stoerung24.de
HTML metadata
Registration
- Updated
- 2023-10-09
- Name servers
-
- ns1.hosting.de.
- ns2.hosting.de.
- ns3.hosting.de.
DNS records live
- NS
-
- ns1.hosting.de
- ns2.hosting.de
- ns3.hosting.de
- MX
-
- 100 mx.sixdata.de
Email authentication strong
- SPF
-
v=spf1 mx -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; sp=reject; adkim=s; rua=mailto:dmarc@stoerung24.depolicy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA OV E36
Expires in 319 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-embedder-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
Header values
- referrer-policy
no-referrer- permissions-policy
browsing-topics=()- x-content-type-options
nosniff- content-security-policy
default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' *; connect-src 'self' https://www.sixdata.de https://gis01.sixdata.de; base-uri 'self'; worker-src 'self' blob:; img-src 'self' https://www.sixdata.de https://api.sixdata.de data: blob:; frame-src https://www.openstreetmap.org/; font-src 'self' *; form-action 'self'- strict-transport-security
max-age=31536000; includeSubDomains; preload- cross-origin-opener-policy
same-origin- cross-origin-embedder-policy
unsafe-none- cross-origin-resource-policy
same-origin