medkitdoc.de
medkitdoc.de
HTML metadata
Registration
- Updated
- 2020-04-28
- Name servers
-
- ns1016.ui-dns.com.
- ns1031.ui-dns.biz.
- ns1058.ui-dns.de.
- ns1119.ui-dns.org.
DNS records live
- NS
-
- ns1016.ui-dns.com
- ns1031.ui-dns.biz
- ns1058.ui-dns.de
- ns1119.ui-dns.org
- MX
-
- 0 medkitdoc-de.mail.protection.outlook.com
- TXT
-
hosting-site=medkitdoc-website
- Verified for
-
- Apple
- Microsoft 365
- Stripe
Email authentication partial
- SPF
-
v=spf1 a mx include:_spf.perfora.net include:_spf.kundenserver.de include:spf.protection.outlook.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - k2:
Certificate (current)
WR3
Expires in 71 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'sha256-B2tshI+czhseFpws/zcGWqz9RsxARmVIDCij6XYfAAI=' 'sha256-mbMhSCKazYMbBCQV8+PMFHYSCzIZBBi+mdvZkWquVso=' https://www.googletagmanager.com https://player.vimeo.com https://www.youtube.com; style-src 'self' https://fonts.googleapis.com; img-src 'self' data: https: blob:; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com https://*.google-analytics.com https://forms.office.com https://api.emailjs.com; frame-src 'self' https://player.vimeo.com https://www.youtube.com https://forms.office.com; media-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self';- strict-transport-security
max-age=31536000; includeSubDomains; preload