reptile.tech
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Gatsby
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- app.enzuzo.com×1
- www.googletagmanager.com×1
DNS records live
- NS
-
- elsa.ns.cloudflare.com
- lee.ns.cloudflare.com
- MX
-
Show 7 MX records
- 10 aspmx.l.google.com
- 20 alt1.aspmx.l.google.com
- 20 alt2.aspmx.l.google.com
- 30 aspmx2.googlemail.com
- 30 aspmx3.googlemail.com
- 30 aspmx4.googlemail.com
- 30 aspmx5.googlemail.com
- TXT
-
google-site-verification=5_GxVAuHvibqPfTcNMP7aLo6mjPBUde0f6xCZW4NB3kMS=E3838EEDAF0BE88E00366D777CDF694E841606B9facebook-domain-verification=hqo3iow7n1mp3e34ob2s46d05s0tcg
Email authentication strong
- SPF
-
v=spf1 include:spf.mtasv.net include:_spf.google.com include:mail-cp2.os.ca include:mailer.emailicious.com include:mail-cp1.reptile.tech ip4:67.212.69.146 ip4:184.170.133.70 ip4:184.95.233.168/29 ip4:205.204.68.76 -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:5kinl0gdul@rua.powerdmarc.com; ruf=mailto:5kinl0gdul@ruf.powerdmarc.com; pct=100; fo=1;policy: reject (enforced) - DKIM
-
Show 5 DKIM selectors
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRhYFWJQSe2J/FpMTnbS3LxNoEEa8Q9fxA7LUOZGomdRilAhCpBfSyRuomi6aw4jdCTYkhjEsILKd9… - google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM7SxRwsO6+mHhpRx8hJpw6oWfwW2kco+dGj58a1RivgqSx3lCYKRK4H9fBQXEbEH8g3mmUHMgxCFP… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuClNFQqJyCwtyVf4LSH43llzGNWp8bwvySZ1Vt+kvVzYYr8/FdgM5D2aJCjT+caAfmDq7uvr6eTbNGPs14… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrjxtX+Mf8YvrE0w54LHunvmMVDavgbO5f5prsogmn4ocYN2FBsvJ5x1DxGtx4P5MzjA10r/Am5mwoyi0f1/pvim… - smtpapi:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed - default:
Certificate (current)
WE1
Expires in 63 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' googleads.g.doubleclick.net www.redditstatic.com/ads/pixel.js assets.apollo.io *.cloudflare.com www.googletagmanager.com translate.google.com capi-automation.s3.us-east-2.amazonaws.com *.bing.com clarity.microsoft.com *.ytimg.com connect.facebook.net app.enzuzo.com *.googleapis.com apis.google.com *.pipedrive.com *.reptile.tech *.clarity.ms *.lfeeder.com js.zi-scripts.com; img-src 'self' data: fonts.gstatic.com *.reddit.com/rp.gif reptile.tech *.reptile.tech bat.bing.net *.googlesyndication.com maps.gstatic.com *.googletagmanager.com *.googleapis.com connect.facebook.net *.lfeeder.com *.facebook.com www.google.la www.google.tg www.google.ci www.google.com.bh www.google.rs www.google.com.ni www.google.co.uz www.google.com.ar www.google.iq www.google.com.ua www.google.com.ph www.google.jo www.google.com.np www.google.com.vn www.google.co.ve www.google.hn www.google.kz www.google.nl www.google.co.id www.google.pt www.google.r- strict-transport-security
max-age=31536000; preload