xpress.tech

.tech crawl

First seen 2026-04-30 · Last seen 2026-04-30 · ok HTTP/1.1 200 1401 ms crawled 2026-05-08

IE · 34.250.252.7 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

sector gambling type homepage

HTML metadata

Title

Xpress Tech | Your ultimate casino connection

Description

Our aggregation platform will seamlessly integrate the industry’s top gaming providers into your business.

Language

Canonical

https://xpress.tech

Translations

Open Graph

url: https://xpress.tech
title: Xpress Tech | Your ultimate casino connection
locale: en
site name: Xpress Tech
description: Our aggregation platform will seamlessly integrate the industry’s top gaming providers into your business.

Technology

Server: nginx

Analytics

Google Analytics
Google Tag Manager
Microsoft Clarity

Third-party hosts loaded (3)

www.clarity.ms×2
www.google-analytics.com×2
www.googletagmanager.com×2

Contact

Phone

+356 99 33 44 39

DNS records live

NS

ns-1001.awsdns-61.net
ns-1260.awsdns-29.org
ns-14.awsdns-01.com
ns-1720.awsdns-23.co.uk

MX

Show 6 MX records

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
15 ibake7h5ow7lawkkfdflpkwd6youjwwb57og5xfb5yuofy4nes5a.mx-verification.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

google-site-verification=WQnqW2iTMa5kfwCVTFtKIUAab_qqz68Ab0a0OfD4mBY

Email authentication weak

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

from 2026-03-04 to 2026-06-02

Expires in 14 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://xpress.tech/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: fullscreen=(self "https://www.youtube.com"), gyroscope=(self "https://www.youtube.com"), geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), payment=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'nonce-BJE1UMmv61FE3RYDUqhDjqosicmg3EfT' 'unsafe-inline' 'strict-dynamic' https://www.googletagmanager.com https://www.google-analytics.com https://www.clarity.ms https://www.facebook.com https://connect.facebook.net https://www.linkedin.com https://snap.licdn.com https://embed.tawk.to https://www.youtube.com https://static.cloudflareinsights.com https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.tiny.cloud; img-src 'self' data: https: blob:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https: wss://*.tawk.to https://www.facebook.com https://www.linkedin.com https://www.clarity.ms https://embed.tawk.to https://cloudflareinsights.com; frame-src 'self' https://*.youtube.com https://*.google.com https://*.doubleclick.net https://*.facebook.com https://*.linkedin.com https://www.googletagmanager.com https://www.clarity.ms https://embed.tawk.to https://challenges.cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin

Links to (2)

enable-javascript.com×1
softquo.com×1

Linked from (1)

chimeraspin.com×1