loswebos.de
HTML metadata
Technology
- Server
- Apache
- Cookie consent
-
- Usercentrics
Third-party hosts loaded (1)
- app.usercentrics.eu×1
Social
Registration
- Updated
- 2014-12-08
- Name servers
-
- ns1.loswebos.de.
- ns2.loswebos.de.
- ns3.loswebos.de.
DNS records live
- NS
-
- ns1.loswebos.de
- ns2.loswebos.de
- ns3.loswebos.de
- MX
-
- 10 mail02.loswebos.de
- TXT
-
v=spf1 include:_spf.loswebos.de include:hex2013.com ~all
- Verified for
-
Certificate (current)
R13
Expires in 75 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.usercentrics.eu https://*.googletagmanager.com; connect-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.usercentrics.eu wss://ws-eu.pusher.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.usercentrics.eu https://*.google-analytics.com https://*.googletagmanager.com; frame-ancestors 'self';- strict-transport-security
max-age=31536000; includeSubDomains; preload- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
same-origin