kisd.de
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- Fonts
-
- Adobe Fonts
Third-party hosts loaded (2)
- cdnjs.cloudflare.com×2
- use.typekit.net×1
Social
Registration
- Updated
- 2022-01-31
- Name servers
-
- dns-1.dfn.de.
- dns1.uni-koeln.de.
- ns-gwz.nz.fh-koeln.de.
- ns-iwz.nz.fh-koeln.de.
DNS records live
- NS
-
- dns-1.dfn.de
- dns1.uni-koeln.de
- ns-gwz.nz.fh-koeln.de
- ns-iwz.nz.fh-koeln.de
- MX
-
- 10 smtp.intranet.fh-koeln.de
- TXT
-
google-site-verification=EOMfM8njL7yPUuKN0Gx_kwy-7dYitZAGLW4u18wmNY8HARICA-CgUsFIadnKhnZwWMwrb
Email authentication partial
- SPF
-
v=spf1 +mx +ip4:139.6.141.4 +ip4:139.6.1.47 +ip4:139.6.1.48 +ip4:139.6.1.49 +ip4:139.6.1.50 ?ip4:139.6.0.0/16 -allstrict (-all) - DMARC
-
v=DMARC1;p=none;rua=mailto:dmarc-reports-bsn@campus-it.th-koeln.depolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 74 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- weak content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN, SAMEORIGIN- x-content-type-options
nosniff, nosniff- content-security-policy
frame-ancestors 'self', script-src https: data: 'unsafe-inline' 'unsafe-eval' https://*.kisd.de https://kisd.de https://*.typekit.net https://www.google-analytics.com https://*.googleapis.com; style-src https: 'unsafe-inline' https://*.kisd.de https://kisd.de https://*.typekit.net https://*.googleapis.com;- strict-transport-security
max-age=63072000
Links to (6)
- facebook.com×2
- fh-koeln.de×2
- instagram.com×2
- linkedin.com×2
- twitter.com×2
- vimeo.com×2