klinikum-oberberg.de
klinikum-oberberg.de
HTML metadata
Technology
- Server
- nginx
Social
Contact
Registration
- Updated
- 2023-11-03
- Name servers
-
- ns2.oberberg-online.de.
- ns3.oberberg-online.de.
- ns4.oberberg-online.de.
- ns5.oberberg-online.de.
- ns.oberberg-online.de.
DNS records live
- NS
-
- ns.oberberg-online.de
- ns2.oberberg-online.de
- ns3.oberberg-online.de
- ns4.oberberg-online.de
- ns5.oberberg-online.de
- MX
-
- 10 mgw.klinikum-oberberg.de
- TXT
-
MS=5E9EAC6A28D8B454EB560C940C9BD85E6394B9B4ZA=qnmY8vILUa5yu9IeuDvoJDI2AKwKAPi3fFwZZzch2ds=
- Verified for
-
- Apple
Email authentication strong
- SPF
-
v=spf1 include:_spf.oberberg.net include:spf.mailjet.com include:_spf.recruiting-portal.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject;policy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
Thawte TLS RSA CA G1
Expires in 285 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://klinikum-oberberg.recruiting-portal.com https://*.klinikum-oberberg.de https://klinikum-oberberg.de https://*.gbz-oberberg.de https://gbz-oberberg.de https://my.meetergo.com https://*.meetergo.com https://www.doctolib.de https://translate.google.com https://translate.googleapis.com https://www.youtube.com https://*.youtube.com; img-src 'self' data: https://*.klinikum-oberberg.de https://klinikum-oberberg.de https://*.gbz-oberberg.de https://gbz-oberberg.de https://i.ytimg.com; object-src 'self'; report-uri /csp-violation-report-endpoint.php- strict-transport-security
max-age=63072000; includeSubDomains; preload