fixi.de
HTML metadata
Technology
- Server
- Microsoft-IIS
Registration
- Updated
- 2024-02-26
- Name servers
-
- auth01.dns.trueserver.nl.
- auth02.dns.trueserver.nl.
- auth03.dns.trueserver.nl.
DNS records live
- NS
-
- auth01.dns.trueserver.nl
- auth02.dns.trueserver.nl
- auth03.dns.trueserver.nl
- ns3.combell.net
- ns4.combell.net
- MX
-
- 0 fixi-de.mail.protection.outlook.com
- TXT
-
MS=ms69711184
Email authentication weak
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 297 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
Header values
- referrer-policy
origin- permissions-policy
camera=(self), microphone=(self), geolocation=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline'; img-src * data: blob:; font-src 'self' https://fonts.gstatic.com; script-src 'self' data: 'unsafe-inline' https://www.google-analytics.com https://maps.googleapis.com https://az416426.vo.msecnd.net https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; connect-src 'self' https://dc.services.visualstudio.com https://fixitextclassificationdev1.azurewebsites.net https://graph.facebook.com https://www.facebook.com https://*.google-analytics.com https://maps.googleapis.com https://fixidev.blob.core.windows.net https://fixiteuwstg.blob.core.windows.net https://fixibeta.blob.core.windows.net https://fixi2.blob.core.windows.net; frame-ancestors 'self' https://testkcs.nederweert.local https://prodkcs.nederweert.local http://jkctest.ggorinchem.nl http://jkc.ggorinchem.nl https://wijdemeren-jkc-acc.decosasp.com https://wijde- strict-transport-security
max-age=31536000