nawy.com
HTML metadata
Technology
- CDN
- Amazon CloudFront
- CMS
- Next.js
- JS framework
- Next.js
Social
Contact
- Address
- ABC Bank, South 90th, 12345, New cairo, Cairo, EG
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 2004-08-18
- Expires
- 2033-08-18 2632 days left
- Updated
- 2023-10-22
- Name servers
-
- ns-1450.awsdns-53.org
- ns-1838.awsdns-37.co.uk
- ns-207.awsdns-25.com
- ns-734.awsdns-27.net
DNS records live
- NS
-
- ns-1450.awsdns-53.org
- ns-1838.awsdns-37.co.uk
- ns-207.awsdns-25.com
- ns-734.awsdns-27.net
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
detectify-verification=c1e81a31fde99c1d919a55e8d3321f9asecyour-scanner-verification=mzzbnfIdbrh4PiN5x51qBhwjL1l1tI68ou5817222MYcCyRE-B5KBMSdolDDirectFedAuthUrl=https://portal.sso.eu-central-1.amazonaws.com/saml/assertion/MTUwNTE4NDkyODY1X2lucy05OTNmOTQ5NDllYWYzMGNm
- Verified for
-
- Canva
- Meta
- Microsoft 365
- Zoho
Email authentication strong
- SPF
-
v=spf1 include:_spf.google.com include:amazonses.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; pct=100; rua=mailto:dmarc-reports@nawy.com; ruf=mailto:dmarc-reports@nawy.com;policy: reject (enforced) - DKIM
-
Show 4 DKIM selectors
- google:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCh1mPc4PBg90nCWbUunui7EODc3uGuET/A0nJ7untTZ4h4ha594fl1dIvnXU/9TEdkqt8BJBfMQfja1K/JZj… - k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodifPR730iTZRJ5qx3rBblGNM66RwcWmkDlePCsZZhnNGelU8UAI8HSCktH6DIXQjbRB2MSAsmezB5ONYU… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VYLNv+9V6T4AZ3tZvzWSwqVR+ndgJ+yPIiZJT/4X4PgA/nNcLzZY+3mzszRNHG8UBxmFFsceOplADJEmM…
selectors probed - google:
Certificate (current)
Amazon RSA 2048 M01
Expires in 225 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; script-src 'self' https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js https://cdnjs.cloudflare.com/ajax/libs/pdf.js/ https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.youtube.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/plugins/identity.js https://connect.facebook.net/signals/config/1525576007456708 https://connect.facebook.net/signals/config/1465344211021108 https://analytics.tiktok.com https://analytics-ipv6.tiktokw.us https://ads.tiktok.com https://static.hotjar.com https://*.clarity.ms https://c.bing.com https://api.mapbox.com 'unsafe-inline' https://connect.facebook.net/signals/config/undefined; frame-src 'self' bytedance: sslocal: https://webapi.nawy.com https://listing-api.nawy.com https://www.facebook.com https://www.googletagmanager.com https://www.youtube.com https://www.google.com https://www.google.com.eg; font-src- strict-transport-security
max-age=31536000; includeSubDomains; preload
Links to (6)
- youtube.com×1
- x.com×1
- workable.com×1
- linkedin.com×1
- instagram.com×1
- facebook.com×1
Linked from (1)
- vkav.vc×1