vr-international-hessen.de
HTML metadata
Technology
Third-party hosts loaded (1)
- atruvia.scene7.com×9
Registration
- Updated
- 2023-08-08
- Name servers
-
- nsa1.atruvia.de.
- nsa2.atruvia.de.
DNS records live
- NS
-
- nsa1.atruvia.de
- nsa2.atruvia.de
- MX
-
Show 8 MX records
- 20 omail22.gadmail.de
- 20 omail23.gadmail.de
- 20 rmail22.gadmail.de
- 20 rmail23.gadmail.de
- 30 gmail22.gadmail.de
- 30 gmail23.gadmail.de
- 30 wmail22.gadmail.de
- 30 wmail23.gadmail.de
- TXT
-
QuoVadis=beb34ba2-fb4a-45fb-84a2-ba334e87f704D-TRUST=3H6X9JJUHMVZA94ZKY6X65X
- Verified for
-
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 include:spf.fiduciagad.de include:net1.spf.fiduciagad.de include:net2.spf.fiduciagad.de -allstrict (-all) - DMARC
-
v=DMARC1; p=none; adkim=r; aspf=rpolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
D-TRUST SSL Class 3 CA 1 EV 2009
Expires in 153 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
no-referrer- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' https://maps.googleapis.com 'sha256-aSqN2R3jDvHFUL3vVOUtG6OJr1IF+Y31IPMdo0dLU6U=' 'nonce-1ef94eb54c76e3c80ffdc3a181f2f829'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-src 'self' https://www.youtube-nocookie.com https://vr-international.vr-bankenportal.de; frame-ancestors 'none'; object-src 'self'; style-src 'self' 'unsafe-inline' https:; img-src https: data:; connect-src 'self' data: https://maps.googleapis.com wss://*.mypurecloud.de https://atruvia.scene7.com; block-all-mixed-content; script-src-attr 'none'; media-src https: https://atruvia.scene7.com- strict-transport-security
max-age=31536000