videoscribe.co
videoscribe.co
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- AmazonS3
- CMS
- Joomla
- Social widgets
-
- Vimeo Embed
Third-party hosts loaded (3)
- cdn.sanity.io×18
- player.vimeo.com×1
- widget.reviews.io×1
Contact
- Phone
- Address
- Unit 1.2 Temple Studios, BS1 6QA, Temple Gate, Bristol, England
DNS records live
- NS
-
- ns-1130.awsdns-13.org
- ns-1734.awsdns-24.co.uk
- ns-496.awsdns-62.com
- ns-847.awsdns-41.net
- MX
-
- 10 aspmx.l.google.com
- 20 alt1.aspmx.l.google.com
- 30 alt2.aspmx.l.google.com
- 40 alt3.aspmx.l.google.com
- 50 alt4.aspmx.l.google.com
- TXT
-
mandrill_verify.5-bkWUk8tEqadYmppdS38gpaddle-verification=8b83e1ff
- Verified for
-
Email authentication partial
- SPF
-
v=spf1 include:_spf.google.com include:5474140.spf01.hubspotemail.net -allstrict (-all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M01
Expires in 256 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src * data: blob: 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; worker-src 'self' blob:; style-src * data: blob: 'unsafe-inline';- strict-transport-security
max-age=63072000- content-security-policy-report-only
default-src * data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval';worker-src 'self' blob:; style-src * data: blob: 'unsafe-inline';
Links to (2)
- sparkol.com×1
- awin.com×1