transway.de
transway.de
HTML metadata
Technology
- Server
- Apache
- CMS
- WordPress
- Fonts
-
- Google Fonts
Third-party hosts loaded (1)
- fonts.gstatic.com×1
Registration
- Updated
- 2018-08-17
- Name servers
-
- ns1097.ui-dns.biz.
- ns1097.ui-dns.com.
- ns1097.ui-dns.de.
- ns1097.ui-dns.org.
DNS records live
- NS
-
- ns1097.ui-dns.biz
- ns1097.ui-dns.com
- ns1097.ui-dns.de
- ns1097.ui-dns.org
- MX
-
- 10 transway-de.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 mx ip4:185.124.75.33 ip4:217.89.49.74 ip4:88.99.138.97 ip6:2a01:4f8:10a:22a2::2 include:spf.protection.outlook.com include:_spf-eu.ionos.com ~allsoftfail (~all) - DMARC
- not published
- DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xI/SItpK9MKIVPK/YOu9FJOnpoaaf59VxtQSrXaOaAB/Cklk79QtT/4noyMTWpHG5Snt/43CHznnr…
selectors probed - selector1:
Certificate (current)
Sectigo RSA Domain Validation Secure Server CA
Expires in 9 days
HTTP security headers
- present
-
- content-security-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.paypalobjects.com/ https://s3.amazonaws.com/ https://*.stripe.com/ https://*.list-manage.com/; img-src 'self' data: https://www.paypalobjects.com/; object-src 'self' data: https://elegantthemes.com/ https://*.elegantthemes.com/ https://transway.de/ https://*.paypal.com/ https://*.stripe.com/; frame-src 'self' data: https://elegantthemes.com/ https://*.elegantthemes.com/ https://transway.de/ https://*.paypal.com/ https://*.stripe.com/;