kh-kompetenz-plus.de
HTML metadata
Technology
- Server
- Apache
- CMS
- WordPress
Contact
- Phone
Registration
- Updated
- 2017-03-22
- Name servers
-
- dns01.cows.de.
- dns02.cows.de.
DNS records live
- NS
-
- dns01.cows.de
- dns02.cows.de
- MX
-
- 10 mail.kh-ads.de
Email authentication weak
- SPF
-
v=spf1 a mx ip4:185.124.232.14 include:5pf.cows-server.de include:spf.protection.outlook.com -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 49 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
origin- x-frame-options
deny- x-content-type-options
nosniff- content-security-policy
default-src 'self' https://www.kh-kompetenz-plus.de; img-src * data:; style-src 'self' 'unsafe-inline' https://*.b-ite.com/ https://fonts.googleapis.com/css https://api.signalize.com/ https://ai.uniplus-software.de/ http://localhost:3000/; script-src https://www.kh-kompetenz-plus.de https://maps.googleapis.com/ https://www.instagram.com/ https://code.etracker.com/ https://api.signalize.com/ https://www.etracker.de/ https://*.b-ite.com/ https://www.google-analytics.com https://www.googletagmanager.com/ https://matomo.uniplus-software.de/matomo/matomo.js https://*.emailsys1a.net/ https://www.paypal.com/ https://js-agent.newrelic.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: https://api.signalize.com/ https://fonts.gstatic.com/; frame-src 'self' https://share.uniplus-software.de/ https://t921c9cab.emailsys1a.net/ https://www.youtube-nocookie.com/ https://www.youtube.com/ https://www.instagram.com/ https://vimeo.com/ https://www.paypal.com/ https://www.sandbox.paypal.com/ htt- strict-transport-security
max-age=31536000; includeSubDomains