mbi-berlin.de
HTML metadata
Technology
- Server
- Apache
Social
Contact
Registration
- Updated
- 2021-09-08
- Name servers
-
- deneb.dfn.de.
- xns1.mbi-berlin.de.
- xns2.mbi-berlin.de.
DNS records live
- NS
-
- deneb.dfn.de
- xns1.mbi-berlin.de
- xns2.mbi-berlin.de
- MX
-
- 10 a1922.mx.srv.dfn.de
- 10 b1922.mx.srv.dfn.de
- 10 c1922.mx.srv.dfn.de
Email authentication weak
- SPF
-
v=spf1 +mx +a:mail.mbi-berlin.de +ip4:62.141.169.247 ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
GEANT TLS RSA 1
Expires in 94 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'nonce-HMhiLYqPOc21Yg_68zVFe6mHVjn8pNR5FD6wuy-m-vrgfrmYWut4pg' blob: https://*.youtube.com https://*.youtube-nocookie.com https://*.google.com 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com https://*.youtube.com https://*.youtube-nocookie.com https://*.google.com; style-src 'self' 'nonce-HMhiLYqPOc21Yg_68zVFe6mHVjn8pNR5FD6wuy-m-vrgfrmYWut4pg' 'report-sample'; report-uri https://mbi-berlin.de/@http-reporting?csp=report&requestTime=1778730565300082&requestHash=af1838f28d366211217943d75796b73870ff0d0d