eckert-spd.de
HTML metadata
Technology
- CDN
- Amazon CloudFront
- CMS
- WordPress
Social
Registration
- Updated
- 2024-04-24
- Name servers
-
- ns-1475.awsdns-56.org.
- ns-1722.awsdns-23.co.uk.
- ns-409.awsdns-51.com.
- ns-901.awsdns-48.net.
DNS records live
- NS
-
- ns-1475.awsdns-56.org
- ns-1722.awsdns-23.co.uk
- ns-409.awsdns-51.com
- ns-901.awsdns-48.net
- MX
-
- 10 mail.barracuda.de
Email authentication weak
- SPF
-
v=spf1 include:spf.barracuda.de -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M01
Expires in 174 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self'; default-src 'self' https://civolve.ai data: blob:; base-uri 'self'; script-src * 'unsafe-eval' 'unsafe-inline'; style-src * 'unsafe-inline'; img-src * data:; font-src 'self' *.gstatic.com *.embedly.com static.spd.de https://civolve.ai data:;connect-src 'self' https://civolve.ai *.reddit.com *.akamaihd.net *.spoe.at rose.spoe.at *.google-analytics.com google-analytics.com www.facebook.com altruja.de *.altruja.de dataservices.spd.de; media-src * blob: data: 'self'; object-src 'self'; frame-src * ; manifest-src 'self'; worker-src 'self' blob: data: ; form-action *; upgrade-insecure-requests; block-all-mixed-content;- strict-transport-security
max-age=31536000;