pointpay.io
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Nuxt
- Analytics
-
- Cloudflare Insights
- Fonts
-
- Google Fonts
Third-party hosts loaded (6)
- back-0.pointech.cloud×37
- fonts.googleapis.com×2
- fonts.gstatic.com×2
- accounts.google.com×1
- appleid.cdn-apple.com×1
- static.cloudflareinsights.com×1
Social
Contact
DNS records live
- NS
-
- boyd.ns.cloudflare.com
- rose.ns.cloudflare.com
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 30 pointpay-io.mail.protection.outlook.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
Show 7 TXT records
MS=ms85312846Sendinblue-code:a1d1ad529bae3dd7323432c65e2c9144google-site-verification=-QGhk2QPh5h_qR8GPRCWmgtaPngLVNSdhig2kYsi7DQgoogle-site-verification=3M3_xIxjYzunQf0yLJFtUBijWQlxhYVYFN9JapOnpTAgoogle-site-verification=4mwlHhDd0rBfviqJek-0bZGzNKPmnmHZIlS18FaUmHAgoogle-site-verification=6sBbnlZAiG5OPOQ_N6ns7C-fjK5XvKyDZlWypcAtbSYMS=ms33295429
Email authentication strong
- SPF
-
v=spf1 include:mxsspf.sendpulse.com include:spf.mandrillapp.com include:mailgun.org include:_spf.google.com include:155658a7b.spf2.netcorecloud.net -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:postmaster@pointpay.io; adkim=r; aspf=rpolicy: reject (enforced) - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvfOVUGbfI7nswZGHdTvkGstEkdNbiuliBGiHXhrN/YfpXSTFenkGdCFHjH5x0COAErmxaEq9oV6Yg… - mail:
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed - google:
Certificate (current)
E7
Expires in 74 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
ALLOWALL- permissions-policy
geolocation=(*),midi=(*),sync-xhr=(*),microphone=(*),camera=(*),fullscreen=(self),payment=(*)- x-content-type-options
nosniff- content-security-policy
default-src * data: mediastream: blob: filesystem: about: ws: wss: 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline'- strict-transport-security
max-age=31536000; includeSubDomains; preload;
Links to (23)
- youtube.com×2
- beincrypto.com×2
- coingecko.com×2
- cointelegraph.com×2
- discord.com×2
- facebook.com×2
- forbes.com×2
- gitbook.io×2
- google.com×2
- googleusercontent.com×2
- hackenproof.com×2
- ibtimes.com×2
- instagram.com×2
- investing.com×2
- linkedin.com×2
- medium.com×2
- t.me×2
- trustpilot.com×2
- twitter.com×2
- wikimedia.org×2
- wikipedia.org×2
- apple.com×2
- x.com×1