cibtvisas.at
HTML metadata
Technology
- CDN
- Cloudflare
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (5)
- fonts.googleapis.com×2
- www.googletagmanager.com×2
- ajax.googleapis.com×1
- bat.bing.com×1
- fonts.gstatic.com×1
Social
DNS records live
- NS
-
- jamie.ns.cloudflare.com
- nolan.ns.cloudflare.com
- MX
-
- 0 cibtvisas-at.mail.protection.outlook.com
- TXT
-
Show 6 TXT records
2ql77v23bfn9r7cor41g3eetqfMS=ms60281858google-site-verification=mSlq3hsMSab3a7y_n2sRoVLWbNUx_B-L5labgQ44VyAknowbe4-site-verification=63912bacc19f4df6aa5fc58f1be156c0o9sti77550jmj5427s0m4j5r5d138njek8f7u4s980q4nl8kh0av
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com ip4:208.185.248.2 ip4:208.185.245.243 ip4:208.185.245.244 ip4:208.185.245.242 ip4:83.125.30.3 ip4:83.125.30.5 ip4:83.125.30.242 ip4:83.125.30.243 ip4:83.125.30.244 -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:42d2557a2906367@rep.dmarcanalyzer.com; ruf=mailto:42d2557a2906367@for.dmarcanalyzer.com; fo=1;policy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLQqXi0LpplzK4nWAVZRxgyX/w8hK/Q9BrqfksZnKfMcfyabhaLOvwh5rsx9dTfX/8ta/9qKreL6DR… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8iG4GF4w6ETKVg1vbdfYE5no+vfrWkccCdlYs8lhktTn1JACsMyK/9/AiWwQntQyal/c3kaaogLY83…
selectors probed - selector1:
Certificate (current)
WE1
Expires in 41 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
default-src * 'self' 'unsafe-inline'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https://acsbapp.com/ https://*.googleapis.com/ https://bat.bing.com/ https://*.quantummetric.com/ https://*.osano.com/ https://*.doubleclick.net/ https://*.google-analytics.com/ https://www.googletagmanager.com/ https://*.google.com https://*.google.co.uk https://js.stripe.com/ https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com https://cdn.lr-in-prod.com https://cdn.lr-ingest.com https://cdn.ingest-lr.com https://cdn.lr-intake.com https://cdn.intake-lr.com https://cdn.logr-ingest.com https://cdn.lrkt-in.com https://cdn.lgrckt-in.com/ blob: 'unsafe-inline' 'unsafe-eval' 'self'; frame-ancestors 'self'; form-action *; font-src https://fonts.gstatic.com/ https://*.acsbapp.com 'self' data:; img-src www.googletagmanager.com https://*.acsbapp.com https://www.facebook.com https://*.bing.com https://*.google.com https://*.google.co.uk https://*.google.co.in https://*.google.rs https://*.- strict-transport-security
max-age=15724800; includeSubDomains