thorbiq.io
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- AmazonS3
DNS records live
- NS
-
- ns-1338.awsdns-39.org
- ns-1558.awsdns-02.co.uk
- ns-445.awsdns-55.com
- ns-838.awsdns-40.net
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- Verified for
-
Email authentication weak
- SPF
-
v=spf1 include:_spf.transip.email ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M03
Expires in 85 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' https://cdn.thorbiq.io; connect-src 'self' https://api.eu.thorbiq.io https://api.aus.thorbiq.io https://api.thorbiq.io wss://io.eu.thorbiq.io wss://io.aus.thorbiq.io wss://io.thorbiq.io https://io.thorbiq.io https://io.aus.thorbiq.io https://sentry.io https://cdn-cookieyes.com https://directory.cookieyes.com https://log.cookieyes.com https://s3-eu-west-1.amazonaws.com https://s3.eu-west-1.amazonaws.com *.eu.thorbiq.io https://www.google-analytics.com https://consentcdn.cookiebot.com https://region1.google-analytics.com https://thorbiq-manufacturer-pdf-cache.s3.eu-west-3.amazonaws.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' 'unsafe-inline' https://cdn.thorbiq.io https://cdn-cookieyes.com https://consent.cookiebot.com https://www.googletagmanager.com https://www.google-analytics.com/analytics.js https://consentcdn.cookiebot.c- strict-transport-security
max-age=31536000