sanatoriumhera.at
HTML metadata
Technology
- Server
- eSV
- Stack
- Java
Third-party hosts loaded (1)
- analysis.sozialversicherung.at×1
Social
DNS records live
- NS
-
- root-dns.netcup.net
- second-dns.netcup.net
- third-dns.netcup.net
- MX
-
- 10 mailgw1.kfhe.net
- 20 mailgw2.kfhe.net
- 30 chirpa.kfawien.at
- 40 nanta.kfawien.at
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 mx a include:_spf.webhosting.systems include:spf.protection.outlook.com ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 29 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- findings
-
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self'; child-src 'self'; connect-src 'self' sso.sozialversicherung.at analysis.sozialversicherung.at cobrowsing.sv-services.at *.cobrowsing.sv-services.at sva-chatbot-prod.azurewebsites.net svs-chatbot-prod.azurewebsites.net europe.directline.botframework.com lf.o-c.io api.o-c.io *.googleapis.com mrtctcrawler.refactory.at *.pagestrip.com pagestrip.com kfawien.pi-asp.de recruitingapp-5692.de.umantis.com form.virtualq.tech wss://form.virtualq.tech *.ecard-test.sozialversicherung.at; font-src 'self' *.googleapis.com *.gstatic.com termine.sozialversicherung.at karriere.pv.at widget.virtualq.de data: *.pagestrip.com; frame-ancestors 'self' www.meinebvaeb.at www.meinesv.at www.meineoegk.at *.oegk.at *.sozialversicherung.at svpk.at *.svpk.at www.gp-portal.at www.e-impfpass.gv.at *.gesundheit.gv.at *.gesundheitskasse.at www.therapie-aktiv.at svs.at www.svs.at; frame-src 'self' cobrowsing.sv-services.at *.cobrowsing.sv-services.at www.youtube-nocookie.com base.streamdiver.com www.- strict-transport-security
max-age=31536000