it-defense.de
it-defense.de
HTML metadata
Technology
- Server
- nginx
- CMS
- Joomla
- Social widgets
-
- Twitter Widget
Third-party hosts loaded (1)
- platform.twitter.com×1
Social
Registration
- Updated
- 2018-03-01
- Name servers
-
- ns1027.ui-dns.org.
- ns1056.ui-dns.de.
- ns1064.ui-dns.com.
- ns1088.ui-dns.biz.
DNS records live
- NS
-
- ns1027.ui-dns.org
- ns1056.ui-dns.de
- ns1064.ui-dns.com
- ns1088.ui-dns.biz
- MX
-
- 0 itdefense-de0e.mail.protection.outlook.com
- TXT
-
QuoVadis=0a4a726c-4dba-4f13-ba2f-b54aff1b5d18
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 ip4:212.29.0.15/32 a:patroklos6.teamware-gmbh.de include:spf.protection.outlook.com -allstrict (-all) - DMARC
- not published
- DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJzIYccTvfxRl+Z60/+eemORkInJ1H2i+ERCFAvx24N/RiG+Kvy4WK4DbEmzSJ+7RKZhwlf7uBHAwf…
selectors probed - selector1:
Certificate (current)
E7
Expires in 60 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
report-uri https://7jaegs2n.uriports.com/reports/report; report-to default; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.twitter.com https://*.twimg.com; style-src 'self' 'unsafe-inline' https://*.twitter.com https://*.twimg.com; frame-src 'self' https://player.vimeo.com https://*.twitter.com https://demo.it-seal.de/ https://t77e30849.emailsys1a.net; img-src 'self' 'unsafe-inline' https://*.twitter.com https://*.twimg.com data:;- strict-transport-security
max-age=31536000; includeSubdomains
Links to (6)
- cirosec.de×2
- instagram.com×2
- linkedin.com×2
- twitter.com×2
- x.com×2
- xing.com×2