mammoquiz.be
mammoquiz.be
HTML metadata
Technology
- CDN
- Amazon CloudFront
Third-party hosts loaded (2)
- assets.ivox.bevox.be×5
- assets.ivox.be×2
DNS records live
- NS
-
- ns1.european-server.eu
- ns3.european-server.com
- ns4.european-server.com
- Verified for
-
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M03
Expires in 115 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'self' assets.ivox.bevox.be; script-src 'unsafe-eval' assets.ivox.bevox.be ivox.atlassian.net *.ivox.be *.googletagmanager.com *.google-analytics.com secure.ivox.be * 'sha256-/RKY7SMOrKr4Dg289bGcDYQmpsq14sUDAbGa0FzosIU=' 'sha256-AbpHGcgLb+kRsJGnwFEktk7uzpZOCcBY74+YBdrKVGs=' 'sha256-jt23zNtaiqnCped2mYHlb+9La3QEHJEkhP3xz02tYLo=' 'sha256-AbpHGcgLb+kRsJGnwFEktk7uzpZOCcBY74+YBdrKVGs='; style-src 'unsafe-inline' assets.ivox.bevox.be *.ivox.be *.typekit.net secure.ivox.be *; img-src https: data:; connect-src https:; font-src assets.ivox.bevox.be *.ivox.be *.typekit.net secure.ivox.be; media-src assets.ivox.bevox.be; frame-src *.googletagmanager.com ivox.atlassian.net *.bevox.be; frame-ancestors *.bevox.be wanderboobs.be- strict-transport-security
max-age=63072000; includeSubDomains;