upfit.io
upfit.io
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Next.js
DNS records live
- NS
-
- ns-1253.awsdns-28.org
- ns-1769.awsdns-29.co.uk
- ns-46.awsdns-05.com
- ns-517.awsdns-00.net
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- Verified for
-
- Brevo
Email authentication strong
- SPF
-
v=spf1 redirect=upfit.deno all qualifier - DMARC
-
v=DMARC1; p=quarantine; rua=mailto:rua@dmarc.brevo.com,mailto:spam@upfit.de; pct=100; adkim=r; aspf=rpolicy: quarantine - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCRPUIxhX+4v8GnHZpNzK1JkFeMo9mXypjBc9V1c/z+Lbrmr4V5r7JGLJity0HvQp6eiglQKIWX1TvH2RFYWf… - mail:
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed - google:
Certificate (current)
WE1
Expires in 62 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
camera=(), geolocation=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net; worker-src 'self' blob: https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' https: wss:; frame-src 'self' https:; media-src 'self' https: blob:
Links to (7)
- upfit.de×4
- google.com×2
- facebook.com×2
- instagram.com×2
- pinterest.de×2
- youtube.com×2
- disq-trust.de×1
Linked from (1)
- upfit.de×4