robinhood.org
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- Cookiebot
- Social widgets
-
- Vimeo Embed
Third-party hosts loaded (7)
- px.ads.linkedin.com×3
- player.vimeo.com×2
- www.youtube.com×2
- consent.cookiebot.com×1
- www.facebook.com×1
- www.google.com×1
- www.googletagmanager.com×1
Social
Registration
- Registrar
- Network Solutions, LLC
- Created
- 1998-06-02
- Expires
- 2034-06-01 2935 days left
- Updated
- 2024-06-06
- Name servers
-
- b3.uberns.org
- a3.uberns.org
DNS records live
- NS
-
- a1.uberns.com
- b1.uberns.com
- MX
-
- 0 robinhood-org.mail.protection.outlook.com
- TXT
-
Show 15 TXT records
openai-domain-verification=dv-egpyFaHZEizmzYxyvW9lNzaianthropic-domain-verification-zsh0jv=qvOAwsv8Udjaj616znUh3zNoXgoogle-site-verification=Spf7LazZJlnRcg7TEwNc0E-5-GcRJp00HQnHcD5UmWAnotion-domain-verification=UuLhQagwEqS9jkZiskdFvijVfxBSrM5N8VQoOiloGR0_xhj3k2k6m6z1p35c1d15gvahd5t34ik-NOTE--ForDigiCertDomainValidation-2025-12-TCHPfH11B80cdBOZVAWtpq0r3zzNHPguntFPXq3Cb4sWGwcidRteEKYJikKFyd0G5yYcEI0pRSshRuxDdeoroFy0g==nnWMhAQkBR6YhDXC2Zutp6ok9uLQZIzPqGhvCJMVeO7oTWoGW3MhcJqSt5pXCulf2OPM4GM73Jp5oINRLMG22A==adobe-idp-site-verification=1388a737af425695561c4a36c6f94f705768b33ecf04223b294f56bb1dc36a50MS=ms57948386_xhj3k2k6m6z1p35c1d15gvahd5t34ikbb2bc0d3c63d408698c82a6a13ab9d78ibmid= db5c67e8-62ee-4fbb-8683-c08a451400e0intacct-esk=5B22415BD7DDB1FFE0538C06A8C05760docusign=5b24caa0-0504-4ced-9bf5-777a4c49a5c4amazonses:ROO0l8XPmDMNfb509Yp9ZQ+Zyt0zmS7Kljnm8dNJz/w=
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com include:_spf.robinhood_org._d.easydmarc.pro -allstrict (-all) - DMARC
-
v=DMARC1;p=reject;pct=100;rua=mailto:d0c6ccf759@rua.easydmarc.us;ruf=mailto:d0c6ccf759@ruf.easydmarc.us;ri=86400;fo=1;policy: reject (enforced) - DKIM
-
- selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIQmUUidZatNg7KIxYJ1HxqhRBTAEDonrbg8BfZa4xsm3rELgkl9Vx1y76RtASMdaUhZPW2k3GqR34WuzyXD… - k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo… - dkim:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDzpFrEAH9dbkLukLvwesHGWRDc+JCBkvzQYTpptOR+uz4brRd1V8VDPHPpQH7wRvNMhVh/LhTkPMBXtpJjeedqU2rfDl…
selectors probed - selector2:
Certificate (current)
R13
Expires in 29 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN, SAMEORIGIN- permissions-policy
geolocation=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.googleadservices.com *.googlesyndication.com *.doubleclick.net *.twitter.com *.facebook.com *.facebook.net *.linkedin.com *.licdn.com *.instagram.com *.youtube.com *.youtu.be *.vimeo.com *.acast.com *.typekit.net *.cookiebot.com *.clarity.ms *.bing.com *.bing.net *.robinhood.org *.givechariot.com *.dwcdn.net *.datawrapper.de *.redditstatic.com *.reddit.com *.stackadapt.com; style-src 'self' 'unsafe-inline' *.googleapis.com forms.robinhood.org *.stackadapt.com; img-src 'self' https: data:; font-src 'self' data:; object-src 'none'; base-uri 'self'; frame-src 'self' *.twitter.com *.vimeo.com *.youtube.com *.youtu.be *.acast.com *.google.com *.googleapis.com *.googletagmanager.com *.facebook.com *.facebook.net *.linkedin.com *.instagram.com *.cookiebot.com *.dafpay.com *.dwcdn.net *.datawrapper.de; connect-src- strict-transport-security
max-age=15768000; includeSubDomains