kbo-eva.de
HTML metadata
Technology
- Server
- nginx
- Analytics
-
- Fathom
Third-party hosts loaded (2)
- a9.com×1
- cdn.usefathom.com×1
Social
Registration
- Updated
- 2022-03-01
- Name servers
-
- ns3.dns.space.net.
- ns4.dns.space.net.
- ns.space.net.
DNS records live
- NS
-
- ns.space.net
- ns3.dns.space.net
- ns4.dns.space.net
- MX
-
- 10 kboeva-de0i.mail.protection.outlook.com
- TXT
-
MS=ms99252937
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1;p=reject;sp=reject;pct=100;rua=mailto:db8a6bce64@rua.easydmarc.eu;ruf=mailto:db8a6bce64@ruf.easydmarc.eu;ri=3600;aspf=r;adkim=r;fo=0:1:d:spolicy: reject (enforced) · sp=reject - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu86dN/bU6FHuxosNqVw3fkWNk0XcsnJu9iD5/+hzWU16XIdJ75zq4y2rfxiI8ckvqWuz/RghhSpRtv…
selectors probed - selector1:
Certificate (current)
E8
Expires in 64 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- permissions-policy
interest-cohort=()- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-inline' www.googletagmanager.com www.google-analytics.com www.googleadservices.com www.google.com *.g.doubleclick.net connect.facebook.net www.linkedin.com px.ads.linkedin.com snap.licdn.com cdn.usefathom.com; object-src 'self'; frame-src 'self' blackfire.io *.youtube-nocookie.com *.facebook.com facebook.com cdn.usefathom.com;
Links to (6)
- facebook.com×1
- instagram.com×1
- kbo.de×1
- linkedin.com×1
- xing.com×1
- youtube.com×1
Linked from (1)
- kbo.de×1