matters-of-activity.de
matters-of-activity.de
HTML metadata
Technology
- Server
- nginx
Third-party hosts loaded (1)
- api.mapbox.com×2
Social
Registration
- Updated
- 2019-08-26
- Name servers
-
- buffy.cms.hu-berlin.de.
- dns-3.dfn.de.
- hpcom.rz.hu-berlin.de.
- suncom.rz.hu-berlin.de.
DNS records live
- NS
-
- buffy.cms.hu-berlin.de
- dns-3.dfn.de
- hpcom.rz.hu-berlin.de
- suncom.rz.hu-berlin.de
- Verified for
-
- HARICA
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 46 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin- x-content-type-options
nosniff, nosniff- content-security-policy
default-src 'self'; img-src 'self' data: https://pbs.twimg.com/ blob:; connect-src 'self' data: https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com; style-src 'self' 'unsafe-inline' data: https://api.mapbox.com ; script-src 'self' 'nonce-ef152b3772955ea5dfc452faf0f332000592c6fc7a5ac1526ee509df961dc997'; frame-src 'self' https://webforms.moa.hu-berlin.de/ https://rs.cms.hu-berlin.de/ https://www.youtube.com/ https://player.vimeo.com/ https://www.arte.tv; media-src 'self'; object-src 'none'; font-src 'self'; style-src-elem 'unsafe-inline' 'self' data: https://api.mapbox.com; script-src-elem 'unsafe-inline' 'self' data: https://api.mapbox.com; worker-src 'self' blob:;- strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
Links to (6)
- dfg.de×2
- hu-berlin.de×2
- instagram.com×2
- linkedin.com×2
- mpg.de×2
- twitter.com×2