youcoach.it

HTML metadata

Technology

Server

nginx

CMS

Drupal

PHP

7.1.33 end of life

Analytics

• Google Tag Manager

Third-party hosts loaded (6)

• www.gstatic.com×3
• accounts.google.com×1
• pro.fontawesome.com×1
• www.facebook.com×1
• www.googletagmanager.com×1
• www.w3.org×1

Social

• instagram
• linkedin
• youtube
• facebook

DNS records live

NS

• dns100.ovh.net
• ns100.ovh.net

MX

• 1 aspmx.l.google.com
• 10 alt3.aspmx.l.google.com
• 10 alt4.aspmx.l.google.com
• 5 alt1.aspmx.l.google.com
• 5 alt2.aspmx.l.google.com

TXT

• linkedin-site-verification=da4c95c6-5a77-48b6-a76a-3c4da93b8a6c

Verified for

• Google

Email authentication strong

SPF

v=spf1 include:mx.ovh.com a mx ptr include:_spf.google.com include:musvc.com include:mailgun.org ~all

softfail (~all)

DMARC

v=DMARC1;p=quarantine;sp=reject;aspf=s;

policy: quarantine · sp=reject

DKIM

• default: v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDc83badQ4/Qen16kdPOp9McZj8CLqsk/ibhz186qx++Q/DeDWDiwCyt29yQsIyHNdm3Q0ApK2M4HGoLUOHwTDfXJehh…
• google: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMP8dSR2lgozS2p7oK/SaDhF945wprm9Bz5afuAM8HyAfNohvSxhmkKKobou/RVZ2ET6dnGxjOVD6oj4…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.youcoach.it/

present

• x-frame-options
• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• missing Referrer Policy
• missing Permissions Policy

Links to (6)

• youtube.com×1
• linkedin.com×1
• instagram.com×1
• google.com×1
• facebook.com×1
• apple.com×1

Linked from (1)

• myaiac.it×1