doris.at
HTML metadata
Technology
- Server
- Microsoft-IIS
- jQuery
- 3.6.0
Third-party hosts loaded (1)
- doris.ooe.gv.at×3
Social
DNS records live
- NS
-
- dns4.telekom.at
- dns5.telekom.at
- ns1.ooe.gv.at
- ns2.ooe.gv.at
- MX
-
- 10 lxli01-003.ooe.gv.at
- 10 lxli01-032.ooe.gv.at
- 10 lxli01-047.ooe.gv.at
- 20 lxli01-001.ooe.gv.at
- TXT
-
18tldtbx5vsx51bftxddsvjc980r7m3v
- Verified for
-
- HARICA
Email authentication partial
- SPF
-
v=spf1 ip4:194.48.60.0/24 ip4:194.48.61.0/24 ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; sp=none; pct=100; adkim=r; aspf=r; rua=mailto:dmarc-reports@ooe.gv.at; ruf=mailto:dmarc-forensic@ooe.gv.at; fo=1policy: none (monitoring only) · sp=none - DKIM
- no key found at common selectors
Certificate (current)
GEANT TLS RSA 1
Expires in 88 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin- content-security-policy
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.doris.at *.doris.eu *.gv.at *.arcgis.com *.landesarchiv-ooe.at *.ooemuseen.at www.pflegeinfo-ooe.at *.cloudflare.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.doris.at *.doris.eu *.gv.at *.arcgis.com *.landesarchiv-ooe.at *.ooemuseen.at *.pflegeinfo-ooe.at; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' blob: *.doris.at *.doris.eu *.gv.at *.arcgis.com *.landesarchiv-ooe.at *.ooemuseen.at *.pflegeinfo-ooe.at *.jquery.com; style-src 'self' 'unsafe-inline' blob: *.doris.at *.doris.eu *.gv.at *.arcgis.com *.landesarchiv-ooe.at *.ooemuseen.at *.pflegeinfo-ooe.at *.cloudflare.com; frame-ancestors *.doris.at *.doris.eu *.gv.at *.arcgis.com *.landesarchiv-ooe.at *.ooemuseen.at *.pflegeinfo-ooe.at
Links to (9)
Linked from (2)
- basemap.at×1
- steyr.at×1