bauimpulse.app
HTML metadata
Technology
- Server
- Apache
- CMS
- Gatsby
DNS records live
- NS
-
- ns1.dns-parking.com
- ns2.dns-parking.com
- MX
-
- 10 smtp1.tmbp.at
- 20 smtp1.tmbp.at
- TXT
-
_globalsign-domain-verification=Z6puZOrjBjVfokrbordayiITpJcV5za8gUtqFxRT7mapple-domain-verification=fzytG5qH0fDuY4Lf
Email authentication strong
- SPF
-
v=spf1 mx a ip4:82.218.164.128/27 include:spf.protection.outlook.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
GlobalSign GCC R6 AlphaSSL CA 2025
Expires in 200 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'self' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' https://apiv2-bauimpulse.locci.cc https://apiv2.locci.cc https://locci.cc https://chat.locci.cc:1895 https://chat.locci.cc https://cdnimg.locci.cc https://*.picsum.photos/ https://picsum.photos https://sample-videos.com https://login-staging.worldofwienerberger.app https://apiv2-staging.locci.cc https://*.tile.openstreetmap.org https://unpkg.com/leaflet@1.7.1/ http://locciv2-web.tmbp.at https://locidev.tmbp.at https://locciv2-web.tmbp.at https://www.locci.cc data: blob:; connect-src 'self' blob:- strict-transport-security
max-age=31536000; includeSubDomains; preload