kuechenscheune.de
HTML metadata
Technology
- Server
- nginx
- Cookie consent
-
- Usercentrics
Third-party hosts loaded (2)
- privacy-proxy.usercentrics.eu×3
- app.usercentrics.eu×1
Social
Contact
- Phone
Registration
- Updated
- 2015-03-24
- Name servers
-
- ns5.kasserver.com.
- ns6.kasserver.com.
DNS records live
- NS
-
- ns5.kasserver.com
- ns6.kasserver.com
- MX
-
- 10 kuechenscheune-de.mail.protection.outlook.com
Email authentication weak
- SPF
-
v=spf1 ip4:85.13.149.102 include:spf.protection.outlook.com mx -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
E8
Expires in 70 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' static.newsletter2go.com analytics.itm-systems.com *.google-analytics.com www.googletagmanager.com tagmanager.google.com *.usercentrics.eu; connect-src 'self' api.newsletter2go.com www.google-analytics.com stats.g.doubleclick.net *.usercentrics.eu; img-src 'self' analytics.itm-systems.com files.newsletter2go.com www.google-analytics.com *.gstatic.com www.googletagmanager.com www.google.com www.google.de *.usercentrics.eu *.e-recht24.de data:; style-src 'self' 'unsafe-inline' tagmanager.google.com; base-uri 'self'; form-action 'self' *.itm-design.com; font-src 'self' data:; frame-src analytics.itm-systems.com www.google.com www.youtube.com www.youtube-nocookie.com; style-src-attr 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; child-src 'none'; object-src 'none'; prefetch-src 'none'; worker-src 'self' blob:;- strict-transport-security
max-age=31536000; includeSubDomains