sslsurvey.de
HTML metadata
Registration
- Updated
- 2022-01-03
- Name servers
-
- ns-cloud-d1.googledomains.com.
- ns-cloud-d2.googledomains.com.
- ns-cloud-d3.googledomains.com.
- ns-cloud-d4.googledomains.com.
DNS records live
- NS
-
- ns-cloud-d1.googledomains.com
- ns-cloud-d2.googledomains.com
- ns-cloud-d3.googledomains.com
- ns-cloud-d4.googledomains.com
- MX
-
- 10 mxext1.mailbox.org
- 10 mxext2.mailbox.org
- 20 mxext3.mailbox.org
Email authentication partial
- SPF
-
v=spf1 mx include:spf.lamapoll.de ~allsoftfail (~all) - DMARC
-
v=DMARC1;p=none;rua=mailto:dmarc@lamapoll.depolicy: none (monitoring only) - DKIM
-
- mail:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2bR2CaCehr2TOjWj0HASM7VlLmxFwqBvIZsDyu4yiqvuG/NSE2AodLqxhdCa5qUtIDfmEthPGlm+ZIJNdoA…
selectors probed - mail:
Certificate (current)
R12
Expires in 77 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://sentry.lamapoll.io; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: blob: app.lamapoll.de lamapoll.de survey.lamapoll.de campus.lamapoll.de; media-src 'self' app.lamapoll.de player.vimeo.com www.youtube.com youtu.be www.youtube-nocookie.com lamapoll.de survey.lamapoll.de campus.lamapoll.de; object-src 'none'; connect-src 'self' https://sentry.lamapoll.io; frame-src 'self' vorlage.lamapoll.de player.vimeo.com www.youtube.com youtu.be www.youtube-nocookie.com; report-uri https://sentry.lamapoll.io/api/2/security/?sentry_key=98d559f765f84b1fba045c17924323e3- strict-transport-security
max-age=31536000; includeSubDomains