statichost.eu
HTML metadata
Technology
- Server
- BunnyCDN-DE1-1328
- CMS
- Hugo
Third-party hosts loaded (2)
- queue.simpleanalyticscdn.com×1
- scripts.simpleanalyticscdn.com×1
Social
Contact
DNS records live
- NS
-
- coco.bunny.net
- kiki.bunny.net
- MX
-
- 10 aspmx1.migadu.com
- 20 aspmx2.migadu.com
- TXT
-
stripe-verification=f496209e860aa27d3efb0925fca987c7a25976239f9a1ad682a6971818411201google-site-verification=gZH_EGpnQPxOkqpwYbWSLA7ZB7HsA3iH_UTS0eQyn1Y
Email authentication strong
- SPF
-
v=spf1 include:spf.migadu.com include:_spf.tem.scaleway.com -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; sp=reject; adkim=r; aspf=r; rua=mailto:watchdog1@watchdog.kevlarr.io,mailto:3348e837-4ec2-425e-a15c-abea0e882231@dmarc.scw-tem.cloud; ruf=mailto:3348e837-4ec2-425e-a15c-abea0e882231@dmarc.scw-tem.cloud;policy: quarantine · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 89 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'none'; script-src 'self' https://scripts.simpleanalyticscdn.com/; font-src 'self'; img-src 'self' https://builder.statichost.eu/ https://queue.simpleanalyticscdn.com/; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; form-action 'self' https://builder.statichost.eu/; base-uri 'none'- strict-transport-security
max-age=31536000; includeSubDomains
Links to (18)
- techtransparencyproject.org×3
- azure.com×3
- bitbucket.org×3
- forgejo.org×3
- freesewing.eu×3
- gatsbyjs.com×3
- getzola.org×3
- github.com×3
- gitlab.com×3
- gohugo.io×3
- jekyllrb.com×3
- junit.org×3
- sourcehut.org×3
- 11ty.dev×3
- nextjs.org×3
- nuxt.com×3
- knackeriet.se×1
- plural.at×1