supernaut.info

HTML metadata

Title

supernaut » Francesca Aisha Iwa d’Ath blogging & stuff

Description

supernaut. Francesca Aisha Iwa d’Ath blogging on dance, theatre, performance, art, books, museums, stuff & things, in Berlin, forests, airports, & elsewhere.

Language

en-AU

Canonical

https://supernaut.info/

Feeds

supernaut » Feed RSS

Open Graph

url: https://supernaut.info/
title: supernaut » Francesca Aisha Iwa d’Ath blogging & stuff
locale: en_GB
site name: supernaut
description: supernaut. Francesca Aisha Iwa d’Ath blogging on dance, theatre, performance, art, books, museums, stuff & things, in Berlin, forests, airports, & elsewhere.

Technology

Server: Apache
CMS: WordPress

Social

Contact

Email

frances@supernaut.info

Registration

Registrar

DreamHost, LLC

Created

2005-12-24

Expires

2026-12-24 217 days left

Updated

2025-11-27

Name servers

ns1.dreamhost.com
ns2.dreamhost.com
ns3.dreamhost.com

DNS records live

NS

ns1.dreamhost.com
ns2.dreamhost.com
ns3.dreamhost.com

MX

0 mx1.mailchannels.net
0 mx2.mailchannels.net

Email authentication partial

SPF: v=spf1 mx include:netblocks.dreamhost.com include:relay.mailchannels.net -all
strict (-all)
DMARC: v=DMARC1;p=none;sp=none;pct=100;rua=mailto:dmarc_agg@supernaut.info;ruf=mailto:dmarc_forensic@supernaut.info;ri=86400;aspf=s;adkim=s;fo=1
policy: none (monitoring only) · sp=none
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-05-09 to 2026-08-07

Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://supernaut.info/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), clipboard-read=(self), clipboard-write=(self), display-capture=(), document-domain=*, encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(self), identity-credentials-get=(self), idle-detection=(self), local-fonts=(self), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=(self), publickey-credentials-create=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), speaker-selection=(), storage-access=(), usb=(), web-share=(self), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.supernaut.info; worker-src blob:; child-src 'self' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be *.youtube-nocookie.com; font-src 'self' data:; frame-src 'self' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be *.youtube-nocookie.com; img-src 'self' 'unsafe-inline' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be *.youtube-nocookie.com data:; manifest-src 'self'; media-src 'self' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be *.youtube-nocookie.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.supernaut.info *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be *.youtube-nocookie.com; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' *.supernaut.info *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be *.youtube-nocookie.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.supernaut.info *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be *.youtube-nocookie.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vimeo.com *.vimeocdn.com *.
strict-transport-security: max-age=16070400; includeSubDomains; preload

Links to (2)

bsky.app×1
wikipedia.org×1

Linked from (1)

francesdath.info×1