duria.de
duria.de
HTML metadata
Technology
- Server
- Apache
Social
Contact
Registration
- Updated
- 2015-05-29
- Name servers
-
- mail.duria.de.
- www.duria.de.
DNS records live
- NS
-
- mail.duria.de
- www.duria.de
- MX
-
- 10 mail.duria.de
- 20 mail2.duria.de
Email authentication weak
- SPF
-
v=spf1 ip4:212.16.235.138 ip4:88.198.17.131 ip6:2a01:4f8:130:1030::2 a ?allneutral (?all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 209 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak content type protection
- missing Permissions Policy
Header values
- referrer-policy
origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff, nosniff- content-security-policy
default-src 'self' *.duria.de mail.duria.de:27070 https://cache.someoner.de/ https://hcaptcha.com https://*.hcaptcha.com data: 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://hcaptcha.com https://*.hcaptcha.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://ajax.googleapis.com https://fonts.googleapis.com ; frame-src 'self' 'unsafe-inline' *.duria.de https://hcaptcha.com https://*.hcaptcha.com https://www.google.com/recaptcha/ https://www.google.com/maps/ https://www.youtube.com/embed/ ; style-src 'self' 'unsafe-inline' https://hcaptcha.com https://*.hcaptcha.com- strict-transport-security
max-age=31536000; includeSubDomains