iwd.de
iwd.de
HTML metadata
Technology
- Server
- Apache
- Cookie consent
-
- Usercentrics
Third-party hosts loaded (2)
- app.usercentrics.eu×3
- api.usercentrics.eu×1
Social
Registration
- Updated
- 2021-01-18
- Name servers
-
- ns07.domaincontrol.com.
- ns08.domaincontrol.com.
DNS records live
- NS
-
- ns07.domaincontrol.com
- ns08.domaincontrol.com
- MX
-
- 10 mx1.mas.t-systems-service.com
- 20 mx2.mas.t-systems-service.com
- 30 mx3.mas.t-systems-service.com
- TXT
-
v=spf1 a mx include:agenturserver.de include:_spf.mailingwork.de include:_spf.sendnode.com include:spf.crsend.com ~all
- Verified for
-
Certificate (current)
R13
Expires in 50 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'self' data: blob: wss: 'unsafe-inline'; script-src 'self' data: blob: https://* 'unsafe-inline' 'unsafe-eval' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: blob: https://* 'unsafe-inline'; base-uri 'self'; frame-src 'self' data: blob: https://*; style-src-elem 'self' https://* 'unsafe-inline' 'report-sample'; connect-src 'self' data: blob: https://* wss://* 'unsafe-inline'; media-src 'self' data: blob: https://* 'unsafe-inline'; style-src 'self' data: blob: https://* 'unsafe-inline' 'report-sample'; font-src 'self' data: blob: https://* 'unsafe-inline'; report-uri https://www.iwd.de/@http-reporting?csp=report&requestTime=1777977913928029&requestHash=8040124887d2ffd1b80e478610779dc8c39c055c
Links to (4)
- instagram.com×2
- iwkoeln.de×2
- linkedin.com×2
- xing.com×2