klivoportal.de
klivoportal.de
HTML metadata
Technology
- Server
- Apache
Registration
- Updated
- 2017-07-20
- Name servers
-
- deneb.dfn.de.
- dnsisp1.dwd.de.
- dnsisp2.dwd.de.
DNS records live
- NS
-
- deneb.dfn.de
- dnsisp1.dwd.de
- dnsisp2.dwd.de
- MX
-
- 10 ofcsgbbm.gbbmvi-wan.de
- 20 zbcsgbbm.gbbmvi-wan.de
- Verified for
-
Email authentication weak
- SPF
-
v=spf1 mx ip4:141.38.3.247 ip4:141.38.12.84 ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA OV R36
Expires in 72 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com https://klivostats.de *.google.com *.gstatic.com *.youtube.com https://s.ytimg.com; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com; worker-src *.google.com *.gstatic.com *.youtube.com; frame-src *.google.com *.gstatic.com *.youtube.com *.youtube-nocookie.com; img-src 'self' data: *.google.com https://klivostats.de *.gstatic.com *.youtube.com; frame-ancestors 'self';- strict-transport-security
max-age=31536000
Links to (1)
- klivo.de×2