plaskolite.com
HTML metadata
Technology
- CMS
- Ghost
- Analytics
-
- Google Tag Manager
- Fonts
-
- Font Awesome
Third-party hosts loaded (5)
- use.fontawesome.com×3
- cdnjs.cloudflare.com×1
- cloud.typography.com×1
- code.jquery.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
- Address
- st a QuoteRequest a Sample800-848-9124
Registration
- Registrar
- Network Solutions, LLC
- Created
- 1996-03-09
- Expires
- 2029-03-10 1026 days left
- Updated
- 2024-01-10
- Name servers
-
- bob.ns.cloudflare.com
- sreeni.ns.cloudflare.com
DNS records live
- NS
-
- bob.ns.cloudflare.com
- sreeni.ns.cloudflare.com
- MX
-
- 10 us-smtp-inbound-1.mimecast.com
- 10 us-smtp-inbound-2.mimecast.com
- TXT
-
MS=ms24712552
Email authentication partial
- SPF
-
v=spf1 include:us._netblocks.mimecast.com include:spf.protection.outlook.com include:emailsrvr.com include:spf.mandrillapp.com include:spf.us.exclaimer.net include:_spf.salesforce.com include:_spf.psm.knowbe4.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:nidyue9b@ag.us.dmarcian.com;policy: none (monitoring only) - DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - k2:
Certificate (current)
Sectigo RSA Domain Validation Secure Server CA
Expires in 33 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com www.google.com apis.google.com *.google-analytics.com ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://*.googletagmanager.com cdnjs.cloudflare.com *.hotjar.com *.jquery.com *.cloudflare.com https://googleads.g.doubleclick.net www.gstatic.com *.usercentrics.eu https://cdn-cookieyes.com https://connect.facebook.net https://facebook.com https://graph.facebook.com https://*.facebook.com cdn.ampproject.org https://cdn.insight.sitefinity.com https://player.vimeo.com/api/player.js https://www.youtube.com/iframe_api 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.fontawesome.com *.typography.com *.jsdelivr.net plaskolite.com https://cdn.ins- strict-transport-security
max-age=31536000- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
cross-origin