soccerbible.com
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- blobsoccerbibleprod.blob.core.windows.net×11
- www.googletagmanager.com×1
Social
Contact
DNS records live
- NS
-
- ns63.domaincontrol.com
- ns64.domaincontrol.com
- MX
-
- 0 soccerbible-com.mail.protection.outlook.com
- TXT
-
MS=ms17593458MS=ms92651784v=spf1 include:spf.protection.outlook.com -all
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 236 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
upgrade-insecure-requests; default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; worker-src 'self' blob: https:; connect-src 'self' https://cdn.jsdelivr.net https://js.monitor.azure.com https://www.googletagmanager.com https://www.google-analytics.com https://kit.fontawesome.com https://blobsoccerbibleprod.blob.core.windows.net https://connect.facebook.net https://www.facebook.com https://www.instagram.com https://www.x.com https://www.twitter.com https://open.spotify.com https://w.soundcloud.com https://az416426.vo.msecnd.net wss://*.hotjar.com blob: data: https:;- strict-transport-security
max-age=10886400; preload