songstats.com
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Gatsby
- Analytics
-
- Cloudflare Insights
Third-party hosts loaded (1)
- static.cloudflareinsights.com×1
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 2019-12-17
- Expires
- 2029-12-17 1306 days left
- Updated
- 2026-02-07
- Name servers
-
- lana.ns.cloudflare.com
- sullivan.ns.cloudflare.com
DNS records live
- NS
-
- lana.ns.cloudflare.com
- sullivan.ns.cloudflare.com
- MX
-
- 10 aspmx.l.google.com
- 20 alt1.aspmx.l.google.com
- 30 alt2.aspmx.l.google.com
- 40 aspmx2.googlemail.com
- 50 aspmx3.googlemail.com
- TXT
-
lp0mnmbfw52sx6sqxrdsl50b8vrtqkfx
- Verified for
-
- Apple
- Meta
- Yandex
Email authentication strong
- SPF
-
v=spf1 include:sendgrid.net include:_spf.google.com include:ispgateway.de include:amazonses.com ip4:51.79.80.173 ip4:51.79.76.101 ip4:192.99.62.177 ip4:148.113.199.204 ip4:144.217.183.113 ip6:2607:5300:60:9fb1:: -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:2c08d81fcb4a47a99d70514fbb3770ca@dmarc-reports.cloudflare.net,mailto:w68gotvq@ag.ap.dmarcian.com; ruf=mailto:w68gotvq@fr.ap.dmarcian.com; fo=1; pct=100;policy: reject (enforced) - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPZnpz8WAy6lsT3bRx6teHnfjBa0RTk2TjG/nv1tQ5jyVu7cm2DTd3RNvbAezNVoq1licC9gxuESVa… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0+8PFa1sfrKK+vqUO9HBi9WXezuwQ+0cISVIqQEFbY2YhBXpQIOoskoGmva3awA+xjzwEV0KsThtOVyf+… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKciNs0z7BtvxdASSs4I4tvGiJP+KuXg+1i5+vSS8yXkUkbqcN4oQb2PdCnFatCoV+r/UU7yRAZN0rBaSNaQIxFt…
selectors probed - google:
Certificate (current)
WE1
Expires in 47 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- weak content type protection
Header values
- referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN, SAMEORIGIN- permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(self),clipboard-write=(self),fullscreen=(),geolocation=(),gyroscope=(),hid=(),magnetometer=(),microphone=(),payment=(self "https://js.stripe.com"),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=()- x-content-type-options
nosniff, nosniff- content-security-policy
default-src 'self' data.songstats.com; img-src * data: blob:; script-src 'self' 'wasm-unsafe-eval' 'unsafe-inline' https://appleid.cdn-apple.com https://static.cloudflareinsights.com https://unpkg.com https://www.redditstatic.com https://js.stripe.com https://www.paypal.com https://www.paypalobjects.com https://*.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.google-analytics.com http://www.googleadservices.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://*.onesignal.com https://onesignal.com https://js-cdn.music.apple.com https://analytics.tiktok.com; frame-src https://songstats.com https://js.stripe.com https://www.facebook.com https://www.youtube-nocookie.com https://www.youtube.com https://bid.g.doubleclick.net https://td.doubleclick.net https://www.paypal.com https://www.paypalobjects.com https://accounts.google.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://onesignal.com https://f- strict-transport-security
max-age=0; includeSubDomains; preload