
• indystar.com×1
• instagram.com×1
• linkedin.com×1
• twitter.com×1
• washingtonpost.com×1

Linked from (1)

• noblesvillemainstreet.org×1