smartat.coop
smartat.coop
HTML metadata
Technology
- Server
- Apache
- CMS
- WordPress
- jQuery
- 3.7.1
- Stack
- PHP
Social
Contact
- Phone
DNS records live
- NS
-
- ns.inwx.de
- ns2.inwx.de
- ns3.inwx.eu
- MX
-
- 10 mx01.hornetsecurity.com
- 20 mx02.hornetsecurity.com
- 30 mx03.hornetsecurity.com
- 40 mx04.hornetsecurity.com
- TXT
-
sophos-domain-verification=2af753161a493049eb8c9c06e7e61a14e8886f977cfcc63006f0a22648654413
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:spf.hornetsecurity.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed - k2:
Certificate (current)
R13
Expires in 72 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), clipboard-read=(self), clipboard-write=(self), display-capture=(), document-domain=*, encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(self), identity-credentials-get=(self), idle-detection=(self), local-fonts=(self), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=(self), publickey-credentials-create=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), speaker-selection=(), storage-access=(), usb=(), web-share=(self), xr-spatial-tracking=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' *.smartat.coop; child-src 'self' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be; font-src 'self' data:; frame-src 'self' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be; img-src 'self' 'unsafe-inline' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be data:; manifest-src 'self'; media-src 'self' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.smartat.coop *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval' *.smartat.coop *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.smartat.coop *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be; style-src-attr 'self' 'unsafe-inline' 'unsafe-eval' *.vimeo.com *.vimeocdn.com *.youtube.com *.youtu.be; style-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.vime- strict-transport-security
max-age=16070400; includeSubDomains; preload
Links to (15)
- youtube.com×1
- uni-graz.at×1
- smartse.org×1
- smartfr.fr×1
- smartbe.be×1
- smart-it.org×1
- smart-eg.de×1
- mailchimp.com×1
- linkedin.com×1
- jbbz.at×1
- instagram.com×1
- facebook.com×1
- eepurl.com×1
- diehauswirtschaft.at×1
- csaw.at×1
Use this data via API
Everything on this page for smartat.coop is available as JSON from the indexo.dev REST & MCP API.
curl "https://indexo.dev/api/v1/domains/smartat.coop" \ -H "X-API-Key: idx_..."