oneal.eu
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Shopify
- Analytics
-
- Google Analytics
Third-party hosts loaded (18)
- cdn.shopify.com×77
- cdnjs.cloudflare.com×5
- assets.reviews.io×2
- shop.app×2
- widget.reviews.io×2
- ajax.googleapis.com×1
- app.consentmo.com×1
- cdn.consentmo.com×1
- cdn.langshop.app×1
- fonts.shopifycdn.com×1
- monorail-edge.shopifysvc.com×1
- productreviews.shopifycdn.com×1
- sapi.negate.io×1
- static.klaviyo.com×1
- storage.consentmo.com×1
- widget.reviews.co.uk×1
- workers.consentmo.com×1
- www.google-analytics.com×1
Social
DNS records live
- NS
-
- ns1.first-ns.de
- robotns2.second-ns.de
- robotns3.second-ns.com
- MX
-
- 10 mx01.hornetsecurity.com
- 20 mx02.hornetsecurity.com
- 30 mx03.hornetsecurity.com
- 40 mx04.hornetsecurity.com
- TXT
-
MS=ms63983675facebook-domain-verification=8amsgpymue54i0gz1mh7509ictotyv
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:spf.hornetsecurity.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc.report@lpc.de; ruf=mailto:dmarc.forensic@lpc.de; fo=1; aspf=rpolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
E8
Expires in 55 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- short HSTS max-age
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;- strict-transport-security
max-age=7889238