niemalswieder.at
HTML metadata
Technology
- Server
- nginx
- PHP
- 8.3.30 security-only
Social
Contact
DNS records live
- NS
-
- ns1.earlybird.at
- ns2.earlybird.at
- ns3.earlybird.at
- MX
-
- 10 papageno.rlybrd.at
Email authentication weak
- SPF
-
v=spf1 a mx -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 34 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self'; script-src 'self' 'nonce-8zSsVFf_-bDLAYtP89s_A2YhIwlt-HY4kDkCHftgcIciTX97SC_AXw' 'unsafe-inline' 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com *.stadiamaps.com *.openstreetmap.de *.openstreetmap.org *.cartocdn.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com; style-src-elem 'self' 'nonce-8zSsVFf_-bDLAYtP89s_A2YhIwlt-HY4kDkCHftgcIciTX97SC_AXw' 'sha256-d0ax6zoVJBeBpy4l3O2FJ6Y1L4SalCWw2x62uoJH15k=' 'report-sample'; child-src 'self' blob:; connect-src 'self' *.stadiamaps.com; frame-ancestors 'self'; report-uri https://niemalswieder.at/@http-reporting?csp=report&requestTime=1780153770332484&requestHash=5a126f66ac4e127bf0a75b79203c80f87aca8de0- strict-transport-security
max-age=31536000
Links to (11)
- youtube.com×1
- typo3.org×1
- oecv.at×1
- modernsociety.at×1
- mkv.at×1
- koel.at×1
- kartellverband.org×1
- gedenkort.at×1
- ekv.info×1
- earlybird.at×1
- doew.at×1