frm-united.de
frm-united.de
HTML metadata
Technology
- Server
- Apache
Third-party hosts loaded (4)
- cn.frm-united.com×1
- jp.frm-united.com×1
- kr.frm-united.com×1
- tr.frm-united.com×1
Social
Contact
- Phone
Registration
- Updated
- 2023-01-20
- Name servers
-
- dora.ns.cloudflare.com.
- george.ns.cloudflare.com.
DNS records live
- NS
-
- dora.ns.cloudflare.com
- george.ns.cloudflare.com
- MX
-
- 10 mail.luka.de
- TXT
-
google-site-verification=qKQNg9738Cyb1EgDA8fifzg7SjnGQvIYRvvf9VI0r-M
Email authentication partial
- SPF
-
v=spf1 a:smtp3.luka.de a a:smtp2.luka.de ip4:88.130.232.138 mx -allstrict (-all) - DMARC
-
v=DMARC1; p=nonepolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 81 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin- x-content-type-options
nosniff, nosniff- content-security-policy
default-src 'none'; script-src 'self' blob: 'unsafe-inline' https://matomo.newn.it/matomo.js https://code.jquery.com/jquery-3.7.1.min.js js.zi-scripts.com tags.clickagy.com; style-src 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://matomo.newn.it js.zi-scripts.com aorta.clickagy.com hemsync.clickagy.com; font-src 'self' data:; frame-src 'self' hemsync.clickagy.com *.google.com; form-action 'self'; frame-ancestors 'self'; img-src 'self' data:; manifest-src 'self'; media-src 'self';- strict-transport-security
max-age=63072000; includeSubDomains