tekphone-blomberg.de
tekphone-blomberg.de
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress 7.0
- jQuery
- 3.7.1
Third-party hosts loaded (2)
- multisite.hrw-wp.de×3
- gmpg.org×1
Social
Contact
- Phone
Registration
- Updated
- 2024-12-19
- Name servers
-
- cns1.alfahosting.info.
- cns2.alfahosting.info.
- cns3.alfahosting.info.
DNS records live
- NS
-
- cns1.alfahosting.info
- cns2.alfahosting.info
- cns3.alfahosting.info
- MX
-
- 10 mx03.secure-mailgate.com
- 10 mx04.secure-mailgate.com
Email authentication weak
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 78 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline' *.google.com *.telekom.de; script-src 'self' 'unsafe-inline' *.google.com *.telekom.de *.cloudflare.com *.google.com *.wp.com *.youtu.be *.googleapis.com; script-src-elem 'self' 'unsafe-inline' blob: *.google.com *.cloudflare.com *.telekom.de *.wertgarantie-services.de; script-src-attr 'self' 'unsafe-inline' *.google.com *.telekom.de; style-src 'self' 'unsafe-inline' *.google.com; style-src-elem 'self' 'unsafe-inline' *.telekom.de; style-src-attr 'self' 'unsafe-inline' *.telekom.de; img-src 'self' *.gravatar.com *.wertgarantie-services.de *.telekom.de *.hrw-wp.de *.website-check.de data:; font-src 'self' *.telekom.de data:; connect-src 'self' *.wertgarantie.com *.telekom.de *.hrw-wp.de *.legal-cdn.com; media-src 'self' *.telekom.de; object-src 'self' *.telekom.de; child-src 'self' *.telekom.de; frame-src 'self' *.google.com *.telekom.de *.yumpu.com *.hrw-wp.de; worker-src 'self' *.telekom.de blob:; frame-ancestors 'self' *.telekom.de *.hrw-wp.de; for