fmv.ch
fmv.ch
HTML metadata
Technology
- Server
- Apache
- CMS
- WordPress
- jQuery
- 3.7.1
- Fonts
-
- Google Fonts
Third-party hosts loaded (2)
- cdnjs.cloudflare.com×2
- fonts.gstatic.com×2
Social
Contact
- Phone
DNS records live
- NS
-
- nsany1.infomaniak.com
- nsany2.infomaniak.com
- MX
-
- 10 fmv-ch.mail.protection.outlook.com
- TXT
-
Show 4 TXT records
gxtauOyTgbnA+icQKTT8yQjD8FThWiwOpd4eGfJZ1Io=aou2h0ahd04khgna6332jfvan0A/pn+eVNnkVl1tXpErhqJ19EB1JNTalWt964kzswE/o=domain.zoho.com
- Verified for
-
- Atlassian
Email authentication strong
- SPF
-
v=spf1 ip4:213.221.132.43 ip4:217.192.94.228 ip4:194.12.16.82 ip4:213.221.152.92 ip4:185.237.24.145 include:spf.protection.outlook.com include:eu.zcsend.net -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; pct=100; rua=mailto:dmarc.rua@fmv.ch,mailto:hxqmxu40nx@rua.powerdmarc.com; ruf=mailto:dmarc.ruf@fmv.ch,mailto:hxqmxu40nx@ruf.powerdmarc.com; sp=reject; aspf=r; adkim=r; fo=1;policy: reject (enforced) · sp=reject - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC73q/Cn9mFVJ9TCgKNtuy8oUPQwCf74YGSuCYjYhAg0vyTVkkZpngCnh65igM6T8GisZ8AdwCrvvnPh/Lg6… - selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCTuhZdFC3tI45accG1x+ljraR1xGF4GB0Riuizj9yk0ZCGwxf9piI2OdnCBp/BbLS5X8p7qh70QIhXkkkhDy…
selectors probed - selector1:
Certificate (current)
R12
Expires in 59 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- weak content type protection
Header values
- referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN, SAMEORIGIN- permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()- x-content-type-options
nosniff, nosniff- content-security-policy
frame-ancestors 'self';, default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdnjs.cloudflare.com https://maps.googleapis.com https://www.googletagmanager.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.sharethis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https://maps.gstatic.com https://mapsresources-pa.googleapis.com https://secure.gravatar.com https://*.sharethis.com; connect-src 'self' https://maps.googleapis.com https://*.google-analytics.com https://region1.google-analytics.com https://www.google.com https://*.sharethis.com https://ai.elegantthemes.com; frame-ancestors 'none'; frame-src 'self' https://www.google.com; upgrade-insecure-requests;- strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload- cross-origin-opener-policy
unsafe-none, unsafe-none- cross-origin-embedder-policy
unsafe-none; report-to='default', unsafe-none; report-to='default'- cross-origin-resource-policy
cross-origin, cross-origin