t1h.net
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
Third-party hosts loaded (1)
- gmpg.org×1
Social
Contact
- Phone
Registration
- Registrar
- Hetzner Online GmbH
- Created
- 2022-02-14
- Expires
- 2027-02-14 270 days left
- Updated
- 2026-02-15
- Name servers
-
- helium.ns.hetzner.de
- hydrogen.ns.hetzner.com
- oxygen.ns.hetzner.com
DNS records live
- NS
-
- helium.ns.hetzner.de
- hydrogen.ns.hetzner.com
- oxygen.ns.hetzner.com
- MX
-
- 10 lexa.server.q1z.net
Email authentication weak
- SPF
-
v=spf1 redirect=q1z.netno all qualifier - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 67 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline'; script-src-attr 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.openstreetmap.org https://*.met.vgwort.de https://*.w.org; font-src 'self' data:; connect-src 'self'; media-src 'self'; child-src 'self'; frame-src 'self' https://www.youtube-nocookie.com https://player.vimeo.com; worker-src 'self' blob: https://seeseekey.net; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'- strict-transport-security
max-age=31536000; includeSubDomains; preload;
Links to (6)
- bsky.app×2
- fyyd.de×2
- seeseekey.net×2
- snescast.de×2
- auphonic.com×1
- paypal.com×1