ncirl.ie
HTML metadata
Technology
- Server
- Sucuri
- CMS
- Joomla
- Stack
- ASP.NET
- Analytics
-
- Google Tag Manager
- Ads
-
- Google Ads (DoubleClick)
- Fonts
-
- Google Fonts
Third-party hosts loaded (3)
- fonts.googleapis.com×2
- 2771193.fls.doubleclick.net×1
- www.googletagmanager.com×1
Social
DNS records
Email authentication partial
- SPF
-
v=spf1 ip4:193.1.209.100 ip4:20.54.73.47 ip4:20.93.10.149 ip4:10.60.26.5 ip4:78.153.205.252 ip4:78.153.203.204 ip4:193.1.245.136 include:spf2.ncirl.ie include:spf.protection.outlook.com include:spf.constantcontact.com include:mail.zendesk.com include:457020.spf01.hubspotemail.net include:_spf.eu.messagegears.net include:spf.blacknight.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
Show 5 DKIM selectors
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFOLmpnTL1stzb8XGKIwG4BTwJyUfwM0XAM08SE4MwIGNJdFqaLaDdeq3rprL09XrmLkFWm/EYcJar… - selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChUpiTtPuzoxBjR3OUKZMUVobyQYD+gsRdzEKPD7L75//w2qqz7BHrWIiBFJGL958bzz08LzXdYihTQFWePK… - mail:
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu6Jjn4HiNEgV/4VUR+01VYjvBRKhubt04UCnxV2HWiL0WRpZXDN5bJSDgJpsj/LaYpoIxf+b0ASY6Ehe6… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG/NGzPAruxvSCAVoRQn5VlgDFS12q8ztz6TLrHyHCHOSXqRxPGMeH0kHNzb78ztcTszvFhKTVFTQfZXfGaTnLvB…
selectors probed - selector1:
Certificate (current)
Starfield Secure Certificate Authority - G2
Expires in 169 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- weak content type protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin, no-referrer-when-downgrade- x-frame-options
SAMEORIGIN, SAMEORIGIN- x-content-type-options
nosniff, nosniff- content-security-policy
upgrade-insecure-requests;, default-src 'self' *.unibuddy.co *.pubble.io https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' heatmaps.monsido.com pagecorrect.monsido.com app-script.monsido.com js.hubspot.com static.hotjar.com script.hotjar.com js.hsleadflows.net *.licdn.com *.ads-twitter.com *.matomo.cloud *.snapchat.com *.twitter.com *.facebook.com cdn.syndication.twimg.com platform.twitter.com cdn.unibuddy.co sc-static.net analytics.tiktok.com *.gstatic.com *.google.com *.googleapis.com *.bootstrapcdn.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net *.hsforms.net *.hsforms.com *.hs-analytics.net *.hs-scripts.com *.hs-banner.com connect.facebook.net *.pubble.io *.onetrust.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://*.monsido.com https://*.googlesyndication.com https://*.hubspot.com https://vc.hotjar.io https://in.hotjar.com wss://ws.hotjar.com https://content.hotjar.io https://forms.hubspot.com/ https://fonts.goog- strict-transport-security
max-age=31536000; includeSubdomains; preload, max-age=31536000
Links to (20)
- advance-he.ac.uk×1
- azurewebsites.net×1
- eduroam.org×1
- eufunds.ie×1
- facebook.com×1
- hea.ie×1
- instagram.com×1
- inventise.com×1
- linkedin.com×1
- microsoft.com×1
- office.com×1
- outlook.com×1
- perrettlaver.com×1
- qqi.ie×1
- sharepoint.com×1
- teamwear.ie×1
- topuniversities.com×1
- twitter.com×1
- www.gov.ie×1
- youtube.com×1