tjar.ch
tjar.ch
HTML metadata
Technology
- Server
- ESF
- Fonts
-
- Google Fonts
Third-party hosts loaded (3)
- www.gstatic.com×3
- fonts.googleapis.com×2
- apis.google.com×1
DNS records live
- NS
-
- hera.ns.cloudflare.com
- noah.ns.cloudflare.com
Email authentication no MX
- SPF
-
v=spf1 -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s; rua=mailto:dmarc@cruncher.chpolicy: reject (enforced) · sp=reject - DKIM
-
Show 12 DKIM selectors
- default:
v=DKIM1; p= - google:
v=DKIM1; p= - selector1:
v=DKIM1; p= - selector2:
v=DKIM1; p= - k1:
v=DKIM1; p= - k2:
v=DKIM1; p= - mail:
v=DKIM1; p= - dkim:
v=DKIM1; p= - s1:
v=DKIM1; p= - s2:
v=DKIM1; p= - mxvault:
v=DKIM1; p= - smtpapi:
v=DKIM1; p=
selectors probed - default:
Certificate (current)
E7
Expires in 46 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- missing Permissions Policy
Header values
- referrer-policy
origin- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-fx7nuQmYJegFhRMkk08kIQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/- cross-origin-opener-policy
unsafe-none- cross-origin-resource-policy
same-site
Links to (1)
Linked from (1)
- fdkg.ch×1