plan-international.at
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (3)
- plan-static.de×15
- www.plan.de×2
- www.googletagmanager.com×1
Social
Contact
- Phone
- Address
- Linke Wienzeile 4/2, 1060, Wien
DNS records live
- NS
-
- ns1.domaindiscount24.net
- ns2.domaindiscount24.net
- ns3.domaindiscount24.net
- MX
-
- 10 eu-smtp-inbound-1.mimecast.com
- 10 eu-smtp-inbound-2.mimecast.com
- Verified for
-
- Meta
- Microsoft 365
- Workplace
Email authentication strong
- SPF
-
v=spf1 ip4:212.72.168.145 ip4:212.72.168.134 ip4:212.72.168.150 ip4:212.72.168.136 include:_netblocks.mimecast.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; sp=reject; rua=mailto:dmarc-feedback@plan.de; ruf=mailto:dmarc-reports@plan.de; aspf=r; adkim=r; ri=86400; pct=100policy: reject (enforced) · sp=reject - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlnmODs6DvdhS71TMUtXMxBv2t21p0qLRSrjRcMf8wvZClGAqhmv4g6KVDIcNMSEjHykrWJJ7/DpVU…
selectors probed - google:
Certificate (current)
R13
Expires in 77 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- weak frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
allow-from https://heatmap.it/- x-content-type-options
nosniff- content-security-policy
default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; block-all-mixed-content; form-action *; frame-ancestors 'self' https://heatmap.it/; upgrade-insecure-requests; base-uri 'self';- strict-transport-security
max-age=15768000
Links to (6)
- facebook.com×1
- instagram.com×1
- linkedin.com×1
- plan-shop.org×1
- plan.de×1
- youtube.com×1