indexo.dev

regionsliven.com

.com crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 1965 ms crawled 2026-06-02

BG · 164.138.223.145 · AS201200 SuperHosting.BG Ltd.

Reputation 92/100 weak subdomain policy

Classifying

HTML metadata

Title
Областна администрация Сливен - Начало
Language
bg
Canonical
https://regionsliven.com

Technology

Server
Apache
jQuery
3.5.1

Third-party hosts loaded (1)

  • new.sliven.net×2

Contact

Email
Phone

Registration

Registrar
PDR Ltd. d/b/a PublicDomainRegistry.com
Created
2001-03-09
Expires
2027-03-09 279 days left
Updated
2025-02-14
Name servers
  • ns257.superhosting.bg
  • ns258.superhosting.bg

DNS records live

NS
  • ns257.superhosting.bg
  • ns258.superhosting.bg
MX
  • 0 mail.regionsliven.com

Email authentication strong

SPF
v=spf1 +a +mx +ip4:185.45.66.46 +ip4:185.45.67.46 +include:smtp-out.spf.superhosting.bg +include:neptun.spf.superhosting.bg ~all
softfail (~all)
DMARC
v=DMARC1;p=quarantine;sp=none;adkim=r;aspf=r;pct=100;fo=0;rf=afrf;ri=86400;rua=mailto:admin@regionsliven.com
policy: quarantine · sp=none
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP5wi28iQUpNOr8WSmmmf0HToPpoUzir5VMATONenciguip6UqPLyAenXtKvIg5Gj6EAPDX47QCbdZ…
selectors probed

Certificate (current)

GoGetSSL RSA DV CA
from 2026-03-10 to 2027-04-10
Expires in 311 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://regionsliven.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer, strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.sliven.net;frame-src 'self' data: *.youtube.com *.youtube-nocookie.com poly.google.com;frame-ancestors 'self';style-src 'self' 'unsafe-inline' gstatic.com *.gstatic.com cdn.jsdelivr.net fonts.google.com *.bootstrapcdn.com fonts.googleapis.com use.fontawesome.com tinymce.com *.tinymce.com tiny.cloud *.tiny.cloud;script-src 'self' 'unsafe-inline' poly.google.com gstatic.com *.gstatic.com www.googletagmanager.com cdn.jsdelivr.net tinymce.com *.tinymce.com code.jquery.com oss.maxcdn.com;img-src 'self' sliven.net *.sliven.net data:;font-src 'self' use.fontawesome.com *.gstatic.com *.bootstrapcdn.com tiny.cloud *.tiny.cloud
strict-transport-security
max-age=63072000; includeSubDomains; preload

Linked from (3)