c3w.at
c3w.at
HTML metadata
Technology
- Server
- nginx
- CMS
- Hugo 0.140.2
Social
DNS records live
- NS
-
- ns1.easyname.eu
- ns2.easyname.eu
- MX
-
- 23 dergeraet.c3w.at
Email authentication strong
- SPF
-
v=spf1 mx ip4:78.41.115.160/32 a:dergeraet.c3w.at -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; sp=none; aspf=s; rua=mailto:dmarc-rua@c3w.at!10m; ruf=mailto:dmarc-ruf@c3w.at!10m; rf=afrf; pct=100; ri=604800policy: quarantine · sp=none - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 31 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
no-referrer- x-frame-options
DENY- permissions-policy
geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; media-src 'self' blob:; object-src 'none'; prefetch-src 'none'; child-src 'self' blob:; frame-src 'none'; worker-src 'none'; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; sandbox allow-forms allow-same-origin allow-scripts allow-popups- strict-transport-security
max-age=31536000; includeSubDomains; preload
Links to (3)
- metalab.at×1
- gohugo.io×1
- github.com×1