palmana.eu
HTML metadata
Technology
- Server
- BunnyCDN-DE1-1331
- jQuery
- 3.3.1 known XSS (<3.5)
Third-party hosts loaded (3)
- ajax.googleapis.com×1
- cdnjs.cloudflare.com×1
- code.jquery.com×1
DNS records live
- NS
-
- coco.bunny.net
- kiki.bunny.net
- MX
-
- 10 mxa.eu.mailgun.org
- 20 mxb.eu.mailgun.org
Email authentication strong
- SPF
-
v=spf1 include:mailgun.org ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; pct=100; fo=1; ri=3600; sp=none; rua=mailto:c0070f2b@dmarc.mailgun.org,mailto:7f697840@inbox.ondmarc.com; ruf=mailto:c0070f2b@dmarc.mailgun.org,mailto:7f697840@inbox.ondmarc.com;policy: reject (enforced) · sp=none - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 27 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- missing Content Security Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=self, camera=(), gyroscope=self, magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()- x-content-type-options
nosniff- strict-transport-security
max-age=31536000; includeSubDomains- content-security-policy-report-only
default-src 'self'; base-uri 'self'; object-src 'none'; script-src 'self' 'sha256-QSwVNKaisRgbF0R3boc/2ETS8JwhAH+n3IkwJkmWIwQ=' 'sha256-euh1d4mvYaalOl8TswuRx6FCoLCH+AWgHvgenxZfQMI=' 'sha256-+grK2ulKsGl0e+/FVsJsiwY48Z4Hje44CbUWjPrVEGI='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; report-uri /r/csp-report