gbw.at
HTML metadata
Technology
- Server
- Apache
Third-party hosts loaded (2)
- mt.smdm.at×2
- cloud.typography.com×1
Social
Contact
DNS records live
- NS
-
- ns1.hosting.juicecom.at
- ns2.hosting.juicecom.at
- MX
-
- 10 mailflow.gruene.at
Email authentication strong
- SPF
-
v=spf1 mx ip4:109.70.101.174 ip4:109.70.101.175 ip4:109.70.101.170 include:_spf.hosting.juicecom.at include:_spf.emaillabs.co -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantinepolicy: quarantine - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 80 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'nonce-LVqj2-FDZUYRFjyVnAtTEmBlqj8lWJiM2c2l0Hz5wCFuqCzihhgdyw' https://*.smdm.at 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.openstreetmap.org https://*.vimeo.com https://vimeo.com https://youtube.com https://*.youtube.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https://www.google.com; script-src-elem 'self' 'nonce-LVqj2-FDZUYRFjyVnAtTEmBlqj8lWJiM2c2l0Hz5wCFuqCzihhgdyw' 'report-sample' 'unsafe-inline' inline https://youtube.com https://*.youtube.com https://respond.gruene.at; worker-src blob: 'report-sample'; font-src 'self' data:; connect-src 'self' https://*.friendlycaptcha.eu https://*.smdm.at https://respond.gruene.at; style-src-elem 'self' 'report-sample' 'unsafe-inline' *.studiomitte.ddev.site *.studiomitte.com https://cloud.typography.com; report-uri https://www.gbw.at/@http-reporting?csp=report&requestTime=1779298748861
Links to (8)
- facebook.com×1
- freda.at×1
- gras.at×1
- gruene-akademie.at×1
- gruene.at×1
- instagram.com×1
- t.me×1
- youtube.com×1