karlo.de
HTML metadata
Technology
- CMS
- Ghost
Third-party hosts loaded (1)
- www.google.com×1
Registration
- Updated
- 2020-11-25
- Name servers
-
- ns3.komsa.net.
- ns4.komsa.net.
DNS records live
- NS
-
- ns3.komsa.net
- ns4.komsa.net
- MX
-
- 10 mail13.komsa.de
- 100 mail15.komsa.de
- TXT
-
v=spf1 include:spf.komsa.net -allMS=ms29542973
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 289 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' *.assmann.com uberall.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com https://komsa.freischalt-portal.de *.mobile-order.de http://media.mobile-order.de *.komsa.net komsa.com *.assmann.com *.piwik.pro *.uberall.com uberall.com ; style-src 'self' https://komsa.freischalt-portal.de *.komsa.net komsa.com 'unsafe-inline' *.gstatic.com fonts.googleapis.com *.assmann.com *.piwik.pro; img-src 'self' data: *.karlo.de karlo.de *.komsa.com komsa.com *.smallbug.de *.mobile-order.de http://media.mobile-order.de https://komsa.freischalt-portal.de https://stats.g.doubleclick.net *.komsa.net http://karlo.de http://www.karlo.de http://media.komsa.com https://media.komsa.com https://www.komsa-systems.com easyfilius.de http://www.easyfilius.de *.w-support.com *.assmann.com *.uberall.com https://s3.eu-central-1.amazonaws.com/uberall-userpics-prod/ http://s.mmg- strict-transport-security
max-age=2592000