dare2care-lernwelt.de
HTML metadata
Technology
- Server
- Apache
Registration
- Updated
- 2024-04-10
- Name servers
-
- ns01.one.com.
- ns02.one.com.
DNS records live
- NS
-
- ns01.one.com
- ns02.one.com
- MX
-
- 10 mx1.pub.mailpod12-cph3.one.com
- 10 mx2.pub.mailpod12-cph3.one.com
- 10 mx3.pub.mailpod12-cph3.one.com
- 10 mx4.pub.mailpod12-cph3.one.com
- Verified for
-
Email authentication weak
- SPF
- not published
- DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - k2:
Certificate (current)
R12
Expires in 57 days
HTTP security headers
- present
-
- content-security-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://use.typekit.net https://*.typekit.net https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://player.vimeo.com https://www.youtube.com https://www.youtube-nocookie.com;style-src 'self' 'unsafe-inline' https://use.typekit.net https://*.typekit.net https://fonts.googleapis.com; font-src 'self' https://use.typekit.net https://*.typekit.net https://fonts.gstatic.com data:; img-src 'self' https://api.dare2care-lernwelt.de https://apilive.bildungsfreaks.de https://i.vimeocdn.com data: blob:; media-src 'self' https://api.dare2care-lernwelt.de https://vimeo.com https://*.vimeo.com https://player.vimeo.com data: blob:; connect-src 'self' https://api.dare2care-lernwelt.de https://player.vimeo.com https://*.vimeo.com https://gmx.us5.list-manage.com;frame-src 'self' https://dare2care-lernwelt.de https://api.dare2care-lernwelt.de https://player.vimeo.com https://vimeo.com https://www.youtube.com https://www.youtube-no