energiesammler.at
HTML metadata
Technology
- Server
- nginx
DNS records live
- NS
-
- ns1-35.azure-dns.com
- ns2-35.azure-dns.net
- ns3-35.azure-dns.org
- ns4-35.azure-dns.info
- TXT
-
2chlgbpjht002m30cst5ardpec
Email authentication no MX
- SPF
-
v=spf1 -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; pct=100; sp=reject;rua=mailto:dmarc@esn.at; ruf=mailto:dmarc@esn.at; fo=1; ri=259200policy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 35 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' localhost https://login.e-steiermark.com https://*.usercentrics.eu https://*.googletagmanager.com https://*.google-analytics.com; base-uri 'self'; img-src * data:; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.usercentrics.eu https://*.googletagmanager.com https://*.google-analytics.com 'sha256-B1QRPXNnjBoUXFdMzOaRp3JCdYY5tbnxPY6KDzhtDsY='; font-src 'self' data:; frame-ancestors 'none';- strict-transport-security
max-age=31536000; includeSubDomains