nefta.io

HTML metadata

Technology

CDN

Amazon CloudFront

Server

AmazonS3

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (3)

• fonts.googleapis.com×2
• fonts.gstatic.com×1
• www.googletagmanager.com×1

DNS records live

NS

• ns-1397.awsdns-46.org
• ns-1836.awsdns-37.co.uk
• ns-52.awsdns-06.com
• ns-940.awsdns-53.net

MX

Show 6 MX records

• 1 aspmx.l.google.com
• 10 alt3.aspmx.l.google.com
• 10 alt4.aspmx.l.google.com
• 15 mvfd33llzdcsy7t37e2qxl3vygzcq6jkbq3cpxgl7bhm24x2xb6a.mx-verification.google.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

TXT

• google-site-verification=ZUo97WvIxSx-e_k1C691wbIoeSoMNifcy_hOzXL6uHw

Email authentication partial

SPF

not published

DMARC

v=DMARC1; p=none

policy: none (monitoring only)

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnUyiH5bX8dX5kg6ALJvBxgB3a5wixkR8ljN2lemDJYqiWmaLzMVxsCPjJ3ZWdhQvyeSc0IuqTOArbIi5e…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGb9jwaFDLJdGskBDT4aX2iNK6c26HUnYSerRUe2s6aAMBcw7fnPMTMdYMD0K5z1GxyE+Zmm0DncvFns0Y…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://nefta.io/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Linked from (1)

• 7xvc.com×2