landesmuseum-mainz.de
HTML metadata
Technology
- Server
- Apache
- CMS
- Gatsby
Social
Registration
- Updated
- 2017-06-30
- Name servers
-
- dldi0001.rlp.de.
- ns02.versatel.de.
- ns03.versatel.de.
DNS records live
- NS
-
- dldi0001.rlp.de
- ns02.versatel.de
- ns03.versatel.de
- MX
-
- 10 mailmx0001.rlp.de
- 10 mailmx0002.rlp.de
- 10 mailmx0003.rlp.de
- 10 mailmx0004.rlp.de
Email authentication strong
- SPF
- not published
- DMARC
-
v=DMARC1;p=reject;pct=100;adkim=r;aspf=r;fo=1;rua=mailto:dmarc@rlp.de;policy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 77 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak content type protection
- missing Permissions Policy
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff, nosniff- content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.rlp.de https://*.widget.bookingkit.net https://*.widget.bookingkit.com https://*.bookingkit.de https://cdn-insights.bookingkit.com https://ajax.googleapis.com https://insights.bookingkit.net; connect-src 'self' https://*.api.bookingkit.com https://*.widget.bookingkit.com https://*.bookingkit.de/ https://o108687.ingest.sentry.io https://maps.rlp.de https://data.rlp.de https://cdn-insights.bookingkit.com https://insights.bookingkit.net; img-src 'self' data: https://sgx.geodatenzentrum.de https://*.bookingkit.de; style-src 'self' 'unsafe-inline' https://*.bookingkit.de https://*.widget.bookingkit.com/; base-uri 'self'; form-action 'self' http://*.rlp.de/; frame-src 'self' https://www.youtube-nocookie.com/ https://w.soundcloud.com https://www.geoportal.rlp.de https://*.bookingkit.de/; font-src 'self' data:; manifest-src 'self'- strict-transport-security
max-age=31536000