peacerun.org
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
Third-party hosts loaded (1)
- uploads-ssl.webflow.com×3
DNS records live
- NS
-
- anahi.ns.cloudflare.com
- khalid.ns.cloudflare.com
- MX
-
- 10 mail.peacerun.org
- TXT
-
yahoo-verification-key=bysL15uEhS0sP8UEfm6OXr15kKTa7rHGOJp723ulihc=google-site-verification=jJ5VoPKP1xaaqxNm5eolfagf5wv_WWyZCoQ4f3kCjQA
Email authentication strong
- SPF
-
v=spf1 mx a a:mail.peacerun.org -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; pct=100policy: quarantine - DKIM
-
- dkim:
v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKr6IZpkKveAbYJqEjliBhNV9x6AeF/mjoQ7KglBGZQMRfsHAm4SuJlz21Mv7+bnyo+5ddJNQkORIi5Q…
selectors probed - dkim:
Certificate (current)
E7
Expires in 40 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- short HSTS max-age
- missing Content Security Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
camera=(), microphone=(), geolocation=()- x-content-type-options
nosniff- strict-transport-security
max-age=300; includeSubDomains- content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-src 'self' https://player.vimeo.com https://www.youtube.com https://www.youtube-nocookie.com https://w.soundcloud.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self'; report-uri /csp-report/