encr.eu
HTML metadata
Technology
- CMS
- Drupal
Third-party hosts loaded (1)
- webtools.europa.eu×1
DNS records live
- NS
-
- dns1.level27.eu
- dns2.level27.eu
- dns3.level27.net
- MX
-
- 10 smtp01.level27.be
- 20 smtp02.level27.be
Email authentication weak
- SPF
- not published
- DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
GlobalSign GCC R3 DV TLS CA 2020
Expires in 239 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN, DENY- permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()- x-content-type-options
nosniff- content-security-policy
upgrade-insecure-requests;, default-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' data: https://*.europa.eu https://europa.eu; frame-ancestors 'self' https://*.ec.europa.eu; frame-src 'self' https://*.youtube.com https://*.europa.eu https://europa.eu; media-src 'self'- strict-transport-security
max-age=31536000; includeSubDomains; preload