ref.gv.at
ref.gv.at
HTML metadata
Technology
- Stack
- Java
Third-party hosts loaded (1)
- www.wien.gv.at×1
DNS records live
- NS
-
- ns1.wien.at
- ns2.wien.gv.at
- TXT
-
v=DMARC1; p=none; sp=none; pct=100; aspf=r; rua=mailto:dmarc-reports@post.wien.gv.at
Email authentication no MX
- SPF
-
v=spf1 include:wien.gv.at ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 72 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' data: blob: *.wien.gv.at *.data.gv.at *.magwien.gv.at sabio.magwien.gv.at *.cookiebot.com *.wien.at *.kavedo.com; connect-src 'self' *.magwien.gv.at *.wien.gv.at *.data.gv.at *.cookiebot.com wien.kavedo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: siteimproveanalytics.com *.siteimproveanalytics.io siteimproveanalytics.io *.youtube.com *.vimeo.com consentcdn.cookiebot.com consent.cookiebot.com *.wien.gv.at *.wien.at www.gstatic.com *.kavedo.com npmcdn.com nominatim.openstreetmap.org *.magwien.gv.at unpkg.com fonts.googleapis.com s3-shared.labs.sabio.de maxcdn.bootstrapcdn.com www.apa-fotoservice.at www.ots.at; style-src 'self' 'unsafe-inline' *.data.gv.at *.magwien.gv.at *.wien.gv.at *.kavedo.com npmcdn.com unpkg.com *.sabio.de *.googleapis.com *.bootstrapcdn.com maxcdn.bootstrapcdn.com; img-src 'self' data: blob: *.wien.gv.at *.cookiebot.com *.siteimproveanalytics.io siteimproveanalytics.io *.youtube.com *.ytimg.com *.wien.at *.kavedo.com npmcdn.com *.o- strict-transport-security
max-age=63072000