hamsta.de
HTML metadata
Technology
- Server
- nginx
- CMS
- Nuxt
Third-party hosts loaded (1)
- a.storyblok.com×50
Social
Registration
- Updated
- 2024-01-29
- Name servers
-
- a.ns14.net.
- b.ns14.net.
- c.ns14.net.
- d.ns14.net.
DNS records live
- NS
-
- a.ns14.net
- b.ns14.net
- c.ns14.net
- d.ns14.net
- MX
-
- 10 hamsta-de.mail.protection.outlook.com
- TXT
-
knowbe4-site-verification=116724fc23293e4e87fce838698b0d26wTSDbBBumZRaajr8KU4hbeuaircQ2bGAVjycvCqxTVUny32XfbdV0ombknoC8i9/argi5zE2XFkWDsjkk3Qf2Q==
- Verified for
-
- Adobe
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 include:eu.mailgun.org include:_spf.retarus.com include:_spf.daw.de include:inxserver.com include:spf.protection.outlook.com include:spf.eu.exclaimer.net -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc@hamsta.de;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFTj7QQpjhbuEmtOhF6EVeCePCl6mkhT8MhH78uZIu1SLDzDzWQIJPpANzUZb6IcnPQAcTmeMqN9Px…
selectors probed - selector1:
Certificate (current)
E7
Expires in 57 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://api.storyblok.com https://app.storyblok.com https://edge.marker.io https://daw.containers.piwik.pro https://daw.piwik.pro https://s3.eu-west-1.amazonaws.com/marker.sessions.prod/* https://app.marker.io/ https://consent.cookiebot.com https://consentcdn.cookiebot.com https://www.googletagmanager.com https://googleads.g.doubleclick.net/ https://www.googleadservices.com; style-src 'self' 'unsafe-inline' https://daw.containers.piwik.pro; font-src 'self' data:; img-src 'self' data: https://a.storyblok.com https://imgsct.cookiebot.com https://www.google.com https://www.google.de https://googleads.g.doubleclick.net; media-src https://a.storyblok.com; connect-src 'self' https://api.storyblok.com https://api.marker.io/ https://daw.containers.piwik.pro https://daw.piwik.pro https://s3.eu-west-1.amazonaws.com https://app.marker.io https://ssr.marker.io https://api.friendlycaptcha.com https://consentcdn.cookiebot.com
Links to (16)
- winworker.de×1
- tiktok.com×1
- pufas.de×1
- platzhirsche.net×1
- maler-tv.com×1
- m-plus.de×1
- linkedin.com×1
- jotun.com×1
- instagram.com×1
- facebook.com×1
- doerken.com×1
- daw.de×1
- cms-gruppe.de×1
- caparol.de×1
- buntes-handwerk.de×1
- alligator.de×1