indexo.dev

tornados.at

.at crawl

First seen 2026-05-24 · Last seen 2026-05-29 · ok HTTP/1.1 200 3295 ms crawled 2026-05-29

CH · 185.229.91.176 · AS207143 hosttech GmbH

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
tornados.at – Netzwöld vom Huiza Luis
Language
de
Generator
WordPress 6.9.4
Feeds

Technology

Server
nginx
CMS
WordPress 6.9.4
PHP
8.2.31 security-only
jQuery
3.7.1
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • static.addtoany.com×21
  • fonts.googleapis.com×2
  • dcna.at×1
  • gmpg.org×1
  • www.kommpod.at×1

DNS records live

NS
  • ns1.hostserv.eu
  • ns2.hostserv.eu
MX
  • 10 mail.tornados.at
Verified for
  • Google

Email authentication strong

SPF
v=spf1 mx -all
strict (-all)
DMARC
v=DMARC1;p=reject;
policy: reject (enforced)
DKIM
  • default: v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsqx9o658TvSPCTAfB3qFbHGgmqze2SftWx7StZwVYlDt5/3HSyRvox70su7fFPWlMNpoVWObmyEHuCrB9ZTnm…
selectors probed

Certificate (current)

R13
from 2026-05-09 to 2026-08-07
Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://tornados.at/

present
  • permissions-policy
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
Header values
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Links to (8)

Linked from (2)