ula.app

HTML metadata

Technology

CDN

Amazon CloudFront

Server

AmazonS3

Social widgets

• YouTube Embed

Third-party hosts loaded (1)

• www.youtube.com×1

Contact

Email

• hello@ula.app
• ushello@ula.app

DNS records live

NS

• ns-1448.awsdns-53.org
• ns-1952.awsdns-52.co.uk
• ns-223.awsdns-27.com
• ns-834.awsdns-40.net

MX

• 1 aspmx.l.google.com
• 10 aspmx2.googlemail.com
• 10 aspmx3.googlemail.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

TXT

Show 7 TXT records

• google-site-verification=z37RAsYONPzZRLtInwflw_HwIt02DmNRvfWHbNk05Pw
• MS=ms30886476
• _github-challenge-uladotapp.ula.app=1e221825b2
• atlassian-domain-verification=GDOaR3dOYttDL53aGDt3iI/iz7MaCee/lChob4aYBD8/O3G6Jozj82daguKySgwO
• google-site-verification=7lwHKGPL7f4bWP3imhhJ7sMdesRIIhjeAHRkmwM12Ts
• google-site-verification=FQnBHNYmoEI56JW1WPsQMElTglYrvPgflLUeL_mX5jA
• google-site-verification=tEvJZNIwM9REyZjas3z8xkOvyuNsYUB5W5KJQXZi8Gg

Email authentication weak

SPF

v=spf1 include:_spf.google.com -all

strict (-all)

DMARC

not published

DKIM

• google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrW8cGtA7+SrlSXrmVj3+/tlWwgIUN/zh9PsirEdsO7ewc8PUoiXeXe54ke2fSvG0IzbLoBdWdLmza…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://ula.app/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Linked from (1)

• saisoncapital.com×1