grammatip.de
HTML metadata
Technology
- Server
- nginx
Contact
Registration
- Updated
- 2016-09-23
- Name servers
-
- ns1.ordbogen.com.
- ns2.ordbogen.com.
DNS records live
- NS
-
- ns1.ordbogen.com
- ns2.ordbogen.com
- MX
-
- 10 mail.ordbogen.com
- TXT
-
google-site-verification=u610u2HMtQkXtD90vppSJPrxMGd0tK2ps3huBOgcyww
Email authentication partial
- SPF
-
v=spf1 mx ip4:185.245.8.10 ip4:185.245.9.10 include:servers.mcsv.net include:47965847.spf07.hubspotemail.net ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; rua=mailto:bnxeiwc3@ag.dmarcian.com; ruf=mailto:bnxeiwc3@fr.dmarcian.com;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 76 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'self'; frame-src *.ordbogen.com www.youtube.com *.youtube-nocookie.com *.cloudfront.net www.openstreetmap.org; script-src 'self' analytics.grammatip.com *.google.com ajax.googleapis.com 'unsafe-eval' 'unsafe-inline'; connect-src 'self' analytics.grammatip.com *.ordbogen.com; img-src 'self' analytics.grammatip.com data: https:; font-src 'self' fonts.gstatic.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; media-src 'self' audio.grammatip.com *.cloudfront.net;