practicallaravelsecurity.app
HTML metadata
Technology
- CDN
- Cloudflare
- Analytics
-
- Fathom
Third-party hosts loaded (1)
- cdn.usefathom.com×1
DNS records live
- NS
-
- algin.ns.cloudflare.com
- jamie.ns.cloudflare.com
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
WE1
Expires in 57 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP uses wildcard sources
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
report-uri https://valorin.report-uri.com/r/d/csp/enforce ; default-src 'none' ; connect-src 'self' https://cdn.usefathom.com ; font-src 'none' ; frame-src https://practicallaravelsecurity.app https://*.practicallaravelsecurity.dev https://plstarget.dev ; img-src 'self' data: https://cdn.usefathom.com ; manifest-src 'self' ; script-src 'report-sample' 'self' https://cdn.usefathom.com 'unsafe-eval' 'nonce-DP101oDwQOb5SbQPUh015LRFcw8IvPtP1KYdA7QK' ; style-src 'self' 'sha256-NycL7c9Ybm7R/4hKg4lvLXtc7QaS8Xn/RLzw666ZCN0=' 'nonce-DP101oDwQOb5SbQPUh015LRFcw8IvPtP1KYdA7QK' ; form-action 'self' ; frame-ancestors 'none'- strict-transport-security
max-age=31536000; includeSubDomains; preload