guete-fmb.de
HTML metadata
Technology
- CMS
- Gatsby
Contact
Registration
- Updated
- 2018-09-11
- Name servers
-
- ns1082.ui-dns.biz.
- ns1082.ui-dns.com.
- ns1082.ui-dns.de.
- ns1082.ui-dns.org.
DNS records live
- NS
-
- ns1082.ui-dns.biz
- ns1082.ui-dns.com
- ns1082.ui-dns.de
- ns1082.ui-dns.org
- MX
-
- 10 mx00.ionos.de
- 10 mx01.ionos.de
Email authentication partial
- SPF
-
v=spf1 include:_spf-eu.ionos.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 62 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self' https://*; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*; style-src 'self' 'unsafe-inline' https://*; img-src 'self' data: blob: https://*; worker-src 'self' blob:; font-src 'self' data: https://*; connect-src 'self' webpack: https://*;- strict-transport-security
max-age=31536000;