indexo.dev

wmaonline.com

.com crawl

First seen 2026-05-01 · Last seen 2026-05-20 · ok HTTP/1.1 200 2367 ms crawled 2026-05-08

US · 35.169.167.123 · AS14618 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
HOME - WMA eCommerce

Technology

CMS
Joomla

Third-party hosts loaded (3)

  • ajax.googleapis.com×2
  • ajax.aspnetcdn.com×1
  • ignifyecom.s3.amazonaws.com×1

Social

Registration

Registrar
Network Solutions, LLC
Created
2006-07-03
Expires
2033-07-03 2600 days left
Updated
2025-02-10
Name servers
  • ns17.worldnic.com
  • ns18.worldnic.com

DNS records live

NS
  • ns17.worldnic.com
  • ns18.worldnic.com
MX
  • 0 wmaonline-com.mail.protection.outlook.com
TXT
  • ANnMPUZK25GEOALy9IWxrQ==
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MWUiKMOM91fCHtmKZyxXmyXfRasOTXR1prxwf+UmvogRIYniDcCh9RI9O9V9MloI3rUBJeezooFSH…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

Network Solutions RSA OV SSL CA 3
from 2025-06-09 to 2026-07-11
Expires in 51 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.wmaonline.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://siffron.com/; script-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://cdn.optimizely.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://bat.bing.com
strict-transport-security
max-age=31536000; includeSubDomains

Links to (4)

Linked from (1)