humer.com
HTML metadata
Technology
- Server
- Apache
- CMS
- Drupal
- Analytics
-
- Google Tag Manager
- Fonts
-
- Adobe Fonts
Third-party hosts loaded (5)
- js.stripe.com×1
- microformats.org×1
- static.addtoany.com×1
- use.typekit.net×1
- www.googletagmanager.com×1
Social
Contact
- Address
- Grünbach 10, 4623, Gunskirchen, AT
Registration
- Registrar
- Key-Systems GmbH
- Created
- 1999-03-05
- Expires
- 2027-03-05 290 days left
- Updated
- 2026-03-06
- Name servers
-
- ns1.domaindiscount24.net
- ns2.domaindiscount24.net
- ns3.domaindiscount24.net
DNS records live
- NS
-
- ns1.domaindiscount24.net
- ns2.domaindiscount24.net
- ns3.domaindiscount24.net
- MX
-
- 10 mx.mymailwall.com
- TXT
-
MS=ms18498507apple-domain-verification=WIxAP7AsBziJXa45
Email authentication weak
- SPF
-
v=spf1 a ip4:185.16.113.124/30 ip4:116.202.122.120 ip4:116.202.122.118 include:servers.mcsv.net include:mymailwall.com include:spf.hostingworld.at ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 67 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
autoplay=(self "https://www.youtube.com" "https://www.youtube-nocookie.com"), interest-cohort=(), camera=(), microphone=(), geolocation=(), usb=(), accelerometer=(), gyroscope=(), magnetometer=()- x-content-type-options
nosniff- content-security-policy
frame-src *; object-src 'none'; style-src 'self' 'report-sample' 'unsafe-inline' *.gstatic.com *.typekit.net my.cashpresso.com sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk= cdnjs.cloudflare.com https://use.typekit.net unpkg.com; base-uri 'self'; form-action 'self' *.paypal.com *.facebook.com; frame-ancestors 'self'; report-uri https://www.humer.com/de/log-report-uri/enforce- strict-transport-security
max-age=2592000- content-security-policy-report-only
frame-src 'self' static.addtoany.com *.googletagmanager.com *.hcaptcha.com *.youtube.com *.youtube-nocookie.com *.facebook.com *.doubleclick.net connect-js.stripe.com js.stripe.com my.cashpresso.com; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.addtoany.com *.google-analytics.com *.googletagmanager.com *.youtube.com *.youtube-nocookie.com hcaptcha.com *.hcaptcha.com *.doubleclick.net my.cashpresso.com snap.licdn.com connect-js.stripe.com js.stripe.com connect.facebook.net cdnjs.cloudflare.com https://js.stripe.com https://maps.google.com https://static.addtoany.com unpkg.com; report-uri https://www.humer.com/de/log-report-uri/reportOnly